The Federal Trade Commission (FTC) signaled they are serious about enforcing current law with the announcement of the $650,000 fine and 20-year consent decree settling a complaint brought against toy maker, VTech, for violating the Children’s Online Privacy Protection Act (COPPA). VTech will pay the fine and is required to not violate COPPA. It also must implement a comprehensive data security program subject to independent audits for 20 years.
For educational agencies, institutions, and third-party service providers, protecting student information from unauthorized use or access is paramount. SIIA believes that every party handling student data should implement and maintain strong administrative, physical, and technical safeguards reasonably designed to protect the types of information they hold.
For years, third-party service providers have been maintaining strong security measures for two big reasons. First, it is in the best interest of an education service provider to act in the best interest of students and schools, including by using information only for the educational purposes tasked with and maintaining strong security measures. The digital instructional materials and educational software industry is highly reputational. Success and failure is built not just on product efficacy and improving student outcomes but trust between providers and the students, schools, and parents they serve.
Second, school service p ...