SOPIPA – Student Data Legislation

Innovation in Student Privacy: California’s Student Online Personal Information Protection Act. 

This latest piece of Californian data-protection legislation is aimed at minors, specifically students, and is highly unique and forward thinking in that it expressly restricts use of their educational data from exploitation from third-parties. SOPIPA is a dynamic landmark attempt to challenge the balancing of protecting children’s sensitive information and security with the advances in online and digital learning technologies. The aim of this student-data-privacy legislation is that it will become an example for other states and school districts as concern and danger of the sharing of under-13's data by third-party vendors increases at a rapid pace.

Subject to COPPA requirements on privacy standards, the safe retention and deletion of children’s information, SOPIPA prohibits the selling of student data acquired to advertisers, to “amass a profile” on student for non-educational purposes and a requirement to delete such data on request by a school or district.

In recent legislative sessions, over 20 states have enacted or updated student-data-privacy laws, focusing on the prohibition of collection of data or requiring school districts and schools to improve their monitoring and processing practices. A bill updating federal standards on student privacy is currently under review in the United States Senate.

SOPIPA, however, is unique in that it places the responsibility for ensuring a high standard of privacy of student data on industry leaders, placing restrictions on privacy-related provisions in contracts with vendors.

Yet in need of the balance for restrictive laws and technological developments, accommodations have been made for industry concerns enabling operators to maintain and use “de-identified” or anonymous student information to develop and improve their own products and services.

SOPIPA provisions - expressly- prohibit vendors from using “information, including persistent unique identifiers, created or gathered by the operator’s site, service or application to amass a profile about K-12 student except in furtherance of K-12 school purposes”.

Any companies that violate the terms of SOPIPA are highly likely to be charge by moderators, parents and regulators with non-compliance and expoiltation.

How WebPreserver can help.

Websites and applications targeted at children, notably those under the age of 13, need to comply with federal privacy protection standards such as COPPA and must determine if they need to be archived for compliance issues. With the vast increases in online interaction by this vulnerable demographic, lobbyists of children's data protection have called for punitive action on companies who take advantage of and misuse this delicate information - resulting in a vast amount of recent high-profile cases against the likes of Yelp, TinyCo and more.

The FTC have both the ability and duty to sanction any website operators or developers who do not comply with COPPA regulations during the operation of their products or resources. Website operators and application developers must have regard to those who register for their services if actual knowledge is provided to them, by way of registering a date of birth or answering certain security question e.g. “What school do you currently attend” that they are children and subject to COPPA protection measures, and could be liable for improper use or retention of personal information collected. With recent COPPA amendments, there is an onus also on schools and school districts to assess, monitor and ensure COPPA and SOPIPA compliance when utilising online and interactive educational tools targeted at students.

Preservation of online practices, evidence of non-compliance with COPPA on social media and websites and digital evidence of malpractice is integral in litigation against those who choose to ignore these standards of optimum importance against a highly vulnerable dempgraphic of society.

WebPreserver provides a cost and time effective form of archiving online and social media content for cases of litigation, with the use of a simple Plug-in and single-click capture technology, screenshots are instantly created, authenticated and ready for use as evidence. This innovative software allows users to download or share digital snapshots on our online platform, create folders, organise and keyword tagging.

Ensure the integrity and safety standards of child-targeted websites when reviewing compliance standards by recording the information collected, privacy policies and more using this efficient and simple tool.

The information and materials on this blog are provided for general and informative purposes only and are not intended to be construed as legal advice. Content on this blog is not intended to substitute the advice of a licensed attorney, as laws are subject to change and vary with time, from jurisdiction to jurisdiction. Content on this blog may be changed without notice and is not guaranteed to be complete, correct or up-to-date.

Digital Evidence: Metadata Digital Evidence: Preserving ESI

Serving a global client base of Law Firms, Investigators, eDiscovery Firms, Law Enforcement Agencies, Insurance Providers, and the legal counsel of corporations, WebPreserver Software Inc. is a privately-held firm that is owned and managed by a successful team of software veterans. Our aim is to make eDiscovery easy and efficient by providing the highest standards of admissible legal evidence, technology and customer satisfaction.

Contact us

400-311 Water St
Vancouver , BC , V6B 1B8


Do you have any questions?