D47 - COPPA - List of Websites & Apps with Links to their Privacy Policies
In order to create accounts for our students on these tools and applications, we must comply with federal regulations requiring parental consent, including the Children’s Online Privacy Protection Act (COPPA). Pursuant to COPPA, web-based tools and applications must notify parents and obtain verifiable parental consent before collecting personal information from children under 13 years of age. For additional information regarding COPPA, please visit: www.ftc.gov/privacy/coppafaqs.shtm.
D47 - SOPPA - Student Online Privacy Protection Act
District 47 is a member of the Illinois Student Privacy Alliance (Link). You can find all vendor privacy agreements between District 47 and vendors we do business with by clicking here.
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).
SOPPA applies to all Illinois school districts, the Illinois State Board of Education, and operators of online services and applications.
Below is a high-level overview of the new requirements.
School districts must:
- Enter into written agreements with all K-12 service providers who collect student data. You can find all written agreements by clicking here.
- Implement and maintain reasonable security practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.
- Post on their website:
- A list of all operators of online services or applications utilized by the district (annually).
- Click here for a list of all operators.
- All data elements that the school collects, maintains, or discloses to any entity (annually). This information must also explain how the school uses the data, and to whom and why it discloses the data.
- Data elements can be found by hovering over the image on the far right (Under Data) of each operator listed:
- Contracts for each operator within 10 days of signing. See above.
- Subcontractors for each operator (annually). See above.
- The process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE. Parents can contact firstname.lastname@example.org if they wish to inspect, review, or correct information held in D47 databases.
- Data breaches within 10 days and notify parents within 30 days. Should a data breach occur, parents will be notified via the Blackboard notification system.
- Create a policy for who can sign contracts with operators. See Board Policy 7:345.