Ruth Gavison defines privacy as "the limitation of others' access to an individual with three key elements: secrecy, anonymity, and solitude." (Regulating Internet Privacy, Spinello) Our privacy is threatened by new technologies and has sparked many privacy questions in education such as how secure are student records? Who can read our e-mail? Are computer files safe from unauthorized users?

We all value our privacy and as educators, it is our ethical obligation to protect the privacy of our students and their educational records as well as to respect the privacy of others. Educator responsibilities concerning privacy include the following categories: passwords, electronic mail, files, student records, and student privacy on the Internet.

Educators have passwords for various accounts including but not limited to electronic mail, information systems, and important files. Passwords should be kept secret, never written down, and changed regularly. A password often has six to eight characters with a combination of letters and numbers. Under no circumstance should passwords be shared with other individuals.

Keeping passwords secret is imperative because anyone who gains access to passwords can access files, e-mail messages, district funds, and personal information. With access to files, an intruder can change or destroy files. E-mail access would enable an individual to send inappropriate e-mail in someone else's name. By accessing an unauthorized password, an individual could easily gain access to confidential student and staff information or enable them to misappropriate funds. Once individuals gain unauthorized access to a system, they can observe other machines and systems on the same network.

Treat the content of electronic communication with respect

Teachers should not participate in activities which harass others or invade their privacy. The following list of activities is prohibited:

Refrain from reading other people's electronic mail. Reading people's e-mail is similar to reading their letters from their mailboxes. The principal law protecting the privacy of e-mail is the Electronic Communications Privacy Act of 1986 (ECPA). ECPA is a 1986 federal law that expanded to e-mail the protections given to telephone conversations. The ECPA makes it a serious crime "to read, use or disclose another person's electronic communications without justification." This is the basic rule, "Don't read without permission!" However, teachers should monitor student e-mail sent and received from class accounts because we are accountable for the repercussion of such communication. Another reason to monitor student e-mail is to ensure their safety.

Under the Electronic Communications Privacy Act, tampering with electronic mail, interfering with or intercepting the delivery of mail, and the use of electronic mail for criminal purposes may be felony offenses, requiring the disclosure of messages to law enforcement or other third parties without notification.

Treat computer files as personal property.

Computer files should not be tampered with or taken without permission of the owner. Often, educational files contain private student information. See Student Records. Files should be removed from a computer if you leave the school or the computer is transferred to another teacher.

Tampering with or stealing computer files is comparable to tampering with or stealing tangible goods. When an individual enters files by breaking the password set by the owner he/she is "breaking and entering".

Maintain confidentiality of student records.

Student records contain a wide variety of personal information including the following: assessment results; grades; health records; medical history; educational placement; socioeconomic status; student addresses, phone numbers, and social security numbers; etc. Information within student records should never be shared, altered or deleted. Student information should only be attained if it is needed to assist in job performance. To protect student records, computers should never be left unattended while logged in to an information system. As further protection, screen savers should be utilized with password protection in case the computer is ever accidentally left unattended.

With the increase of computerization, more personal information is stored in and retrieved from computers. Unauthorized access to this information has the potential to compromise student safety and security. Federal and state governments have passed various statutes and regulations to prevent the retrieval of personal information. According to the Privacy of Education Records, "education records are protected by a number of federal and state statutes and regulations. Generally, school records cannot be released without the prior permission of students."

Maintain student privacy on the Internet.

Parent and student permission should be acquired to publish student information on the Internet. Even with permission, student last names should never be used and identifying information such as addresses and telephone numbers should not be posted. If student pictures or projects are posted on the Internet, parents should be assured the information will be posted while maintaining student privacy.

By making student personal information available on the Internet, educators put students at risk and vulnerable to strangers with harmful intent. Obviously, not all people who view the information want to harm the student(s), but no one can be too careful. These people may use phone numbers, addresses, or pictures to stalk children at school or home. E-mail information can be used to threaten or coerce students. For more information on this topic, please see Instructional Implications in this document.