Student Privacy, Data Collection, inBloom, and Having an Informed Conversation

5 min read

Over the last few months, inBloom has been getting increasing negative attention. These troubles started almost immediately after their "official" launch in early 2013. Despite some initial adoring PR masquerading as news coverage, inBloom has consistently stumbled. Between early adopters changing their minds and losing their jobs, and a lawsuit filed against the organization in New York State, inBloom appears to have lost momentum.

Here are some facts and observations I've seen along the way:

1. inBloom implemented a pre-existing data specification

inBloom implements the CEDS data model. inBloom actually does a better job of documenting the data model than CEDS.

It's GOOD that inBloom used an existing data model. We already have too many.

2. The idea behind inBloom isn't new

Ed-Fi is another data sharing solution, also based on CEDS. Like inBloom, Ed-Fi also highlights how their tool supports data collection and sharing with third party vendors:

The Ed-Fi solution’s XML-based data standard and dashboard starter kit (including source code)... serve as a development springboard for software vendors seeking to enable rich, student-level dashboard systems


The Schools Interoperability Framework (or SIF) is a much more closed effort aiming to cover some of the same types of data sharing that inBloom currently supports. It's been in existence since the 1990's, received funding and support from Microsoft and a">slew of other coporate partners. SIF rebranded, and their current website is at but their old site - - can be accessed via the Internet Archive. Interestingly, Achieve - one of the driving organizations behind the Common Core - was also one of the first SIF partners.

SIF is in use by over 3200 school districts, allowing these districts to "share data related to entities in the educational marketplace, regardless of the platform hosting those applications."

Translated: schools and districts collect student data. This data can be stored anywhere, including the cloud, and shared with commercial vendors. That's the entire reason that the spec exists.

3. The Murdoch/Gates/Klein connection

This connection is likely the single biggest factor drawing attention to inBloom. Rupert Murdoch owns Wireless Generation (now rebranded as Amplify), which was a contractor for inBloom. Amplify is run by Joel Klein, the controversial and divisive ex-Chancellor of New York City Department of Education.

Individually, these three people have enraged people all over the social and educational spectrum. Collectively, you couldn't ask for a better trifecta of questionable intentions, mistrust, misdeeds, and misinformation.

4. Timing and Connections With Common Core

inBloom is getting rolled out in parallel with the Common Core State Standards. The fact that the ex-Executive Director for the Council of Chief State School Officers (a central player in the development of Common Core, and a recipient of Gates funding) is on the board of inBloom doesn't help downplay the connection. The fact that the Council of Chief State School Officers has been very open in its support of inBloom doesn't help downplay the connection either.

The Common Core connection, in combination with Murdoch/Gates/Klein connection, is toxic, and inBloom never directly or effectively addressed these issues.

5. Your School and District Already Has A Student Information System

Every single school and district in the United States collects and stores student data in a student information system, and is collecting data on your children. Companies are already making millions of dollars collecting and storing student data. This has been a normal, unquestioned part of operations for a while - in some schools, computerized records go back to the dark ages of DOS.

In many small to mid-size districts, "security" is a single sysadmin with a job description better suited for 5 people, with her work complicated by the fact that the Superintendent hates having to manage multiple passwords, so he uses either his dog's name or his kid's birthday for everything.

For those who think that stopping inBloom will affect the collection, use, or security of student data, think again. Data leaks out of districts are already happening. Get used to it. We'll see more.

Closing Thoughts

To Privacy Advocates Focusing Exclusively On inBloom: it's great to have you thinking about and acting on the real and ongoing need for student privacy. However, as documented above, these needs have existed for a while, and there are numerous other organizations within the education space besides inBloom equally deserving of scrutiny. If all you do is argue against inBloom, do not expect to be taken seriously as a privacy advocate. Expect to be relegated to the despised class of pundit, hack, politician, or sloganeer.

If, however, you are concerned about privacy and inBloom was your entry point to the conversation, then welcome aboard! Facebook, Google, Microsoft, Apple, and video game manufacturers are all gathering and selling data about our kids, with far less protection and oversight than in schools. Let's work to stop all of it. On a related note, if you are a "privacy advocate" organizing on Facebook, stop.

To Companies Like inBloom: be upfront about your connections and issues, and directly engage people who have concerns. The lack of response to some of the fear-inspired rhetoric around inBloom created a fantastic opportunity for misinformation to flourish. This is an enormous communications and public-relations failure. Don't be a bystander as someone else tells your story.

We need a thorough, informed conversation about data collection and use in schools. The current conversations about inBloom are comparable to the larger conversations about Common Core: long on rhetoric, with well intentioned people participating, but very short on fact. We can do better.

, , , ,