Education Law Insights

New Legislation Leaves Illinois Schools “Locked Out” of Student Social Media Accounts

Posted by EdLaw on September 1, 2015

Recent amendments to Illinois law draw back on rights of post-secondary, secondary, and elementary schools to request or require access to student social networking accounts such as Facebook and Twitter. School districts and nonpublic schools are now essentially “locked out” of student accounts, as they can no longer request or require access to the accounts even when there is reason to believe a violation of school rules has occurred. Now, schools can only require a student to “share the content” of an account, and only when the school has received a direct report of “specific information” about activity on the account that violates school rules or policies. The removal of the right to require a student to turn over password or other account information so the school can gain access to the student’s account or profile is a significant limit on schools’ ability to effectively address off-campus, online misconduct impacting Illinois schools, including cyberbullying and sexting.

The previous version of the Right to Privacy in the School Setting Act, which was signed into law in 2013 and became effective January 1, 2014, allowed post-secondary, secondary, and elementary schools to request or require a student to provide a password or other related account information where the school had “reasonable cause” to believe that the account contained evidence that the student had violated a school disciplinary rule or policy. Elementary and secondary schools were required to provide notice to parents of this right, which we advised be provided through student handbooks and formal school or school district discipline policy.

Recent amendments to the law in Public Act 99-0460 curtailed the rights so recently granted to schools. The amended law, effective August 25, 2015, now prohibits schools from requesting or requiring student password or other social media account information in any circumstance. Instead, schools only may require a student “to cooperate” in an investigation including social networking misconduct and only if there is “specific information about activity on the student’s account” that the student violated a school disciplinary rule or policy. The student may be required to “share the content that is reported” to help the school “make a factual determination,” but schools no longer have the right to “request or require” the student to relinquish his or her password or provide the school access to general account information.

Legislative history suggests that the goal of the amendments was to address interactions between the Right to Privacy in the School Setting Act and recent cyberbullying legislation passed in Illinois (Public Act 98-0801). This “Cyberbullying Bill” amended the School Code effective January 1, 2015, to make clear that student cyberbullying in “non-school-related locations” or via a student’s own personal technology is prohibited if the cyberbullying causes a substantial disruption to the educational process or orderly operation of a school. The Cyberbullying Bill stated that this prohibition applies to cases in which a school administrator or teacher receives a report that cyberbullying occurred and that districts and schools are not required to staff or monitor non-school related activities, functions, or programs. Illinois Representative Mike Fortner, who sponsored the Bill that amended the Right to Privacy in Schools Act, explained that the law “restricts the school’s ability to access Facebook to only those specific cases of cyberbullying which are either reported to the school or were observed by school personnel.”

The law unquestionably is a significant draw back on the tools available to schools to effectively address misconduct by students on social media. Schools now essentially must rely on the word of students that they have in fact turned over all requested content, as opposed to being able to verify that all content has been obtained directly through the student’s social media account. Notably, this is not the first time that schools have been locked out of social media accounts that may have a serious impact on schools. As I discussed in an article for the Illinois School Law Journal and an FR alert, a 2012 Illinois law essentially locked school districts out of employee social media accounts under very similar circumstances to those at issue in this student law. Although an amendment to that so-called Facebook Password Law went into effect January 2, 2014, as we reported at the time that amendment did not make clear what access was allowed.

Schools can thus rely on lessons learned from the employee Facebook Password Law to address how to respond to the new limitations in the student sphere. For example, when schools learn of a cyberbullying or other online, off-campus student issue, they can use tools such as interviewing students, looking for publicly available information online, obtaining relevant documents in possession of law enforcement, and determining if another party may provide access to the social media account information. This, in addition to demanding the student turn over the content at issue, will help ensure that the school has as much information as possible when addressing an online misconduct situation. As with the employee Facebook Password Law, schools should not hide behind the amended Right to Privacy in the School Setting Act as an excuse for failing to conduct a thorough and prompt investigation into misconduct affecting the school.

The Right to Privacy in the School Setting Act continues to require that elementary and secondary schools provide notice to parents before the school can obtain the access authorized by the Act. School districts and nonpublic schools recognized by the Illinois State Board of Education thus should take steps now to provide parents the required notice. We continue to recommend that the notice language be contained in both student handbooks and the district’s and/or school’s formal discipline policy. In light of the timing of this new law, which comes just after the start of the school year when student handbooks likely have already been distributed to students, we advise that school districts and schools move forward with amendments to their discipline policies to provide the required notice at this time.

Legal Issues for BYOD and 1:1 Programs in Schools: #Edchat Follow-Up

Posted by Brian Crowley on February 12, 2013

Each Tuesday the #Edchat hashtag brings together educators from across the globe to discuss education-related topics on Twitter. (For those wondering “What is #Edchat,” one of the founders describes the movement here.) Last week one of the questions on #Edchat was “How do we train educators to teach in programs like BYOD and 1:1?” The chat was timely because the Internet is abuzz with questions about whether BYOD programs and 1:1 programs have a place in the classroom. BYOD programs are programs through which schools tell students “bring your own devices” to the classroom for pedagogical use, and 1:1 programs are programs through which schools equip each student with a school-owned electronic device for school-related use.

As the transcript shows, there was a lively conversation with hundreds of Tweets discussing the benefits of BYOD and 1:1 programs. For instance, participants pointed out that BYOD and 1:1 programs allow technology to be more seamlessly integrated into the classroom in ways the traditional computer lab never allows. Participants also noted that use of technology in the classroom can help turn students from “tech comfy” to “tech savvy.” (The idea is described more here.)

The participants also pointed out some of the risks of BYOD and 1:1 programs. As one participant put it, “Moving forward with 1:1 without preparing teachers properly creates school culture and pedagogical problems.” But there are also important legal risks, and school districts should not move forward with BYOD or 1:1 programs without preparing educators to understand those risks, as well. I pointed this out in a few Tweets, and was asked by some participants to provide some resources about those legal risks.

(more…)