Well done on the consent form. Love the way it just drops reference to the real agreement:
https://sites.google.com/site/wiscgapps/wisconsin-google-apps-announcements/consentformandagreementavailable
Some of the confidentiality agreement is below. Love the way they name
Google as "School Official" to mitigate FERPA. I also linked Wikipedia below for CIPA, COPPA, and FERPA. These are federal, not sure what the state laws and guidelines are in Wisconsin.
Maybe I'm paranoid, and it's okay for targeted ads for tutoring services to follow little Johnny around for a few years. I do feel bad for Wisconsin K-12 IT. I'm sure they've worked hard over the years to provide systems and AAA (
http://en.wikipedia.org/wiki/AAAA_protocol) to help students, teachers and school officials protect information and student record data as required. Kiss that goodbye when managed AAA is replaced with self-managed peer-to-peer document security on a per-document basis. What's this "make public" checkbox? Looks cool! How many Wisconsin teachers and administrators are being trained to manage their own data governance in this environment?
---
5. Confidential Information.
5.1 Obligations.
Each party will: (a) protect the other party’s Confidential Information with the same standard of care, but no less than a reasonable standard of care, it uses to protect its own Confidential Information; and (b) subject to applicable law, not disclose the Confidential Information, except to Affiliates, employees and agents who have a reasonable need to know it and who have agreed in writing to keep it confidential. Each party (and any Affiliates, employees and agents to whom it has disclosed Confidential Information) may use Confidential Information only to exercise rights and fulfill its obligations under this Agreement, while using reasonable care to protect it. Each party is responsible for any actions of its Affiliates, employees and agents in violation of this Section.
5.2 Exceptions.
Confidential Information does not include information that: (a) the recipient of the Confidential Information already knew; (b) becomes public through no fault of the recipient (in the case of Google, without Google’s reference to Customer Data); (c) was independently developed by the recipient; or (d) was rightfully given to the recipient by another party.
5.3 Required Disclosure.
Each party may disclose the other party’s Confidential Information when required by law but only after it, if legally permissible: (a) uses commercially reasonable efforts to notify the other party; and (b) gives the other party the chance to challenge the disclosure.
5.4 FERPA.
The parties acknowledge that (a) Customer Data may include personally identifiable information from education records that are subject to FERPA (“FERPA Records”); and (b) to the extent that Customer Data includes FERPA Records, Google will be considered a “School Official” (as that term is used in FERPA and its implementing regulations) and will comply with FERPA.
---
FERPA
http://en.wikipedia.org/wiki/FERPA
CIPA
http://en.wikipedia.org/wiki/Children%27s_Internet_Protection_Act
COPPA
http://en.wikipedia.org/wiki/Children%27s_Online_Privacy_Protection_Act