Challenges to Opt-Out Privacy Policies at Colleges?

jmaxlow asks: "It's that time of year again when my university sends out mailers informing students that their personal information will be compiled and released in a student directory unless students register objections in writing by the deadline. This info includes name, address, date of birth, and email address, among other items, and there is nothing to prevent them from selling the information to third parties without vested interests. The Buckley Amendment allows them to do this, so of course it isn't illegal. But my question is: has anyone ever petitioned their university to change to an opt-in policy? I'd like to know what responses schools have given, if any, when challenged, before I bring it up with my own registrar."

Opt-Out is a Cop-Out

[ealar+dlanvuli]

Just a friendly public service reminder for those of you in the USA:
When your bank or brokerage sends you a copy of its privacy policy, full of ambiguous language, and saying "Since we protect your privacy, there's no need for you to opt out of our information sharing among our family of companies", do two things:

1) Opt-out. Yes, it means writing a letter and putting a stamp on it. Deal with it.

2) In your letter, mention that you're opting-out because it's your only option available under the law, but that you're doing so under protest - and that you consider anything less than opt-in a violation of your privacy rights. Congratulate the bank on coming up with a wording ("information sharing") that sounds so harmless that most consumers are unlikely to realize what it really means.

3) Print out a second copy and send it to your Representative and Senator. Use proper "Cc:" snail-mail etiquette -- you want your bank to know you're telling your Congresscritter, and you want your Congresscritter to know that your bank knows.

Thank the critter (especially if he or she voted for it) for the new privacy law that's forced banks to do this very small ("opt-out") notification. Tell them that you realize the bank (or more accurately, the DMA, on request of its members) to use a low response rate to this "you have an opportunity to opt-out" mailing campaign as "evidence" that the consumers really do like to eat their spam, "or they'd opt-out, but since 0.00001% actually bothered to opt-out, the other 99.99999% must like receiving special offers through the mail and telephone and email!".

Tell your congresscritters that silence does not imply assent.

You know the argument's bogus. But the DMA, with millions of dollars in lobby funds, is gonna try to make it. And they'll succeed, unless you - yes, you there, behind the keyboard - get off your ass and do something.

Silence does not imply assent. But the DMA is going to try very hard to convince your congresscritter that it does.

The logical response is to deny the DMA the silence it needs to pull off the scam.

Buckley amendment explained...

[lythander]

Buckley (Also know as FERPA) requires american educational institutions (all, not just post-secondary) to protect ALL student information from disclosure, with certain exceptions. The exceptions include inquiries from government agencies and other educational institutions (i.e. they can reply to another university when they call to check your transcript). This is OK mostly becasue these institutions have the same sorts of restrictions placed on them once they have the info.

The other big exception is for "directory" information. What comprises this information is up to the discretion of the university. You would think what sirectory info was would be obvious, or at least standard, but at least at the university I work at, a leading online university, does not count email address as directory information (because otherwise other online universities (read "for-profit") might be able to request, and we'd be required to provide, this information, and then PU spam is just a click away).

There was recently a story in the news of an elementary school in Texas somewhere who was publishing student info in this way. They were just following the letter and spirit of the law.

So opt out. Your school is following the law. If they put you in a student directory, then they have to give that info to anyone who asks.

Maybe they could publish a student directory with everyone assigned a code number, which you could then input to a student-restricted website to get the address of that hottie you've been wanting to stalk?

Re:Problem

[Monkelectric]

Never have I heard someone talk out of their ass so badly.

Universities of all types are money grubbing bastards. Even when I opted out of the student directory, my name was sold to a slew of companies, I got special student credit card offers, and all sorts of adds for graduation stuff, rings, invitations etc...

And as a former university employee, let me tell you WHY they do this. Government money is regulated, it can only legally be spent on what it is earmarked for. Once in my employment, we had 250k for equiptment but our other accounts were nearly depleted, we could hardly pay our employees and bills and we couldn't cheat. I ordered 100k worth of sun servers (which we also needed badly), but when we got them we couldn't afford the 900$ to have the power receptacles installed (3 prong 210V dealies), because that money had to come from out general fund not our equiptment fund.

So here's why universities are money grubbing bastards (atleast in the US). Money they get from ripping off students is *FREE MONEY*. They can put it in "discretionary funds" and do whatever the fuck they want with it. At my university "the money runs uphill and the shit runs downhill" (to quote the Sopranos). The chancelor stole money from wherever he could to the tune of like 2 mill a year in his discretionary fund. With a student body of about 15,000 you can see thats about 134$/year in fees per student, easily accomplished.