On Monday, Jeff Lail posted a tweet with a link to a story about a possible FERPA violation at Talladega College. According to the Daily Home, the Talladega College president is accusing a local politician of a privacy violation. The accused allegedly acquired student mailing addresses from Talladega College's student directory and then sent out campaign materials to their home address. I'm not going to delve into the various allegations in the article at the Daily Home. Instead, I would like to address the fact that we often cry "FERPA foul" when none has actually taken place.
Directory information is information that schools can disclose without consent. Students are supposed to be given the option to request that their information not be disclosed. However, this is sometimes lost in the shuffle of orientation. The FERPA page at ED.gov lists what qualifies as publicly disclosable information: a student's name, address, telephone number, date and place of birth, honors and awards, and dates of attendance. What someone does with that information is another matter. Was the use of directory information at Talladega College a FERPA foul? No. Perhaps a bit "sketchy" or some might even say creative, but still not a FERPA violation.
One of the important aspects to consider about directory information access is the ability for outside entities to harvest that information. While schools "may" disclose directory information, they get to choose how they do it. A lot of institutions have implemented coding on their databases that limits the number of requests that you can make on their online directory in a certain time frame. What this means is that it is much harder to digitally harvest that directory information to use in ethically questionable activities.
Do you tweet? Let's connect. Follow me on Twitter.