The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”

According to

The COVID-19 virus is having an unprecedented effect on all aspects of our daily lives, and has hit the educational system especially hard with forced closures and cancellations.  Because educational institutions play such a vital role in our communities, the Department of Education (DOE) recently issued guidance in the form of Frequently Asked Questions (Guidance)  

The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges facing the grid, to describe federal efforts to address those risks, to assess the extent to which the Department of Energy

National security concerns related to drones range from illicit intelligence gathering to smuggling drugs and guns over the border or into prisons, to attacks like those conducted by terrorist groups. However, currently, unmanned aerial systems (UAS) counter technology (or counter-UAS) legal authority is limited.

Only the Department of Defense (DOD) and Department of Energy (DOE)

The Connecticut State Department of Education (DOE) recently published guidance on implementing civil rights protections for transgender students. The guidance, in part, provides information on issues related to requests that a school change a student’s education records to be consistent with their chosen name and gender identity. Notably, the guidance recognized tension that may arise

On February 22, 2017, the Department of Justice (DOJ) and Department of Education (DOE) withdrew their May 13, 2016 “Dear Colleague” letter that provided guidance on steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA). Although the letter did not add any requirements to the law, it did provide guidance to covered entities as to how agencies would interpret and enforce the law. The decision by DOJ and DOE to withdraw the letter has clouded the issue and left its application to transgender students in question.
Continue Reading DOE and DOJ Withdrawl of “Dear Colleague” Letter Leaves FERPA’s Guidance Unresolved

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational institutions.

  • In December, DeVry University Settled with the FTC for $100 million over allegations that it misled prospective students with ads that promised higher employment success and income upon graduation.
  • Also in December, UMass Amherst settled with the Office for Civil Rights (OCR) for $650,000 for HIPAA violations related to a malware infection that led to the release of names, addresses, Social Security numbers, dates of birth, health insurance information, diagnoses, and procedure codes.
  • In November, a hacker gained access to 1,213 records of applicants to the University of Wisconsin Law School.
  • On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” providing guidance on the application of FERPA to the disclosure of student medical records in the context of litigation.

Continue Reading Top Ten Education Developments, Breaches, and Settlements of 2016

On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” to provide guidance on the application of the Family Educational Rights and Privacy Act (FERPA) to the disclosure of student medical records in the context of litigation.

FERPA generally prohibits a school from disclosing personally identifiable information from a student’s education