NY State Assembly Bill 2017-A2883

Archive: Last Bill Status - In Assembly Committee

Introduced
- In Committee Assembly
- In Committee Senate
- On Floor Calendar Assembly
- On Floor Calendar Senate
- Passed Assembly
- Passed Senate
Delivered to Governor
Signed By Governor

Please enter your contact information

First Name

Last Name

Email Address

A valid email address is required.

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Actions

View Actions

Date of Action	Assembly Actions - Lowercase Senate Actions - UPPERCASE
Jan 03, 2018	referred to education
Jan 23, 2017	referred to education

co-Sponsors

2017-A2883 (ACTIVE) - Details

Current Committee:: Assembly Education
Law Section:: Education Law
Laws Affected:: Add §756, Ed L
Versions Introduced in Other Legislative Sessions:: 2013-2014: A7243
2015-2016: A2628

2017-A2883 (ACTIVE) - Summary

Enacts the "K12 student privacy and cloud computing act" to prohibit service providers who offer cloud computing services to primary and secondary educational services from processing student data for commercial purposes.

2017-A2883 (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   2883
 
                        2017-2018 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             January 23, 2017
                                ___________
 
 Introduced by M. of A. SIMOTAS, ROSENTHAL, OTIS, FRIEND -- read once and
   referred to the Committee on Education
 
 AN  ACT  to  amend  the  education law, in relation to enacting the "K12
   student privacy and cloud computing act" to prohibit service providers
   who offer cloud computing services to  primary  and  secondary  educa-
   tional  institutions  from  processing  student  data  for  commercial
   purposes
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Short  title. This act shall be known and may be cited as
 the "K12 student privacy and cloud computing act".
   § 2. Legislative findings. The legislature hereby finds and declares:
   1. Cloud  computing  services  enable  convenient,  on-demand  network
 access  to  a shared pool of configurable computing resources (including
 networks, servers, storage, applications,  and  services)  that  can  be
 rapidly  provisioned  and  released  with  minimal  management effort or
 service provider interaction;
   2. Cloud computing services offer tremendous potential to  educational
 institutions  in  terms of helping consolidate technical infrastructure,
 reducing energy and  capital  costs,  increasing  collaboration  through
 "anytime-anywhere" access to applications and information, and realizing
 efficiencies, network resilience, and flexible deployment; and
   3.  Cloud computing service providers hold the potential to invade the
 privacy of students by tracking students' online activities for  commer-
 cial  purposes,  such as delivering behaviorally targeted advertising or
 otherwise improving advertising services that the service  provider  may
 offer  in connection with or separate from the services it offers to the
 educational institution.
   In light of the foregoing,  the  legislature  deems  it  necessary  to
 ensure  that  when  an educational institution engages a cloud computing
 service provider to process student data, that the service provider uses
 student data only for the benefit of  the  educational  institution  and
 does  not  use  such  data  for  the  service  provider's own commercial
 purposes.

 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD04150-01-7

 A. 2883                             2
 
   § 3. The education law is amended by adding a new section 756 to  read
 as follows:
   §  756.  STUDENT  PRIVACY AND CLOUD COMPUTING. 1. DEFINITIONS. FOR THE
 PURPOSES OF THIS SECTION, THE FOLLOWING TERMS SHALL HAVE  THE  FOLLOWING
 MEANINGS:
   (A)  "CLOUD  COMPUTING  SERVICE"  SHALL  MEAN  A  SERVICE THAT ENABLES
 CONVENIENT, ON-DEMAND NETWORK ACCESS TO A SHARED  POOL  OF  CONFIGURABLE
 COMPUTING  RESOURCES  TO  PROVIDE  A  STUDENT,  TEACHER  OR STAFF MEMBER
 ACCOUNT-BASED PRODUCTIVITY APPLICATIONS SUCH AS EMAIL, DOCUMENT  STORAGE
 AND  DOCUMENT  EDITING THAT CAN BE RAPIDLY PROVISIONED AND RELEASED WITH
 MINIMAL MANAGEMENT EFFORT OR CLOUD  COMPUTING  SERVICE  PROVIDER  INTER-
 ACTION.
   (B)  "CLOUD  COMPUTING  SERVICE  PROVIDER" SHALL MEAN AN ENTITY, OTHER
 THAN  AN  EDUCATIONAL  INSTITUTION,  THAT  OPERATES  A  CLOUD  COMPUTING
 SERVICE.
   (C)  "EDUCATIONAL  INSTITUTION"  SHALL  MEAN  ANY  PUBLIC OR NONPUBLIC
 SCHOOL, CHARTER SCHOOL, SCHOOL DISTRICT OR BOARD OF  COOPERATIVE  EDUCA-
 TIONAL  SERVICES SERVING STUDENTS IN GRADES KINDERGARTEN THROUGH TWELFTH
 GRADE.
   (D) "PERSON" SHALL MEAN INDIVIDUAL, PARTNERSHIP, CORPORATION,  ASSOCI-
 ATION, COMPANY OR ANY OTHER LEGAL ENTITY.
   (E)  "PROCESS"  OR "PROCESSING" SHALL MEAN TO USE, ACCESS, MANIPULATE,
 SCAN, MODIFY, TRANSFORM, DISCLOSE, STORE,  TRANSMIT,  TRANSFER,  RETAIN,
 AGGREGATE, OR DISPOSE OF STUDENT DATA.
   (F)  "STUDENT  DATA"  SHALL  MEAN  ANY INFORMATION OR MATERIALS IN ANY
 MEDIA OR FORMAT CREATED OR PROVIDED BY: (I) A STUDENT IN THE  COURSE  OF
 THE STUDENT'S USE OF THE CLOUD COMPUTING SERVICE; OR (II) AN EMPLOYEE OR
 AGENT  OF  THE  EDUCATIONAL INSTITUTION THAT IS RELATED TO A STUDENT. IN
 EACH CASE THE TERM "STUDENT DATA" SHALL INCLUDE, BUT NOT BE  LIMITED  TO
 THE  NAME,  ELECTRONIC MAIL ADDRESS, POSTAL ADDRESS, PHONE NUMBER, EMAIL
 MESSAGE, WORD PROCESSING DOCUMENTS, UNIQUE IDENTIFIERS, METADATA,  OF  A
 STUDENT, OR ANY AGGREGATIONS OR DERIVATIVES THEREOF.
   2.  PROHIBITION ON THE USE OF STUDENT DATA. ANY PERSON WHO, WITH KNOW-
 LEDGE THAT STUDENT DATA WILL BE PROCESSED, PROVIDES  A  CLOUD  COMPUTING
 SERVICE  TO  AN  EDUCATIONAL  INSTITUTION, IS PROHIBITED FROM USING THAT
 CLOUD COMPUTING SERVICE TO PROCESS STUDENT DATA FOR ANY  SECONDARY  USES
 THAT  BENEFIT  THE  CLOUD COMPUTING SERVICE PROVIDER OR ANY THIRD PARTY,
 INCLUDING, BUT NOT LIMITED TO, ONLINE BEHAVIORAL  ADVERTISING,  CREATING
 OR CORRECTING AN INDIVIDUAL OR HOUSEHOLD PROFILE PRIMARILY FOR THE CLOUD
 COMPUTING  SERVICE  PROVIDER'S OR ANY THIRD PARTY'S BENEFIT, THE SALE OF
 THE DATA FOR ANY COMMERCIAL PURPOSE, OR  ANY  OTHER  SIMILAR  COMMERCIAL
 FOR-PROFIT  ACTIVITY;  PROVIDED,  HOWEVER, A CLOUD COMPUTING SERVICE MAY
 PROCESS OR MONITOR STUDENT DATA SOLELY TO PROVIDE SUCH  SERVICE  TO  THE
 EDUCATIONAL INSTITUTION AND MAINTAIN THE INTEGRITY OF SUCH SERVICE.
   3.  CERTIFICATION  OF COMPLIANCE. ANY PERSON WHO ENTERS INTO AN AGREE-
 MENT TO PROVIDE A CLOUD COMPUTING SERVICE TO AN EDUCATIONAL  INSTITUTION
 MUST  CERTIFY  IN  WRITING  TO THE EDUCATIONAL INSTITUTION THAT IT SHALL
 COMPLY WITH THE TERMS AND CONDITIONS SET FORTH  IN  SUBDIVISION  TWO  OF
 THIS SECTION.
   § 4. This act shall take effect on the first of November next succeed-
 ing  the  date  on  which  it shall have become a law, provided that the
 commissioner of education and the board of  regents  are  authorized  to
 promulgate such rules and regulations as may be necessary for the timely
 implementation of this act on or before such effective date.

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Find your Senator and share your views on important issues.

Do you support this bill?

Assembly Bill A2883

Sponsored By

Archive: Last Bill Status - In Assembly Committee

Actions

co-Sponsors

2017-A2883 (ACTIVE) - Details

2017-A2883 (ACTIVE) - Summary

2017-A2883 (ACTIVE) - Bill Text download pdf

Comments

Do you support this bill?

Get Status Alerts for 2017-A2883

Assembly Bill A2883

Share this bill

Sponsored By

SIMOTAS

Archive: Last Bill Status - In Assembly Committee

Actions

co-Sponsors

Linda Rosenthal

Steven Otis

Christopher Friend

2017-A2883 (ACTIVE) - Details

2017-A2883 (ACTIVE) - Summary

2017-A2883 (ACTIVE) - Bill Text download pdf

Comments