CIPA – Children’s Internet Protection Act

CIPA requires schools and libraries that receive federal funding (such as E-Rate discounts for internet access) to have internet safety policies in place. To comply with CIPA, the District:

• Uses content filtering to block access to harmful or inappropriate websites.

• Monitors online activities of students when using District devices or networks.

• Educates students about appropriate online behavior, including cyberbullying prevention and digital citizenship.

FERPA – Family Educational Rights and Privacy Act

FERPA protects the privacy of student education records. Under FERPA:

• Parents (and eligible students age 18 or older) have the right to access and request corrections to their child’s education records.

• The District cannot share personally identifiable information from student records without written consent, except in limited cases permitted by law (e.g., for educational purposes or with certain contractors).

• “Directory information” (such as a student’s name or participation in school activities) may be shared unless parents opt out.

COPPA – Children’s Online Privacy Protection Act

COPPA applies to websites, apps, and online services that collect personal information from children under 13. To comply with COPPA, the District:

• Reviews and approves all digital tools used in the classroom for compliance with student data privacy laws.

• Does not allow apps or services to collect personal data from students under 13 without verified parental consent.

• Limits the use of student data strictly to educational purposes.

In addition to federal protections, California has enacted state laws that further safeguard student information and ensure responsible data use by schools and third-party providers. Below is an overview of key California laws that guide our data privacy practices:

SOPIPA – Student Online Personal Information Protection Act (SB 1177)

SOPIPA protects K–12 students from the misuse of their personal information by online service providers. Under SOPIPA:

• Operators of educational websites, apps, and services cannot use student data for targeted advertising.

• Student information cannot be sold or used to create personal profiles unrelated to educational purposes.

• Providers must implement strong security practices to protect student data.

The District only partners with vendors who comply with SOPIPA requirements and use student data strictly for educational purposes. 

CCPA – California Consumer Privacy Act

The CCPA gives California residents greater control over their personal data. While it primarily applies to businesses, schools and educational institutions must ensure that any third-party vendors they work with handle student and family data in compliance with CCPA.

Under CCPA, California residents have the right to:

• Know what personal information is being collected about them.

• Request that their data be deleted.

• Opt out of the sale of their personal information.

While public schools are not directly subject to CCPA, OPUSD ensures that any third-party providers meet these standards when handling school-related data. 

CPRA – California Privacy Rights Act (an expansion of CCPA)

CPRA builds on CCPA by enhancing privacy protections and establishing the California Privacy Protection Agency to enforce data privacy laws. For schools and their vendors, CPRA:

• Expands the definition of “sensitive personal information,” including race, religion, geolocation, and more.

• Strengthens protections for minors, including clearer rules around data sharing and profiling.

• Increases transparency and accountability for vendors who handle student or family data.

The District reviews vendor contracts and data practices to ensure CPRA compliance and protect all members of our school community.

Student Data Privacy Agreements

To view a live list of vendors and applications that have a signed Data Privacy Agreement (DPA) with OPUSD, visit our DPA Resources page.

Oak Park Unified School District uses Google Workspace for Education to support teaching, learning, and communication. This suite of cloud-based tools helps students and staff collaborate, create, and stay organized in a secure, school-managed environment.

What is Google Workspace for Education?

Google Workspace for Education includes tools such as:

• Gmail – School-managed email accounts (students in certain grades only)

• Google Drive – Secure storage and sharing of documents, presentations, and assignments

• Docs, Slides, Sheets – Real-time collaboration and content creation

• Google Classroom – A digital hub where teachers share assignments, post announcements, and provide feedback

• Google Meet – Video conferencing for virtual learning and teacher-student meetings

• Calendar – Organize and manage schoolwork and events

Student Privacy and Safety

OPUSD manages all student accounts to comply with federal and state privacy laws, including FERPA, COPPA, SOPIPA, and CIPA. Google Workspace for Education:

• Does not display ads or use student data for advertising

• Restricts data collection and sharing to educational purposes only

• Provides administrative controls to manage access and ensure safe use

Student accounts are created and maintained by the District. Younger students may have limited access depending on grade level, and students are expected to follow the District’s Acceptable Use Agreement (AUA) when using their accounts.

Parent Involvement

We encourage families to:

• Talk with their children about responsible use of email, collaboration tools, and online communication.

• Review the Acceptable Use Agreement and our Student Privacy Guidelines.

• Contact your child’s teacher or school if you have questions about how Google Workspace tools are being used in the classroom.

At Oak Park Unified School District, protecting student data and privacy is a top priority. As technology becomes more integrated into teaching and learning, we are committed to ensuring that all digital tools and services used in our schools are safe, secure, and compliant with state and federal privacy laws.

Our Commitment

We take the following steps to protect student data:

• Vet all digital tools for compliance with privacy laws before they are used in classrooms.

• Limit data collection to what is necessary for educational purposes.

• Never sell student data or allow vendors to use it for advertising.

• Train staff and students on responsible use and data protection practices.

• Use secure systems for storing and managing student records.

Your Role as a Parent/Guardian

We encourage families to:

• Review our Acceptable Use Agreement (AUA)

• Discuss safe online behavior and digital citizenship with your child

• Monitor your child’s use of school technology at home

• Contact your school or the district if you have concerns about any app or tool being used