An Open Letter to CSULA Students Regarding Student Safety and Privacy

“The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records.”

Obviously, student privacy is a very important privilege that we, as students, are loathe to relinquish. For this reason, to keep personally identifying information on a more confidential basis, Campus Identification Numbers, perhaps better known as CINs, began to take the place of Social Security numbers as the official means of identifying students on our University records. Still, CINs are held by University standards and confidential information that is not permitted to be disclosed for public view.

We already know that CINs play an important part our lives as students. We use this information to access our transcripts, access our financial aid, enroll in classes, and now we can even use it to create new bank accounts. One would believe that such sensitive information would be kept secure under the strictest of guidelines, however, as of Thursday May 14, 2009, it came to my attention after a tip-off from a member of the newly elected Beltran slate that this identifying information was available for public view on a campus department website. Sadly, this was not an isolated incident of a few CINs being disclosed as the website contained the records of every single enrolled student for every quarter dating back as far as the past 4 years.

First, before going into an uproar, I would like to commend the actions of Vice President for Student Affairs and his staff for immediately taking action to remedy this incident after I alerted him to this breach in security. Because of their quick and decisive actions, the website was stripped of this information as of Friday May 15, 2009 at approximately 3:00 PM. However, the fact that such information was on a University funded website is inexcusable and irresponsible.

Yes, I did file a complaint with ASI based on the fact that this situation may have compromised the ASI Elections. After all, during these ASI elections, all that was needed to vote was a CIN of a currently enrolled student. There was no need for any verifying information and if a candidate or slate had knowledge of a website with this information posted, this leads to the automatic suspicion that all votes may not have been valid. And with the danger of sounding repetitive, I first learned of this issue from a member of the Beltran slate. However, this goes far beyond the validity of a simple ASI election. This deals directly with the safety of identifying student information that was posted online that provides an avenue for possible abuse. With such sensitive information floating around, the repercussions are almost too horrible to imagine but include grade tampering, fraud, and even identity theft.

Let’s make this very clear. Policies and guidelines, when created to provide for the safety of students, should be followed, not broken or amended to fit the desires of a few individuals who have displayed a history of irresponsibility in the past. It is my personal opinion that everyone should be held to be accountable for their actions and to the same standards as any other person. Whether incidents like this happen today or a year from now, we as students should take an active role in ensuring the future success of the continued quality of our education.