A new class-action lawsuit against Curriculum Associates, the creator of the K-12 learning software i-Ready, alleges the company harvests and shares student data without permission. The complaint claims the platform builds commercial profiles of children, which raises questions about digital privacy in classrooms.
What Happened
The lawsuit was filed in the U.S. District Court for Massachusetts by parents of four elementary school students from California. The plaintiffs allege the company violates the federal Wiretap Act and state privacy laws by extracting personal information to predict and influence student behavior. The complaint also claims Curriculum Associates allows third parties to access this information for commercial gain.
Curriculum Associates denies the allegations. The company states the platform requires only the personal information needed for customized assessments and that it never sells student data or creates commercial profiles. Andrew Liddell, an attorney from the EdTech Law Center, expects the class of students to eventually reach millions.
The Bigger Picture
This litigation points to a data privacy crisis hidden inside America's classrooms. The situation highlights tension between academic tracking and unauthorized behavioral surveillance. While standard educational profiles store grades and attendance, many modern tools rely on behavioral telemetry to track keystrokes and click patterns.
As we previously reported on tracking student AI usage, schools are grappling with how vendors process student inputs. This legal challenge is not an isolated event. Recent actions against other education platforms show increased regulatory scrutiny. PowerSchool Naviance settled a class-action lawsuit for $17.25 million over "digital wiretapping" claims. Similarly, the College Board agreed to a $750,000 penalty for sharing student data in violation of New York state law.
What This Means for Families
A core issue in the i-Ready lawsuit is that students must use the software during the school day without individual parental consent. Under the Family Educational Rights and Privacy Act (FERPA), schools can mandate tools and share records with vendors under a "school official" exception.
This exception only applies if the vendor uses data for educational purposes and remains under the school's control. Families must distinguish between a company selling data and sharing it with third-party analytics providers. If a vendor uses student information for secondary purposes like targeted marketing or predictive modeling, it violates privacy standards regardless of whether money changed hands.
What You Can Do
- Ask about data minimization: Urge your school district to adopt a data minimization strategy. Schools should share only the minimum necessary student attributes with vendors.
- Demand transparency on telemetry: Ask administrators to explain what behavioral data mandatory platforms collect and confirm the district has responsible technology use policies.
- Request vendor data maps: Schools should maintain and share a clear data map that inventories which information reaches third-party software providers.
- Check for strict contract clauses: Ensure school board tech policies require written, enforceable "no-training" and "no secondary use" clauses in all ed-tech vendor contracts.