Amendment intends to define ‘reasonable cause’ in Illinois cyber privacy law

ILLINOIS — A proposed amendment to Illinois’ cyber privacy law would bar school officials from accessing student social media accounts to investigate cyberbullying without specific incident complaints or observed rule violations.

The bill, which Reps. Mike Fortner and La Shawn Ford introduced on Feb. 26, aims to clarify a 2013 law requiring schools to inform students and parents that administrators may require access to a student’s social networking account password if the school has “reasonable cause” to believe that the student’s account “contains evidence that the student has violated a school disciplinary rule or policy.”

“All this bill seeks to do is to clarify what reasonable cause means,” Fortner said. “We hope to make it clear that the policy is not meant to direct schools to collect Facebook passwords merely on a prospective basis so that they can deal with potential threats of cyberbullying. It has to be a response to an actual action.”

When the Illinois statute was enacted in 2013, it was billed as enhancing students’ privacy rights. But the provision in the law enabling schools to compel students to disclose their login information for “reasonable cause” has provoked an outcry from parents and students who fear the law may have the opposite effect and lead to more school searches of students’ non-public social media pages.

Brian Schwartz, associate director and general counsel of the Illinois Principals Association, said there are “real problems with trying to set a specific definition for reasonable cause.”

“It takes away flexibility for administrators to determine whether such cause exists on a case-by-case basis,” he said. “I don’t think this amendment solves the underlying problem, and I think it could create an even more confusing situation.”

Schwartz said that the principals association opposes the 2013 law and that “school administrators should not be asking students for their social network passwords unless it is truly a life-or-death situation.” However, Schwartz said he generally supports the reasonable cause standard in a school setting.

“Reasonable cause allows school officials to work with students to correct problems in a structured school environment,” he said. “The ideal situation is to leave the reasonable cause standard as it currently exists, but to work with school administrators and teachers so that they appreciate and respect a student’s right to privacy but still have the tools necessary to get the information that they need when a school rule is broken.”

Fortner said an overly broad reasonable cause standard could lead to too much flexibility for school administrators. He said he hopes the amendment will help create a balance between a student’s right to privacy and a school’s ability to access information.

“I would not support a carte blanche that allows schools to require passwords on a prospective basis. That was never the original intent of the bill,” he said. “But if there’s an actual instance of cyberbullying, either observed or reported, then they should be able to collect passwords that might lead to evidence of cyberbullying.”

Contact SPLC staff writer Elaina Koros by email or at (202) 974-6317.