Lenders Mis­us­ing Stu­dent Data­base

Im­proper Searches Raise Pri­vacy Fears

The Washington Post Sunday - - Front Page - By Amit R. Pa­ley

Some lend­ing com­pa­nies with ac­cess to a na­tional data­base that con­tains con­fi­den­tial in­for­ma­tion on tens of mil­lions of stu­dent bor­row­ers have re­peat­edly searched it in ways that vi­o­late fed­eral rules, rais­ing alarms about data min­ing and abuse of pri­vacy, gov­ern­ment and univer­sity of­fi­cials said.

The im­proper search­ing has grown so per­va­sive that of­fi­cials said the Ed­u­ca­tion De­part­ment is con­sid­er­ing a tem­po­rary shut­down of the gov­ern­ment- run data­base to re­view ac­cess poli­cies and tighten se­cu­rity. Some worry that busi­nesses are trolling for mar­ket­ing data they can use to bom­bard stu­dents with mass mail­ings or other so­lic­i­ta­tions.

Stu­dents’ So­cial Se­cu­rity num­bers, e- mail ad­dresses, phone num­bers, birth dates and sen­si­tive fi­nan­cial in­for­ma­tion such as loan bal­ances are in the data­base, which con­tains 60 mil­lion stu­dent records and is cov­ered by fed­eral pri­vacy laws. “ We are just in shock that stu­dent data could be com­pro­mised like this,” said Nancy Hoover, di­rec­tor of fi­nan­cial aid at Deni­son Univer­sity in Ohio.

Ed­u­ca­tion De­part­ment spokes­woman Kather­ine McLane said the agency has spent more than $ 650,000 since 2003 to safe­guard the data­base. The de­part­ment has blocked thou­sands of users that it deemed un­qual­i­fied for ac­cess af­ter se­cu­rity re­views, McLane said, and it has blocked 246 users from the stu­dent loan in­dus­try for inap-

pro­pri­ately ac­cess­ing the data.

In gen­eral, the de­part­ment al­lows lenders to search records in the data­base only if they have a stu­dent’s per­mis­sion or a fi­nan­cial re­la­tion­ship with the stu­dent.

The de­part­ment has been “ vig­i­lant in its mon­i­tor­ing for unau­tho­rized uses” of the data­base, McLane said.

Con­cerns about pos­si­ble abuses of the data­base are emerg­ing as the stu­dent loan in­dus­try is un­der in­ves­ti­ga­tion by con­gres­sional Democrats and the New York at­tor­ney gen­eral. Crit­ics say the $ 85 bil­lion- a- year in­dus­try has co­zied up to gov­ern­ment and univer­sity of­fi­cials who are in a po­si­tion to help lenders.

This month, a pre­vi­ously ob­scure Ed­u­ca­tion De­part­ment of­fi­cial named Mat­teo Fon­tana was sus­pended af­ter the reve­la­tion that he owned more than $ 100,000 worth of stock in a stu­dent loan com­pany while he worked in a unit that helped over­see the in­dus­try — and the stu­dent loan data­base. The stock hold­ing raised ques­tions about a pos­si­ble vi­o­la­tion of con­flict- of- in­ter­est rules.

The data­base, known as the Na­tional Stu­dent Loan Data Sys­tem, was cre­ated in 1993 to help de­ter­mine whether stu­dents are el­i­gi­ble for stu­dent aid and to as­sist in col­lect­ing loan pay­ments. About 29,000 univer­sity fi­nan­cial aid ad­min­is­tra­tors and 7,500 loan com­pany em­ploy­ees have ac­cess to it.

In a re­cent meet­ing with univer­sity fi­nan­cial aid direc­tors, Theresa S. Shaw, chief op­er­at­ing of­fi­cer of the de­part­ment’s Of­fice of Fed­eral Stu­dent Aid, which man­ages the data­base, said lenders have been min­ing it for stu­dent data with in­creas­ing fre­quency, ac­cord­ing to three par­tic­i­pants at the meet­ing. In the de­part­ment’s hi­er­ar­chy, Shaw ranks above Fon­tana.

“ She said the data min­ing had got­ten out of con­trol, and they were try­ing to tone it down,” said Eileen K. O’Leary, di­rec­tor of stu­dent aid and fi­nance at Stone­hill Col­lege in Mas­sachusetts, who was at the Feb. 26 ses­sion. “ They’d seen the min­ing for a few years, but now they felt it had grown ex­po­nen­tially.”

The de­part­ment first started notic­ing a prob­lem in mid- 2003 when loan con­sol­i­da­tion be­came more pop­u­lar, ac­cord­ing to an agency of­fi­cial who spoke on con­di­tion of anonymity be­cause of the sen­si­tiv­ity of the mat­ter. As com­pa­nies be­gan to ag­gres­sively look for lowrisk bor­row­ers to tar­get for con­sol­i­da­tion plans, they turned to the data­base for prospec­tive cus­tomers, the of­fi­cial said.

Data­base users can view only one stu­dent record at a time, and the de­part­ment can mon­i­tor each time they view an en­try. “ When we see them go in and out very quickly, that’s when it raises flags” about data min­ing, the of­fi­cial said. Such abuse would vi­o­late de­part­ment rules.

Of­fi­cials grew so con­cerned that in April 2005, the de­part­ment sent out a let­ter to data­base users warn­ing that in­ap­pro­pri­ate use of the sys­tem — in other words, look­ing for in­for­ma­tion with­out au­tho­riza­tion — could cause their ac­cess to be re­voked. The let­ter said the agency was “ specif­i­cally trou­bled” that lenders were giv­ing unau­tho­rized users — such as mar­ket­ing firms, col­lec­tion agen­cies and loan bro­ker­age firms — the abil­ity to ac­cess the data­base.

“ In­for­ma­tion may not be used for any other pur­pose, in­clud­ing the mar­ket­ing of stu­dent loans or other prod­ucts,” wrote Fon­tana, then gen­eral man­ager of a unit in the de­part­ment that over­saw the lend­ing in­dus­try.

In Au­gust 2005, Cathy H. Lewis, the de­part­ment’s as­sis­tant in­spec­tor gen­eral, echoed those con­cerns in a memo to Shaw that warned of se­cu­rity prob­lems with the data­base and the lack of reg- ular au­dit trails on the sys­tem.

Through a spokes­woman, Shaw de­clined to com­ment. Fon­tana did not re­turn tele­phone calls.

Af­ter the warn­ings, in­ap­pro­pri­ate us­age of the sys­tem seemed to de­cline, ac­cord­ing to the de­part­ment of­fi­cial who re­quested anonymity. But sev­eral months ago, top man­agers learned that the prac­tice had re­sumed — “ a pat­tern that’s very alarm­ing,” the of­fi­cial said.

Some se­nior ed­u­ca­tion of­fi­cials are ad­vo­cat­ing a tem­po­rary shut- down of ac­cess to the data­base un­til tighter se­cu­rity mea­sures can be put in place, the of­fi­cial said. McLane con­firmed that such de­lib­er­a­tions are tak­ing place.

It is not cer­tain that the lenders that in­ap­pro­pri­ately used the data­base used in­for­ma­tion from it to mar­ket di­rectly to stu­dents. Credit bu­reaus, for in­stance, also hold per­sonal in­for­ma­tion on bor­row­ers that can be used to so­licit cus­tomers.

But de­part­ment of­fi­cials be­lieve lenders are prob­a­bly us­ing the data­base for mar­ket­ing, ac­cord­ing to three cur­rent and for­mer agency em­ploy­ees who spoke on con­di­tion of anonymity for fear of ret­ri­bu­tion. Some univer­sity fi­nan­cial aid ad­min­is­tra­tors sus­pect loan com­pa­nies are prob­a­bly tar­get­ing stu­dents in the data­base who take out loans di­rectly with the gov­ern­ment, known as di­rect loans.

“ The data­base is be­ing mis­used by the in­dus­try to raid the di­rect loan port­fo­lio,” said Craig Mu­nier, di­rec­tor of schol­ar­ships and fi­nan­cial aid at the Univer­sity of Ne- braska at Lin­coln, who was at the meet­ing with Shaw. “ It’s cer­tainly a mis­use of the in­tended pur­pose of the in­for­ma­tion and was cer­tainly not what we in­tended in the higher ed­u­ca­tion com­mu­nity when we built” the data­base.

Some fi­nan­cial aid direc­tors say abuse of the data­base would ex­plain why some stu­dents who have taken out loans only di­rectly with the gov­ern­ment are del­uged by up to a half- dozen so­lic­i­ta­tions a day from private loan com­pa­nies.

“ Our stu­dents are be­ing inun- dated with mar­ket­ing from con­sol­i­da­tion com­pa­nies,” said O’Leary, of Stone­hill Col­lege. “ How else are the con­sol­i­da­tion com­pa­nies get­ting our stu­dents’ in­for­ma­tion?”

Some fi­nan­cial aid ad­min­is­tra­tors hope in­quiries into the stu­dent loan in­dus­try will ex­tend to the pos­si­ble abuse of the data­base.

“ We are hop­ing that a full con­gres­sional in­ves­ti­ga­tion can hap­pen,” said Hoover, the Deni­son aid di­rec­tor, who also met with Shaw. “ And maybe then we will find out what’s re­ally hap­pen­ing.”

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.