Employees can support educational success for students by understanding the applicable legal framework. Below are answers to questions students frequently ask about privacy and immigration-related issues.
FAQ: Student Data Privacy
1. What laws protect the privacy of a student’s educational records?
The Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g; 34 C.F.R. Part 99, and the Minnesota Government Data Practices Act (MGDPA), Minn. Stat. § 13.32.
2. What is an educational record of a student?
Records maintained by the college or university that are directly related to a student. Educational records can be in any format.
3. What are common types of educational records held by Minnesota State colleges and universities?
Because the definition of educational record is broad, most information about a student maintained by a college or university is an educational record. This may include things such as a student’s application for admission, records in the Integrated Student Record System (ISRS), records concerning financial aid, academic records such as class lists and grades, student housing records, conduct records, etc.
4. What is the basic responsibility of all Minnesota State employees towards student educational records?
Generally, student educational records are private. As a result, a college or university needs written permission (consent) from a student in order to release any information from a student’s educational records to a person or entity outside the institution unless an exception to FERPA applies.
5. What is “directory” information?
Directory information is public information in a student’s educational records. Directory information would not generally be considered harmful or an invasion of privacy is disclosed. As a result, directory information is public unless a student opts out of release of directory information. Each college and university establishes its own definition of directory information but common examples include a student’s name, dates of attendance, major field of study, etc. Please review RCTC’s student information policy for a specific list of directory information, as well as the procedures for a particular student opting-out of allowing release of directory information.
6. What are exceptions allowing non-consensual release of student records?
There are exceptions to FERPA and the Minnesota Government Data Practices Act that allow sharing of educational records without a student’s consent. These include release in a health or safety emergency, release to officials at a college or university to which a student is transferring, etc. One important exception is “to comply with a judicial order or lawfully issued subpoena.”
7. What if law enforcement requests a student’s educational records?
A college or university must follow FERPA and the MGDPA when law enforcement requests student educational records. This means that a college or university must obtain a student’s voluntary consent to release their records to law enforcement OR there must be an exception that authorizes non-consensual release. As noted above, one such exception is “to comply with a judicial order or lawfully issued subpoena.”
8. How should a college or university handle judicial orders or lawfully issued subpoenas?
All subpoenas, warrants, or other judicial orders should be directed to Nate Stoltman, Executive Director of College Relations and Data Practices Compliance Officer.
9. Who is responsible for protecting student records at a college and university?
It is the responsibility of all employees to protect student educational records. Any person requesting information on students should be referred to the Data Practices Compliance Official (DPCO) or other appropriate administrator at the college or university.
10. What resources are available on FERPA and student educational records?
- Every college and university has a student records policy that describes how it complies with FERPA and the MGDPA.
- The Office of General Counsel has information on its website at Minnesota State – DPCO Directory.
- The Family Compliance Office, which is part of the United States Department of Education, has resources on FERPA, including summary documents, guidance, and frequently asked questions available at OCPO Home Page | U.S. Department of Education.
FAQ: Immigration and Customs Enforcement
1. What is ICE?
U.S. Immigration and Customs Enforcement (ICE) enforces federal laws governing border control, customs, trade, and immigration to promote homeland security and public safety. ICE was created in 2003 through a merger of the investigative and interior enforcement elements of the former U.S. Customs Service and the Immigration and Naturalization Service. ICE now has more than 20,000 employees in more than 400 offices in the United States and 46 foreign countries. The agency has an annual budget of approximately $6 billion, primarily devoted to two operational directorates —Enforcement and Removal Operations and Homeland Security Investigations. These two operational directorates are supported by Management and Administration and Office of the Principal Legal Advisor to advance the ICE mission.
2. What does ICE do?
Immigration enforcement is the largest single area of responsibility for ICE. While certain responsibilities and close cooperation with U.S. Customs and Border Protection, U.S. Citizenship and Immigration Services, and others require significant ICE assets near the border, the majority of immigration enforcement work for ICE takes place in the country’s interior.
3. Can ICE personnel come on campus and seize student records?
ICE is governed by the same rules as other law enforcement agencies when it comes to search, seizure, and entering powers. Generally speaking, law enforcement cannot require a Minnesota State employee to produce documents without a subpoena or warrant.
4. Can ICE personnel compel Minnesota State employees to produce private data on undocumented students?
No. The Family Educational Rights and Privacy Act (FERPA) and Minnesota Government Data Practices Act (MGDPA) apply to the records of all students, regardless of immigration status. Consequently, private data will be provided only as required by law, which in this case would mean pursuant to a valid subpoena or warrant.
5. Can ICE personnel compel Minnesota State employees to participate in a law enforcement action? For example, can ICE ask a Minnesota State employee to assist with the arrest and/or detention of an individual?
No. While we must not interfere with lawful ICE investigations, the U.S. Supreme Court has ruled that the federal government cannot commandeer state employees to participate in the actions of the federal government.
6. How does ICE conduct investigations?
ICE has the same investigatory powers as most law enforcement agencies, including the authority to issue subpoenas. Importantly, ICE must actually issue a subpoena to receive student records.
7. Who should be responsible for responding to an ICE subpoena or warrant?
An ICE subpoena for a student’s records should be referred to Nate Stoltman, RCTC’s Data Practices Act Compliance Official (DPCO). Please send a copy of the subpoena to Daniel McCabe, Assistant General Counsel (Daniel.mccabe@minnstate.edu).
8. What documents can ICE ask for in a subpoena or warrant?
ICE can ask for a broad array of documents pertaining to the investigation of an individual, including documents typically protected from disclosure by FERPA and/or the MGDPA.
9. Can ICE issue “blanket” subpoenas or warrants asking for the names of all students who are not Pell-eligible, for example?
No. ICE subpoenas or warrants must be issued in the matter of a named, targeted individual.
10. How can I tell if an ICE subpoena or warrant is valid?
Please send a copy of the subpoena to Daniel McCabe, Assistant General Counsel (Daniel.mccabe@minnstate.edu).
11. What happens if a college or university ignores an ICE subpoena or warrant?
If a subpoena or warrant is neglected or refused, ICE may petition the relevant United States District Court to issue an order enforcing the subpoena or warrant.
12. Will colleges and universities continue to be “sensitive locations”?
No. In the past, ICE identified colleges and universities as “sensitive locations” where it would not engage in enforcement activities absent certain exigent or special circumstances. ICE recently rescinded the “sensitive locations” guidelines.
13. What steps should an employee take if contacted by an ICE agent on campus?
We suggest that each college and university designate a single point of contact responsible for interacting with ICE. At RCTC, this is Nate Stoltman, Data Practices Compliance Official (DPCO). All employees should direct ICE agents to that point of contact.
14. Can ICE agents access all campus areas?
No. As public colleges and universities, Minnesota State institutions welcome the public to significant portions of our campuses. For example, many campuses have outdoor space, parking lots, and indoor common-use areas open to the public. Some areas, however, are restricted due to privacy concerns, operational needs or safety considerations. Examples of such restricted areas that are not generally open to the public include student rooms in residence halls, classrooms in session, faculty and administrative offices, etc. ICE agents are subject to the same access restrictions as other members of the public.
It is important to note that ICE or other Department of Homeland Security personnel may also be on campus for reasons unrelated to enforcement actions. For example, a college or university with international programs is required to report certain information about F-1 or J-1 visa status students to ICE. This reporting is routine, and colleges and universities are required to comply with on-site visits to review such records when requested.
QUICK REFERENCE GUIDE
DPCO: Data Practices Act Compliance Official (college or university president designates)
FERPA: Family Educational Rights and Privacy Act
MGDPA: Minnesota Government Data Practices Act
ICE: U.S. Immigration and Customs Enforcement
ISRS: Integrated Student Record System (Minnesota State’s database)
January 2025