PowerSchool, Chicago Schools Agree to Pay $17.25M Settlement

Resolving a legal battle over the boundaries of digital privacy in K-12 education, Chicago Public Schools (CPS) and cloud software company PowerSchool have agreed to a $17.25 million settlement. The deal, reached this week, aims to resolve claims that the defendants “systematically” violated students’ privacy rights through the covert tracking and recording of student communications, according to a motion for preliminary approval of the settlement.

The multimillion-dollar payment follows a massive data breach, detailed in the court filings, and responds to claims that both PowerSchool and CPS improperly collected, monitored and shared the personal data and private communications of millions of students across the United States. The litigation comes amid growing scrutiny regarding how sensitive, confidential information is handled by ed-tech vendors.

SCOPE OF THE ALLEGATIONS

The lawsuit, originally filed in August 2023, centered on the cloud-based platform Naviance, which is owned by PowerSchool, and has been used by millions of students nationwide for college and career planning, communication and tracking academic progress, according to PowerSchool’s website.

According to the complaint, the defendants, CPS and PowerSchool, violated students’ privacy by using online tools to harvest a wide array of data. This allegedly included names, student identification numbers, graduation years and demographic information, as well as student photographs and survey responses about career interests.

The lawsuit also alleged that the defendants improperly collected and monitored students’ and teachers’ private communications. The plaintiffs asserted that students thought their messages were private, when in fact their data was being shared behind the scenes. This led to allegations that the defendants engaged in “unlawful wiretapping” and “eavesdropping,” violating the Stored Communications Act, as well as constitutional and state privacy protections, the lawsuit said.

A FAILURE OF OVERSIGHT

The lawsuit also suggests CPS “failed to oversee vendors” and “allowed unmonitored access to student records.” Moreover, the narrative presented by the plaintiff, a student who identifies as Q.J. and who represents the students impacted by the data breach, is one of misplaced trust: They claim the district relied on a tech provider’s expertise but “didn’t adequately safeguard student data” or “ensure data protections were followed.”

Notably, CPS reportedly required students to use the Naviance platform for graduation planning and school communications, so they were unable to opt out of data collection practices they later challenged in court.

TERMS OF THE SETTLEMENT

Under the terms of the proposed agreement, the $17.25 million settlement will provide relief to a class of over 10 million students and parents. However, the financial payout does not come with an acknowledgment of fault. While continuing to deny liability, PowerSchool agrees to create a web governance committee to assess analytics and advertising technologies in the Naviance platform, and for the next two years the company will refrain from using any software, technology or code in Naviance from a third party unless specifically approved by that committee.

In a prior statement issued in May 2025, PowerSchool defended its security protocols.

According to the motion, the settlement fund will be used to cover notice and administration costs, service awards for the class representatives, and attorneys’ fees, with the remaining balance distributed to eligible class members. Additionally, the court document stated that as part of the settlement, CPS must mandate annual privacy certifications from its vendors.