Overview:
A federal lawsuit against Curriculum Associates alleges that its i-Ready platform illegally collects and shares sensitive student data without proper parental consent, setting off a major legal battle over privacy rights in education technology.
A group of K-12 students applied for a state class the case against Curriculum Associates, Inc., maker of the widely used i-Ready education platform, alleging that the company illegally collects and shares student data without proper consent. case, MC v. Curriculum Associatesemerges as an important legal battle over student privacy in the rapidly growing technology sector.
Filed on December 22, 2025, the complaint accuses Curriculum Associates of violating multiple state and federal privacy laws by collecting sensitive student information through digital learning tools. The plaintiffs are four California students represented by their parents who say the company collects data such as names, student IDs, grade levels, answers to course questions, and IP addresses, and shares that data with third-party service providers without express parental consent.
The lawsuit brings claims under several statutes, including the Federal Wiretap Act, the California Invasion of Privacy Act (CIPA), the California Comprehensive Computer Data Access and Fraud Act (CDAFA), and the Massachusetts Consumer Protection Act. Additional claims include negligence and unjust enrichment.
According to the complaint, Curriculum Associates allegedly transfers student data in real time to third-party vendors such as Google, Clever, and Munetrix, raising concerns about how that information could be used outside of educational purposes. Plaintiffs argue that these practices violate students’ privacy rights and expose them to potential risks, including data profiling and unauthorized data use.
Curriculum Associates denied the allegations. On February 27, 2026, the company filed an application movement to dismiss the lawsuit, arguing that the lawsuit is part of what it describes as a “psychologically motivated crusade” to reshape the way technology is used in schools through litigation instead of law.
In its filing, the company asserts that its practices fully comply with existing laws and long-standing regulatory frameworks, particularly the Family Educational Rights and Privacy Act (FERPA). Under FERPA and similar state laws, schools are allowed to authorize the collection and use of student data for legitimate educational purposes on behalf of parents.
The company also challenges the legal basis for the plaintiffs’ claims. It argues that its data collection does not constitute illegal “wiretapping” because the company cannot intercept its communications with users. Additionally, it maintains that sharing data with service providers for functions such as hosting, analytics, and technical support does not amount to illegal third-party access.
On April 3, 2026, the plaintiffs filed their motions opposition on the motion to dismiss, indicating that the legal dispute is far from being resolved. The court’s upcoming decision on whether the case will proceed could have a major impact on the edtech industry, particularly in terms of how student data is collected, shared, and managed.
As schools continue to integrate digital tools into everyday learning, MC v. Curriculum Associates highlights the growing tension between technological innovation and students’ privacy rights, an issue likely to remain at the forefront of education policy and legislative debates.
