If you haven't already seen the active discussion posted here ( New FERPA requirements for cross-listed courses! ), LeRoy Rooker, the director of the United States Department of Education's Family Policy Compliance Office, recently answered a question on the AACRAO website where someone asked about cross-listing courses in the LMS.  The answer given greatly shook up many institutions:

The language concerns the student who has opted out of disclosures under the "directory information" exception to signed consent.  This permits the institution to identify that student in the class that the student is attending, but an institution could not use this limitation on the student to then permit the disclosure of the attendance information to another class.  (Ask the FERPA Professor| resources| AACRAO)

Essentially, students in Section A have no expectation of not being identified to other students in Section A, but opted-out students in Section A do have a FERPA protected right to not be identified to students in Section B. It appears that the door remains open for true, in-person, cross-listed courses since those students meet at the same time in the same physical classroom attending class with each other. This does, however, limit courses where one instructor teaches four sections of the same course and simply wants to cross-list those into one course in Canvas for their own convenience where the students would not normally attend class with each other in the physical classroom.

Another scenario to consider is related to Title IX.  Due to Title IX, we have had, and could have more situations, where a student is moved from one section to another to avoid contact with another student in the same section.  If that were to occur and sections have been combined in Canvas, those same students could potentially be put back into contact with one another by the institution in Canvas.

Course-based LTI integrations are also a cause of privacy concern for many institutions as discussed during an excellent presentation at InstructureCon 2016 titled LTIs and FERPA​ and in a feature discussion:

Unlike all the other content types included in this permission, which are all native to Canvas, LTI tools have the ability pass through a great deal of student data to a third-party site. This can create legal risks around FERPA and other laws related to student records and privacy.  ( )

What can you do to help?

The most important thing that you can do to help is to make your voice heard -- talk to your CSM, talk to the Instructure leadership team participating in the forums like  @jared , talk to your Registrar or your CIO on your own campus, and participate in the online discussions here in the community.

Several excellent solutions have been discussed so far including a section-based privacy wall.  Visit these topics to join the discussion and vote for these feature requests:

• New FERPA requirements for cross-listed courses!
• LTIs and FERPA
• FERPA and Notifications
• Edit user settings so can only see their own section? How to set?​