Email APIRFI@ed.gov with a subject like "RFI #2014-08649 response" and include one or more to-the-point response like:
- Please make more APIs available for higher education data.
- Please make all financial aid transactions available as write APIs.
- All public data from the Department of Education should be queryable through an API.
- Anything I have to submit to the Department of Education, I should be able to submit through 3rd party apps.
- Given today's technology, it's important to offer RESTful read/write APIs for any government process.
...Be sure to include any other initial thoughts that you have.
To be clear - even if all you do is email just one or two brief comments like the above, that makes a difference. Please at least do this. If you have a touch more time, consider a slightly more complete response, along the lines of...
Email APIRFI@ed.gov with a subject like "RFI #2014-08649 response". You can use the below Email Template and append your responses to the end. These can be free form or by copying and pasting individual questions from the below list and including your responses to each prompt in line.
To Whom It May Concern.
I am writing in response to the Department of Education Request for Information (#2014-08649), entitled "Request for Information on the Use of APIs in Higher Education Data and Student Aid Processes."
Thank you for investigating this topic. Technology and business trends have shown that an API-first model is central to modernizing systems and truly serve customers. It's critically important that the Department of Education step up its efforts in this area. Below are answers to some of your request for information. Thank you for your consideration.
<< Add in Your Responses Here >>
[copy and paste individual questions along with your responses into your email response]
Section A, Question 1: How could data sets that are already publicly available be made more accessible using APIs? Are there specific data sets that are already available that would be most likely to inform consumer choice about college affordability and performance?
Section A, Question 2: How could APIs help people with successfully and accurately completing forms associated with any of the following processes: FAFSA; Master Promissory Note; Loan Consolidation; entrance and exit counseling; Income-Driven Repayment (IDR) programs, such as Pay As You Earn; and the Public Student Loan Forgiveness program?
Section A, Question 3: What gaps are there with loan counseling and financial literacy and awareness that could be addressed through the use of APIs to provide access to government resources and content?
Section A, Question 4: What services that are currently provided by title IV student loan servicers could be enhanced through APIs (e.g., deferment, forbearance, forgiveness, cancellation, discharge, payments)?
Section A, Question 5: What current forms or programs that already reach prospective students or borrowers in distress could be expanded to include broader affordability or financial literacy information?
Section B, Question 1: If APIs were available, what types of individuals, organizations, and companies would build tools to help increase access to programs to make college more affordable?
Section B, Question 2: What applications and features might developers, schools, organizations, and companies take interest in building using APIs in higher education data and services?
Section B, Question 3: What specific ways could APIs be used in financial aid processes (e.g., translation of financial aid forms into other languages, integration of data collection into school or State forms)?
Section B, Question 4: How can third-party organizations use APIs to better target services and information to low-income students, first-generation students, non-English speakers, and students with disabilities?
Section B, Question 5: Would APIs for higher education data, processes, programs or services be useful in enhancing wraparound support service models? What other types of services could be integrated with higher education APIs?
Section C, Question 1: What private-sector or non-Federal entities currently offer assistance with higher education data and student aid programs and processes by using APIs? How could these be enhanced by the Department's enabling of additional APIs?
Section C, Question 2: What private-sector or non-Federal entities currently work with government programs and services to help people fill out government forms? Has that outreach served the public and advanced public interests?
Section C, Question 3: What instances or examples are there of companies charging fees to assist consumers in completing otherwise freely available government forms from other agencies? What are the advantages and risks to consider when deciding to allow third parties to charge fees to provide assistance with otherwise freely available forms and processes? How can any risks be mitigated?
Section C, Question 4: Beyond the IRS e-filing example, what other similar examples exist where Federal, State, or local government entities have used APIs to share government data or facilitate participation in government services or processes—particularly at a scale as large as that of the Federal Student Aid programs?
Section D, Question 1: What elements would a read-write API need to include for successful use at the Department?
Section D, Question 2: What data, methods, and other features must an API contain in order to develop apps accessing Department data or enhancing Department processes, programs, or services?
Section D, Question 3: How would read-only and/or read-write APIs interact with or modify the performance of the Department's existing systems (e.g., FAFSA on the Web)? Could these APIs negatively or positively affect the current operating capability of such systems? Would these APIs allow for the flexibility to evolve seamlessly with the Department's technological developments?
Section D, Question 4: What vulnerabilities might read-write APIs introduce for the security of the underlying databases the Department currently uses?
Section D, Question 5: What are the potential adverse effects on successful operation of the Department's underlying databases that read-write APIs might cause? How could APIs be developed to avoid these adverse effects?
Section D, Question 6: How should APIs address application-to-API security?
Section D, Question 7: How should the APIs address API-to-backend security issues? Examples include but are not limited to authentication, authorization, policy enforcement, traffic management, logging and auditing, TLS (Transport Layer Security), DDoS (distributed denial-of-service) prevention, rate limiting, quotas, payload protection, Virtual Private Networks, firewalls, and analytics.
Section D, Question 8: How do private or non-governmental organizations optimize the presentation layer for completion and accuracy of forms?
Section D, Question 9: What security parameters are essential in ensuring there is no misuse, data mining, fraud, or misrepresentation propagated through use of read-only or read-write APIs?
Section D, Question 10: With advantages already built into the Department's own products and services (e.g., IRS data retrieval using FAFSA on the Web), how would new, third-party API-driven products present advantages over existing Department resources?
Section D, Question 11: What would an app, service or tool built with read-write API access to student aid forms look like?
Section E, Question 1: How could the Department use APIs that involve the use of studentrecords while ensuring compliance with potentially applicable statutory and regulatory requirements, such as the Family Educational Rights and Privacy Act (2*: U.S.C. 1232g; 3*: CFR Part 99*: and the Privacy Act (5 U.S.C. 552*: and 3*: CFR Part 5b)?
Section E, Question 2: How could APIs ensure that the appropriate individual has provided proper consent to permit the release of privacy-protected data to a third party? How can student data be properly safeguarded to prevent its release and use by third parties without the written consent often required?
Section E, Question 3: How might read-only or read-write APIs collect, document, and track individuals' consent to have their information shared with specific third parties?
Section E, Question 4: How can personally identifiable information (PII) and other financial information (of students and parents) be safeguarded through the use of APIs?
Section E, Question 5: What specific terms of service should be enabled using API keys, which would limit use of APIs to approved users, to ensure that information is not transmitted to or accessed by unauthorized parties?
Section E, Question 6: What are the relative privacy-related advantages and disadvantages of using read-only versus read-write APIs for student aid data?
Section F, Question 1: What are the relative compliance-related advantages and disadvantages of using read-only versus read-write APIs for student aid data?
Section F, Question 2: How can the Department prevent unauthorized use and the development of unauthorized products from occurring through the potential development of APIs? How might the Department enforce terms of service for API key holders, and prevent abuse and fraud by non-API key holders, if APIs were to be developed and made available?
Section F, Question 3: What kind of burden on the Department is associated with enforcing terms and conditions related to APIs?
Section F, Question 4: How can the Department best ensure that API key holders follow all statutory and regulatory provisions of accessing federal student aid funds and data through use of third-party products?
Section F, Question 5: How could prior consent from the student whom the data is about be provided for release of privacy-protected data to third party entities?
Section F, Question 6: How should a legal relationship between the Department and an API developer or any other interested party be structured?
Section F, Question 7: How would a legal relationship between the Department and an API developer or any other interested party affect the Department's current agreements with third-party vendors that operate and maintain the Department's existing systems?
Section F, Question 8: What disclosures should be made available to students about what services are freely available in government domains versus those that could be offered at a cost by a third party?
Section F, Question 9: If the Department were to use a third-party application to engage with the public on its behalf, how could the Department ensure that the Department follows the protocols of OMB Memorandum 10-23?
Section G, Question 1: What benefits to consumers or the Department would be realized by opening what is currently a free and single-point service (e.g., the FAFSA) to other entities, including those who may charge fees for freely-available services and processes? What are the potential unintended consequences?
Section G, Question 2: How could the Department ensure that access to title IV, HEA student aid programs truly remains free, even amidst the potential development of third-party apps that may charge a fee for assistance in participating in free government programs, products, and services with or without providing legitimate value-added services?
Section G, Question 3: What other policy concerns should the Department consider with regard to the potential development of APIs for higher education data and student aid processes at the Department?
Section G, Question 4: How would APIs best interact with other systems already in use in student aid processes (e.g., within States)?
Section G, Question 5: How would Department APIs benefit or burden institutions participating in title IV, HEA programs?
Section G, Question 6: While the Department continues to enhance and refine its own processes and products (e.g., through improvements to FAFSA or the IDR application process), how would third-party efforts using APIs complement or present challenges to these processes?