On Jan. 1, a new Illinois law known as the Right to Privacy in a School Setting Act went into effect. The new law is part of an effort to end cyberbullying, but perhaps it goes too far at the expense of our privacy rights.

The legislation states that school officials now have the right to take passwords for social media sites and access student account information if there is “reasonable cause to believe that a student’s account on a social networking website contains evidence that the student has violated a school disciplinary rule or policy.”

Searches are not restricted to just computers at school, and can be carried out based on posts from anytime and anywhere, according to the law.

In addition, if a student does not consent, the penalty isn’t a detention–it’s criminal charges.

Ironically, Facebook’s Statement of Rights and Responsibilities–something which all users agree to–explicitly states, “You will not share your password, let anyone else access your account, or do anything else that might jeopardize the security of your account.”

Now I’m going to be very clear: cyberbullying is despicable and has no place in today’s world. There have been many fights, cases of harassment, and even suicides because of what’s been posted online. Attacking someone from behind a screen is disgusting–but this isn’t the way to halt it.

This new law allows administrators to conduct a thoroughly invasive cyber-search of a minor with minimal legal risk to school districts.

In the event of a search, there is no clause in the legislation that allows a student access to police or legal counsel to prevent the search from going too far. Parents are simply notified of the search.

Last time I checked, any accused criminal has a right to a lawyer during questioning. So why don’t students have the right to assistance?

Given the sensitivity of accessible information, the lack of oversight of school districts is dangerous. Electronic searches that begin as an investigation on cyberbullying or drug use can uncover other personal information, such as medical conditions or underage sexual relationships, which can bring a host of other charges.

We have to acknowledge the fact that the vast majority of school administrators would act within the boundaries of the search, but the opportunity exists for someone who may have a hidden agenda to breach the confines of a search and attack a student.

One does not have to look hard to find a case wherein a school official crossed the line.

Recently, a family in Minnesota won $70,000 from a school district following allegations that an administrator coerced a student into giving up their Facebook password after the school claimed she had written mean things about a hall monitor.

It’s one thing to observe what is publicized on social media. Colleges, employers, and schools–who have had their legal jurisdiction expanded significantly in an attempt to reduce bullying and drug problems–have been able to view posts online for quite some time.

That being said, they have never had the ability to perform an invasive search. Coincidentally, some states are now banning practices like this: Oregon has recently passed legislation prohibiting schools from demanding social media passwords, and other states have taken similar action.

We are at a crossroads between the rights of individuals, who want their privacy ensured, and the rights of schools, who want a safe learning environment.

I applaud legislators and school officials for trying to combat the growing problem of cyberbullying–but it can’t be done this way.

Perhaps we teach students to be more accepting of everyone’s differences, starting with the heavily targeted LGBTQ community. Or, at minimum, ensure that searches are only conducted by law enforcement officials.

Here’s my message: students, stop bullying one another. And administrators, please respect one of our most basic rights.