Student privacy self-management: Implications for learning analytics
1. Student privacy self-
management: implications for
learning analytics
By Paul Prinsloo (University of South Africa) &
Sharon Slade (Open University, UK)
2. ACKNOWLEDGEMENTS
The presenters do not own the copyright of any of the images in
this presentation. We hereby acknowledge the original copyright
and licensing regime of every image and reference used. All the
images used in this presentation have been sourced from Google
labeled for non-commercial reuse
This work is licensed under a Creative Commons Attribution-
NonCommercial 4.0 International License
3. Do students know
• what data we harvest from them
• about the assumptions that guide our algorithms
• when we collect data & for what purposes
• who will have access to the data (now & later)
• how long we will keep the data & for what purpose & in
what format
• how will we verify the data &
• do they have access to confirm/enrich their digital
profiles…?
Image credit: http://commons.wikimedia.org/wiki/File:DARPA_Big_Data.jpg
5. “Providing people with notice, access, and the ability to
control their data is key to facilitating some autonomy in
a world where decisions are increasingly made about
them with the use of personal data, automated
processes, and clandestine rationales, and where people
have minimal abilities to do anything about such
decisions”
(Solove, 2013, p. 1899; emphasis added)
Image credit: http://www.mailbow.net/eng/blog/opt-in-and-op-out/
6. “Providing people with notice, access, and the ability to
control their data is key to facilitating some autonomy in
a world where decisions are increasingly made about
them with the use of personal data, automated
processes, and clandestine rationales, and where people
have minimal abilities to do anything about such
decisions”
(Solove, 2013, p. 1899; emphasis added)
Image credit: http://www.mailbow.net/eng/blog/opt-in-and-op-out/
7. Privacy self-management – not a straightforward strategy…
“Secrets are lies”
“Sharing is caring”
“Privacy is theft”
Terms and Conditions –
the length and the small
print
http://upload.wikimedia.org/wikipedia/com
mons/2/2c/Key_delete.jpg
(Eggers, 2013)
The right to be
forgotten and the
fragility of consent
8. The growth of ‘privacy enhancing technologies’ (PETs)
9. Privacy self-management in an age of sharing…
• “digital promiscuity” (Murphy, 2014)
• From surveillance to sousveillance (Kitchen, 2013)
• The more we give our information away for free and
share indiscriminately, the more we are worried about privacy
(Murphy, 2014)
• If we have not shared it on Facebook, did it really happen?
• Quantified selves versus/and/or qualified selves…
10. Privacy self-management and the (ir)rational individual
• The assumption of rational and informed individuals – far removed
from reality
• “People are also more willing to share personal data when they feel in
control, regardless of whether that control is real or illusory” (Solove,
2013, p. 1887)
• The exchange ratio: Exchanging huge amounts of personal data for
small benefits
• The length, technical and legal terminologies, font type and size used
in TOCs (Bellman, Johnson & Lohse, 2001)
11. Privacy self-management and the virtue of forgetting…
• Almost impossible to comprehend the scope of data collected,
analysed and used, the combination with other sources of
information, the future uses for historical information and the
possibilities of re-identification of de-personalized data
• These various sources of information and combinations of sources
start to resemble “electronic collages” and an “elaborate lattice of
information networking” (Solove, 2004, p. 3)
• The fragility of consent… what may be innocuous data in one context,
may be damning in another
12. What are the implications for higher education and
our use of student data?
How do we respond?
What does our Terms and Conditions (un)cover?
14. 22 million* students in 3 years
10 million* students in 3 years
1 million* students in 2 years
* Figures are estimates
15. The analytical constructs used in the analysis included the
following:
1. Length of TOC
1. Types of data collected – personally identifiable and non-personal
information
1. Methods of data collected
1. Conditions for sharing the collected data
1. Uses of data
1. User access to, responsibility and control of data – opting out is not an
option, duty of care, user responsibility for correctness of data, user
concerns regarding privacy and data use
16. A. Length of Terms and Conditions
• Length: Between 13 pages (5,965 words) (Coursera) and 22
pages (8,565 words)(FutureLearn)
• Number of headings: Between 30 headings and subheadings
(Coursera) to 41 in edX
• Font type (in bold and CAPS): 460 words (edX), 784
(Coursera) and no words in bold and CAPS in FutureLearn
17. B. Types of data collected
Personal Non-personal
edX Provides definition
Registration/verification purposes
Collects and use whatever is provided
✔
Can be used to identify (e.g. IP
addresses)
Coursera No definition
Registration/verification purposes
Collects and use whatever is provided
✔
Can be used to identify
(e.g. IP addresses)
FutureLearn No definition
Registration/verification purposes
Collects and use whatever is provided
May also receive from 3rd parties
Will not use non-personal
data to identify users
18. C. Methods of data collected
Cookies Other
edX ✔ No info
Coursera ✔ “From time to time we may
also use additional methods
of collecting data” (no details
provided)
FutureLearn ✔
Separate Cookie Policy providing overview
of types and list of cookies used
No info
19. D. Conditions for sharing the collected data
With whom Conditions Type of info shared
edX With affiliated
universities
On condition that the
information is treated in
a confidential manner
and protected
Only personal information required to “fulfil the
purpose stated at the time of collection” will be
shared
Coursera
✗ ✗
May use personally identifiable information collected
on the Forums and “may publish this information via
extensions of our Platform that use third-party
services, like mobile applications”
FutureLearn
✗
To users at a fee
✗
20. E. Uses of data
Improve
learning/
service
Individualize
learning
Authentication Other
edX ✔ ✔ ✔ Research
Coursera
(included under
uses)
✔ - ✔ Business
Identifiable info (e.g.
postings) may be
published/reused
FutureLearn ✔ ✔ - Research
Sponsorship
21. F. User responsibility for correctness of data
All three providers make it clear that users have the responsibility to
ensure that the required data provided is correct and current. Users
can/must
• Edit/update
• Maintain
If a user does not guarantee the correctness of information, the use of
service is/may be suspended…
22. Interesting/controversial issues:
• edX states that any forum posts are fully owned by edX in perpetuity and may be
later exploited in whole or in part
• FutureLearn insists that students use real names as identifiers and encourages
users to openly share (with them and with other students) details of their
location, gender and education history to “help other learners get to know you
and help us to tailor the service to suit you”
• Opting out is not an option: All three providers permit users to disallow cookies,
but warn that this may impact negatively on the quality of the service provided
• All three providers provide users an opportunity to raise concerns or question
policy by sending an email
23. What are the implications for learning analytics?
1. The duty of reciprocal care
• Make TOCs as accessible and understandable (the latter may mean
longer…)
• Make it clear what data is collected, when, for what purpose, for
how long it will be kept and who will have access and under what
circumstances
• Provide users access to information and data held about them, to
verify and/or question the conclusions drawn, and where necessary,
provide context
• Provide access to a neutral ombudsperson
24. What are the implications for learning analytics? (2)
2. The contextual integrity of privacy and data – ensure the contextual integrity
and lifespan of personal data
2. Student agency and privacy self-management
• The fiduciary duty of higher education implies a social contract of goodwill
and ‘do no harm’
• The asymmetrical power relationship between institution and students
necessitates transparency, accountability, access and input/collaboration
• Empower students – digital citizenship/care
• The costs and benefits of sharing data with the institution should be clear
• Higher education should not accept a non-response as equal to opting in…
25. What are the implications for learning analytics? (3)
4. Future direction and reflection
• Rethink consent and employ nudges – move away from thinking just
in terms of a binary of opting in or out – but provide a range of
choices in specific contexts or needs
• Develop partial privacy self-management – based on
context/need/value
• Adjust privacy’s timing and focus - the downstream use of data, the
importance of contextual integrity, the lifespan of data
• Moving toward substance over neutrality – blocking troublesome and
immoral practices, but also soft, negotiated spaces of reciprocal care
26. (In)conclusion
“The way forward involves
(1) developing a coherent approach to consent, one that accounts
for the social science discoveries about how people make
decisions about personal data;
(2) recognizing that people can engage in privacy self management
only selectively;
(3) adjusting privacy law’s timing to focus on downstream uses; and
(4) developing more substantive privacy rules.
These are enormous challenges, but they must be tackled”
(Solove, 2013)
27. THANK YOU
Paul Prinsloo (Prof)
Research Professor in Open Distance Learning (ODL)
College of Economic and Management Sciences, Office
number 3-15, Club 1, Hazelwood, P O Box 392
Unisa, 0003, Republic of South Africa
T: +27 (0) 12 433 4719 (office)
T: +27 (0) 82 3954 113 (mobile)
prinsp@unisa.ac.za
Skype: paul.prinsloo59
Personal blog:
http://opendistanceteachingandlearning.wordpress.com
Twitter profile: @14prinsp
Sharon Slade (Dr)
Senior Lecturer and Regional Manager, Faculty of
Business and Law
The Open University, Walton Hall, Milton Keynes,
MK7 6AA, United Kingdom
T: 01865 486250
Sharon.slade@open.ac.uk
Personal blog:
http://odlsharonslade.wordpress.com/
Twitter profile: @SharonSlade
28. References
Bellman, S., Johnson, E.J. and Lohse, G.L. 2001. On site: to opt-in or opt-out?: it depends on
the question. Communications of the ACM, 44(2), 25-27. Retrieved from
http://dl.acm.org/citation.cfm?id=359241
Coursera. 2014. Terms and conditions.
Retrieved from https://authentication.coursera.org/auth/auth/normal/tos.php
edX. 2014. Terms of service (including Privacy policy). Retrieved from
https://www.edx.org/edx-terms-service
Eggers, D. 2013. The circle. Penguin, London, UK.
FutureLearn. 2014. Terms and conditions (including Privacy and Cookie Policy). Retrieved
from https://about.futurelearn.com/terms/
29. References (cont)
Murphy, K. 2014, October 4. We want privacy, but can’t stop sharing. The New York Times.
[Web log post]. Retrieved from http://www.nytimes.com/2014/10/05/sunday-
review/we-want-privacy-but-cant-stop-
sharing.html?partner=rss&emc=rss&smid=tw-nytopinion
Kitchen, R. (2013). Big data and human geography: opportunityies, challenges and risks.
Dialogues in Human Geography, 3, 262-267.
Solove, D.J. (2004). The digital person. Technology and privacy in the information age. New
York, NY: New York University Press.
Solove, D.J. 2013. Introduction: Privacy self-management and the consent dilemma.
Harvard Law Review, 1880 (2013); GWU Legal Studies Research Paper No. 2012-
141; GWU Law School Public Law Research Paper No. 2012-141. Available at SSRN:
http://ssrn.com/abstract=2171018