Privacy and Cloud-Based Educational Technology

We offered a web cast of the conference via live stream on April 4. Catch them on our “Video” page.

Final Conference Report – Summary of recommendations

(full version here as 6-page PDF)

Approximately 100 participants from B.C.’S post-secondary institutions gathered at BCIT in downtown Vancouver Monday April 4 to learn about and discuss issues of Privacy and Cloud-based Educational Technology.

Conference participants asked BCcampus to forward a summary of the discussions at this meeting to the Office of the Information and Privacy Commissioner, to assist in identifying mutual issues to form the basis of an ongoing dialogue.

In general, the tone of the conference was one of accepting the responsibility of enhanced freedom at all levels: personal, professional and academic. Most conference participants advocated for closer ties between the “real” and “virtual” world – pointing out that as technology advances and societal norms change, standards of conduct should be the same in each. There was a general sense that the FIPPA legislation, and in many cases institutional policies surrounding digital privacy issues, have not caught up to this paradigm shift.

As we reported in the background paper “Privacy and Cloud-based Educational Technology,” we detected at the conference that the current education environment around this issue is a mix of fear, confusion, indifference, anger and frustration. Many students and instructors find restrictions around use of social media in education absurd given that they are already using the applications for personal use.

We have tried to capture all the recommendations submitted from the small group discussions at the conference accurately (those are the numbered recommendations). Some small group reports, however, were little more than “jot-notes” that were incomplete or lacking the context of the discussion. For the sake of clarity and readability some of those types of submissions were omitted.

Cloud-based educational technologies provide cost savings and open up educational opportunities and practices that improve the quality of education and cannot be achieved any other way. B.C.’s public post secondary institutions want to take advantage of both the cost savings and the educational opportunities but are being constrained from doing so by FIPPA.

Institutions are seeking ways within the bounds of legislation to do both, but the gap between what the legislation says and what many are doing in practice is significant. This creates a need to either:

a) change the legislation;

b) educate practitioners on what is allowed and what isn’t;

c) understand the value proposition associated with practices that don’t comply with legislation;

d) define processes that work within the law;

e) all of the above.

The clearest recommendations heard at the conference encompassed “all of the above” and were as follows:

1. to work with the Office of the Information and Privacy Commissioner and, if possible, the Office of the Chief Information Officer to develop a set of policy guidelines and resources for post-secondary educational institutions (post-secondary sector, as facilitated by BCcampus);
2. to act as a resource, convener and facilitator on this issue for B.C.’s post-secondary system (BCcampus);
3. to review amendment 30.1 of the FIPPA regarding storage and access of personal info to provide provisions to include social media specifically (government).

—-

Why this conference?

Demand for third party web services for academic work is increasing among instructors and students: services like Youtube, WordPress.com and Google apps, just to name a few.

However, there is also concern and confusion in the post-secondary sector that such third-party services may not comply with of B.C.’s Freedom of Information and Protection of Privacy Act (FIPPA) if used in the context of formal academic work.

Many of these sites are free to use and offer powerful web-based tools that can enhance the teaching and learning experience, partly because they are familiar to students and will remain part of their working lives after they leave the institution. For example, in British Columbia right now, students are: posting video assignments to YouTube (a streaming server), using GoogleDocs (a collaborative document editor) to work on group projects, and improving the content of Wikipedia articles, to name a few.

The demand for these types of applications is growing far faster than our ability to service them “in-house.” In order to match the expectations of students and instructors, as well as to take advantage of the real cost savings, some B.C. institutions are looking for ways to bring these services into their teaching and learning processes. Many individual instructors are using social media applications ad hoc, in the absence of similar hosted services in their institutions.

Goals of the conference:

• Discuss potential uses of shared service and cloud-based computing services in the context of FIPPA and the Patriot Act.
• Clarify FIPPA requirements with regard to technology services. What are the essential private data elements? What are the real constraints to using third-party services?
• Share and discuss guidelines that administrators, faculty and staff can consult when determining whether Web 2.0 and social media applications, services and products they want to use are in compliance with FIPPA.
• Describe the legal implications of the FIPPA and US Patriot Act in terms of using web-based services located in the US and/or hosted in Canada by US companies. What are options for ensuring there is no disclosure, without a student’s consent, of personal information?

Intended Audience:

Academic Vice-Presidents, Provosts and Vice-Provosts, CIOs/Directors of IT; Institutional Privacy Officers; Directors of Educational Technology, Librarians.