Thoughts on: Privacy and Cloud-Based Educational Technology in British Columbia
For this commentary, I decided to veer away from the formal assigned readings and instead, focus this response on Victoria Klassen’s Privacy and Cloud-Based Educational Technology in British Columbia. This is a significantly hot topic in B.C. Education, and though Klassen focusses her research on post-secondary institutions, I would argue that this paper is as relevant to the B.C. public school system as it is to universities and colleges around the province.
In her paper, Klassen discusses the precarious balance between the benefits of social media and cloud-based technology in educational institutions, and the risks of implementing such tools. The primary challenge for institutions wishing to utilize social media and cloud-based technologies, is that the Freedom of Information and Protection of Privacy Act (FIPPA) states that, “A public body must ensure that personal information in its custody or under its control is stored only in Canada and accessed only in Canada”. This becomes problematic when we realize that most data-centres for major cloud-based and social media entities are located in the United States, or abroad. This becomes an even greater issue against the backdrop of the Patriot Act of 2001 which gives the U.S. Government access to personal data stored on American servers without the end users’ consent or knowledge.
Many institutions are skirting the FIPPA issue through the gathering informed consent amongst students, or if necessary, parents of students. We need look no further than page 8 of the ETEC540 Prefatory Materials, where we read, “In this course, it is understood that if you freely post your required work on social media sites hosted outside of Canada, then you have in so doing consented to storage of your work in another jurisdiction.” For an example of the lengths to which a local school district has gone to enable cloud-based technologies, one can visit their Cloud Tools site where no less than 24 cloud-based sites are listed along with associated Term of Use documents, and parent consent forms. This then begs the question of why – why are schools going to such lengths to make use of cloud-based and social media tools when there is inherent privacy issues at play?
Klassen points to two major advantages that cloud-based technology has over locally licensed or proprietary systems. The first is feature-rich products with high usability. The second, and perhaps most attractive in this age of budgetary constraints, is simply cost. The basic argument made by schools and instructors is that utilizing cloud-based technologies allows educational institutions to focus their resources on delivering quality education, as opposed to developing and maintaining localized communication and learning systems.
The difficult truth is that the only reason cloud-based technologies are cost-efficient, is that, as Klassen reminds us, “commercial product bought and sold isn’t the social media application itself, rather it is the users themselves and the rich, detailed information they willingly provide online about their consumer habits”. It is, thus, the participating students that are funding the technology systems through the sharing of their personal data – through the sale of their privacy.
At a recent conference I attended, the keynote speaker (and high school principal) indicated that he encourages school-aged students to make regular use of social media tools, and that “if there is a terrorist in my class, I’d like to be informed.” His not uncommon mindset is summarized in, “Those who don’t do bad things, have nothing to hide.” And while I have historically shared that approach in regards to online privacy, Glenn Greenwald give cause for though in his TED talk entitled, “Why Privacy Matters”. In his talk, Greenwald suggests that, “This is a conclusion that we should have all kinds of reasons for avoiding, the most important of which is that when you say,”somebody who is doing bad things,” you probably mean things like plotting a terrorist attack or engaging in violent criminality, a much narrower conception of what people who wield power mean when they say, “doing bad things.” For them, “doing bad things” typically means doing something that poses meaningful challenges to the exercise of our own power.” Greenwald goes on to state that is those who challenge the norms of society, and thus occasionally the exercise of power, that are some of the most important contributors to society. In that, I would have to agree, and be thankful that I live in a province that holds our privacy in high regard.
All of this comes back to the question of the cost vs. benefit of cloud-based and social media in education. Klassen’s article does admittedly little to resolve the issue, or even make concrete suggestions based on her research. She does however quote the recommendations put forward by Vancouver Island University (in conjunction with BCcampus), which call for clearer guidance and direction from the B.C. government when it comes to incorporating new technologies within the FIPPA framework.
I would argue that perhaps the greatest issue is not the need for clearer guidelines, but the need for greater awareness. Awareness of the responsibility for participants to protect their personal information. Awareness of how to keep your information protected. Awareness of reasonable options to storing information on non-Canadian servers. Most importantly, we need to, as technology leaders, remember that student privacy and safety must supersede the ease of use and accessibility of any digital tools. Their personal data is not a commodity for us to trade.
References:
Klassen, V. Privacy And Cloud-Based Educational Technology In British Columbia. 1st ed. Vancouver, B.C.: BCcampus, 2011. Web. 16 Sept. 2015.
Greenwald, Glenn. (2014, October). Why Privacy Matters?[Videofile]. Retrieved fromhttp://www.ted.com/talks/glenn_greenwald_why_privacy_matters?language=en
“I would argue that perhaps the greatest issue is not the need for clearer guidelines, but the need for greater awareness. Awareness of the responsibility for participants to protect their personal information.”
Great post Joshua. During the last 2 or 3 years I have seen a lot of these kind of posts all over social media:
… and I wonder if this is the only, or even an effective way to raise awareness. I have my own biases and opinions of course, but what do you think?
In regards to this standard of “raising awareness”, I think I am glad that Facebook has introduced the “Unlike” button. For the most part, I think they are social media stunts, as opposed to valid awareness building.
More seriously, I am working with a number of districts around BC helping them better understand true digital citizenship,largely based on the works of Mike Ribble. One of the priorities amongst school technology planning teams is centred around Ribble’s ninth theme, Digital Security. Ultimately, there is a commonality amongst teachers that they desire effective ways to make sure that both their students, and themselves (as legal loco parentis) are safe – be it from personal or professional harm.
I am of two minds when it comes to making broad use of social media and cloud-based technologies in the classroom. As both a parent and teacher, I of course want to shelter my children and students from threats (both actual and potential) that lurk around the next click, but I also agree with Danah Boyd who writes in her 2014 book, ‘It’s Complicated: The Secret Lives of Networked Teens’:
“Teens will not become critical contributors to this [Internet] ecosystem simply because they were born in an age when these technologies were pervasive.
Neither teens nor adults are monolithic, and there is no magical relation between skills and age. Whether in school or in informal settings, youth need opportunities to develop the skills and knowledge to engage with temporary technology effectively and meaningfully. Becoming literate in a networked age requires hard work, regardless of age.” Danah Boyd
If this is the case, the protectionist approach is ironically not the most responsible one. Real protection comes through guided exploration, not URL blocking. With my students, as with my own children, I struggle with the same precarious balance as described by Klassen in the original article – where is the tipping point between digital freedom and responsible protection?
I enjoyed reading your post. I have often wondered about the issue of privacy. How much is too much information to be giving out? It is also interesting to think about what is being reviewed and by whom, both on a personal and professional level. Your post helped me realized how privacy is under-appreciated and how people underestimate who has access to their information.
On a professional level, it makes be appreciate what an awesome responsibility it is to work with students and be the gatekeeper (for the lack of a better word) for the activities they conduct while they are in my care. I was previously unaware of the fact that cloud based severs are outsourced and housed out of country. I agree that more awareness is definitely needed so that people explicitly know who has access to their information and for what purpose. My general impression is that most people are not overly concerned that their information is or can be easily monitored by others. Perhaps, as you alluded to in your post, it is because they believe that if they are not doing anything wrong they have nothing to hide.
Many students I believe are learning about the importance of protecting their privacy the hard way. There are countless stories of individuals suffering the consequences of posting personal text and photos that they later live to regret. You have done a great job shedding light on the idea that more awareness is needed about privacy and that the issue runs deep.
Thanks again for sharing your thoughts and ideas!
Thank you for the post. This really made me think about the work that I have done in past courses. I have used a variety of online tools to complete group projects and if I am honest, I have no idea where that information is actually stored. I am not personally worried about my safety or career, but I am concerned about who actually has control of the information that is on the web.
Your post also reminded me of a book I read You Are Not a Gadget by Jaron Lanier (2010). Lanier argues that we put entirely too much on the internet and much of it is not really contributing to the world in a positive way. His suggestion was that we should limit ourselves to one post each day. Our posts should be well thought out. In essence, we are publishing our thoughts on the internet every day and as such we should take more care in what we say so that we are contributing in a more meaningful way. When I consider that much of what we store in the cloud is fairly frivolous, we don’t give it much thought. We should be concerned that our thoughts could be housed in a country where we have no control over who accesses them or what they are used for. This is especially important if we are encouraging or even helping our students to use the could for academic work.
What frightens me the most now is that technology is changing so quickly. My students (grade 5 and 6) already know about vault apps and geolocation based chat apps. As educators we have a moral imperative to teach our children about privacy. We will never be able to keep up to date on the latest technologies that are being developed for our young people so me must give them the tools to make responsible and ethical decisions.
Lanier, J. (2010). You are not a gadget: a manifesto. New York: Alfred A Knopf.