![\"Print\"](\"http:\/\/opentextbc.ca\/teachinginadigitalage\/wp-content\/uploads\/sites\/29\/2015\/01\/Wei-large-line.jpg\")
<\/a>\r\n\r\n[caption id=\"attachment_4058\" align=\"aligncenter\" width=\"755\"]<\/a>\r\n\r\n[caption id=\"attachment_4058\" align=\"aligncenter\" width=\"755\"]![\"\"](\"https:\/\/opentextbc.ca\/teachinginadigitalage\/wp-content\/uploads\/sites\/29\/2015\/01\/Data-protection-1024x557.png\")
<\/a> Figure 9.9.1 Strength of data protection laws. Click on image for more information.![\"Print\"](\"http:\/\/opentextbc.ca\/teachinginadigitalage\/wp-content\/uploads\/sites\/29\/2015\/01\/Wei-2.jpg\")
<\/a>\r\n\r\n'S' too is a change from the earlier ACTIONS model, where 'S' stood for speed, in terms of how quickly a technology enabled a course to be developed. However, the issues previously raised under speed\u00a0have also been included in SECTIONS 'Ease of Use' (Chapter 9, Section 2). This allows 'Speed' to be replaced with 'Security and privacy', issues which have become increasingly important for education\u00a0in a digital age.\r\nTeachers, instructors and students need a private place to work online. Instructors want to be able to criticize politicians or corporations without fear of reprisal; students may want to keep rash or radical comments from going public or will want to try out perhaps controversial ideas without having them spread all over Facebook. Institutions want to protect students from personal data collection for commercial purposes by private companies, tracking of their online learning activities by government agencies, or marketing and other unrequested commercial or political interruption to their studies. In particular, institutions want to protect students, as far as possible, from online harassment or bullying. Creating a strictly controlled environment enables institutions to manage privacy and security more effectively.<\/p>\r\nLearning management systems provide password protected access to registered students and authorised instructors. Learning management systems were originally\u00a0housed on servers managed by the institution itself.\u00a0Password protected LMSs on secure servers have provided that protection. Institutional policies regarding appropriate online behaviour can be managed more easily if the communications are managed 'in-house.'\r\n
Social media companies are almost exclusively based in the United States, where the provisions of the Patriot Act apply no matter where the information originates. The Patriot Act allows the U.S. government to access the social media content and the personally identifying information without the end users\u2019 knowledge or consent. The government of British Columbia, concerned with both the privacy and security of personal information, enacted a stringent piece of legislation to protect the personal information of British Columbians. The Freedom of Information and Protection of Privacy Act (FIPPA) mandates that no personally identifying information of British Columbians can be collected without their knowledge and consent, and that such information not be used for anything other than the purpose for which it was originally collected.<\/span><\/span><\/em><\/p>\r\nConcerns about student privacy have increased even more when it became known that countries were sharing intelligence information, so there remains a risk that even student data\u00a0on Canadian-based servers may well be shared with foreign countries.\r\n\r\nPerhaps of more concern though is that as instructors and students increasingly use social media, academic communication\u00a0becomes public and 'exposed'.\u00a0Bishop (2011<\/a>) discusses the risks to institutions in using Facebook:\r\n Activity 9.9 Security and privacy<\/p>\r\n\r\n<\/header>\r\n <\/a> ‘S’ too is a change from the earlier ACTIONS model, where ‘S’ stood for speed, in terms of how quickly a technology enabled a course to be developed. However, the issues previously raised under speed\u00a0have also been included in SECTIONS ‘Ease of Use’ (Chapter 9, Section 2). This allows ‘Speed’ to be replaced with ‘Security and privacy’, issues which have become increasingly important for education\u00a0in a digital age.<\/p>\n Teachers, instructors and students need a private place to work online. Instructors want to be able to criticize politicians or corporations without fear of reprisal; students may want to keep rash or radical comments from going public or will want to try out perhaps controversial ideas without having them spread all over Facebook. Institutions want to protect students from personal data collection for commercial purposes by private companies, tracking of their online learning activities by government agencies, or marketing and other unrequested commercial or political interruption to their studies. In particular, institutions want to protect students, as far as possible, from online harassment or bullying. Creating a strictly controlled environment enables institutions to manage privacy and security more effectively.<\/p>\n Learning management systems provide password protected access to registered students and authorised instructors. Learning management systems were originally\u00a0housed on servers managed by the institution itself.\u00a0Password protected LMSs on secure servers have provided that protection. Institutional policies regarding appropriate online behaviour can be managed more easily if the communications are managed ‘in-house.’<\/p>\n However, in recent years, more and more online services have moved ‘to the cloud’, hosted on massive servers whose physical location is often unknown even to the institution’s IT services department. Contract agreements between an educational institution and the cloud service provider are meant to ensure security and back-ups.<\/p>\n Nevertheless, Canadian institutions and privacy commissioners have been particularly wary of data being hosted out of country, where it may be accessed through the laws of another country. There has been concern that Canadian student information and communications held on cloud servers in the USA may be accessible via the U.S. Patriot Act. For instance, Klassen (2015<\/a>) writes:<\/p>\n Social media companies are almost exclusively based in the United States, where the provisions of the Patriot Act apply no matter where the information originates. The Patriot Act allows the U.S. government to access the social media content and the personally identifying information without the end users\u2019 knowledge or consent. The government of British Columbia, concerned with both the privacy and security of personal information, enacted a stringent piece of legislation to protect the personal information of British Columbians. The Freedom of Information and Protection of Privacy Act (FIPPA) mandates that no personally identifying information of British Columbians can be collected without their knowledge and consent, and that such information not be used for anything other than the purpose for which it was originally collected.<\/span><\/span><\/em><\/p>\n Concerns about student privacy have increased even more when it became known that countries were sharing intelligence information, so there remains a risk that even student data\u00a0on Canadian-based servers may well be shared with foreign countries.<\/p>\n Perhaps of more concern though is that as instructors and students increasingly use social media, academic communication\u00a0becomes public and ‘exposed’.\u00a0Bishop (2011<\/a>) discusses the risks to institutions in using Facebook:<\/p>\n The controversy at Dalhousie University<\/a> where dental students used Facebook for violent sexist remarks about their fellow women students is an example of the risks endemic in the use of social media.<\/p>\n Although there may well be some areas of teaching and learning where it is essential to operate behind closed doors, such as in some areas of medicine or areas related to public security, or in discussion of sensitive political or moral issues, in general though there have been relatively few privacy or security problems when teachers and instructors have opened up their courses, have followed institutional privacy policies, and above all where students and instructors have used common sense and behaved ethically. Nevertheless, as teaching and learning becomes more open and public, the level of risk does increase.<\/p>\n 1. What student information am I obliged to keep private and secure? What are my institution’s policies on this?<\/p>\n 2. What is the risk that by using a particular technology my institution’s policies concerning\u00a0privacy could easily be breached? Who in my institution could advise me on this?<\/p>\n 3. What areas of teaching and learning, if any, need I keep behind closed doors, available only to students registered in my course? Which technologies will best allow me to do this?<\/p>\n Bishop, J. (2011) \u00a0Facebook Privacy Policy: Will Changes End Facebook for Colleges? <\/a><\/span>The Higher Ed CIO<\/em>, October 4<\/span><\/p>\n Klassen, V. (2015) <\/span>Privacy and Cloud-\u00adBased \u00a0Educational\u00a0Technology in\u00a0British\u00a0Columbia<\/em><\/a> Vancouver BC: BCCampus<\/span><\/p>\n See also:<\/p>\n\r\n \t
9.9.3 The need for balance<\/h2>\r\nAlthough there may well be some areas of teaching and learning where it is essential to operate behind closed doors, such as in some areas of medicine or areas related to public security, or in discussion of sensitive political or moral issues, in general though there have been relatively few privacy or security problems when teachers and instructors have opened up their courses, have followed institutional privacy policies, and above all where students and instructors have used common sense and behaved ethically. Nevertheless, as teaching and learning becomes more open and public, the level of risk does increase.\r\n
9.9.4 Questions for consideration<\/h2>\r\n1. What student information am I obliged to keep private and secure? What are my institution's policies on this?\r\n\r\n2. What is the risk that by using a particular technology my institution's policies concerning\u00a0privacy could easily be breached? Who in my institution could advise me on this?\r\n\r\n3. What areas of teaching and learning, if any, need I keep behind closed doors, available only to students registered in my course? Which technologies will best allow me to do this?\r\n
References<\/h2>\r\nBishop, J. (2011) \u00a0Facebook Privacy Policy: Will Changes End Facebook for Colleges? <\/a><\/span>The Higher Ed CIO<\/em>, October 4<\/span>\r\n\r\nKlassen, V. (2015) <\/span>Privacy and Cloud-\u00adBased \u00a0Educational\u00a0Technology in\u00a0British\u00a0Columbia<\/em><\/a> Vancouver BC: BCCampus<\/span>\r\n\r\nSee also:\r\n\r\nBates, T. (2011) Cloud-based educational technology and privacy: a Canadian perspective<\/a>, Online Learning and Distance Education Resources<\/em>, March 25\r\n
\r\n\r\n \t
<\/a><\/p>\n<\/a>
Image: \u00a9 2019 DLA Piper<\/figcaption><\/figure>\n<\/a><\/p>\n9.9.1 The need for privacy and security when teaching<\/h2>\n
9.9.2 Cloud based services and privacy<\/h2>\n
\n
9.9.3 The need for balance<\/h2>\n
9.9.4 Questions for consideration<\/h2>\n
References<\/h2>\n