I have a lot that I could talk about here, but rather than working through philosophical arguments for the value of privacy in education, I want to constrain myself to establishing some key points that educators should be mindful of when using Web 2.0 applications in the classroom. I begin by listing a series of factors that organizations should consult to determine if they are collecting personal information, and then follow by talking about the value and importance of privacy statements. I will conclude by providing a brief (and non-comprehensive) list of personal information that educators probably want to keep offline, unless their University can provide granular access to the information.

Is this information personal information?

Pretty well all Web 2.0 tools gather some kinds of data from individuals that use them, be it in the form of email addresses, Internet Protocol (IP) addresses, telephone numbers, messenger names, or social networking information. Before deploying any Web 2.0 technology it is important for organizations to determine whether they are capturing what is identified as ‘personal’ data, and can do so by reflecting on the following factors:

1. How data could be matched with publicly available information, analysing the statistical chances of identification in doing so;
2. The chances of the information being disclosed and being matched with other data likely held by a third party;
3. The likelihood that ‘identifying’ information may come into their hands in future, perhaps through the launch of a new service that seeks to collect additional data on individuals;
4. The likelihood that data matching leading to identification may be made through the intervention of a law enforcement agency, and
5. Whether the organization has made legally binding commitments (either through contract or through their privacy notice) to not make the data identifiable. (Source)

Personal information can be correlated in a fashion that uniquely identifies individuals. Determining how data will be used before first collecting it is important because these uses (as I will get to) need to be made clear in the privacy policy that is displayed alongside Web 2.0 tools. Ultimately, even if the data being collected cannot be traced back to individuals, it is important to create a privacy statement where the organization transparently reveals what information they are collecting and why it is not personally identifiable – this facilitates trust between users and the organization.

Privacy Policies

In essence, privacy policies should express what information is collected, what it will be used for, and how long the organization will retain it. Matured or full-developed policies may be multi-layered, providing an executive summary of the policy and, within the summary, have hyperlinks to the full body of the document. The core elements of privacy policies, as mentioned, revolve around collection, use, and retention of data, but these three ‘simple’ elements are best expanded by adhering to the EU’s Safe Harbour guidelines. These guidelines require organizations that collect information about EU citizens to adhere to the following seven principles, and happen to be particularly helpful in thinking about and developing your own policies:

1. Notice
   Organizations must notify individuals about the purposes they are collecting information for, and how they will use the information. Moreover, individuals be informed as to whom they can contact with enquiries or complaints, the types of third parties that information will be disclosed to, and how individuals can limit the use and disclosure of their information.
2. Choice
   Individual must be given the chance to opt-out of data transfers between the party they contract with and third parties when the purposes of the third-party are incompatible with the original agreement with the data collector made. For sensitive information, individuals must opt-in to the transfer before it can proceed.
3. Onward Transfer
   Any third-party that receives information from the primary data collector must adhere to privacy principles that align with those established in the agreement between the individual and original data collector.
4. Access
   Individuals must have access to the personal information that is stored on them and be able to correct, amend, or delete inaccurate information.
5. Security
   Reasonable precautions must be taken to ensure that individuals’ data is safeguarded from loss, misuse, or the unauthorized access, disclosure, alteration, or destruction of their data.
6. Data Integrity
   Collected information must be relevant to the purposes for which it is to be used – the information that is collected should be targeted, not collected dragnet-style.
7. Enforcement
   Identifiable third-party groups must be able to investigate the implementation of these principles and the regulations that follow from them. There must be obligations to remedy errors, and some form of sanctions must exist that are sufficiently rigorous and onerous that it is not cost-effective for organizations to ignore them. (Source)

Privacy policies are important, but for the purposes of using Web 2.0 tools in classroom environments TAs and instructors don’t need to go to a lawyer to craft an appropriate privacy statement. By responding to each of the above principles in ‘common English’ users of those tools can be notified about how their information will be used. Again, transparency is the goal of privacy statements, and so long as the organization is being reasonably transparent while honouring the principles of safe harbour their privacy policies are likely adequate for casual purposes. (This, of course, may not be the case in all institutions – some may have a privacy officer or privacy counsel for these kinds of situations. In these cases, contact them and have them assist you in developing a privacy statement.)

Finally, privacy statements should be publicly accessible and (likely) should be ‘protected’, insofar as students should not be able to adjust the policy. Like many administrative elements, privacy policies should be the sole purview of the groups that are collecting and using collected data – assuming that this group does not include students, students should not be the ones who get to write the policy (unless, of course, that was a group activity 😉 ).

Keep it Offline!

Safe Harbour provisions only relate to personally identifiable information and businesses that are holding information on EU citizens – as such its principles may not be entirely suitable for crafting a classroom privacy policy. The best way for instructors to avoid potential privacy breaches is to minimize the information that is being collected – only collect what is absolutely needed for the course, exercise some security precautions (i.e. encrypt the database if it happens to reside on a personal computer), and have a clear period of retention that you honour. Educators should probably avoid placing the following in publicly accessible webspaces:

• Phone numbers
• Personally identifiable/tagged pictures
• Home addresses
• Personal schedules
• Social networking information
• Personal experiences that are clearly traceable to the individual (Under this, discussions of a trip to China might not be terribly traceable,whereas linking to a personal blog and pictures that documented the trek could be identifiable.)
• Correlations between students’ names and their student IDs

The above list isn’t intended to be comprehensive, but to establish a few items that probably shouldn’t be gathered at all. If they are collected (in the course of registering to access the Web 2.0 tool, for example) then the privacy policy should clearly identify how the collected information will be used.

I think that wraps up my outlined thoughts for privacy with Web 2.0 tools, though I want to talk about a few more specifics later on this week. Remember – a core element of Web 2.0 technologies revolve around empowering students in the learning process, with involves collaboration and trust. To facilitate trusting relationships, be transparent about what information will be collected and why – building trust follows from the need to banish privileged attitudes that commonly obfuscate the learning and educating processes and allow students to immanently act alongside one another and their teacher.