“… [O]ne of the things about librarians is that they’re subversive in the nicest possible ways. They’ve been doing the Wikileak thing for centuries, but just didn’t get the credit for it. This is what we try to do all the time; we try to reduce the barriers and open up that information.”
– Michael Ridley

Self-identifying as the University’s Head Geek and Chief Dork, Michael Ridley leads a life of the future by reconfiguring access to the past. As Chief Librarian and Chief Information Office of the University of Guelph, Ridley spends his days integrating digital potentialities and the power of imagination with the cultural and historical resources of the library. Seeing the digital as a liminal space between the age of the alphabet and an era of post-literacy, he is transforming the mission of libraries: gone are the days where libraries primarily focus on developing collections. Today, collections are the raw materials fueling the library as a dissonance engine, an engine enabling collaborative, cross-disciplinary imaginations.

With a critical attitude towards the hegemony of literacy, combined with a prognostication of digitality’s impending demise, Ridley’s position at the University of Guelph facilitates radical reconsiderations of the library’s present and forthcoming roles. He received his M.L.S. from the University of Toronto, his M.A from the University of New Brunswick, and has been a professional librarian since 1979. So far, Michael has served as President of the Canadian Association for Information Science, President of the Ontario Library Association, Board member of the Canadian Association of Research Libraries, and Chair of the Ontario Council of Universities. He is presently a board member of the Canadian Research Knowledge Network and of the Canadian University Council of CIOs. He has received an array of awards, and was most recently awarded the Miles Blackwell Award for Outstanding Academic Librarians by the Canadian Association of College and University Libraries. Ridley has published extensively about the intersection of networks, digital systems, and libraries, including “The Online Catalogue and the User,” “Providing Electronic Library Reference Service: Experiences from the Indonesia-Canada Tele-Education Project,” “Computer-Mediated Communications Systems,” and “Community Development in the Digital World.” He has also co-edited volumes one and two of The Public-Access Computer Systems Review. Lately, his work has examined the potentials of post-literacy, which has seen him teach an ongoing undergraduate class on literacy and post-literacy as well as giving presentations and publishing on the topic.

Read the full conversation at CTheory

Other posts you might be interested in:

1. Review: Delete – The Virtue of Forgetting in the Digital Age
2. Publication: Is Your ISP Snooping On You?
3. Public and Private Digital Space

To combat unauthorized distributions, technological solutions such as bandwidth shaping and traffic monitoring need to be implemented. Such solutions need to be integrated with advanced DMCA response practices. Of course, some of the companies that are being courted to meet these demands are those that incorporate DPI into their copyright ‘solutions’. I’ve discussed, generally, how these technologies work on campuses from iPoque’s position when writing about one of the company’s whitepapers. In that post, I wrote,

In essence, ipoque argues that educational institutions should consider deploying DPI to limit their students from consuming bandwidth for infringement purposes, where that bandwidth is needed for other university business. This is an effort to normalize DPI by ‘teaching’ the educated elite that filtering is permissible even in educational environments. If such activities are permissible in a space of academic freedom, then surely filtering practices are permissible outside of these special environments!

The attempts to lean on schools to ‘regulate’ their students is a mode of governance meant to instill a particular, very American, conception of intellectual property and copyright into the hearts and minds of university students. Given the broad implications of American attitudes on these subjects, as well as on the topics of cultural growth and free speech, IT departmentsshould not be the business of deciding whether DPI should come to campus; students and faculty members who are indebted to academic freedom and best able to understand the implications of wide-spread filtering of Internet content should have the first, and final, say about whether these network appliances are permitted onto campus grounds.

I stand by my worry that pervasive analysis of students’ data transfers threatens to normalize persistent analyses of all data traffic, though in this case there is a federal directive that universities are (effectively) obliged to ‘teach’ students that copyright infringement is a ‘serious’ offense. Long-term normative effects may be felt, though this assumes that students won’t quickly find ways to evade any DPI-based solution. Some methods of evasion might include using P2P systems that have proxy-capabilities baked into the systems to obfuscate destination and origin IPs while simultaneously encrypting traffic. Given that students are often at the forefront of counter-surveillance movements (when they impede activities they want to engage in) and the growing ease of using highly sophisticated P2P programs, I have real doubts that it is even possible for network admins to actually limit P2P should intrusive monitoring systems be adopted.

I really see a few things emerging from this act, widely, across American universities:

1. Money will be spent on anti-infringement technologies. Most technologies will be unsuccessful in stopping infringements, but will let schools continue to receive federal funding.
2. Students will quickly find ways around the technologies that have been deployed, effectively nullifying the effectiveness of these technologies.
3. As a result of how students get around these technologies, these same students might ‘get used’ to the idea that all of their data is analyzed and learn just how easy it can be to encrypt and proxy their traffic.

While some might see #3 as a positive (Christopher Soghoian has written about this some in the context of DPI), I worry that this just extends to ‘encryption wars’ that have been ongoing for the past two decades or so without actually addressing the social issues at hand. Do we really want to live in a world of such persistent surveillance? While some people might claim that they have nothing to hide, this doesn’t mean that you trust everyone or that you are willing to disclose how you operate to devices that are not, and will likely never be, perfectly accurate. 70-90% accuracy is great…until you need to spend thousands or millions of dollars to clear your name from an incorrect copyright infringement charge.

It really seems that America (and Canada too, for that matter) must think about surveillance from an ethical, rather than just a legal, framework. Fair Information Principles (FIPs) will ensure that companies meet certain criteria for engaging in surveillance, but do not necessarily ask whether or not they should be engaging in particular kinds of surveillance in the first place. The legal discussion is helpful, but not sufficient, if we’re to genuinely engage with and challenge some of the uses of data analysis/surveillance systems.

Other posts you might be interested in:

1. Thoughts on COUNTER: Counterfeiting and Piracy Research Conference
2. Analysis: ipoque, DPI, and bandwidth management
3. Virgin Media to Monitor Copyright Infringement

At least, that’s the theory.

Three-Strike Copyright and Some Numbers

I’m not going to spend time talking about the digital divide (save to note that it’s real, and it penalises students in underprivileged environments by preventing them from acting as an equal in the digitized classroom), nor am I going to talk about the inherent privacy and security issues that arise as soon as teacher use digital management systems. No, I want to turn our attention across the Atlantic to Britain, where the British parliament will soon be considering legislation that would implement a three-strike copyright enforcement policy. France is in the process of implementing a similar law (with the expectation that it will be in place by summer 2008), which will turn ISPs into data police. Under these policies if a user (read: household) is caught infringing on copyright three times (they get two warnings) they can lose access to the ‘net following the third infringement.

While some may shout ‘it’s about time that we teach those damn thieves some responsibility! Do the crime = do the time!’ I think it’s a good idea to step back for a second. Two recent studies are of particular importance here – I’ll try to provide the ‘raw’ data, but won’t do something as controversial as to try and work out hard numbers with it (I’ve graduated with a philosophy, not a statistics, degrees). So:

We start with a slightly older article released by NDP Group Inc., which informs us that 50% of Mac Users in the US paid to purchase music, whereas only 16% of PC Users do. We then turn to another article, by the same group, we see that at least 26% of 9–14 year olds are using peer-to-peer services (49% are ‘legally’ purchasing music with their parents’ credit cards). It first strikes me that this almost makes it seem like younger children have wider access to Macs, were I to make the clearly erroneous move to compress tween and Mac users’ legal downloads. What strikes me second, and less trivially, is that this means that 26% of students (at least in the US) are ‘illegally’ downloading music.

So, if you’ll grant me the jump that probably at least 20% or more of tweens are downloading music in the UK too (just based on some quick surfing it seems like a fairly conservative number), then after three strikes the family loses their ‘net connection (because I presume that laws like those in the UK and Britain are as granular as to affect households, rather than individualised members of said households). Moreover, if we take some broad statistics we see that for couples they tend to have 1.8 children per family in the UK. (Note: I realize that more granular statistics can be found from National Statistics Online here, but it seems excessive to use NSOs stats for the purpose of a fairly brief blog post.)

What About Sally and 0.8 of Timmy (+ Parents, of course)

Well, when we look at the previous stats  it seems like a lot of public school children are involved in copyright infringement. Bad kids! What it also suggests is that the UK’s plan to move to electronic school records could face some problems if members of the family are caught file-sharing, not to mention all the issues with CMSs, Web 2.0 environments, and so forth; it’s remarkably hard to capitalise on digital technologies if your intended users can’t access them.

Moreover, if cut-offs occur per household then all it takes is mom, dad, and Sally (we’ll assume that part of Timmy’s missing 20% is his ears, so he doesn’t really care about music) to download and get caught once each to be ‘struck out’. Then they can learn:

• No VPN from home.
• No ability to access personal or corporate email.
• No chance to do their banking online.
• No way to easily book plane reservations without incurring extra costs.
• No way to access ‘cloud computing’ resources.
• No way to legitimately participate in the digital world from their homes.

The effect of these laws would identify all members of the household as ‘guilty’, regardless of the respective members’ particular guilt – all will be guilty by association. Family members won’t be permitted to continue as full, participating members of society, even if it turns out that it was only Timmy who was downloading (maybe Sally bullied him, and he knows she loves music so wanted to make her life less pleasant and didn’t consider the larger consequences at the clearly mature age of 8). Fortunately, what laws like this do is recognise that being sensitive to situations and conditions are no more important than addressing law to those who are genuinely responsible for criminal act. I’m hopeful that this kind of lawmaking will lead to more rapid convictions, where when a bank is robbed we simply arrest everyone in the bank on the basis of their proximity to the crime. Preferably we’ll be able to round up those ‘criminals’ without the use of a magistrate of judiciary, just to cut some costs to the social purse, just as the state will be absent in judging the appropriateness of applying a three-strike rule. These laws will have at least two core kinds of benefits:

1. Reduce the number of people sharing music and other copywritten material;
2. Cut down on unsolved or un-prosecutable crimes by removing the overly burdensome process of establishing particularised guilt.

That means that we’ll really be making progress towards solving genuine social ills, right? Besides, it’s best to adopt these kinds of laws as nothing will get children to stop downloading music, right?

Other posts you might be interested in:

1. Copyright and the Blank Media Levy
2. Will Copyright Kill eHealth?
3. Update to Virgin Media and Copyright DPI

One Down?

First, I think that we may have found an online conferencing system that would really make life easy – the Public Knowledge Project provides a FOSS conference system that is really awesome. I’ve used their open Journal system when submitting a paper to a University of British Colombia undergraduate journal (Prolegomena) and it was a really slick system. I think that (for me at the time) the most awesome part of the system was that I could log in and see how far along the process my paper was. It kept me from harassing the journal editors, which I’m confident is a reasonably common problem with other methods of harvesting and selecting papers.

And Many to Go…

Below are some of the challenges that stand before us:

1. How many papers should be selected? How hard is it to ‘weed’ strong from weak applications?
2. We have the option of flying in a prominent speaker; who should it be, and how much time is generally needed for them to make themselves available?
3. How do you actually construct a good call for papers? I’ve read hundreds of them, but never with attention to the specifics of what makes a good and what makes a bad CFP.
4. How do you distribute the call? I’m aware of a few particularly prominent online forums, but what ‘traditional’ avenues exist/should be used?
5. How long do you wait for papers to come in? I’m thinking at least 2-3 months, but I know that sometimes people only have a week or two. How long will it take to select the best papers? Should the call allow for people to submit already harmonized panels?
6. Should a theme be generally cross-disciplinary, or largely focus on ‘hard’ philosophy?

These are just a few of the (non-technical) questions that we’re facing. There was a suggestion that the conference occur around January, but I think I’ve found a better time for it, that will give time to prepare for it and generate synthesis between another graduate conference that (traditionally) has a very low turnout.

I’m planning on recording any momentous shifts/developments surrounding this experience here, both so I have a reference point for later on in my career, and so that I can (hopefully) refer others who are interested in developing graduate conferences here to avoid the mistakes that we will inevitably make and benefit from what worked well. Wish us luck!

Other posts you might be interested in:

1. Conference Presentation: The Ontological Crisis of Melacholia
2. Thoughts on COUNTER: Counterfeiting and Piracy Research Conference

Plato and Shame

I’ve had the distinct privilege of working with students for more than two years now; the past year and a half as a teaching assistant and the time before that as a tutor. When you work with students, you realize that most of them have incredible potential, potential that you can see pent-up inside of them, but potential that they’re either unable to, or afraid to, release and realize. To address the latter concern in the first day of my tutorials this session I talked briefly about Plato and the straight-from-the-text reading of how absurd men appeared when laughing at the women who trained to become philosopher kings alongside men. The point was this: laughter in the classroom threatens to injure your comrades and, more importantly, marks that the person laughing can’t comprehend the purpose/form of laughter – their mirth demonstrates just how little they themselves understand.

I haven’t had a single person (that I’m aware of) be shamed by having other students laugh at them.

The Micro-politics of Shame

The former issue, that of releasing inner potential, I haven’t ‘solved’ (if that’s even possible). Recently what I did find, however, was a particularly insightful blog post by halfanacre. She writes,

Today was my second lecture of the semester. I decided I needed to tell my students that if they were to do good work in my classroom, they would have to be brave. I put a slide up that read: “Read History. Be Fearless.” And then I told them that it was more important to be right than to look right, more important to reach for a full, astounding understanding of a text than to settle for mediocrity. I think I trembled a little. I wanted them to know. I wanted to remind myself. What we do takes courage. It’s not a take bullets kind of courage. It’s personal, private, intellectual. It’s courage all the same.(Source)

I’m uncertain that sharing similar thoughts would necessarily cause my students to realize that they were in a safe environment to realize their potential, but perhaps what it would do would be to acknowledge the challenges in being right, rather than looking it – it is hard to release your potential when in releasing it you appear out-of-step with one’s peers. It recognizes that shame typically emerges as a micro-politic of power that derides the individual from within; external declarations of a person’s shame are far less effective in blocking their communications or reflections. Maybe some kind of combination of my Platonic diatribe in tandem with something resembling that halfanacre did might make educational environments just a bit safer for students to realize their potential in.

Read History

Something that I myself have found in the past 18 months is that in the process of learning history, it becomes possible to see linkages and commonalities in texts that I had thought I was reasonably familiar with. As a result of my readings, I’ve sometimes been able to express myself and add to conversations in ways that (I think) improve the discussion. That said, it’s terrifying when introducing ideas or interpretations that you know are different, that you know deviate from those of your classmates and even the seminar leader. I admit that, in a few cases, a petrifying fear overtakes me, as I question whether what I’m about to suggest is even historically accurate, let alone right. What if it isn’t? What if I’m not right? What if, what if, what if? I try to capture those moments, and save them for later reflection.

Then I jump – I say what I believe to be right, and experience the frenzy of learning that ensues.

No related posts.

Reading 102

We’ve all heard of data-mining; the FBI has been doing it, the NSA has been caught doing it, and corporations are well known for it. Citizens are getting increasingly upset that their personal information is scaped together without their consent, and for good reasons.

What if those citizens used data-mining principles to prepare and filter their reading? Donal Latumahina has eight processes that you can use to get the most out of the books that you’re reading, processes that are guided by the objective to get the greatest possible amount of useful information from the text. It’s amazing what happens when you objectively structure your reading, rather than just letting yourself be carried along by it.

Reviewing OLPC Prototypes

Wayan Vota from the One Laptop Per Child News put up a review of a OLPC notebook about a month ago. He notes that while the children who have been given the notebooks to test have, thus far, had generally positive experiences with it that the target audience (poor underprivileged youths across the world) will not have the same extent of background computer knowledge that Western youths do. As a result, he avoids wild proclamations of the projects necessary success.

I’m hopeful for the project, but have to agree with his conservative approach to the ‘ease’ of repairing the notebooks when something goes wrong with them.

Recording (and Displaying) Digital Content

Video DRM is being impressed onto major commercial operation systems – which means that to play particular movies, your computer has to have a copy protection system installed and activated. These systems prevent individuals from making copies of movies, even if the copy is being made under fair use provisions.

Microsoft’s Vista operating systems has received a lot of bad press for its inclusion of DRM technologies, and that’s perfectly understandable. These technologies are antithetical to free speech, fair use, and basic copyright provisions. As a result of Vista’s press, more and more people have been turning to Apple Computer’s OS X operating system – it lacks these content management systems and is (generally) a more enjoyable and productive computing environment.

What most people don’t realize is that for Apple to support the next-generation media formats such as Blu-ray and HD DVD, the company will have to first implement the AACS DRM scheme before blu-ray disks will play in OS X. OS X and Apple are just as susceptible to market pressures as Microsoft’s Vista operating system, and it will be interesting to see if Apple’s market share and user uptake levels off or drops in light of their ‘betrayal’ of Apple faithful. I think it’s doubtful, based on their willingness to put up with the ‘Fair Play’ DRM scheme that is integrated into iTunes, but it would be nice for Mactards (lingo from Fake Steve Jobs) to experience the same lash as Microtards.

Tags: Technology

Other posts you might be interested in:

1. Recording of ‘Traffic Analysis, Privacy, and Social Media’
2. New RSS feed, ‘Worth Reading’

I was at a TA Conference yesterday, and at the tail end of it one of the presentations was about creating a teaching portfolio and a teaching philosophy. In particular, we were encouraged to save everything from students that pertained to how we taught, as well as copies of course outlines/lecture notes/etc. The idea was that by aggregating all data, especially that from students, we could filter out what we don’t need – it’s easier to filter than to find more data.

This is the exact opposite way that I think that data retention should operate, and I’m not alone. The principles standing behind the EU’s Safehabour, as well as UoG privacy policies, both support my stance that all collected information must be targeted, people whose data is being collected must be aware of why it is being collected, and there must be a stipulation on the duration of time the information must be retained. I’m not really concerned with whether this particular presenter was recommending actions that at the least were in tension with the UoG’s privacy principles – what I’m interested in is whether you would keep all of this information? I can’t, not unless I’m totally up front with students, but I don’t know if that’s just me being particularly paranoid. Is retaining this information common practise in the teaching profession?

No related posts.

Let’s help this hottie find her camera!

Here’s the story (remember that…story).

In Britain a young woman (unfortunately) lost her camera. Some delightful chap decided that, rather than keeping the camera to himself, he’d try to get it back to her. Problem: he didn’t have her name, address, or anything that identified her beyond the pictures on the camera. Solution: post all of the pictures from the camera on Facebook and encourage tons of people to join the group the hopes that someone recognizes her. Problem: the embarrassment of having adult and non-adult pictures of yourself posted on the net.

Now, it turns out that this whole thing was viral marketing – the woman is an adult model and this was intended to promote a particular adult website. Nevertheless, based on the posts in the group that was set up, people saw this as a legitimate way to deliver missing property – many didn’t see anything wrong with deliberately posting pictures of a woman in various states of dress without first receiving her willful consent.

McD’s could own my Facebook?

Let’s say that you’ve been talking back and forth with a business partner or fellow corporate drone about work. Let’s go on to say that you’ve actually talked about work – i.e. you’ve shared work-related information with one another. This might mean that your employer may have a legal right to your Facebook (or other social networking) profile on the basis that it’s corporate property. If you’ve created and/or dominantly maintained the profile at work, then it’s even more likely that courts will rule that it’s a bit of corporate property that you’ve only been ‘renting’. Not knowing your corporate usage policy may have already led you to give away your network profile to your employer. While these laws haven stepped into all nation-states around the globe, one has to wonder if the ruling in the linked article isn’t the beginning of something that will cross into many legal jurisdictions.

On the basis of this, think of the number of fast-food corporations already ‘own’ the profiles of their teen employees.

Mmm…let’s all obsess together!

I’ve recently noted that educators just shouldn’t release pictures of their students unless given a really good reason. I had a reason at the time, and that reason is Allison Stokke. When we post our pictures, we at least do it (hopefully) knowing that it could make us ‘popular’ on the Internet in a matter of hours. This isn’t (as large) an issue for men, but for women becoming ‘Internet famous’ is a dandy way of making one’s life much more challenging. Stokke is effectively harassed, all because some sports blogger decided to post a picture of her without her consent. What right did that blogger have to do this, to do something that has severely impacted Stokke’s life? They didn’t have the right – while freedom of speech might make it legally permissible, her right to a reasonable expectation of privacy was contravened because of the blogger’s thoughtless actions. We need to evaluate the series of rights that people have, and how they cascade, in light of the technological developments of the digital revolution.

The lesson

All of these cases demonstrate the need to educate youth (and their elders) about the ways to use the ‘net. Until we engage in political discourse (from which these norms would be developed) social networking sites will continue to operate according to privacy fiats, rather than legislation that is genuinely sensitive to the new technological landscape. Until we change our privacy archetype, and until we instill that archetype in the minds of digital citizens, problems like those listed above will become increasingly prevalent.

Other posts you might be interested in:

1. Social Networking: The Consumption?
2. On a Social Networking Bill of Rights
3. Education, Social Networks, and Privacy

In many classrooms, instructors and their students develop bonds by becoming vulnerable to one another by sharing personal stories with one another. ‘Vulnerability’ should be understood as developing a rapport of trust that could be strategically or maliciously exploited, though there is not an implicit suggestion that vulnerability will necessarily lead to exploitation. Some of the best teachers and professors that I have ‘revealed’ themselves as human beings – once I saw that they were like me I felt more comfortable participating in the classroom environment. With this comfort and increased participation, I developed more mature understandings of subject material and my personal stances regarding it. The rapports of trust that I developed with faculty led to the best learning environments I have ever experienced.

Hold it….You Like Punk AND Identify as an Orthodox Gay Catholic?!? WTF?!?

Web 2.0 tools let educators and students share large amounts of personal information with the class at large without halting face to face instructional time Set up a group for the class on Facebook, and as students join they are practically invited to look at the information their fellow classmates and the instructor(s) are displaying. Depending on how much information participants reveal on these sites, class members can learn about relationship statuses, dates of birth, religious and philosophical beliefs, favourite movies and books, and see the semi-public conversations their classmates are having. In essence, it is possible for classmates to gather relatively comprehensive digital profiles of their fellows, profiles that could subsequently shape the digital and face to face discussions that emerge over the course of the term. Once an ardent supporter of the NDP learns that they are arguing about the merits of neo-conservative political theory with someone who identifies with far right members of the Reform Party (which has subsequently been merged with the Federal Conservative Party) there is an increased likelihood for the discursive participants to either (a) end the discourse on the basis that ‘there is no hope for this conversation – we just have to agree to disagree, rather than develop a common consensus based on discourse where the better argument guides participants to a consensus’ or (b) they viciously assault each others’ argumentative positions based on partisan political philosophies and are absolutely unwilling to concede that their fellow student has a superior argumentative structure that respects and successfully responses t the differences between in the participants’ initial argumentative positions.

We’re All Friends! Right Guys?

While Facebook and MySpace both project students’ and educators’ personal information almost by default, users can change their privacy settings to prevent the disclosure of their private information. Despite the ability to minimize and shape personal info-transmissions, I would suggest that social networks’ default assumptions that you are adding ‘friends’ who should see your full profile reveals limitations in these networks’ code (which is effectively, in digital environments, like illegitimately posited law). To incorporate classroom functions into an already existing social network educators ought to inform students about how they can alter their privacy settings to minimize the information available to their classmates, but this response to default privacy settings strikes me almost as a stop-gap measure – it tries to shape the network to make it usable in the curriculum, rather than adopting technologies that are already suited (or are sufficiently malleable to become suited) for the purpose of educating. Moreover, by establishing classroom groups on social networking sites the educator essentially requires individuals to be members of the network and of the group – if they are not, there is (at the very least) peer pressure to ‘be like everyone else.’ While some might want to argue that present-day students value privacy in fundamentally different ways than mature educators, or that since most students already belong to these networks requiring the remaining minority to sign up is a minor inconvenience, both of these suggestions are incredibly insensitive to students that are not members of the networking service.

I want to address these two stances in the order I presented them; first that students are not as concerned about their privacy as older generations, and second that it is a minor inconvenience to require students to join networking services so that they can be easily informed of an involved in classroom updates/activities/discussions.

Youth’s Flexible Relationship with Privacy

We hear it all the time. Youth (i.e anyone under the age of old, however the source chooses to define ‘old’) aren’t as concerned about privacy as their elders. They give away their personal information to damn near anyone that asks, so long as they receive something (or might receive something) in return. This is seen in their disclosing personal information to Google, Yahoo!, and/or Microsoft when signing up for free email accounts. Students might post personally identifiable information in public or semi-public forums. They willingly provide accurate geo-location information – which let markets target students with smart-bomb-like accuracy – to receive ‘premium’ digital services. The argument goes that teens are advertising savvy and just don’t give a damn about the ads – they’ll trade away their privacy, and laugh (figuratively speaking) to the bank as companies try to use their information to more effectively target them.

Based on the empirical reality of how students treat their personal privacy, why should educators worry about what social networking sites do with their students’ information? If they students’ aren’t concerned, why should the educators?

As Alex MacGillivray notes in his book A Brief History of Globalization, youth are simultaneously the most willing to embrace, and the most likely to irrationally reject, change. While they love mobile phones, I’ve yet to see a teen-fad erupt over Microsoft’s Origami Project. Email is being abandoned in favour of texting and wall posts, but the content of texts and wall posts resembles conversations that students have been having for decades. I would suggest that, while many students (as well as many of their elders) have a somewhat loose relationship with protecting their digital informational privacy, this relationship is significantly born from their ignorance. As it stands, not a lot of people know other people that have been victims of cyber-crimes – as data theft becomes more prevalent, as cyber-stalkings have more and more sinister long-term effects, an as cyber-bullying intensifies, I think that students (and their elders) will become more mindful of how much information they reveal in digital forms and machine readable text.

Educators have a responsibility to engage students about the norms they hold concerning their digital interactions just as they do concerning their face to face interactions. We all hear philosophy professors talk about hitting dogs, yelling at the elderly, and questioning whether a war can be just or not, but all of these refer to physical/analogue environments and actions. Thus, students are still evaluating the ethical norms involved in kicking puppies, but are not critically evaluating or developing their stances towards identity theft, mass data aggregation, or algorithmically-sponsored discrimination. Especially in post-secondary institutions, where academics are expected to be teaching critical evaluatory processes, educators ought to at least broach the topic of digital privacy. After hearing and participating in public debates about privacy students can develop norms responsible for guiding their personal and public lives, and without such normative investigations and evaluations students are denied the opportunity to critically appraise digital privacy norms, making them vulnerable to sophisticated and matured privacy arguments that are crafted so encourage post-students to relinquish their personal information for a pittance or its worth.

Everyone ELSE is….why aren’t you?

Remember when your mom would ask ‘if everyone else were jumping off a cliff, would you jump with them?’ (I usually responded affirmatively to my mom, just because I wanted to annoy her and was unwilling to concede my arguments based on a colloquial saying.) As an educator, what happens when you require students to disclose their information to third-parties in order to receive the full range of opportunities and services? What if a student has intentionally chosen to not participate in these networks? Do you establish ‘special’ systems to meet their privacy concerns, or just tell them to suck it up (or something in between)?

Really, no matter what choice the educator takes they expose the student to unnecessary pressures and expose them up to experiences of shaming. By shaming, I’m not suggesting that other students or the professor would publicly degrade the student for not participating in the network – they might even admit that the student has good reasons for their decision – but that the student may feel as though they are not fulfilling public normative expectations. When their private norms contrast with public norms students may feel as though they are being personally criticized for not participating in the network, even if no explicit critique ever takes place. Of course, some students will thrive in these situations – they will actively vocalize and explicate their position, perhaps working to subvert the dominant social norms. Many students, however, either would not or could not publicly assert their private normative positions because they fear some kind of public admonition. As a result, these students either ignore the social networking class space (and consequently become a second-class student for not having full access to all classroom environments) or let the public norms to override personal/intimate norms – they give up part of themselves to participate in the class.

Students shouldn’t have to jump off the social networking cliff with the rest of their colleagues, and suggesting that it is only a minor inconvenience is particularly insensitive (and I would argue, wrong). Educators mustn’t expect students to defy their mothers’ wisdom and align personal with public norms just because everyone else has – imagine what their own mothers would say if they proposed this for this students!

Therefore – wikis, blogs, podcasts, classroom forums

In light of the challenges associated with social networking sites I think that they should just be avoided in favour of other Web 2.0 applications. Wikis and blogs limit the amount of information students have to reveal to one another, and educators can set classroom cyber-policies to limit what information is collected and/or shared. While these policies may seem counter-intuitive to the Web 2.0 phenomena (assuming Web 2.0 is loosely defined as a philosophical position that advocates recognizing and embracing student particularities so that students can ‘drive’ the learning process) I would suggest that such policies fundamentally accord with introducing 2.0 into education. While we could let education be guided by technology, technology is most effective when surgically applied. As such, educators can and perhaps should use wikis, blogs, et cetera, but should make sure to use them in a targeted ways. A part of effectively targeting technological resources may involve limiting the particularities that students can express – these limits only relate to class-used tools, so students remain free to extend personal discussions to other social spaces.

As administrators as well as teachers, it doesn’t seem unreasonable to me that educators can institute cyber-policies that limit personal disclosure (though, admittedly, enforcement may be trickier). Am I off base with this position, or right on target?

Other posts you might be interested in:

1. Education, Web 2.0, and Privacy
2. Social Networking – Why We Need to Educate Youth
3. Wikis and Education

Is this information personal information?

Pretty well all Web 2.0 tools gather some kinds of data from individuals that use them, be it in the form of email addresses, Internet Protocol (IP) addresses, telephone numbers, messenger names, or social networking information. Before deploying any Web 2.0 technology it is important for organizations to determine whether they are capturing what is identified as ‘personal’ data, and can do so by reflecting on the following factors:

1. How data could be matched with publicly available information, analysing the statistical chances of identification in doing so;
2. The chances of the information being disclosed and being matched with other data likely held by a third party;
3. The likelihood that ‘identifying’ information may come into their hands in future, perhaps through the launch of a new service that seeks to collect additional data on individuals;
4. The likelihood that data matching leading to identification may be made through the intervention of a law enforcement agency, and
5. Whether the organization has made legally binding commitments (either through contract or through their privacy notice) to not make the data identifiable. (Source)

Personal information can be correlated in a fashion that uniquely identifies individuals. Determining how data will be used before first collecting it is important because these uses (as I will get to) need to be made clear in the privacy policy that is displayed alongside Web 2.0 tools. Ultimately, even if the data being collected cannot be traced back to individuals, it is important to create a privacy statement where the organization transparently reveals what information they are collecting and why it is not personally identifiable – this facilitates trust between users and the organization.

Privacy Policies

In essence, privacy policies should express what information is collected, what it will be used for, and how long the organization will retain it. Matured or full-developed policies may be multi-layered, providing an executive summary of the policy and, within the summary, have hyperlinks to the full body of the document. The core elements of privacy policies, as mentioned, revolve around collection, use, and retention of data, but these three ‘simple’ elements are best expanded by adhering to the EU’s Safe Harbour guidelines. These guidelines require organizations that collect information about EU citizens to adhere to the following seven principles, and happen to be particularly helpful in thinking about and developing your own policies:

1. Notice
   Organizations must notify individuals about the purposes they are collecting information for, and how they will use the information. Moreover, individuals be informed as to whom they can contact with enquiries or complaints, the types of third parties that information will be disclosed to, and how individuals can limit the use and disclosure of their information.
2. Choice
   Individual must be given the chance to opt-out of data transfers between the party they contract with and third parties when the purposes of the third-party are incompatible with the original agreement with the data collector made. For sensitive information, individuals must opt-in to the transfer before it can proceed.
3. Onward Transfer
   Any third-party that receives information from the primary data collector must adhere to privacy principles that align with those established in the agreement between the individual and original data collector.
4. Access
   Individuals must have access to the personal information that is stored on them and be able to correct, amend, or delete inaccurate information.
5. Security
   Reasonable precautions must be taken to ensure that individuals’ data is safeguarded from loss, misuse, or the unauthorized access, disclosure, alteration, or destruction of their data.
6. Data Integrity
   Collected information must be relevant to the purposes for which it is to be used – the information that is collected should be targeted, not collected dragnet-style.
7. Enforcement
   Identifiable third-party groups must be able to investigate the implementation of these principles and the regulations that follow from them. There must be obligations to remedy errors, and some form of sanctions must exist that are sufficiently rigorous and onerous that it is not cost-effective for organizations to ignore them. (Source)

Privacy policies are important, but for the purposes of using Web 2.0 tools in classroom environments TAs and instructors don’t need to go to a lawyer to craft an appropriate privacy statement. By responding to each of the above principles in ‘common English’ users of those tools can be notified about how their information will be used. Again, transparency is the goal of privacy statements, and so long as the organization is being reasonably transparent while honouring the principles of safe harbour their privacy policies are likely adequate for casual purposes. (This, of course, may not be the case in all institutions – some may have a privacy officer or privacy counsel for these kinds of situations. In these cases, contact them and have them assist you in developing a privacy statement.)

Finally, privacy statements should be publicly accessible and (likely) should be ‘protected’, insofar as students should not be able to adjust the policy. Like many administrative elements, privacy policies should be the sole purview of the groups that are collecting and using collected data – assuming that this group does not include students, students should not be the ones who get to write the policy (unless, of course, that was a group activity ).

Keep it Offline!

Safe Harbour provisions only relate to personally identifiable information and businesses that are holding information on EU citizens – as such its principles may not be entirely suitable for crafting a classroom privacy policy. The best way for instructors to avoid potential privacy breaches is to minimize the information that is being collected – only collect what is absolutely needed for the course, exercise some security precautions (i.e. encrypt the database if it happens to reside on a personal computer), and have a clear period of retention that you honour. Educators should probably avoid placing the following in publicly accessible webspaces:

• Phone numbers
• Personally identifiable/tagged pictures
• Home addresses
• Personal schedules
• Social networking information
• Personal experiences that are clearly traceable to the individual (Under this, discussions of a trip to China might not be terribly traceable,whereas linking to a personal blog and pictures that documented the trek could be identifiable.)
• Correlations between students’ names and their student IDs

The above list isn’t intended to be comprehensive, but to establish a few items that probably shouldn’t be gathered at all. If they are collected (in the course of registering to access the Web 2.0 tool, for example) then the privacy policy should clearly identify how the collected information will be used.

I think that wraps up my outlined thoughts for privacy with Web 2.0 tools, though I want to talk about a few more specifics later on this week. Remember – a core element of Web 2.0 technologies revolve around empowering students in the learning process, with involves collaboration and trust. To facilitate trusting relationships, be transparent about what information will be collected and why – building trust follows from the need to banish privileged attitudes that commonly obfuscate the learning and educating processes and allow students to immanently act alongside one another and their teacher.

Other posts you might be interested in:

1. Web 2.0 and Education
2. Education, Social Networks, and Privacy
3. Brief Thoughts on Blogging and Education