Data Responsibility

One of ten Digital Ethics in ePortfolios Principles

ePortfolio creators should know where their content and data are stored, who has access to them, how they might be used without those creators’ knowledge, and how much control creators have over them.

Rationale

ePortfolios are digital spaces where students must navigate issues of content and data ownership, privacy, and agency. Informing and advocating for responsible data privacy practices ensures that ePortfolio creators have the freedom to reflect, curate, and contextualize their learning on their own terms. Administrators, educators, staff, and platform providers must engage relevant stakeholders in conversations about data storage, access, usage, and control, including compliance with relevant policies, laws, and regulations.

Stylized database with a check mark

Strategies for applying this principle include…

  • Prioritizing publication tools that balance the ePortfolio creator’s right to privacy and the platform’s sharing capabilities, such as privacy customization and password protection, and familiarizing creators with these options.
  • Identifying and explaining how institutions, platforms, and third parties plan to collect and use portfolio content and / or author data, whether or not creators can opt out of data collection, and how they will be informed of changes to their end user license agreement (EULA).
  • Advocating for platform provider agreements that allow ePortfolio creators to opt out of data collection and clearly articulate data use and sharing, including if the platform goes out of business.
  • Reviewing the Terms and Conditions, Privacy Policy, and other relevant documents of ePortfolio platforms and seeking relevant expert advice if you are uncertain of a platform’s appropriateness for educational purposes.
  • Making the details of end user license agreements accessible to students, specifically those pertaining to data ownership, storage, sharing, and deletion options.
  • Being aware of and complying with global, federal, and state regulations regarding student data use and privacy, such as the General Data Protection Regulations (GDPR), Federal Educational Rights and Privacy Act (FERPA), and other applicable privacy standards.
  • Designing protocols for data collection, maintenance, storage, use, and deletion that protect student data.

Scenarios:

Scenario #1

When you are a first-year student, you are asked to provide a personal memoir in a public-facing ePortfolio in your composition course. You offer a narrative that is personally significant but has coming-of-age elements. Later, when you apply for a position as a high school educator, you realize that this story may no longer reflect the identity you would like to project online. You remove the public access from your portfolio, as the course for which you created it is long over. You do not delete it though, as you want to keep it as a record of your learning. When navigating the process of removing public permissions from your site, you have access to institutional resources that offer guidance. After you follow the directions in these resources, online search for content from this portfolio does not bring up any results.

To sustain a digital presence—but one that better aligns with your current professional identity—you create a second portfolio that includes learning evidence and reflections from your studies that are appropriate to share in your portfolio for employability purposes. You limit the access to that portfolio to your potential employers by providing them with an access token or password, depending on the options your ePortfolio platform provides.

Scenario #2

You are a program administrator and/or staff member who has been asked by your institution to start a campus-wide ePortfolio initiative as part of its Quality Enhancement Plan. Nobody at your institution regularly vets technologies intended for teaching and learning, and you have limited knowledge of ePortfolios and suitable platforms in general. When you gather a committee to consider different ePortfolio technologies, you make a list of priorities: students’ ability to edit and share their ePortfolios both as students and after they leave the institution, universal design practices for creators and viewers, privacy capabilities for authors, and minimal direct cost to students. However, the committee soon realizes it has thought very little about use of student data, which is a big concern.

As a committee, you develop a series of criteria designed to identify acceptable options for student data and privacy. These criteria will help eliminate some potential ePortfolio platforms. These questions include the following:

  • How does the platform use identifiable or de-identified personal information that is collected?
  • Where is data stored, and how is this data protected?
  • Does the platform sell this data to third parties?
  • Is data collected/used/shared for non-authorized purposes?
  • Can authors remove their data, and what is the process by which they do that?
  • How does the platform inform account holders of changes to their end user license agreement (EULA)?
  • Are vendors held to equitable standards for privacy and data collection/storage?

If students choose their own platforms for ePortfolio creation, you provide resources that inform them about potential platforms and how each platform collects, uses, and stores data.

Once your institution adopts an ePortfolio platform, the committee must turn its attention to drafting policies related to the institution’s use of student data.

Scenario #3

You are an undergraduate student. At the start of your studies, you are introduced to the idea of keeping a portfolio to document your learning and progress towards your institution’s graduation requirements. Your institution proposes a platform to use for this purpose.

The Academic Technologies staff member who introduces the platform to all first-year students explains how to use this platform as well as how you can keep your reflections and content private unless you want to share them with specific people.

Before you can use the platform, you are asked to review its Terms and Conditions as well as the Privacy Policy as found in the End User License Agreement (EULA). Unlike with other online sites, you actually read through them in the introductory session and ask the staff member any questions where you do not understand the legal language. You learn where your data is stored, who has access to it, who owns the rights on the content, whether there is any advertisement, and how content on the site is used.

Since you have read some articles about multinational corporations using data generated by the people creating content on their platforms, you check with the Academic Technologies staff member whether that’s also the case with the portfolio tool that your institution selected. You are assured by them that your data is not stored or used by a company to profit and that private data is private and can only be accessed by you until you decide to make it available to teaching staff, fellow students, or others. They outline why a data analytics tool is used and what sort of information is gathered in reports. Using Request Map Generator, you check which other sites the portfolio tool connects to and discuss any concerns you have with Academic Technologies.

Scenario #4: You are the Director of a global online learning program that has recently decided to add an ePortfolio requirement. In researching digital ethics in the globalized world, you come across the General Data Protection Regulations (GDPR). The GDPR document guides data regulations across the European Union (EU), and you believe there is a high probability that students from the EU will be enrolling in your program.

You schedule a meeting with your Provost, Director of Institutional Technology, and legal office to determine (1) the standards and methods the university currently uses to collect student data, and (2) the legal commitment your global online learning program has to meet when international students are enrolled. In collaboration with the legal office, you begin drafting . You obtain a template from the legal office and collaborate with them to develop data collection protocols for the ePortfolio requirement based on the appropriate privacy standards your program must meet.

Resources:

Alim, F., Cardozo, N., Gebhart, G., Gullo, K., & Kalia, A. (2017). Spying on students: School-issued devices and student privacy (p. 49). Electronic Frontier Foundation.

Brown Wilson, C., Slade, C., Kirby, M. M., Downer, T., Fisher, M. B., & Nuessler, S. (2018). Digital ethics and the use of ePortfolio: A scoping review of the literature. International Journal of EPortfolio, 8(2), 115–125.

Charlesworth, A. & Grant, A. (n.d.). ePortfolio and the law: What your organisation should know. University of Bristol Center for IT and Law. http://www.bristol.ac.uk/media-library/sites/law/migrated/documents/kptutguid.pdf

Complete Guide to GDPR. (2020). Proton Technologies AG. https://gdpr.eu/

Consortium for School Networking. (2014). Protecting privacy in connected learning toolkit. Consortium for School Networking.

Cowper, C., & Crompton, M. (2010). VET E-portfolio privacy impact assessment research report. Australian Flexible Learning Framework.

Datig, I., & Russell, B. (2014). Instructing college students on the ethics of information use at the reference desk: A guide and literature review. The Reference Librarian, 55(3), 234–246. https://doi.org/10.1080/02763877.2014.912458

Department for Education (U.K.).(2018, Aug.). Data protection: A toolkit for schools, open beta version 1.0.

Drachsler, H., & Greller, W. (2016). Privacy and analytics: It’s a DELICATE issue a checklist for trusted learning analytics. Proceedings of the Sixth International Conference on Learning Analytics & Knowledge, 89–98. https://doi.org/10.1145/2883851.2883893

European Commission. (2018, Nov. 14). Ethics and data protection. https://ec.europa.eu/info/sites/info/files/5._h2020_ethics_and_data_protection_0.pdf

Future of Privacy Forum, & The Software and Information Industry Association. (2015). K-12 school service provider pledge to safeguard student privacy.

Future of Privacy Forum. (n.d.). Retrieved January 11, 2020, from https://fpf.org

Harris, K. D. (2016). Ready for school: Recommendations for the ed tech industry to protect the privacy of student data. California Department of Justice.

Hearne, S. (n.d.). Request map generator. https://requestmap.webperf.tools

Hocutt, D., & Brown, M. (2018). Globalizing the composition classroom with Google Apps for Education. In R. Rice & K. St. Amant (Eds.), Thinking globally, composing locally: Rethinking online writing in the age of the global internet (pp. 320–339). University Press of Colorado.

Ivanova, M., Marín, V. I., Tur, G., & Buchem, I. (2019). Towards privacy issues in personal learning environments: A conceptual model of PLE privacy. European Journal of Open, Distance and E-Learning, 22(1).

Kimball, M. (2005). Database e-portfolio systems: A critical appraisal. Computers and Composition, 22(4), 434-458.

Luera, G., Brunvand, S., & Marra, T. (2016). Challenges and rewards of implementing ePortfolios through a bottom-up approach. International Journal of EPortfolio, 6(2), 127–137.

Klein, L. F. (2013). The Social ePortfolio: Integrating social media and models of learning in academic ePortfolios. In K. V. Wills & R. Rice (Eds.), ePortfolio performance support systems: Constructing, presenting, and assessing portfolios (pp. 57–74). WAC Clearinghouse.

Lynch, M. (2018, May 21). Ask these 9 questions to determine if your education vendor takes data privacy seriously. The Tech Edvocate. https://www.thetechedvocate.org/ask-these-9-questions-to-determine-if-your-education-vendor-takes-data-privacy-seriously/

Mackrill, D., & Taylor, S. (2008). FlashPort – The next generation in e-portfolios? The use of portable applications as e-portfolio tools in teacher education. Journal of Systemics, Cybernetics and Informatics, 6(6), 80–85.

National Conference of State Legislatures. (2018, October 26). Student data privacy. https://www.ncsl.org/research/education/student-data-privacy.aspx

Newitz, A. (2005, February 17). Dangerous terms: A user’s guide to EULAs. Electronic Frontier Foundation.

Poole, P., Brown, M., McNamara, G., O’Hara, J., O’Brien, S., & Burns, D. (2018). Challenges and supports towards the integration of ePortfolios in education. Lessons to be learned from Ireland. Heliyon, 4(11). https://doi.org/10.1016/j.heliyon.2018.e00899

Privacy Technical Assistance Center. (2016). Protecting student privacy while using online educational services: Model terms of service. U.S. Department of Education.

Refaei, B., & Benander, R. (2019). Affordable technology solutions. Research in Online Literacy Education, 2(1).

Sherpa, FERPA. (2020). The student privacy resource center.

Slade, C., Murfin, K., & Readman, K. (2013). Evaluating processes and platforms for potential ePortfolio use: The role of the middle agent. International Journal of EPortfolio, 3(2), 177–188.

Vejmelka, L., Katulic, T., Jurić, M. & Lakatoš, i.M. (2020). Application of the General Data Protection Regulation in schools: A qualitative study with teachers, professional associates and principals, 43rd International Convention on Information, Communication and Electronic Technology (MIPRO), Opatija, Croatia, pp. 1463-1469, https://doi.org/10.23919/MIPRO48935.2020.9245209

Weebly. (2020). GDPR FAQ. Weebly Support. https://www.weebly.com/app/help/us/en/topics/gdpr-faq

Wix. (n.d.). Preparing your Wix site for GDPR. https://support.wix.com/en/article/preparing-your-wix-site-for-the-gdpr

WordPress. (2018, May 8). The ultimate guide to WordPress and GDPR compliance–everything you need to know. https://www.wpbeginner.com/beginners-guide/the-ultimate-guide-to-wordpress-and-gdpr-compliance-everything-you-need-to-know/

Wuetherick, B., & Dickinson, J. (2015). Why ePortfolios? Student perceptions of ePortfolio use in continuing education learning environments. International Journal of EPortfolio, 5(1), 39–53.