Documentation:Student Privacy and Consent Guidelines

Up-to-date information can be found on https://lthub.ubc.ca/support/privacy

This page is to support a discussion group among CTLT staff who support faculty in navigating the use of technology to meet learning goals.

Background

Increasingly, UBC instructors are incorporating the use of free, cloud based applications in their learning environments. Privacy Impact Assessments (PIAs) are currently being coordinated through our unit (via Joe Zerdin). This work has mainly centered on integrations in the LMS (Canvas). The PIA includes a technical and a privacy evaluation; the former involves UBC IT and the latter the Privacy Office.

Recently, when we asked for “blanket” approval for our LTI amendment, we were told the following:

“The Freedom of Information and Protection of Privacy Act (FIPPA) requires public bodies such as UBC to conduct a Privacy Impact Assessment (PIA) for all new or substantially modified systems, projects, programs or activities (hereinafter referred to as “Projects”).”

Instructors also need something (language/consent form) which they can use with students to facilitate opt-in/out where cloud based applications are integrated with learning activities. The sticky point is in the requirement for the instructor to provide an equivalent learning experience for students who choose to opt-out.

Current Approach

There is language that has been vetted through UBC Legal that pertains to this situation and we can use with instructors. See below (via Marianne Schroeder - August 2014):

As you know, FIPPA requires that all information about our students remain in Canada, unless there is consent. The Commissioner’s office has indicated that if use of the tool is required for a course, consent cannot be deemed to have been given. Students must be given an option to use an alias.

Please note that use of an alias often requires a negotiation with the service, since most EULAs prohibit their use. This negotiation should be completed centrally.

Cloud-based* tools may be used under the following conditions:

1. Inform students that one of the resources they will be using is located on cloud-based* servers (ideally, in the course syllabus) and during the registration process (so students can take this into consideration before they register).
2. Advise students that they are asked to provide consent to the storage of their personal information (typically their name and email address, but the fields must be specified in the instructions) on the system.
3. If they are concerned about having their personal information stored in the cloud, then they can use an alias.
4. If an alias is used, they will need to inform the instructor of the alias.
5. The instructor must keep a record of the student’s choice to use a generic ID or alias.

• substitute server outside of Canada if more appropriate

Boilerplate Privacy Notice

The tool in question is stored on servers outside Canada. When you access the site, you will be required to create an account. While tool in question adheres to privacy policy link, UBC cannot guarantee security of your private details on servers outside of Canada. Please exercise caution whenever providing personal information. You may wish to use a pseudonym to protect your privacy if you have concerns. Please feel free to contact us at UBC (lt.hub@ubc.ca) or tool in question support team if you have any questions.

Considerations

Standard questions asked of third party providers when setting up integrations:

1. FIPPA concerns

If the integration / application involves sharing of UBC account information to external servers, where are these housed? Due to FIPPA legislature, we are not able to pass identifiable student data to servers outside Canada. Can you provide more information that will satisfy our technical team that the integration can be configured in such as way that no identifiable student data is passed to servers outside Canada?

If the integration does require passing of student data to an outside server, will your terms of use policy accept the use of obfuscated data or pseudonymous data in place of “real” student information?

2. Security concerns

What is the method for transferring account information and student activity, grades etc (if there are any) between your servers and the UBC LT ecosystem? Can you provide details that will satisfy our technical team that these processes comply with appropriate security standards?

Note, if the integration is utilizing LTI, can it deal with mapping to custom Canvas roles (with the exception of students, all our roles are custom).

3. Grade Challenge issues

How can appropriate users access student activity data for evidence in student grade challenges (if the integration involves student activity)? How is access to content on your servers managed, i.e, how can admin staff access content? A particular requirement around student activity data is access to quiz attempt logs on a question by question basis (if there are any). Is this log data available? Can you please let us know the detail level of data that can be reviewed.

4. Analytics concerns

What data is available to feed into our own BI systems for analysis purposes? Does the system provide exportable reports and in what formats?

5. Issues of integrity of UBC course content

We have a requirement to ensure there is integrity to UBC course content (including provided by third parties) for all content for which decisions over student performance are made. What happens to the link between the your environment and UBC’s Canvas courses if UBC archive courses at our end? It is a requirement of FIPPA that content is retained for a year after the course.

6. Destruction of student data requirement UBC will probably require destruction of identifiable student data (if there is any) should UBC cease to utilize the service. Is this option possible?

• What personal info is required? If you are working in the open, you can't require students to use their names (in blog titles as example).
• How will you map aliases to assessed activities?
• What are the ethical considerations in requiring students to use this?

Challenges

• Cloud services - we know that Faculty are using third party tools -
• We can develop some general guidelines for cloud based services used in classrooms - but it may be a challenge for instructors to navigate what cloud services means
• LTI protocols around PIAs should cover general compliance for FIPPA.
• Depending on how applications work, they may not be compliant.
• UBC has had conversations with publishers around FIPPA (ie Pearson)

Other Institutions

BCCampus is currently facilitating a working group to share resources and explore possibilities for development of new approaches to help support a better understanding of privacy issues related to current practice among our institutions.

Some institutions are developing consent forms to be used in classrooms. I have uploaded one currently being piloted at Royal Roads. This may be helpful for our discussion.

• Royal Roads

Potential Case Studies

• Some potential case studies to think about ethical considerations around.

Other UBC pages

• UBC Privacy Impact Statements (PIAS)
• Documentation:Privacy_and_Online_Technology_Resources
• Documentation:Student Privacy and Consent Guidelines/Instructor Use