student vulnerability, agency, and learning analytics: an … · 2017-02-27 · student...

(2016).Studentvulnerability,agency,andlearninganalytics:Anexploration.JournalofLearningAnalytics,3(1),159–182.http://dx.doi.org/10.18608/jla.2016.31.10

ISSN1929-7750(online).TheJournalofLearningAnalyticsworksunderaCreativeCommonsLicense,Attribution-NonCommercial-NoDerivs3.0Unported(CCBY-NC-ND3.0) 159

Student Vulnerability, Agency, and Learning Analytics: An Exploration

PaulPrinsloo

UniversityofSouthAfrica,[email protected]

SharonSladeTheOpenUniversity,[email protected]

ABSTRACT:Inlightofincreasingconcernsaboutsurveillance,highereducationinstitutions(HEIs)cannot afford a simple paternalistic approach to student data. Very few HEIs have regulatoryframeworksinplaceand/orshareinformationwithstudentsregardingthescopeofdatathatmaybecollected,analyzed,used,andshared.Itisclearfromliteraturethatbasicoptinginoroutdoesnotsufficientlyaddressmanyofthecomplexissuesinthenexusofprivacy,consent,vulnerability,and agency. The notion of vulnerability (institutional and individual) allows an interesting anduseful lenson the collectionanduseof studentdata. Thoughboth institutional and individualvulnerabilityneedtobeconsidered,thispaperfocusesspecificallyonstudentvulnerability.Inthisconceptualarticle,weexplorestudentvulnerabilityinthenexusbetweenrealizingthepotentialoflearninganalytics;thefiduciarydutyofHEIsinthecontextoftheirasymmetricalinformationandpowerrelationswithstudents;andthecomplexitiessurroundingstudentagencyinlearninganalytics.ThisarticleexpandsonanearlierframeworkdevelopedbyPrinslooandSlade(2015).Itaimstoexplorewaystodecreasestudentvulnerability,increasetheiragency,andempowerthemasparticipantsinlearninganalytics—movingthemfromquantifieddataobjectstoqualifiedandqualifyingselves. Keywords:Agency,ethics,informedconsent,learninganalytics,optout,optingout,vulnerability

1 INTRODUCTION “Anewexpositoryofpowerconstantlytracksandpiecestogetherourdigitalselves.Itrendersuslegible

toothers,open,accessible,subjecttoeveryone’sidiosyncraticprojects—whethergovernmental,commercial,personal,orintimate…Anditdoessowithourfullparticipation.”(Harcourt,2015,p.15)

Amidstthecurrenthypearoundbigdata(e.g.,Boelstorff,2013)presenting“aparadigmshiftinthewayswe understand and study ourworld” (Eynon, 2013, p. 237), there are a number of authorswho flagconcerns around the “neutrality” of data and algorithms (Boyd & Crawford, 2013; Crawford, 2013;Danaher,2014;Gitelman,2013;Marx,2001;Marx&Muschert;2007;Mayer-Schönberger&Cukier,2013;Morozov,2013;Pasquale,2015), thepossiblenegative impactsofdiscrimination (Henman,2004), theincreasingsharingofinformationbyindividuals(Solove,2001,2004,2013),thequantifiedself(Boam&Webb,2014;Carney,2013;Lupton,2014a),privacy (Lanier,2013;Marwick,2014;Solove,2002,2013;



Tene&Polonetsky,2012),and thegovernanceofdata (Slade&Prinsloo,2013;Stiles,2012;Totaro&Ninno,2014).Thecollection,analysis,andsharingofdatabyarangeofstakeholderssuchasgovernment,commercialenterprises,andincreasinglywithineducation,foregroundstheissueofdisclosureandthevarietyofoptionsforuserstooptinorout(ifprovidedtheopportunity)(Crawford&Schultz,2013;Lane,Stodden, Bender, & Nissenbaum, 2015;Miyazaki & Fernandez, 2000; Ohm, 2010; Solove, 2013). Thetensions inherent inthenexusbetweenprivacy,bigdata,andthepublicgoodraiseanumberof (yet)unanswered questions: “Privacy and big data are simply incompatible and the time has come toreconfigurechoicesthatwemadedecadesagotoenforceconstraints”(Laneetal.,2015,p.xii).Inthecontextofhighereducationinstitutions(HEIs),studentdata(inavarietyofformats)hasalwaysbeenusedtoinformpolicy,admissionrequirements,pedagogy,andresourceallocation(Prinsloo&Slade,2014;Prinsloo,Archer,Barnes,Chetty,&VanZyl,2015).Morerecently,thegrowthofonlinelearningandtheavailabilityofdigital studentdata (real-timeandhistorical)havecontributed to theemergenceoflearninganalytics.However,theasymmetricalnatureofthepowerrelationshipbetweenstudentsandtheirhighereducationinstitution(Swain,2013;Watters,2013)makesstudentsmorevulnerable.Intheirenthusiasmtoadoptnewpractice,thereisadangerthatsomeHEIsforgetthattheprimaryaimoflearninganalyticsistobetterunderstandandsupportlearning(Gašević&Siemens,2015).Within learninganalytics, there iscomparatively littlediscussionaround issuesofstudentdataprivacyandconsent(Slade&Prinsloo,2013)andstudentperceptionsandagencyregardingtheharvestingandanalysisof theirdata (Kruse&Pongsajapan,2012). This is in somewhat stark contrast to thebroaderdiscoursesandconcernssurroundingtheincreasingsurveillancebygovernmentandcommercialentities(Bauman&Lyon,2013;Carney,2013).Given the variety of emerging theoretical frameworks and practices in learning analytics in highereducation,acriticalengagementwiththepracticesofdisclosureandoptinginoroutofthecollection,use,analysis,andsharingofpersonalandlearningdataseemsparamount.Inthispaper,weaimtoengagewith the issueof studentdataprivacyself-management fromtheperspectiveofstudentvulnerability.Againstthisbackground,andspecificallyinthecontextofissuesinformingdisclosure,weadoptthenotionofvulnerabilityasan interpretive lens toconsider thecontrolandchoicesavailable tousersofdigitalnetworks(e.g.,Mackenzie,Rogers,&Dodds,2014).Inthisconceptualpaper,wefirstexplorethenotionofvulnerabilityasaheuristic lenstoengagewithissuessurroundingprivacyandstudentprivacy,self-management,andagency.2 VULNERABILITY AS AN INTERPRETIVE LENS The Latinword “vulnus”means “wound” and to be vulnerable is “to be fragile, to be susceptible towoundingandtosuffering;thissusceptibilityisanontologicalconditionofourhumanity”(Mackenzieetal.,2014,p.4).Itisimportanttonotethatvulnerabilityrefersnotonlytotheexposureofindividualsto



riskbutalsotoexperiencesofvulnerabilityininstitutionsofhigherlearning(Fineman,2008)andwithinbroadersociety(see,forexample,Baumann,2007).Whilethefocusofthisarticleisspecificallyonstudentvulnerabilityinthecontextof learninganalytics, itwouldbedisingenuoustoforgetthatHEIsalsofacepotentialrisksinexploiting,ornotexploiting,studentdata.Thesepositionsareinevitablyintertwinedinways that lead tocompetingclaimsabout the risksandethical challenges in theusesof studentdataversusthecomplementaryandpotentiallybeneficialusesofthatdata.WhileitfallsoutsidethescopeofthearticletoexplorethevulnerabilityofHEIs,wewouldliketobrieflyillustratetheinterwovenandoftenmutuallyconstitutivevulnerabilitiesofHEIswiththevulnerabilityexperiencedbystudents.2.1 A Brief Introduction to the Notion of Vulnerability Establishing vulnerability as a lens recognizes, as Finemanputs it, that “we are positioned differentlywithinawebofeconomicandinstitutionalrelationships,[and]ourvulnerabilitiesrangeinmagnitudeandpotential at the individual level” (2008, p. 10). Fineman suggests that “privileges and advantagesaccumulate across systems and can combine to create effects that are more devastating or morebeneficialthantheweightofeachseparatepart.Sometimesprivilegesconferredwithincertainsystemscanmediateorevencanceloutdisadvantagesconferredinothers”(2008,p.15)resultinginindividualsbeingperpetuallycaughtupindynamicandinteracting“websofadvantagesanddisadvantages”(p.16).Thisdoesnotprecludetheviewthatcertainindividualsandgroupsare“morethanordinarilyvulnerable”(Sellman quoted by Mackenzie et al., 2014, p. 2; see also Fineman, 2008; Maringe & Singe, 2014).Vulnerabilityasontology“stressesthewaysthat inequalitiesofpower,dependency,capacity,orneedrendersomeagentsvulnerabletoharmorexploitationbyothers”(Mackenzieetal.,2014,p.6).The classification of students according to their vulnerability, risk, and need for support and also thepotential for a return on investment forms the nexus of learning analytics and the practical need toallocateavailableresourcestodeliverthatidentifiedsupport.Prinsloo&Slade(2014)haveconsideredthetensionbetweenseeingwhatmightbedoneandknowingthelimitationsofwhatcanbedoneandrefer to thisaseducational triage. Inclassifyingmedicaldisorders inpatients,Wardropesuggests thatsuch classification may in itself be a “form of epistemic injustice that prevents people having thehermeneutical resourcesavailableto interpretandcommunicatesignificantareasof theirexperience”(2015,p. 314). That is, insteadofhelping, the classificationofpatients—and in the caseof learninganalytics,students—mayresemble“iatrogenesis,”wherebyanactionintendedtohelpanindividualhasanunplanneddetrimentaleffect.Mackenzie et al. (2014) distinguish between two sources of vulnerability— inherent and situational.Inherentvulnerabilitiesarethoseintrinsictothehumanconditionandmaydependonfactorssuchasage,gender, race, and disability. In the context of learning analytics, adopting classification schemesincreasinglyrelyingonalgorithmsthatfocusonspecificmarkers,suchaslogins,time-on-task,etcetera,butalsocombinethesemarkerswithage,gender,race,and/ordisability,mayinadvertentlyamplifytheinherentvulnerabilityofsomestudents.



Situationalvulnerabilityresultsfromaspecificcontext,suchasthepersonal,social,oreconomicstatusofanindividualorgroup,andmaybeshort-term,intermittent,orenduring.Thescope,duration,andextentoftheimpactofsituationalvulnerabilitiesmayinpartdependonindividuals’resilience.Examplesofthelinkagesbetweensituationalvulnerabilityandlearninganalyticsincludechangestostudents’personallife-worldsdueto(temporary)financial,family,orotherchanges,whichmaybeexacerbatedbylearninganalyticspermanentlyclassifyinganindividualinaparticularriskcategory—disregardingthesituationalnatureofthevulnerability.Withavarietyofstakeholders(e.g.,faculty,administrators,andstudentsupportstaff)havingaccesstostudentdata,howdoestheinstitutionensurethatdecisionsbasedonthisdatahave,forexample,sufficienttime-specificcontext?Ontheotherhand,whatisthepotentialoflearninganalyticstoactuallyrevealthesesituationalvulnerabilitiesandsotriggerappropriateinstitutionalresponsestosupportstudents?Whataretheboundariesbetweenusinglearninganalyticstoidentifyandaddressvulnerabilitieswithoutbeingpatronizinganddisregardingthe(relative)autonomyofstudents?Mackenzie et al. (2014, p. 8) further suggest twodifferent states of vulnerability—dispositional andoccurrent.Thedispositional–occurrentdistinctionreferstostatesofpotentialasopposedtoactual.Inthecontextoflearninganalytics,thisreflectstheresponsetoinformationthatnotestheexistingsituation(astudenthasnotsubmittedarequiredassignment)andaprediction(basedonotherstudentbehaviourslikethis,wemightpredictthelikelihoodofastudentsubmittingtheirassignment).Mackenzieetal.(2014)suggestthatthereisamoralobligationtosupportthoseidentifiedasoccurrentlyvulnerableandtoreducetherisksofdispositionalvulnerabilitiesbecomingoccurrent.Theirviewisthattheoverridingresponsibilityinresponsetoidentifyingvulnerabilityistorestoreautonomytotheindividual.Inthecontextoflearninganalytics,thispotentiallytranslatesintogivingstudentstheinformationneededtomakeinformedandsupported choices rather than taking amore paternalistic perspective andmaking decisions on theirbehalf.2.2 Institutional Vulnerability The nature and pace of change in (inter)national public higher education is (possibly) unprecedented(Altbach, Reisberg, & Rumbley, 2009; Carr, 2012; Christensen, 2008). Not only is the public highereducation sector faced with changes in student profiles, funding regimes, a dramatic increase inprivatizationandinternationalization,andgreaterdemandforempiricalresearch,butitisalsofacedwiththeemergenceofnewprovidersandthe increasingconvergenceofvariousformsofhighereducation(Altbachetal.,2009;Watters,2012).According toWatters (2012), there is increasingevidenceof the“unbundling” of higher education, with curriculum development, course delivery, teaching, studentsupport,assessment,andaccreditationbeingdesignedandoftendeliveredbydifferentproviders.Thisfragmentation of the different elements of higher education is not necessarily negative, but it doeschallengemany assumptions and beliefs about knowledge production and knowledge dissemination,questions the traditional roles of faculty, interrogates intellectual property regimes, and challenges



organizationalstructuresandfundinghierarchies.Itisnolongerbusinessasusualforhighereducation.Theobsolescenceofsomecurricula,assessmentstrategies, facultyexpertiseandroles,andtraditionalformsofhighereducation is becominganew reality.Amidst funding cuts and increasing competition(Altbachetal.,2009), fundingfollowsperformanceratherthanprecedes it,necessitatingtheneedforevidenceoftheeffectivenessofteachingandlearning(Howard,McLaughlin,&Knight,2012;Schildkamp,Lay,&Earl,2013).Inthiscontext,HEIsareincreasinglyvulnerableandmustoptimizetheiruseofdata,inparticularstudentdata (Baker&Siemens,2014;Gašević&Siemens,2015;Prinsloo&Slade,2015). Though studentandlearningdatacanbeusedformanypurposes(Gašević&Siemens,2015),HEIshaveafiduciarydutytoensure that they harvest, analyze, and use it with a view to improving students’ chances of success(Prinsloo&Slade,2014).Ironically,thecollection,analysis,anduseofstudentdatahavethepotential,insomecases,toincrease,ratherthandecreasethevulnerabilityofstudents(apointtowhichwewillreturnlater).2.3 Vulnerabilities in an Era of Pervasive Surveillance Astechnologycontinuestoadvanceandwemakegreateruseofmobiledevices,thereisevidenceofaparallel increase in thecollection,analysis,anduseof individuals’digitaldata (Bauman&Lyon,2013;Gangadharan,2012;Mayer-Schönberger,2009;Mayer-Schönberger&Cukier,2013;Solove,2004).Manyauthorssuggestthatasthisactivityproliferates(oftenwithouttheknowledgeofindividuals),thepotentialfor harm and discrimination increases (Gangadharan, 2012; Henman, 2004; Lazar, 2015; Lyon, 2015;O’Connell,2016).Sincevulnerabilityinthedigitalcontextdependsonourunderstandingofthenotionofprivacy,itisusefultobrieflyexplorethefourcategoriesofprivacyproblemsproposedbySolove(2006).Table1(below)usesSolove’staxonomyofprivacytoillustratethepotentialforincreasingindividuals’vulnerability.

Table1:Solove’sprivacytaxonomy(2006)andindividualvulnerability.TAXONOMYCATEGORY

ELEMENT IMPLICATIONSFORVULNERABILITY

Informationcollection

Surveillance

Solovemakesclear thatsurveillance (whethercovertor transparent)shouldnotbeassumedtobeautomaticallyharmfulandthatsomesocialcontrolcanbebeneficial.However,thepotentialforharm,misuse,wrongfuldownstreamuse,lackoftransparency,etc.,suggeststhatthe“attentivegaze”(2006,p.499)of many unknown institutions and entities inherently results in increasedvulnerability.

Interrogation “Interrogation isthepressuringof individuals[whether indirectlyorthroughcoercion]todivulgeinformation”(Solove,2006,p.477). Interestingly, inthelightofwhatPayne(2014)calls“digitalpromiscuity,”wealsoneedtopointtothe ways in which individuals freely provide personal information (albeit



TAXONOMYCATEGORY


specifictoaparticularcontext).Thescopeandroleofthecoerciveandnudgingnature of online platforms that encourage information sharing (see, forexample, Marx & Muschert, 2007; Raynes-Goldie, 2010) adds anotherdimensiontothelinkbetweeninterrogationandvulnerability.

Informationprocessing

Aggregation While there are examples of the benefits of aggregation, the compiling ofdigital profiles from a range of disparate sources and databases alsoexponentiallyincreasesthepotentialformisinterpretation,misuse,erosionofcontextual integrity of data, and resulting discrimination (Henman, 2004;O’Connell, 2016). Individuals share pieces of information on disparateplatformsandwhenthesedifferentpiecesofinformationarecombined,the“wholebecomesgreaterthantheparts”(Solove,2006,p.507).

Identification Identificationislinkedtoaggregation(above)andconnectsaggregatedprofilestoaspecific individualorgroupof individuals.Thismayalsoallowpotentialbenefits,suchasensuringaccountability,etc.

Insecurity Examplesof insecurity (lackof security) include issuesaround identity theftanddistortion (whereby an individual’s record canbecomepolluted). Somemayfocusondisclosure(theactualleakageofinformation)astheunderlyingissue,butinsecuritycomesfrombeingplacedinaweakenedstate,ofhavingincreasedvulnerabilitytoarangeoffutureharms.

Secondaryuse Whereinformationisusedforpurposesotherthanfortheoriginalpurposeforwhichtheinformationwasshared.

Exclusion Inthecontextofvulnerability,exclusionreferstoalackoftransparencyaroundpersonalinformationstoredandaninabilitytoamendthatinformation.

Informationdissemination

Breachofconfidentiality

Vulnerabilityresultingfromabreachofconfidentialityreferstotheviolationoftrust.

Disclosure Individualsmakedecisions(howeverarbitrarily)onwhatinformationtoshareunderwhatcircumstancesandwithsomeconsiderationofcontext.Todiscloseinformation out of these contexts and without specific knowledge andpermission to do so increases the scope and impact of the vulnerabilityexperiencedbythe individual.Forexample,wemightshareourpersonalorpoliticalviewsaspartofaprivateconversation,butmightprefernottohavethose attributed to us in a public forum. The potential for disclosure thusincreasesvulnerability.

Exposure Solovestatesthat“Unlikedisclosure,exposurerarelyrevealsanysignificantlynewinformationthatcanbeusedintheassessmentofaperson’scharacterorpersonality” (2006,p.477).Though it revealsnothingout-of-the-ordinary, itrevealssituationswherewearevulnerable,weak,andindisputablyhuman.Inan age of “digital promiscuity” (Payne, 2014) it is clear that individuals canexpose themselves on social media platforms or mobile technologies.Excludingtheoriginalactofself-exposure,thepotentialsharingandre-useoftheseactsexponentiallyincreasevulnerability.



TAXONOMYCATEGORY


Increasedaccessibility

With the increasedscopeandreachof the“elaborate latticeof informationnetworking”(Solove,2004,p.3),ithasbecomemucheasiertoaccesspublic-domaininformation.Solove(2006)suggeststhattheissueatstakeisnotthebreachofconfidentiality,buttheincreasedeaseinaccessinginformationthatisalreadyavailable.Whiletherearealsobenefitstoincreasedaccessibility—forexample,accesstoscholarlyworksandprofiles,andprofilingforspecificjobs—itisfairtosaythatthereisalsopossibleharmtoindividuals.

Blackmail “The harm is not in the actual disclosure of information, but in the controlexercisedby theonewhomakes the threatover thedata subject” (Solove,2006,p.543).

Appropriation This refers to the appropriation of someone else’s identity, personality, orintellectuallabour,presentingitasone’sown.

Distortion “Distortionisthemanipulationofthewayapersonisperceivedandjudgedbyothers, and involves the victim being inaccurately exposed to the public”(Solove, 2006, p. 550). The result of both distortion and disclosure isembarrassment,stigma,andreputationalharm.

InvasionInterestingly,Solove(2006)notesthatinvasiondoesnotalwaysinvolveinformation

Intrusion

Similartosurveillanceinmanyways,intrusiontakesthisastepfurthersothattheindividualbecomesawareofandaffectedbythepresenceoractivitiesofothers.Itmightbearguedthatthemaintenanceofadigitalprofileinanonlinecommunity actively invites the gaze of others (Dennis, 2008; Solove, 2004;Weber, 2015) in the context of sousveilance and the “participatorypanopticon”(Dennis,2008,p.347).However,wemighteasilyrecognizethevulnerabilityassociatedwithanunsoughtoroffensiveresponsetoapubliclyavailableactionorpost,forexample.

Decisionalinterference

This refers to institutional interference inpersonaldecision-making, suchaspaternal jurisdiction on the upbringing of children. Decisional interferencecompromisesindividuals’autonomytomakedecisionsandtakeresponsibilityforthosedecisions.Withinthehighereducationcontext,itmightthenrelatetotherestrictionofoptionsavailabletothestudentbasedontheiravailabledata.

Table1illustratesthemanywaysinwhichthenotionofvulnerabilityiscloselylinkedtodifferentproblemsconnectedtounderstandingandregulatingprivacy.Thetaxonomymakesclearermanyofthenuancesinprivacyandhelpsustobetterunderstandhoweachelementofprivacyhasthepotentialforharmandbenefit,whichinturneitheramelioratesorexacerbatesvulnerability.2.4 Student Vulnerability Within the context of the increasing quantities of data, standardized formats of educational data,increasedcomputationalpower,andavailabilityofarangeofanalyticaltools(Baker&Siemens,2014),



studentsareincreasinglyexposedastheystudyonlineandareconfrontedbytheall-pervasivegazeoftheir institution (Knox,2010).Though the intentionof collectingandusing studentdataarguably fallswithinthescopeofthefiduciarydutyofhighereducation,itisincreasinglypossiblethatstudentdatamaybealsousedinappropriatelyandunethically,furtherincreasingthevulnerabilityofstudents(Prinsloo&Slade,2015).Researchonstudentsuccessandretentionusingthelensofstudentvulnerabilityisrareandthenotionofvulnerabilityismostlyimpliedinissuessuchasunder-preparedness,risk,deficiencymodels,andsoforth(Maringe&Sing,2014;Subotzky&Prinsloo,2011).Thenotionofvulnerabilityisgenerally“under-theorised”(Mackenzieetal.,2014,p.2)and“raisesnewissues,posesdifferentquestions,andopensupnewavenuesforcriticalexploration”(Fineman,2008,p.9).Currenttheoreticalthinkingincludesthenotionthatvulnerabilityisnotonlyakeycharacteristic,butalso a defining characteristic of all human life. Recognizing the scope and impact of vulnerabilityfurthermore goes beyond anti-discrimination and strategies to ensure equal opportunities for all.Vulnerability as heuristic lens suggests that equal opportunities and the emphasis on equality do notaddress“institutionalarrangementsthatprivilegesomeanddisadvantageothers.Itdoesnotprovideaframework for challenging existing allocations of resources and power” (Fineman, 2008, p. 3). It ispreciselytheimpactofthese“institutionalarrangementsthatprivilegesomeanddisadvantageothers”thatillustratetheneedandprovidetherationaleforexploringstudentvulnerabilityaslens.Whilelearninganalyticsattemptstoaddressthevulnerabilityoftheinstitutionandofstudentsthroughtheidentificationofpotentialpitfallsandrisksinstudents’learningjourneys,thereisadangerthatsuchidentification may render some students even more vulnerable (Prinsloo & Slade, 2014). Whilstinterventions aim “to enable or restore, wherever possible and to the greatest extent possible, theautonomy of the affected persons or groups” (Mackenzie et al., 2014, p. 9), they may also becomepathogenic such that “a response intended to ameliorate vulnerability has the paradoxical effect ofexacerbatingexistingvulnerabilitiesorgeneratingnewones”(Mackenzieetal.,2014,p.9).Withinthecontextofthecomplexitiessurroundinginstitutionalandstudentvulnerability,itishelpfultogobeyondasimple“rights”or“privacy”perspectiveandexplorethenotionandscopeoflearneragencythrough vulnerability as lens. Such an approach resembles a “discursive–disclosive” (Stoddart, 2012)approach.Whilearights-basedapproachsetsoutproceduralguaranteesestablishingrulesandaccesstosatisfaction if these rules are breached, there are increasing concerns about its effectiveness in anenvironmentwherelegislationandregulatoryframeworksalmostpermanentlylagbehindnewbreachesof privacy and technological developments (Westin, 2003). A discursive–disclosive approach situatessurveillanceinthecontextofwhatisbeingdone,bywhom,andforwhatpurposeandtheninvestigatesalternativeapproachestosatisfytheneedthatinitiallyresultedinsurveillance(Prinsloo&Slade,2014).



3 VULNERABILITY, DISCLOSURE, AND INDIVIDUAL PRIVACY MANAGEMENT 3.1 Individual Agency and Disclosure: A Complex Combination In the discourses surrounding privacy, the collection, analysis, and use of personal information anddisclosure, it is clear thatourdefinitionsand regulatory frameworksbarely scratch the surfaceof thecomplexitiesresultingfromlinkagesbetweenpersonalunderstandingsofprivacy,perceptionsoftrust,andrisk,agency,andcontext(Haggerty&Ericson,2006;Kerr&Barrigar,2012;Lyon,2006;Solove,2004).Thereisampleevidenceinliteratureofagrowinginterestinthethreatstoindividualprivacyaswellasexpressed concern that current Terms and Conditions (TACs) don’t disclose the full extent to whichpersonal informationiscollected,analyzed,and(often)shared.Authorsalsonowrecognizethatmanyindividualsdon’tengagewiththeseTACs—becauseoftheirlength,orthetechnicalandlegalnatureofthelanguageused.Alongsidethisareincreasingconcernsaboutthewaysinwhichindividualsareinadvertentlyincreasingtheir own vulnerabilities through the inconsiderate sharing of information,which Payne (2014) terms“digital promiscuity.”We therefore need to understand individual vulnerability not only in respect toincreasinglyubiquitous surveillance,butalso to theirowncomprehensionof risk, theirperceptionsoftrustinparticularcontexts,andtheiragency(Miltgen&Smith,2015).Itiscrucial,then,thatwebegintorecognizethat“privacyself-managementandconsentisafluidandchangingnotionworthexploring.Itisimportantthat legalandregulatoryframeworksdifferbetweengeopoliticaland institutionalcontexts”(Prinsloo&Slade,2015,p.84).Itisclearthatprivacyself-managementgoesbeyondthetraditionalbinaryofsimplyoptinginoroptingout. We need to consider a “palette of ‘privacy solutions’” (Gurses, 2015) which potentially allowsindividualstomakemoreinformedchoices(Brian,2015;Laneetal.,2015).Recentstudiessuchasthereporton“Publicperceptionsofprivacyandsecurity inthepost-Snowdenera”(PewResearchCenter,2014)indicateageneraldecreaseinpublicconfidenceovercontrolofpersonalinformation.Thereportsuggeststhatanoverwhelmingmajorityfeelsthatitwouldbeverydifficulttoremovebiased,inaccurate,orembarrassingpersonal informationandtheyexpressconcernregardingtheaccess thatcommercialthirdpartiesmighthavetopersonalonlinedata. Interestingly,thoughmostalsofeelthatgovernmentshoulddomoretoregulateaccesstodigitalpersonalinformation,overhalfalsoindicatedthattheywereprepared to trade off personal data for benefits. Though there is an increased awareness amongindividualsregardingthecollectionanduseoftheirpersonalinformation,Brianstatesthat“consumersare largely unaware of the consequences of the seeminglymundane things that they share everydaythroughtheironlineactivities”(2015,p.7).3.2 Trading (Perceived) Privacy for (Perceived) Benefits Since the late 1990s, studies have indicated that commercial websites are typically slow to share



informationonthecollection,analysis,anduseofpersonaldataandoftendon’thavecomprehensiveoreasily understandable privacy policies (Miyazaki & Fernandez, 2000). The conceptual frameworkdeveloped by Miyazaki and Fernandez (2000) suggests the need for a richer and more nuancedunderstandingofthecollection,analysis,use,andsharingofpersonal information inthecontextofe-commerce.Possibilitiesofdisclosure(Figure1)rangefromnevercollectingdatanoridentifyingcustomerswhentheyaccessasite;customersoptinginbyexplicitlyagreeingtohavingtheirdatacollected,used,andshared;customersexplicitlyoptingout;theconstantcollectionofdatawithoutconsumershavingachoice(butwiththeirknowledge);tothecollection,use,andsharingofpersonaldatawithouttheuser’sknowledge(Miyazaki&Fernandez,2000).

Figure1:Aframeworkformappingthecollection,use,andsharingofpersonalinformation(Miyazaki

&Fernandez,2000).

WhileFigure1illustratesthevariousoptionsavailablefromtheperspectiveoftheserviceprovider,italsodemonstratesthatthinkingintermsofabinaryofprivacypositionsislimiting.Wesuggestanextendedframeworkthatallowsustoconsidertheissuesfromtheperspectiveoftheusersoftheseservices(Figure2).



Figure2:Aframeworkformappinguservulnerabilityandprivacyself-management.

Sincethecollection,analysis,anduseofpersonaldigitalinformationhavebecomeendemic,itishardtobelievethatanyusersremainunconcerned—eitherbecausetheybelievethatitdoesnotaffectthemorthat they don’t have anything to hide (Solove, 2007). Our proposed framework, shown as Figure 2,suggeststhatthefirstthreescenariosresultinusersbecominghighlyvulnerable.Inthisspace,individualsare most likely to share personal and even sensitive information carelessly, resulting in “digitalpromiscuity”(Payne,2014).Wemightalsoincludeasnaïvethoseuserswhoknow thattheirdata1arebeingcollectedandpossiblysharedasacompulsorypartoftheconditionsofusingaservice,butconsidertheirparticipationoruseofthatserviceashavingenough(perceivedorreal)benefitsnottoterminatetheiruse.Weproposethatthispresentsaparadoxofprivacyself-management.Insuchcases,itisoftenclearthatauser’sabilitytocontinueusingaserviceorplatformiscontingentupontheacceptanceofcookies,forexample,asagiven.Itis(perhapsbriefly)communicatedbytheserviceproviderthatrefusalwilleitherdenyfurtheraccessorseriouslydowngradetheeffectivenessorqualityoftheservice.Inmanycases,wherethereisaperceived(orreal)urgencytocontinue,anapparentlackofalternatives,orsimplysufficient apathy to discourage the user from seeking alternatives, the user will effectively opt in.Ignorancemaynotbeclaimedhere,anditistruethattherewillbesomeservicesforwhichtheresimplyarenoreadyalternativesorprovidersinwhichtheuserhassufficienttrust—buttheinformedagreementtocontinuestillrenderstheuservulnerable.Totherightofthespectrumwefindnotonlyincreasedawarenessbutalsoincreasedagencywhereusersmakechoicesregardingwhatinformationisshared,underwhatconditions,inwhatcontexts,andforwhat1 InfollowingKitchen(2014),wehaveused“data”aspluralunlesspartofaquotation.



benefits.AsPrinslooandSlade(2015)indicate,thematterofconsentiscomplex.Individualsmayadaptdecisionsregardinghowmuchinformationtheyarepreparedtoshare(andforwhatpurpose)dependingonthecontext.PrinslooandSlade(2015)suggestthattheseindividualswilltypicallydecidetooptinoroutona case-by-casebasis, considering thecontextofeachopportunity.When thedefaultoptionofinformationsharingistooptinratherthantooptout,Bellman,Johnson,andLohse(2001)foundthatindividuals takegreatercare.Otheraspects influencingopting inorout includetheways inwhichtheoption is displayed; for example, where the notice is placed on the screen, the length of supportingdocumentsornotices,andeventhefontsize.Otherresearchsuggeststhat“manyorganisationswillhavethe sophisticationandmotivation to findways togeneratehighopt-in rates” (Solove,2013,p.1898).Despitethechallengesandthecontestationsregardingtheeffectivenessofoptingin/outregimes,Solovestatesthat“Providingpeoplewithnotice,access,andtheabilitytocontroltheirdataiskeytofacilitatingsome autonomy in aworldwhere decisions are increasingly beingmade about themwith the use ofpersonaldata,automatedprocesses,andclandestinerationales,andwherepeoplehaveminimalabilitiestodoanythingaboutsuchdecisions”(2013,p.1899).Wesuggestthatitissimplyimpossibleforindividualstocomprehend,atthetimeofoptinginorout,thescopeofdatathatmightbecollected,analyzed,andusedandtheimplicationsofthedifferentlayersofcollectionandusebyarangeofthirdparties.“Evenifeveryentityprovidedpeoplewithaneasyandclearwaytomanagetheirprivacy,therearesimplytoomanyentitiesthatcollect,use,anddisclosepeople’sdatafortherationalpersontohandle”(Solove,2013,p.1888).Thesheerscaleofthecollectionofdata,andthedifferentapproachestoprovidinginformationonhowdatawillbecollectedpersite,makesitalmostimpossibleforindividualstoassumefullresponsibilityfortheiroptin/optoutdecisions.Individualscanhavenoideahowthedatacollectedmaybere-identifiedandaggregatedinfutureorwhetherthismatters.Whiledatamayseeminnocuousinonecontext,aggregationresultsindisembodyingdatafromits original context, increasing possibilities for misuse and misinterpretation. “There are too manyunknownswithregardtohowdatamaybecombinedatacertainfuturepointintime,whentheoriginalcontextinwhichthedatawerecapturedisnolongerknown”(Prinsloo&Slade,2015,p.86).Asnewusesforhistoricaldataarefound,thequalityandfitofthehistoricaldatawithinnewcontextsmaybeseverelycompromised.Levelsofrisk-aversenessmayalsovary,withsomesharingwillinglytotheirownpossibledetriment,whileothersattempttonavigatesitetermsandconditions,onlytogiveupduetotheirlength,legalese,andcomplexity.Therearemanyexamplesofthewaysinwhichchangingsocialnormsregardingthescopeandnatureofpersonaldatasharedcanresultinchangesinhowweseeand/orparticipateinsurveillance,self-surveillance,orthe“quantifiedself”phenomenon,orsousveillance(Prinsloo&Slade,2015;alsoseeLupton,2012).Whilethenotionofinformedconsentplaysavitalroleinthediscoursessurroundingprivacyandprivacyself-management,PrinslooandSlade (2015) identified the followingproblemsregarding thenotionofinformedconsent:1)theproblemofscale;2)there-identificationandtheproblemofaggregation;3)the



quality,accountability,andpurposeofdata;4)thedrawbacksinsettinglimitationsforuse;5)theimpactof the increasing openness and sharing of data; and 6) the problematics and understandings of useragency.2Indeed,theOrganisationforEconomicCooperationandDevelopment(OECD)notedin2012that“prioraffirmativeconsentinallcaseswouldbeimpractical”(inBrian,2015,p.170;emphasisadded).Thereisalsoasuggestionthatshouldusersneedtosetupanaccountinordertouseaservice,theyareacceptinganongoingrelationshipwiththeproviderandsoimplicitlyagreeingtothetermsandconditions.Theactofsigningupprovidestheopportunitytoassessandacceptsubsequenttrackingandtomanagewhatissharedgoingforwardmoreknowingly. It is,however,notclearthatmanyusersconsciouslyenter intosucharelationship.Addingtotheimportanceandneedtounderstandprivacyfromtheperspectiveofindividualvulnerabilityisanunderstandingthatoncedatahavebeenlegitimatelyacquired,currentlegalframeworksdonotdictateof the scopeand constraints regarding theuseof suchdata (Ohm,2015).Greenwood,Stopczynski,Sweat,Hardjono,andPentlandthereforemoot theneed fora“newdealondata”(2015,p.192).Inthecontextofthecollection,analysis,anduseofstudentdatabyHEIs,anecdotalevidencesuggeststhatmoststudentsareeitherunawareofthefactthatHEIscollect,analyze,andusetheirdigitaldata,ortheydon’tcare.Reasonsexplainingthenaivetyorignoranceofstudentsincludetheinherenttrustthatstudentsmayhaveintheir institutionnotonlytostoretheirpersonal information,butalsotousetheinformationtotheirbenefit(Prinsloo,Slade,&VanZyl,InPress).AllHEIscollect,analyze,store,andsharestudentinformationforregulatory,nationalstatistic,andfundingpurposes.Most(ifnotall)ofthisdataareatanaggregatedlevel.Ofparticularconcerninthecontextofstudentvulnerabilityarethecollection,analysis,anduseoflearningdatacombinedwithdemographicandpersonalfundingdatatoinformanddecideonstudentprogress,ortoformthebasisforadecisionwhenastudentistransferringtoanotherinstitution. Further concerns include the fact that the assumptions and beliefs informing algorithmicdecision-makingarehiddenand,mostprobably,neveropenforreview(Willis,Slade,&Prinsloo,Inpress).Thereare,however,alsothepotentialbenefitsforstudentswhentheyunderstandtheimplicationsofthedatacollectedbyinstitutionsandhow,inlightofthebeneficiarydutyofHEIs,theanalysisanduseoftheinformationmaybenefitthem(anissuetowhichwewillreturnlater).Balancingconcernsthatthecollection,analysis,anduseofdatacanexacerbateinjusticeandincreaseoramplifyexistinginequalitiesagainstthepotentialbenefitsofthecollection,analyzingandusingthatdataremains difficult and complex. Engaging with the dangers but also with the potential, using studentvulnerabilityasaheuristic lens,necessitatesadiscursive–disclosiveapproachthatopensupaspacetocriticallyengagewithquestionssuchaswhobenefits,whatcantheindividualcontrol,whatistheroleofdata in(oftenunequal)power-relations,andwhatarethedynamicsofresistance-compliance(see,for

2 Forafulldiscussiononthelimitationsofinformedconsent,seePrinsloo&Slade,2015.



example,Stoddart,2012).Givenallthat,andthefactthatusersoftendonotreadand/orengagewithTACs,itiscrucialtoatleastconsiderthewaysinwhichTACsandinstitutionaltransparencyfunction(orshouldfunction)ineducationalcontexts.4 TERMS AND CONDITIONS IN AN EDUCATIONAL CONTEXT InananalysisoftheTACsofthreeprovidersofmassiveopenonlinecourses(MOOCs)namelyCoursera,EdX, and FutureLearn, Prinsloo and Slade (2015) found several troubling gaps in both the providers’fiduciarydutytostudentsandtheirconsiderationfortheinherentprivacyissuesandresultingstudentvulnerability.TheTACsof these threeproviderswereanalyzed focusingon the followingelements:1)length;2)typesofdatacollected;3)methodsofdatacollection;4)conditionsforsharingdatacollected;5)usesofdata;6)useraccessto,responsibility,andcontrolofdata;and7)institutionaldutyofcare.This study found that the length, font size, andnumber of headings used in these TACswould, in allprobability,discourageengagement,sothatuserswouldaccepttheTACswithoutreadingthem.Allthreeprovidersstatedclearlythatallinformationprovidedbyuserswouldbecollectedandused.OneMOOCproviderexplicitlystatedthattheymayrequestinformationfromthirdpartiessuchascreditreferenceagencies.Interestingly,whileallthreeprovidersacknowledgedthattheyusedcookiestocollectdata,onlyone(FutureLearn)providedalistofcookieswithcleardescriptionsoftheirfunction.Allthreeprovidersmadeitclearthatdisablingthecookieswoulddisrupttheservice,potentiallytotheextentthatitwouldberenderedunusable.Regardingthecollecteddata,allthreestatedthatitwouldbeusedtoincreasetheefficiencyoftheplatformandthestructureofthelearningexperience.Oneprovider(EdX)alertedusersthatstudentpostsareownedbyEdXinperpetuityandcouldbeusedforwhateverpurposesEdXdecides.Therewasnoindicationwhetherthatusewouldincludeadepersonalizationofthedata.Interestingly,andofsomeconcern,wastheencouragementbyFutureLearnforuserstorevealpersonaldetailssuchasgender,location,andhistoryinordertodeepenthepersonalelementinthelearning.Noneoftheprovidersgavetheoptiontooptout—indeed,userswerealertedtotheinabilityoftheirMOOCprovidertoensureandguaranteethatinformationsharedwouldnotbeusedbyfellowusersormadepublicbecauseofsecuritybreaches.Onlyone,FutureLearn,providedanopportunity(forasmallfee)foruserstorequestaccesstothedataheldbythecompany(inlinewithnationaldataprotectionrequirements).Inexploringlearneragencyinthecontextofuservulnerability,itseemsthatTACsdonot,ontheirown,addressandamelioratestudentvulnerability.ThisdoesnotnegatethepotentialofTACstobecomepartofthe“paletteof‘privacysolutions’”(Gurses,2015),butweneedabroader,moreagile,morenuancedapproachtoaddressstudentvulnerabilityinlearninganalytics.TheOpenUniversity’s(2014)“Policyonethicaluseofstudentdatafor learninganalytics”isarecentexampleofahighereducationinstitutionprovidingaregulatoryframeworktoguidetheethicalimplementationoflearninganalytics.ThereisalsoroomforthedevelopmentofaCodeofEthicalPracticefordataanalystsinthehighereducationcontext—anissueexploredbyWillis,Slade,andPrinsloo(inpress).



UsingtheframeworksuggestedbyPrinslooandSlade(2015),thenextsectionattemptstoexplorethe(im)possibilities of creating spaces for students to be not only more aware, but also to make moreinformedandconsciousdecisionsaboutwhattheyshareandforwhatpurposes.Asaframework, it isclear that the different elements are not absolute, separate entities, but that the potential linkagesbetweentheseelementsmayaddresstheobvious,potentiallimitationsoftheseparateelementsandtheframeworkasawhole.5 A FRAMEWORK FOR LEARNER AGENCY 5.1 The Duty of Reciprocal Care Itisincreasinglyclearthattheboundariesbetweenpublicandprivatespacescontinuetoevolveandblursothatacompleteseparationofpublicandprivateisnolongerfeasible.AstheInternetofThings(IoT)evolves,linkingandtracinglinkagesbetweenpersonaldevicesacrossthetraditionaldividesofpublicandprivate,itisclearthatweneeda“newdeal”ofprivacyandpersonaldata(Greenwoodetal.,2015).Inthecontext of higher education, we simply can no longer ignore the implications of our fiduciary dutypertainingtothecollection,analysis,anduseofstudentdata.Highereducationinstitutions,byvirtueoftheservicetheyoffer,havealmostcompletepowertocollect,analyze,use,andsharestudentdatawithintheirservicemandatesandnationaland international legal frameworks.There isnoquestionthat thebalanceinthepowerrelationshipiswiththeprovider.Wecontendthatthisincreasestheresponsibilityofthatprovidertoensuretransparency,security,andreasonablecare.Whileacknowledgingthe limitationsofTACs,weproposethatHEIsshouldformulatetheirTACsinalanguageandformatthatmakeclear“whatdataiscollected,forwhatpurposes,andwithwhomthedatamaybeshared (andunderwhatconditions)” (Prinsloo&Slade,2015,p.89). It isalsosuggested that,where feasible, institutionsmake data sets available to students “to verify or correctconclusionsdrawnwherenecessary, aswell as provide context, if appropriate” (p. 89). This doesnotmean, necessarily, that students will be able to make complete sense of their data, as this may becomplicatedbypracticalitiesofsizeandformat.Perhapsmoreusefulwouldbetheabilitytosharetherationaleofdecisionswhichthatimpactstudents’currentorfuturelearningopportunitiesandthedataonwhichassumptionsaremadeatthetimesuchdecisionsaremade.Whilereflectingthisinformationback to students is likely to remain complex, it has the potential to create greater transparency andaccountability.Althoughthecollectionofstudentdatatypicallytakesplacewithinanasymmetricalpowerrelationship,thisdoesnotexemptstudentsfromaresponsibilitytoensurethattheyalsotakeresponsibilityforboththe accuracy and completion of the data and information they share, but the extent to which they(publicly)sharepersonaldetails.HEIscannoteasilyensurethatthepersonalinformationstudentsshareindiscussion forumswill remainprivateandsecure.There isampleevidence thatonce information isposted, even if later deleted, it may be shared (e.g., via a screenshot) on platforms outside of the



institutionallearningmanagementsystem(LMS).ItisclearthatthoughHEIscanandshoulddoeverythingpossibletodecreasethepotentialofharmandvulnerabilityofstudents,theydonotandcannotcarrythefullorsoleresponsibilityforsecuringstudentdata. From a procedural perspective, the provision of greater access and recourse to revisionsmightnecessitatetheappointmentofaneutralombudspersontoaddressconcernsandissuesflowingfromthecontractbetweeninstitutionandstudents.5.2 The Contextual Integrity of Privacy and Data Usersdecidetoshareornotshareinformationgivenaparticularcontextand,asresearchshows,optingin,orsharinginformationinonecontext,doesnotimplythattheinformationprovidedcanbeusedinadifferentcircumstance.Privacyisrelationalandusinginformationoutsideoftheoriginalcontextimpliesdifferent sets of relationships and linkages, not originally foreseen (Nissenbaum, 2010, 2011). Forexample,analyzingandcombiningstudentinformationfromblogpostsanddiscussionforumswithotherinformationsuchaslibraryaccessanddemographicdatameansthatthepotentialforaresultinglossofcontextualintegrityofdata(Nissenbaum,2010)becomesanincreasingconcern.Ashistoricaldataareincreasinglyaggregatedandre-usedforpurposesdifferentfromtheoriginalcontextinwhichitwascollected,itisnecessarytobeawareofandacttopreventcontextualintegritycollapse.Thedangerofcontextualintegritycollapseincreaseswhenalgorithmscollectdata,oftenfromarangeofinstitutionalrepositories(Prinslooetal.,2015).5.3 Student Agency and Privacy Self-Management Inthissection,welocatethepossibilitiesandconstraintsofstudentagencyandprivacyself-managementhavingacceptedtheinformationalasymmetry(Brunton&Nissenbaum,2015)intherelationshipbetweenstudentsandHEIs.Giventhisinformationalasymmetry,individualagencybecomesmorecomplexasusersareunabletoforeseehowinformationsharednowhasthepotentialtobecomemoredamaginginfuture,oftenwhencombinedwithother sources suchasmedicaland/or financial records. In suchsituations,optingoutbecomesamere“fantasy”(Brunton&Nissenbaum,2015,p.53).Thecurrentandfuturecostsofoptingoutornotoptingincannotpossiblybeforeseenatthemomentofchoice(seeFigure2andthefollowingdiscussion).BruntonandNissenbaumstatethatthescopeandpotentialofindividualagencyinthe“contextofunavoidablerelationshipsbetweenpeopleandinstitutionswithlargeinformationalandpowerasymmetries”(2015,p.56)isverydifficulttomapandplanfor,butthatweshouldnonethelessattempt to broaden “the spectrum of responses to oppression and coercion” (p. 57; emphasis in theoriginal).3

3 SeeBruntonandNissenbaum,2015,foradiscussionofvariousstrategiestoresistandobfuscatethecollection,analysisanduseofdataandtheethicaldimensionsoftheseresponsesandstrategies.



Ifweseeeducationasmoralpractice(Slade&Prinsloo,2013),wecannotnegatethescopeofcareinthefiduciarydutyoftheinstitutiontowardsstudentsespeciallyinthelightoftheinformationalandpowerasymmetries.“Thesocialcontractandfiduciarydutyofcareprovidesacrucialbasisforthinkingcriticallyabouttherangeofstudentcontroloverwhatdatawillbeanalyzed,forwhatpurposes,andhowstudentswillhaveaccesstoverify,correctorsupplyadditionalinformation”(Prinsloo&Slade,2015,p.89).Thisdutyofcareshould,however,notbeconstruedtomeanthattheresponsibilityforprivacyandcareonlyresides with the institution. If students are rightly seen as agents and active collaborators in theharvesting,analysis,anduseoftheirdata(seeKruse&Pongsajapan,2012),HEIsmustfindwaystoengagestudentsnotonlyinpolicyformulationbutalsoinassumingresponsibilityforverifyinginformationandanalysesandincontributinginformationthatcanresultinabetter,mutualunderstandingofstudents’learningjourneys.Weacknowledgethatthereareanumberofchallenges,manyofwhichare,atfacevalueinsurmountable,suchasbalancingthefiduciarydutyofcarewithacknowledgingstudents’agencyandautonomytomaketheir owndecisions.Howdowe increase students’ self-awareness regarding the potential hazards ofsharingpersonalinformationandcontext(inorderforustoofferbetterandmoreappropriatesupport)and,atthesametime,acknowledgethedifficulties inpreventingfuturemisuseofthat informationbyothers,bothwithinandoutsideoftheoriginalcontext?Howdowebalancetheneedtoknowourstudentsbetterwiththeresponsibilitythatcomeswithknowingthembetter?(Prinsloo,2015).MostHEIscurrentlyapplyasdefaultthepositionwherebytheactofregistrationequatesforfeitureofstudentcontrolovertheirdata.AlthoughHEIshavearighttocollect,analyze,anduseaggregatedstudentdata responsibly, students should also be aware of the circumstances under which their personalinformationmaybeusedtotailorboththeircurriculumandtheiraccesstoresourcesandsupport(seeFigure2).Wemightalsoworktocreatemoresubstanceoverneutralityandacknowledgethelimitationsofthequantificationofstudentsandtheirlearningandmovetowardsthicker,qualitativedescriptionsofstudentsandtheirlearning.5.4 Rethinking Consent and Employing Nudges In followingSolove,weacknowledgethat“consent is farmorenuanced,andprivacy lawneedsanewapproachthataccountsforthenuanceswithoutgettingtoocomplextobeworkable”(2013,p.1901).Wethereforesuggestthatnudges(asusedinthehealthandenergysectors)beexploredasalternativestothe default opt out strategies generally practiced within higher education (see Rubel & Jones, 2014;Selinger,2015).AsthePewResearchCenter(2014)report indicates,usersofonlineservicesareoftenwilling to share data in return for services or discounts. If students are more actively engaged andinformed regarding thebenefitsof sharing their data aswell as theprotocols employed to safeguardaccesstoit,theymaymorewillinglyparticipateinsharingdatathatdecreasesboththeirownandtheirinstitution’svulnerability.Thereis,however,thewarningissuedbySolove(2006)(Table1)thatweneedtoconsiderthescopeandimplicationsofcoercionwhennudgingindividualstoshareinformation.



5.5 Developing Partial Privacy Self-Management AsitisvirtuallyimpossibleforuserstoengagewiththeTACsofeveryservicetheyuse,Solove(2013)raisesthepossibilityofablanketopt in fora rangeof servicesorproviders.Though thispotentially raisesanumberofother issues,HEIsmightat leastmakeclearerwhatdataareharvestedandused forwhatpurposesonwhichof itssitesandprovidestudentswiththeopportunitytoprovideblanketapproval.Additionalsitesorservicesmaythenhavedifferentprotocolsand/orTACsforwhichstudentscouldbemadeawareandprovidedwithseparateopportunitiestooptin(seeFigure2).5.6 Adjusting Privacy’s Timing and Focus Withtheincreasinguseandre-useofhistoricaldata,itisclearthatstudentdatacanbeusedformanyyearsafterthestudenthaslefttheinstitution.HEIsthereforeneedtomakeclearwhichstudentdatamaybestoredandused“downstream,”forwhatpurposes,andunderwhatconditions.Whilethestorageofdataisgovernedbynationalandinstitutionallegislationandpolicy,Solove(2013)suggeststhat“usersmaybeprovideddifferentoptionssuchasoutrightrestrictions,partialconsentdependingonthescope,contextandtiming,andpermissiontoharvestandusedatawithanoptionto laterrevokeconsentorchange the scopeof consent dependingon the context or circumstances” (also seePrinsloo& Slade,2015). 5.7 Moving Toward Substance over Neutrality InfollowingSolove(2013),PrinslooandSladesuggestthatdespiteconcernsabouttheeffectivenessofregulationandlegislation,wecannotaltogethernegatetheroleofsubstantiverulesandhardboundaries“thatblockparticularlytroublesomepracticesaswellassofterdefaultrulesthatcanbebargainedaround”(2015,p.90;alsoseeSolove,2013).Thereseemstobeamovetowardsregulationthatconsiders,interalia, theneed forexplicitconsent to theprocessingof informationandtherecognitionof therightofsubjects to be forgotten or to have personal digital data removed. There are, however, a number ofauthorswhoexpressconcernthatinthecontextofbigdataandindividualsfreelysharinginformation,regulationandlegislationwillalwaysbebehind(Carney,2013;Crawford&Shultz,2013).5.8 Moving from Quantified Selves to Qualified Selves Inlinewiththemaintenetsofastudent-centredapproachtolearninganalytics(Kruse&Pongsajapan,2012),therenewedemphasisthatlearninganalyticsisaboutlearning(Gašević&Siemens,2015),andofstudents as agents rather than data objects or passive recipients of services (Slade& Prinsloo, 2013;Subotzky&Prinsloo,2011),theaboveframeworkallowsustocontemplatethesignificanceandimpactofthenotionofstudentsnotasquantifiedselvesbutasqualifiedselves(e.g.,Davies,2013;Lupton,2014a,2014b).



Carney (2013) suggests that the quantification of the self through tracking processes (whether asparticipantandproviderofthedata,orasdataobject)canresultinthebeliefthatweareourdata.Thedigitaldataprovidedaboutusandbyusmaythenbeseentoprovideacompletepictureofwhowehavebeen,whoweare,and(mostprobably)whowewillbe.Thoughtheuseofdatatoquantifyanindividual’screditworthinessorhealthstatus(tomentionbuttwoexamples)isnotnecessarilybadperse,weshouldbeawareofanyimplicitassumptionthatthecollecteddataprovideacompletepicture.Asmanyauthors(e.g.,Mayer-Schönberger, 2009;Mayer-Schönberger& Cukier, 2013; Solove, 2013) havewarned, theincreasinguse,re-identification,andcombinationofvarioussetsofdecontextualizeddataraisearangeofseriousconcerns.While learning analytics can and should play an important role in students’ self-awareness, self-knowledge,self-efficacy,andhealthylociofcontrols,alackofspecificcontextcanresultinlimitedorevenfaultyassumptions.Inthecurrentcollectionanduseofstudentdata,studentsoftenhavenoinsightintothedata collectedby theirHEI and so there is nopossibility that data canbe verifiedor any contextprovided. Considering the asymmetrical relationship of students and their institutions, studentspotentially then become quantified selves based on, for example, the number of log-ins, clicks,downloads,or time-on-task. It is important toallowopportunities forcontext-rich informationsothatinstitutionsandstudentsmaybetterunderstandthecomplexitiesand interdependencies in thenexusbetweenstudents,institutions,andtheimpactsofsocioeconomic,technological,environmental,political,andlegalcontexts.“Wherethequantifiedselfgivesustherawnumbers,thequalifiedselfcompletesourunderstandingofthosenumbers”(Boam&Webb,2014,par.8).Ourstudentsarethereforemuchmorethanjustconglomeratesofquantifiabledatasoitisimportantthatwetakeintoaccount“thecontextsinwhichnumbersarecreated”(Lupton,2014b,p.6).Luptonwarns that in order to optimize our understanding of data (especially self-tracking data) it isimportant to appreciate that the meanings of self-tracked data are often hard to determine; “thatpersonaldatacanbedisempoweringaswellasempowering;theconditionsinwhichdataaregatheredcaninfluencetheirvalidity;[and]thecontextsinwhichdataaregeneratedarevitaltounderstandingtheirmeaning”(2014b,p.7).Lupton(2014b)alsoraisesconcernsaboutthesecurestoringandgovernanceofdataandnotesthatdatacanbeusedtodiscriminateagainstindividuals.4BoamandWebb(2014)suggestthat“Justasstoriesyielddata,datayieldstories.Andjustasitisdifficulttoquantifyourliveswithoutdata,wecannotqualifythemwithoutcontextornarrative.Whenwebringthetwosidestogether,weachievedeeperself-knowledge”(Boam&Webb,2014,par.21).Diversifyingour data collection methods, contexts, and timing and allowing individual students to participate inreiterativeandcollaborativeprocessesofsense-makingchallengesmanyoftheassumptionsandpracticesofcurrentTACsinhighereducation.

4 SeePrinslooandSlade(2014)foranexplorationofeducationaltriageinhighereducation.



6 CONCLUSION Ifbigdataherald“aparadigmshiftinthewaysweunderstandandstudyourworld”(Eynon,2013,p.237),the increasing potential and practice of collecting, analyzing, and using student data allows us theopportunity to explore some of the current paradigms surrounding that data. In the context of thefiduciarydutyofHEIsandtheasymmetricalpowerandinformationrelationship,highereducationcannotafford a simple paternalistic approach to the use of student data. Such an approach should not beconsideredappropriategiven thecomplexitieswithin thenexusofprivacy, consent, vulnerability, andagency.Individualchoicetoallowforordisregardindividualagencyregardingthecollection,use,andsharingofone’sdigitaldata(Miyazaki&Fernandez,2000)dependsonarangeoffactorsincludingcontext(clarityof) information provided in TACs and the risk-averseness or vulnerability-awareness of the individual(Figure2).Thenotionofvulnerabilityallowsan interestinganduseful lensonstudentdata.Thoughbothinstitutionalandindividualvulnerabilityneedstobeconsidered,wehavefocusedspecificallyonstudent vulnerability. This articleexpandsonanearlier frameworkdevelopedbyPrinslooandSlade (2015) and explores ways to decrease student vulnerability, increase their agency, andempower them as participants in learning analytics tomove from quantified data objects toqualifiedandqualifyingselves.REFERENCES Altbach, P. G., Reisberg, L., & Rumbley, L. E. (2009). Trends in global higher education: Tracking an

academic revolution. A report prepared for the UNESCO 2009 World Conference on HigherEducation. France: UNESCO. Retrieved fromhttp://www.uis.unesco.org/Library/Documents/trends-global-higher-education-2009-world-conference-en.pdf

Baker,R.S.J.d.,&Siemens,G.(2014).Educationaldataminingandlearninganalytics.InK.Sawyer(Ed.),The Cambridge Handbook of the Learning Sciences (2nd ed.) (pp.253—275). UK: CambridgeUniversityPress.

Bauman,Z.(2007).Liquidtimes:Livinginanageofuncertainty.Cambridge,UK:PolityPress.Bauman,Z.,&Lyon,D.(2013).Liquidsurveillance.Cambridge,UK:PolityPress.Bellman, S., Johnson, E. J., & Lohse, G. L. (2001). To opt-in or opt-out? It depends on the question.

CommunicationsoftheACM,44(2),25–27.http://dx.doi.org/10.1145/359205.359241Boam, E., &Webb, J. (2014, 2May). The qualified self: Going beyond quantification. [Web log post]

Retrieved from http://designmind.frogdesign.com/2014/05/qualifiedself-going-beyond-quantification/

Boelstorff, T. (2013). Making big data, in theory. First Monday, 18(10). Retrieved fromhttp://firstmonday.org/ojs/index.php/fm/article/view/4869

boyd, d., & Crawford, K. (2013). Six provocations for big data. Paper presented at Oxford Internet



Institute’s“ADecadeinInternetTime:SymposiumontheDynamicsoftheInternetandSociety”on September 21, 2011. Retrieved fromhttp://papers.ssrn.com/sol3/papers.cfm?abstract_id=1926431

Brian,S.(2015).Theunexaminedlifeintheeraofbigdata:TowardaUDAAPfordata.UniversityofDaytonLaw Review, 40, 181–199. Retrieved fromhttp://papers.ssrn.com/sol3/papers.cfm?abstract_id=2533068

Brunton,F.,&Nissenbaum,H.(2015).Obfuscation.Auser’sguideforprivacyandprotest.Cambridge,MA:TheMITPress.

Carney,M.(2013,May20).Youareyourdata:Thescaryfutureofthequantifiedselfmovement.[Weblogpost]. Retrieved fromhttp://pando.com/2013/05/20/you-are-your-data-thescary-future-of-the-quantified-self-movement/

Carr,N. (2012,27September).Thecrisis inhighereducation.MITTechnologyReview.Retrieved fromhttp://www.technologyreview.com/featuredstory/429376/the-crisis-in-higher-education/

Crawford, K. (2013, 1 April). The hidden biases in big data.Harvard Business Review. Retrieved fromhttp://blogs.hbr.org/cs/2013/04/the_hidden_biases_in_big_data.html

Crawford,K.,&Schultz,J.(2013).Bigdataanddueprocess:Towardsaframeworktoredresspredictiveprivacy harms. Boston College Law Review, 55(1). Retrieved fromhttp://papers.ssrn.com/sol3/papers.cfm?abstract_id=2325784

Christensen,C.(2008).Disruptiveinnovationandcatalyticchangeinhighereducation.InForumFutures2008(AcompilationofsummariespresentedattheForum’s2007AspenSymposium)(pp.43—46).RetrievedfromEDUCAUSElibrarywebsitehttps://net.educause.edu/forum/ff08.asp

Danaher, J. (2014,7 January).Rulebyalgorithm?Bigdataandthethreatofalgocracy. [Web logpost]Retrievedfromhttp://ieet.org/index.php/IEET/more/danaher20140107

Davies, J. (2013, 13 March). The qualified self. [Web log post].http://thesocietypages.org/cyborgology/2013/03/13/thequalified-self/

Dennis,K.(2008).Viewpoint:Keepingaclosewatch—theriseofself-surveillanceandthethreatofdigitalexposure. The Sociological Review, 56(3), 347–357. http://dx.doi.org/10.1111/j.1467-954X.2008.00793.x

Eynon,R.(2013).Theriseofbigdata:Whatdoesitmeanforeducation,technology,andmediaresearch?Learning, Media and Technology, 38(3), 237–240.http://dx.doi.org/10.1080/17439884.2013.771783

Fineman,M.A.(2008).Thevulnerablesubject:Anchoringequalityinthehumancondition.YaleJournalofLaw&Feminism,20(1),8–40.

Gangadharan, S. P. (2012). Digital inclusion and data profiling. First Monday, 17(5). Retrieved fromhttp://firstmonday.org/ojs/index.php/fm/article/viewArticle/3821

Gašević,D.,&Siemens,G. (2015). Let’snot forget: Learninganalytics areabout learning.TechTrends,59(1),64–71.http://dx.doi.org/10.1007/s11528-014-0822-x

Gitelman,L.(Ed.).(2013).“Rawdata”isanoxymoron.London:MITPress.Greenwood,D.,Stopczynski,A.,Sweat,B.,Hardjono,T.,&Pentland,A.(2015).Thenewdealondata:A

frameworkforinstitutionalcontrols. InJ.Lane,V.Stodden,S.Bender,&H.Nissenbaum(Eds.),Privacy,bigdata,andthepublicgood(pp.192–210).NewYork:CambridgeUniversityPress.

Gurses,S.(2015).Privacyandsecurity:Canyouengineerprivacy?CommunicationsoftheACM,57(8),20–23.http://dx.doi.org/10.1145/2633029

Haggerty,K.D.,&Ericson,R.V.(Eds.)(2006).Thenewpoliticsofsurveillanceandvisibility.Toronto,ON:UniversityofTorontoPress.

Harcourt, B. E. (2015). Exposed: Desire and disobedience in the digital age. Cambridge,MA: Harvard



UniversityPress.Henman, P. (2004). Targeted!: Population segmentation, electronic surveillance and governing the

unemployed in Australia. International Sociology, 19, 173–191.http://dx.doi.org/10.1177/0268580904042899

Howard, R. D., McLaughlin, G. W., & Knight, W. E. (Eds.). (2012 infrastructures). The handbook ofinstitutionalresearch.SanFrancisco,CA:JohnWiley&Sons.

Kerr,I.,&Barrigar,J.(2012).Privacy,identityandanonymity.InK.Ball,K.D.Haggerty,&D.Lyon(Eds.),Routledgehandbookofsurveillancestudies(pp.386–394).Abingdon,UK:Routledge.

Kitchen,R.(2014).Thedatarevolution:Bigdata,opendata,dataandtheirconsequences.London:SAGE.Knox,D.(2010).Spiesinthehouseoflearning:Atypologyofsurveillanceinonlinelearningenvironments.

PaperpresentedattheInternationalConferenceonTeachingandTeacherEducation(Edge2010),Memorial University of Newfoundland, St. Johns, NL, Canada. Retrieved fromhttp://www.mun.ca/edge2010/wp-content/uploads/Knox-Dan-Spies-In-the-House.pdf

Kruse, A., and Pongsajapan, R. (2012). Student-centered learning analytics. Retrieved fromhttps://cndls.georgetown.edu/m/documents/thoughtpaper-krusepongsajapan.pdf

Lane,J.,Stodden,V.,Bender,S.,&Nissenbaum,H.(Eds.).(2015).Privacy,bigdata,andthepublicgood.NewYork:CambridgeUniversityPress.

Lanier,J.(2013,1November).Howshouldwethinkaboutprivacy?Makingsenseofoneofthethorniestissuesofthedigitalage.ScientificAmerican,309(5),64–71.

Lazar, N. (2015). The big picture: Big data and privacy. CHANCE, 28(1), 39–42.http://dx.doi.org/10.1080/09332480.2015.1016848

Lupton,D.(2012,4November).Thequantifiedself-movement:Somesociologicalperspectives.[Weblogpost]. Retrieved from http://simplysociology.wordpress.com/2012/11/04/thequantitative-self-movement-some-sociological-perspectives/

Lupton,D. (2014a, 28 July). Beyond thequantified self: The reflexivemonitoring self. [Web logpost].https://simplysociology.wordpress.com/2014/07/28/beyondthe-quantified-self-the-reflexive-monitoring-self/

Lupton, D. (2014b). You are your data: Self-tracking practices and concepts of data. In S. Selke (Ed.),Lifelogging:Theoreticalapproachesandcasestudiesaboutself-tracking(provisionaltitle).Berlin:Springer.

Lyon, D. (Ed.). (2006). Theorising surveillance: The panopticon and beyond. Cullumpton, UK: WillanPublishing.

Lyon,D. (2015). The Snowden stakes: Challenges forunderstanding surveillance today.Surveillance&Society,13(2),139–152.

Mackenzie,C.,Rogers,W.,&Dodds, S. (Eds.). (2014).Vulnerability:Newessays in ethicsand feministphilosophy.Oxford,UK:OxfordUniversityPress.

Maringe,F.,&Sing,N.(2014).Theorisingresearchwithvulnerablepeopleinhighereducation:Ethicalandmethodologicalchallenges.SouthAfricanJournalofHigherEducation,28(2),533–549.

Marwick,A.E.(2014,9January).Howyourdataarebeingdeeplymined.TheNewYorkReviewofBooks.Retrieved from http://www.nybooks.com/articles/archives/2014/jan/09/how-your-data-are-being-deeply-mined/

Marx, G. T. (2001). Murky conceptual waters: The public and the private. Ethics and InformationTechnology,3,157–169.http://dx.doi.org/10.1023/A:1012456832336

Marx,G.T.,&Muschert,G.W.(2007).Personalinformation,borders,andthenewsurveillancestudies.Annual Review of Law and Social Science.http://dx.doi.org/10.1146/annurev.lawsocsci.3.081806.112824



Mayer-Schönberger,V.(2009).Delete:Thevirtueofforgettinginthedigitalage.Princeton,NJ:PrincetonUniversityPress.

Mayer-Schönberger,V.,&Cukier,K.(2013).Bigdata:Arevolutionthatwilltransformhowwelive,work,andthink.NewYork:HoughtonMifflinHarcourtPublishing.

Miltgen,C.L.,&Smith,H.J.(2015).Exploringinformationprivacyregulation,risks,trust,andbehavior.Information&Management,52(6),741–759.http://dx.doi.org/10.1016/j.im.2015.06.006

Miyazaki, D.,& Fernandez, A. (2000). Internet privacy and security: An examination of online retailerdisclosures.JournalofPublicPolicy&Marketing,19(1),54–61.

Morozov,E.(2013).Tosaveeverything,clickhere.London:PenguinBooks.Nissenbaum,H.(2010).Privacyincontext:Technology,policy,andtheintegrityofsociallife.Stanford,CA:

StanfordLawBooks.Nissenbaum,H.(2011).Acontextualapproachtoprivacyonline.Daedalus,140(4),32–48.OʼConnell, A. (2016).My entire life is online: Informed consent, big data, and decolonial knowledge.

Intersectionalities:AGlobalJournalofSocialWorkAnalysis,Research,Polity,andPractice,5(1),68–93.

Ohm,P.(2010).Brokenpromisesofprivacy:Respondingtothesurprisingfailureofanonymisation.UCLALawReview,57,1701–1777.

Ohm,P.(2015).Changingtherules:Generalprinciplesfordatauseandanalysis.InJ.Lane,V.Stodden,S.Bender,&H.Nissenbaum(Eds.),Privacy,bigdata,andthepublicgood(pp.96–111).NewYork:CambridgeUniversityPress.

Open University (2014). Policy on ethical use of student data for learning analytics. Retrieved fromhttp://www.open.ac.uk/students/charter/essential-documents/ethical-use-student-data-learning-analytics-policy

Pasquale, F. (2015).Theblackbox society: The secretalgorithms that controlmoneyand information.London:HarvardUniversityPress.

Payne,R.(2014).Frictionlesssharinganddigitalpromiscuity.CommunicationandCritical/CulturalStudies,11(2),85–102.http://dx.doi.org/10.1080/14791420.2013.873942

PewResearchCenter(2014,12November).Publicperceptionsofprivacyandsecurityinthepost-Snowdenera.Retrievedfromhttp://www.pewinternet.org/2014/11/12/public-privacy-perceptions/

Prinsloo,P. (2015).Theethicsof (not)knowingour students.Presentationat theEthicsRoundtable,3September, University of South Africa, Pretoria. Retrieved athttp://www.slideshare.net/prinsp/the-ethics-of-not-knowing-our-students-52373670

Prinsloo,P.,Archer,L.,Barnes,G.,Chetty,Y.,&VanZyl,D.(2015).(Big)gerdataasbetterdatainopendistance learning. International Review of Research in Open and Distance Learning (IRRODL),16(1).Retrievedfromhttp://www.irrodl.org/index.php/irrodl/article/view/1948/3203

Prinsloo,P.,&Slade,S.(2014).Educationaltriageinhigheronlineeducation:Walkingamoraltightrope.International Review of Research in Open Distance Learning (IRRODL), 14(4): 306–331.http://www.irrodl.org/index.php/irrodl/article/view/1881

Prinsloo, P., & Slade, S. (2015). Student privacy self-management: Implications for learning analytics.Proceedingsofthe5thInternationalConferenceonLearningAnalyticsandKnowledge(LAK’15),83–92.http://dx.doi.org/10.1145/2723576.2723585

Prinsloo,P.,Slade,S.,&VanZyl,D.(inpress).Students’privacycalculus:Negotiatingboundariesoftrust,disclosureandbenefit[Draftmanuscript].

Raynes-Goldie, K. (2010). Aliases, creeping, and wall cleaning: Understanding privacy in the age ofFacebook. First Monday, 15(1). Retrieved fromhttp://firstmonday.org/ojs/index.php/fm/article/viewArticle/2775



Rubel,A.,&Jones,K.M.(2016).Studentprivacyinlearninganalytics:Aninformationethicsperspective.TheInformationSociety,32(2),143—159.http://dx.doi.org/10.1080/01972243.2016.1130502

Schildkamp,K.,Lay,M.K.,&Earl,L.(Eds.).(2013).Data-baseddecisionmakingineducation:Challengesandopportunities.London:Springer.

Selinger, E. (2015). Neo-liberal reform and the big data university. Foundations of Science, 1–4.http://dx.doi.org/10.1007/s10699-015-9446-7

Slade, S., & Prinsloo, P. (2013). Learning analytics: Ethical issues and dilemmas.American BehavioralScientist,57(10),1510–1529.http://dx.doi.org/10.1177/0002764213479366

Solove, D. J. (2001). Privacy and power: Computer databases andmetaphors for information privacy.StanfordLawReview,53(6),1393–1462.

Solove,D.J.(2002).Conceptualizingprivacy.CaliforniaLawReview,90(4),1087–1155.Solove,D.J.(2004).Thedigitalperson:Technologyandprivacyintheinformationage.NewYork:New

YorkUniversityPress.Solove,D.J.(2006).Ataxonomyofprivacy.UniversityofPennsylvaniaLawReview,154(3),477–564.Solove,D.J. (2007).“Iʼvegotnothingtohide”andothermisunderstandingsofprivacy.SanDiegoLaw

Review,44,745–772.Solove,D.J.(2013).Introduction:Privacyself-managementandtheconsentdilemma.126HarvardLaw

Review1880.Stiles, R. J. (2012). Understanding and managing the risks of analytics in higher education: A guide.

EDUCAUSE.Retrievedfromhttps://net.educause.edu/ir/library/pdf/EPUB1201.pdfStoddart,E.(2012).Asurveillanceofcare:Evaluatingsurveillanceethically.InK.Ball,K.D.Haggerty,&D.

Lyon (Eds.), The Routledge handbook of surveillance studies (pp. 369–376). Abingdon, UK:Routledge.

Subotzky,G.,&Prinsloo,P.(2011).Turningthetide:Asocio-criticalmodelandframeworkforimprovingstudentsuccessinopendistancelearningattheUniversityofSouthAfrica.DistanceEducation,32(2),177–193.http://dx.doi.org/10.1080/01587919.2011.584846

Swain,H.(2013,5August).Areuniversitiescollectingtoomuchinformationonstaffandstudents?TheGuardian. Retrieved from http://www.theguardian.com/education/2013/aug/05/electronic-data-trail-huddersfield-loughborough-university

Tene, O., & Polonetsky, J. (2012). Big data for all: Privacy and user control in the age of analytics.NorthwesternJournalofTechnologyandIntellectualProperty,239,1–36.

Totaro,P.,&Ninno,D. (2014).Theconceptofalgorithmasan interpretivekeyofmodern rationality.TheoryCultureSociety,31,29–49.http://dx.doi.org/10.1177/0263276413510051

Wardrope,A.(2015).Medicalizationandepistemicinjustice.Medicine,HealthCareandPhilosophy,18(3),341–352.http://dx.doi.org/10.1007/s11019-014-9608-3

Watters,A. (2012,5September).Unbundlingandunmooring:Technologyand thehighered tsunami.EDUCAUSE Review. Retrieved from http://www.educause.edu/ero/article/unbundling-and-unmooring-technology-and-higher-ed-tsunami

Watters,A. (2013,13October).Studentdata is thenewoil:MOOCs,metaphor,andmoney. [Web logpost].Retrievedfromhttp://www.hackeducation.com/2013/10/17/studentdata-is-the-new-oil

Weber,R.H.(2015).Thedigitalfuture:Achallengeforprivacy?ComputerLaw&SecurityReview,31(2),234–242.http://dx.doi.org/10.1016/j.clsr.2015.01.003

Westin,A.F.(2003).Socialandpoliticaldimensionsofprivacy.JournalofSocialIssues,59(2),431–453.Willis, J.E.,Slade,S.,&Prinsloo,P. (Inpress).Ethicaloversightofstudentdata in learninganalytics:A

typology derived from a cross-continental, cross-institutional perspective. Submitted to theSpecialissueofEducationalTechnologyResearchandDevelopment