Hermetic: Privacy-preserving distributed analytics without ...
Strategies for Dealing with Privacy in the context of Learning Analytics
description
Transcript of Strategies for Dealing with Privacy in the context of Learning Analytics
Strategies for Dealing with Privacy in the context of LA
Tore Hoel Oslo and Akershus University College of Applied Sciences
Norway September 2014
What is the problem with Privacy?
2
Medical Privacy
Various methods have been used to protect patient's privacy. This 1822 drawing by Jacques-‐Pierre Maygnier shows a "compromise" procedure, in which the physician is kneeling before the woman but cannot see her genitalia. (Wikipedia)
Privacy, Interoperability & Data Sharing
3"Silos, Acatlán, Hidalgo, México, 2013-‐10-‐11, DD 03" by Diego Delso -‐ Own work. Licensed under Creative Commons Attribution-‐Share Alike 3.0 via Wikimedia Commons
Control or Limitations?
4"Silos, Acatlán, Hidalgo, México, 2013-‐10-‐11, DD 03" by Diego Delso -‐ Own work. Licensed under Creative Commons Attribution-‐Share Alike 3.0 via Wikimedia Commons
I want control over my own data!
I want to grant limited access to your data!
Privacy is out of scope for LA – it is dealt with by basic infrastructure or front-‐end applications
Privacy defined…
• Privacy is not simply an absence of information about us in the minds of others; rather it is the control we have over information about ourselves. -‐-‐Charles Fried
• Privacy is a limitation of others’ access to an individual through information, attention, or physical proximity. -‐-‐Ruth Gavison
5
Or…
Privacy as Contextual Integrity
• Norms of Appropriateness • Norms of Distribution (Flow, transfer)
• S shares information with R at S’s discretion
• R requires S to share information • R may freely share information
about S • R may not share information
about S with anyone • R may share information about S
under specified constraints • Information flow is/is not
reciprocal • etc.
6Source: Helen Nissenbaum
Integrity – respected or violated
Contextual Integrity, is respected when norms of appropriateness and distribution are respected; it is violated when any of the norms are infringed.
7
‘Contexts’ is the strategic word – so what?
• Contexts are Structured Social Settings (“Institutions”) • Characterized by roles, relationships, power structures,
canonical activities, strategies, norms (rules), enforcement mechanisms, and internal values (goals, ends, purposes) (Nissenbaum)
8
Health-‐care
Education
PoliticsReligious
observance
More about ‘contexts’…
9
• Evolve over time in cultures and societies, subject to historical, cultural, geographic contingencies
• May be nested, overlap, conflict • May be more or less explicit,
formalized, institutionalized • May be more or less “complete”
Education as context(s)
• Learning, Education and Training • Levels – K12, HE, LLL • Types of learning • Informal vs formal learning • Pedagogies • Learning styles
10
Privacy a concern for LA research community?
• Not really, it seems… • LAK14 papers: 12 of 47 contained word ‘privacy’ • we anonymised data before analysis • barrier & restriction • users are «concerned» -‐ privacy as a risk
• «Learners need to be convinced that they are reliable and will improve their learning without intruding into their privacy» (Ferguson, 2014)
• «Many myths surrounding the use of data, privacy infringement and ownership of data need to be dispelled and can be properly modulated once the values of learning analytics are realized» (Arnold, 2014).
11
LACE LA Quality Indicator study
12
Data Privacy – a major area of concern (Scheffel et al., in press)
What are the optimal contexts for discussing Privacy in Education?
13
Privacy by Design
14
• «The principles of data protection by design and data protection by default» (European Commisson, 2012)
• 7 Foundational Principles by PbD • Proactive not Reactive; Preventative not Remedial • Privacy as the Default Setting • Privacy Embedded into Design • Full Functionality -‐ Positive-‐Sum, not Zero-‐Sum • End-‐to-‐End Security -‐ Full Lifecycle Protection • Visibility and Transparency -‐ Keep it Open • Respect for User Privacy -‐
Keep it User-‐Centric
Strategies for design of interoperable LA applications• Give Privacy priority – Privacy is in scope! • Follow Privacy by Design principles • Be aware of contexts • Focus on well defined and autonomous contexts first • When multiple contexts are involved, go for lightweight, low-‐
ambitious solutions
15
Questions
• What are the relevant educational contexts from a Privacy perspective?
• What contexts generate the most interesting data from a LA perspective?
• If Social Media contexts are relevant for learning – how do we avoid contextual integrity infringements?
• How are responsibilities balanced between learner and institution when it comes to the different contexts of Learning, Education and Training?
16
“Strategies for Dealing with Privacy in the context of LA” by Tore Hoel, Oslo and Akershus University College of Applied Sciences, was presented at EC-‐TEL workshop, Graz, Austria, on 16 September 2014. [email protected] @tore
This work was undertaken as part of the LACE Project, supported by the European Commission Seventh Framework Programme, grant 619424.
These slides are provided under the Creative Commons Attribution Licence: http://creativecommons.org/licenses/by/4.0/. Some images used may have different licence terms.
www.laceproject.eu @laceproject
17