Yasunari HARADA, Takeo TATSUMI, Noriaki KUSUMOTO and Joji MAENO (Japan)
Introduction of computers and networks into work places and schools are changing the way learning is delivered, conducted and evaluated. Interactive training systems can customize not only the delivery but also the content to be learned based on the current needs of the learner.However, there does not seem enough attention on the legal and ethical ramifications of privacy concerns regarding learner profiles and learning histories that accumulate on those systems. In order for the systems to function with adequate personalization, accumulation
of activity records is indispensable. If learners are to migrate from one system to another, exchange of such records among those systems have to be ensured.However, if such records are exchanged without any limit, learners’ privacy is severely compromised.
2. Conflicting interests and stakes: some examples
2.1. Learners’ perspective
A subscribed learner of a particular web-based training system arrives at a certain level but find the system somewhat less attractive than another with the same or similar subject matter, she/he may want to switch to the
new one, but certainly would not want to start the new courses from scratch. Users of those systems need certain information to be transferred from one system to another if they want the freedom of choice among those systems. Also, good achievers in a system, working diligently and constantly getting good scores, would like to be able to present some certified records of learning when they apply for a job or a higher school, because such information may place them in a favorable position in the selective process and/or lead to have certain mandatory training/courses waived after employment/admission. On the other hand, poor performers would have little reason for wanting to have their scores or records disclosed to someone else.
When there are more than two systems that provide testing and/or training for a given set of students, teachers in charge of that group are faced with several kinds of additional tasks. First, they have to register their students or have the students register themselves to the multiplicity of systems under consideration. Then, they have to instruct the students on potential security concerns of those systems and how to safeguard their privacy as best they could. Third, they have to keep track of activities their students would conduct with these systems. Fourth, they have to consider how or to what extent they could safeguard themselves against outside scrutiny.
2.2. School administrators
Not only would school administrators want to know which student is performing excellent, OK, or poorly, but they would naturally want to know which teacher or which program is effective in helping students perform better.
So, they would want to know everything about each student and about each teacher/program. However, would they like to have their school performance known to the world in general?
School district, local government and national
government builds up on this hierarchy. What details should be reported to what level of this administrative hierarchy is an educational, political, financial,
social and cultural issue to which there should be different answers depending on the society in which this takes place. We should not impose a universal solution, and a system implementation that presupposes one particular solution cannot achieve a universal adoption.
2.4. Contents/Service providers
Once system designers and their management are convinced that massive data accumulation of learner responses such as response time, all the wrong and right choices to a particular multiple-choice type of questions, actual input key sequences or input voice responses to an open question, and so on so forth for all the items in a given test or a given assignable unit for all the
registered users is not only indispensable for a
continued improvement and survival of their systems, they would begin to store and accumulate everything about the learner and their learning, including the history of activities that their subscribed learners are engaged in during training or examination, and whatever the system designers and their management might fancy would be relevant and helpful in some unforeseeable future time. This is a potential cause of privacy concern for the learners, because service providers may advertise privacy protection policies, but once those private entities go bankrupt, what happens to the most valuable assets of those companies is predictable from our experiences in recent years.
3. Toward a possible solution of the problem
In the arena of online learning, we are beginning to understand that we have a serious problem, similar to those that we find in e-commerce and online transactions of medical information. We need interchange of information, but we have to make sure privacy of each individual concerned is respected and protected. This, in principle, is a contradiction and there may be no universal solution, because different societal needs may give different weight on conflicting demands of different stakeholders in this landscape.