Montreal, Quebec - May 31, 2010 - Online learning tools - even password-protected ones - are a lot less private than students and professors believe, warn two Nova Scotia educators.
Wendy Kraglund-Gauthier and David Young both design online courses at St. Francis Xavier University in Antigonish, N.S. In a paper presented at the 2010 Congress for the Humanities and Social Sciences taking place at Montreal's Concordia University, they say most people have a false sense of security about their online dealings.
In reality, they say, technology is changing so fast, privacy protection rules, laws and guidelines can't keep up. Kraglund-Gauthier and Young say there's no magic bullet when it comes to privacy protection. But they do say students and educators - and indeed everyone using the Internet - should become aware of the pitfalls, and work to minimize them.
One major pitfall relates to the international character of the Internet. If a Canadian institution stores data on a server in another country - something that's increasingly common because it can be a way to save money - then it becomes difficult to enforce Canadian privacy laws.
Survey Monkey is a free online survey software tool. But Kraglund-Gauthier says data collected via Survey Monkey is stored in the U.S., where privacy laws are different. So she says anyone using Survey Monkey needs to realize this, and realize that it may not be the right tool for a Canadian institution that wants to maximize data protection.
Cloud computing - the process of storing data online rather than on individual devices - has many advantages. You can, for example, access your address book or your files from any computer in the world. It is becoming increasingly popular, one of the reasons being that it offers economies of scale. But where is that data stored?
"When you think about security, you have to look at what laws are in effect when you cross global borders," says Kraglund-Gauthier. Young adds that even though most countries have privacy protection laws, the nebulous character of the Internet makes it difficult to police.
"All these laws try to safeguard privacy," says Young. "But the laws lack specificity. They are so broad, they don't police the online environment."
Another issue relates to the fact that online data can be stored and accessed virtually forever, making it difficult if not impossible to delete mistakes or erroneous information. Some university classes today are recorded, so students can consult the lectures and discussions online at their convenience.
In the past, a disparaging remark made in class - whether by a student or professor - might be quickly forgotten. "But in the online world, it's stored in perpetuity," notes Young. As a result, the Internet creates opportunities for cyberlibel - opportunities that do not exist in a face-to-face classroom environment.
Another potential issue, says Kraglund-Gauthier, is that bits of recorded information - audio, video or even online discussions - can be extracted from their context and used for other purposes.
Students may think passwords provide protection and that comments made in a password-protected environment are private, she says. But in reality, it's not difficult for even protected information to jump the fence and get loose in cyberspace.
They add that the universities' own privacy policies often leave something to be desired.
Kraglund-Gauthier says that where there are policies, they often are not specific enough. And Young adds that they are often hard to find: "In most university websites, privacy polices are buried."
Both Young and Kraglund-Gauthier say anyone involved in the Internet needs to be aware that their privacy is at risk at all times and act accordingly. "I'm doing a doctorate right now through the University of South Australia, and one of their policies is that the Internet will be treated as a potentially hostile environment," says Kraglund-Gauthier.
"That about sums up the state of affairs," adds Young.