The COVID-19 pandemic has created an intensified reliance on technology in higher education, requiring more focused attention on the emerging threat to privacy.
As a result of the year-long COVID-19 pandemic and the collateral financial crisis, higher education is experiencing two powerful repercussions. On the one hand, the events of 2020 highlighted the strategic role that technology plays across the complicated landscape of college and university campuses. The "Great Pivot" to remote learning happened almost overnight, and it was widely seen as primarily facilitated by the masterful deployment of digital technologies and tools. On the other hand, as we approach the second year of the pandemic, less pronounced but equally influential dynamics are being revealed. Perhaps primary among these is the growing threat to privacy.Footnote1
The increased reliance on technology solutions during the crisis has highlighted privacy obligations and potential exposures.Footnote2 Privacy is a recognized strategic priority for higher education, taking the #3 spot in the EDUCAUSE Top 10 IT Issues list in its first appearance on the list, in 2019.Footnote3 Nonetheless, privacy has not yet been fully baked into decision-making at all levels of higher education institutions. Now is the time to amplify and broaden campus conversations about privacy. And now is the time to shift these conversations from a focus on compliance to a concentration on the larger challenge of balancing the priorities of institutions with the rights of individuals.
Data Privacy Day (January 28) offers the ideal opportunity for campus groups to explore three privacy trends that have been, and are continuing to be, accentuated by the pandemic and thus urgently deserve our attention.
What makes advanced technology devices and applications so potent is their ability to listen as a way to collect data—and, sometimes, embed that data into opaque algorithms. As we rush to deploy new solutions to immediate challenges in a crisis, we need to consider privacy concerns. This is especially true during a pandemic, when our devices listen in while we are working from home and participating in videoconferences and when students are learning from home and taking tests remotely. It's also true when devices track our individual health status or our recent contacts. Privacy lapses related to these uses still too often take us by surprise. We need to match the energy we bring to technology innovation with focused consideration of the privacy implications of these new technologies.
Student Success and Privacy
Even as we embrace technologies that aid student success and recognize that helping students to succeed is our academic mission (as well as a key to financial sustainability), privacy must be a priority. Many of these systems gather data about the whole student and use the insights to identify opportunities for intervention. Of course, we can never lose sight of the fact that some of these data points are deeply personal. In addition, as countless news headlines remind us, algorithmic assumptions can lead to discrimination or biased results. The same concerns arise when colleges and universities use data and analytics as part of their recruitment strategy to face pandemic challenges, as well as the looming "enrollment cliff."
The Rise of the Chief Privacy Officer
One answer to the problems highlighted in the first two privacy trends can be found in the most positive trend illuminated and accelerated by the pandemic: the rise of the chief privacy officer (CPO). Although privacy is everyone's job, campuses today need the CPO role, a strong senior leader who wakes up and goes to sleep thinking about privacy risks and the gray area where privacy and security risks interconnect. General counsels and chief information security officers (CISOs) certainly play a key role in any institution's privacy approach, but it is the CPO who connects the dots as no one else can. A new application might pass legal review and present no substantive security risks but still be entirely wrong to adopt because of privacy or ethical concerns.
In describing the shift to remote teaching and remote work, EDUCAUSE Vice President Susan Grajek noted: "The toothpaste is out of the tube." The pandemic-related concerns around privacy are not likely to vanish in the way we hope and trust the pandemic will eventually fade. IT and other campus leaders may need to see the days ahead as nothing short of one "privacy day" after another.
This content is part of the EDUCAUSE showcase series Post-Pandemic Future: Implications for Privacy. In 2021 EDUCAUSE is spotlighting the most urgent issues in higher education through this thematic series. For each topic, we’ve gathered all the tools and resources you need into one place, to help you guide your campus forward.
- Privacy is one of the first topics EDUCAUSE is tackling in our new thematic series that will spotlight the most urgent issues in higher education and prepare you to take action. Look for more on February 16, 2021, along with the inaugural Horizon Report | Information Security. Jump back to footnote 1 in the text.
- Amelia Vance, "Looking Forward: Privacy in 2021," EDUCAUSE Annual Conference, October 29, 2020, presents an excellent summary of the current state of privacy. Jump back to footnote 2 in the text.
- Susan Grajek and the 2018–2019 EDUCAUSE IT Issues Panel, "Top 10 IT Issues, 2019: The Student Genome Project," EDUCAUSE Review, Special Report, January 28, 2019. Jump back to footnote 3 in the text.
John O'Brien is President and CEO of EDUCAUSE.
© 2021 John O'Brien. The text of this work is licensed under a Creative Commons BY-NC-ND 4.0 International License.