Madelyn Rose Sanfilippo, Noah Apthorpe, Karoline Brehm, Yan Shvartzshnaider
{"title":"不包括隐私治理:学习管理系统中第三方的分析","authors":"Madelyn Rose Sanfilippo, Noah Apthorpe, Karoline Brehm, Yan Shvartzshnaider","doi":"10.1108/ils-04-2023-0033","DOIUrl":null,"url":null,"abstract":"Purpose This paper aims to address research gaps around third party data flows in education by investigating governance practices in higher education with respect to learning management system (LMS) ecosystems. The authors answer the following research questions: how are LMS and plugins/learning tools interoperability (LTI) governed at higher education institutions? Who is responsible for data governance activities around LMS? What is the current state of governance over LMS? What is the current state of governance over LMS plugins, LTI, etc.? What governance issues are unresolved in this domain? How are issues of privacy and governance regarding LMS and plugins/LTIs documented or communicated to the public and/or community members? Design/methodology/approach This study involved three components: (1) An online questionnaire about LMS, plugin and LTI governance practices from information technology professionals at seven universities in the USA ( n = 4) and Canada ( n = 3). The responses from these individuals helped us frame and design the interview schedule. (2) A review of public data from 112 universities about LMS plugin and LTI governance. Eighteen of these universities provide additional documentation, which we analyze in further depth. (3) A series of extensive interviews with 25 university data governance officers with responsibilities for LMS, plugin and/or LTI governance, representing 14 different universities. Findings The results indicate a portrait of fragmented and unobtrusive, unnoticed student information flows to third parties. From coordination problems on individual college campuses to disparate distributions of authority across campuses, as well as from significant data collection via individual LTIs to a shared problem of scope across many LTIs, the authors see that increased and intentional governance is needed to improve the state of student privacy and provide transparency in the complex environment around LMSs. Yet, the authors also see that there are logical paths forward based on successful governance and leveraging existing collaborative networks among data governance professionals in higher education. Originality/value Substantial prior work has examined issues of privacy in the education context, although little research has directly examined higher education institutions’ governance practices of LMS, plugin and LTI ecosystems. The tight integration of first and third-party tools in this ecosystem raises concerns that student data may be accessed and shared without sufficient transparency or oversight and in violation of established education privacy norms. However, these technologies and the university governance practices that could check inappropriate data handling remain under-scrutinized. This paper addresses this gap by investigating the governance practices of higher education institutions with respect to LMS ecosystems.","PeriodicalId":44588,"journal":{"name":"Information and Learning Sciences","volume":"36 1","pages":"0"},"PeriodicalIF":1.6000,"publicationDate":"2023-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Privacy governance not included: analysis of third parties in learning management systems\",\"authors\":\"Madelyn Rose Sanfilippo, Noah Apthorpe, Karoline Brehm, Yan Shvartzshnaider\",\"doi\":\"10.1108/ils-04-2023-0033\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Purpose This paper aims to address research gaps around third party data flows in education by investigating governance practices in higher education with respect to learning management system (LMS) ecosystems. The authors answer the following research questions: how are LMS and plugins/learning tools interoperability (LTI) governed at higher education institutions? Who is responsible for data governance activities around LMS? What is the current state of governance over LMS? What is the current state of governance over LMS plugins, LTI, etc.? What governance issues are unresolved in this domain? How are issues of privacy and governance regarding LMS and plugins/LTIs documented or communicated to the public and/or community members? Design/methodology/approach This study involved three components: (1) An online questionnaire about LMS, plugin and LTI governance practices from information technology professionals at seven universities in the USA ( n = 4) and Canada ( n = 3). The responses from these individuals helped us frame and design the interview schedule. (2) A review of public data from 112 universities about LMS plugin and LTI governance. Eighteen of these universities provide additional documentation, which we analyze in further depth. (3) A series of extensive interviews with 25 university data governance officers with responsibilities for LMS, plugin and/or LTI governance, representing 14 different universities. Findings The results indicate a portrait of fragmented and unobtrusive, unnoticed student information flows to third parties. From coordination problems on individual college campuses to disparate distributions of authority across campuses, as well as from significant data collection via individual LTIs to a shared problem of scope across many LTIs, the authors see that increased and intentional governance is needed to improve the state of student privacy and provide transparency in the complex environment around LMSs. Yet, the authors also see that there are logical paths forward based on successful governance and leveraging existing collaborative networks among data governance professionals in higher education. Originality/value Substantial prior work has examined issues of privacy in the education context, although little research has directly examined higher education institutions’ governance practices of LMS, plugin and LTI ecosystems. The tight integration of first and third-party tools in this ecosystem raises concerns that student data may be accessed and shared without sufficient transparency or oversight and in violation of established education privacy norms. However, these technologies and the university governance practices that could check inappropriate data handling remain under-scrutinized. This paper addresses this gap by investigating the governance practices of higher education institutions with respect to LMS ecosystems.\",\"PeriodicalId\":44588,\"journal\":{\"name\":\"Information and Learning Sciences\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":1.6000,\"publicationDate\":\"2023-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information and Learning Sciences\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/ils-04-2023-0033\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"INFORMATION SCIENCE & LIBRARY SCIENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Learning Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ils-04-2023-0033","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
Privacy governance not included: analysis of third parties in learning management systems
Purpose This paper aims to address research gaps around third party data flows in education by investigating governance practices in higher education with respect to learning management system (LMS) ecosystems. The authors answer the following research questions: how are LMS and plugins/learning tools interoperability (LTI) governed at higher education institutions? Who is responsible for data governance activities around LMS? What is the current state of governance over LMS? What is the current state of governance over LMS plugins, LTI, etc.? What governance issues are unresolved in this domain? How are issues of privacy and governance regarding LMS and plugins/LTIs documented or communicated to the public and/or community members? Design/methodology/approach This study involved three components: (1) An online questionnaire about LMS, plugin and LTI governance practices from information technology professionals at seven universities in the USA ( n = 4) and Canada ( n = 3). The responses from these individuals helped us frame and design the interview schedule. (2) A review of public data from 112 universities about LMS plugin and LTI governance. Eighteen of these universities provide additional documentation, which we analyze in further depth. (3) A series of extensive interviews with 25 university data governance officers with responsibilities for LMS, plugin and/or LTI governance, representing 14 different universities. Findings The results indicate a portrait of fragmented and unobtrusive, unnoticed student information flows to third parties. From coordination problems on individual college campuses to disparate distributions of authority across campuses, as well as from significant data collection via individual LTIs to a shared problem of scope across many LTIs, the authors see that increased and intentional governance is needed to improve the state of student privacy and provide transparency in the complex environment around LMSs. Yet, the authors also see that there are logical paths forward based on successful governance and leveraging existing collaborative networks among data governance professionals in higher education. Originality/value Substantial prior work has examined issues of privacy in the education context, although little research has directly examined higher education institutions’ governance practices of LMS, plugin and LTI ecosystems. The tight integration of first and third-party tools in this ecosystem raises concerns that student data may be accessed and shared without sufficient transparency or oversight and in violation of established education privacy norms. However, these technologies and the university governance practices that could check inappropriate data handling remain under-scrutinized. This paper addresses this gap by investigating the governance practices of higher education institutions with respect to LMS ecosystems.
期刊介绍:
Information and Learning Sciences advances inter-disciplinary research that explores scholarly intersections shared within 2 key fields: information science and the learning sciences / education sciences. The journal provides a publication venue for work that strengthens our scholarly understanding of human inquiry and learning phenomena, especially as they relate to design and uses of information and e-learning systems innovations.