Data Protection – Anticipating New Rules

On January 25th 2012, the European Commission released its proposals for significant reform of data protection rules in Europe (drafts had been leaked in late 2011). These proposals have been largely welcomed by the Information Commissioners Office , although it also recommends further thought over some of the proposals. The dramatic changes in the scale and scope of handling personal information in online retailing and social networking since the 1990’s, when current rules were implemented, is an obvious driver for change. The rise of “cloud computing” is a related factor.

What might this mean for the UK education system, especially for those concerned with educational technology?

On the whole, the answer is probably a fairly bland “not much” since we are, as a sector, pretty good at being responsible with personal data. Sector ethics, regardless of legislation, is to be institutionally concerned and careful and, providing enough time is available to adapt systems (of working and IT), this should be a relatively low impact change. There are, however, a few implications worthy of comment…

The Principle of Data Portability

Unless you know nothing about CETIS, it should come as no surprise that “data portability” caught my eye. EC Fact Sheet No. 2 says:

‘The Commission also wants to guarantee free and easy access to your personal data, making it easier for you to see what personal information is held about you by companies and public authorities, and make it easier for you to transfer your personal data between service providers – the so-called principle of “data portability”.’

Notice that this includes “public authorities”. Quite how this principle will affect practice remains to be seen but it does appear to have implications at the level of individual educational establishments and sector services such as the Learning Records Service (formerly MIAP). It is conceivable that this requirement will be satisfied by “download as HTML”, a rather lame interpretation of making it easier to transfer personal data, but I do hope not.

So: are there candidate interoperability standards? Yes, there are:

  • LEAP2A for e-portfolio portability and interoperability,
  • A European Standard, EN 15981, “European Learner Mobility Achievement Information” (an earlier open-access version is available as a CEN Workshop Agreement, CWA 16132)

These do not cover absolutely everything you might wish to “port” but widespread adoption as part of demonstrating compliance with a legislative “data portability” requirement is an option that is available to us.

It is also worth noting Principle 7 of “Information Principles for the UK Public Sector” (pdf) – see also my previous posting – which is entitled “Citizens and Businesses Can Access Information About Themselves” and recommends information strategies should go “… beyond the legal obligations” and  identify opportunities  “to proactively make information about citizens available to them by default”, noting that this would negate the cost of process and systems for responding to Subject Access Requests. I hope that this attitude is embraced and that the software is designed on a “give them everything” principle rather than “give them the minimum we think the law requires”. Software vendors should be thinking about this now.

There are some interesting possibilities for learner mobility if learners have a right to access and transfer fine grained achievement and progress information, especially where that is linked to well defined competence (etc) structures. Can we imagine more nomadic learners, especially those who may be early adopters of offerings from the kind of new providers that David Willetts and colleagues are angling for?

The Right to be Forgotten

This right is clearly aimed squarely at the social network hubs and online retailers (see the EC Fact Sheet No.3, pdf). It isn’t very  likely that anyone would want to have their educational experiences and achievements forgotten unless they plan to “vanish”. Indeed, it would be surprising if existing records retention requirements would be changed and the emerging trend of having secure document storage and retrieval services under user control – e.g. DARE – seems set to continue and be the way we manage this issue cost-effectively.

The right to be forgotten may be more of a threat to realising the “learning analytics” dream, even if only in adding to existing uncertainty, doubt and sometimes also fear. We need some robust and widely accepted protocols to define legally and ethically acceptable practice.

Uniformity of Legislation

The national laws that were enacted to meet the existing data protection requirements are all different and the new proposals are to have a single uniform set of rules. This makes sense from the point of view of a multi-nation business, although it will not be without critics. This is just one factor that could make a pan-European online Higher Education initiative easier to realise, whether a single provider or a collaboration. I perceive signs that people are moving closer to viable approaches to large scale online distance education using mature technologies, and possibly English as the language of instruction and assessment; looming “low-end disruptions” (see the Wikipedia article on “Disruptive Innovation“) for the academy as we know it. [Look out for an interview with Seb Schmoller which has influenced my views, due to be published soon on the JISC Observatory website.]

This is, of course, just some initial impressions on some proposals. I am sure there is a great deal that I have missed from a fairly quick scan of material from the commission and there is bound to be a lot of carping from those with businesses built around exploiting personal data so the final shape of things might be quite different.

Is there a Case for a New Information Literacy Inspired by …?

The problems that have to be solved in the 21st century to maintain or increase human health, wealth and happiness are highly complex. By “complex”, I mean that they are highly interconnected and impossible to understand accurately by looking at influential factors in isolation. Divide-and-conquer strategies and narrowly focussed-expertise are inadequate unless re-integrated to understand the bigger picture. This state of affairs is currently reflected in much research funding but isn’t just a concern for researchers.

Professionals in almost all walks of life will be faced with making decisions on matters for which there is little precedent and a shortage of established professional practice to fall back on.  There is, and will be a growing need, for professionals capable of drawing on information and adapting to the paradigms of multiple disciplines.

The trend in supply of data from both research and public sector communities is clearly in the direction of more information being provided under suitable “open data” licences and employing basic semantic web techniques. This resource, not confined by disciplinary boundaries or utility to specific lines-of-argument, has great potential value in answering the complex and novel questions required to navigate humanity through the complexities of sustainable development. I contend that realisation of the potential of this information is contingent on a new information literacy, specifically a new digital literacy if we are concerned with open data on the web or otherwise.

Whereas the use of historical data is well known in research in many established disciplines a new information literacy is required to realise the potential noted above that is not limited to academic research, that uses data disembodied from the narrative and argument of the journal article and that transcends the limit of the established discipline. The challenge for the education system is to prepare professionals of the future (and helping professionals of today adapt through appropriate work-based learning) with this new information literacy. This “new information literacy” requires a deeper and more explicit understanding of models employed within and outwith a professional’s “home” discipline and the embedded epistemology of that discipline.

The philosophy of General Semantics and the practices advocated by Alfred Korzybski and subsequent thinkers are of interest in that their focus is on “consciousness of abstracting” as a means of avoiding the conceptual errors often made in interpreting linguistic acts or experience of events. Rather than making an assertion that General Semantics is “the answer”, indeed it certainly contains fallacies and unsubstantiated ideas, I suggest that it offers some valuable insight into the mental habits that can improve the ability of professionals to work across disciplines, whether using Open Data from research and public sector sources or not, to answer the questions of tactical and strategic character that sustainable development requires.

Neuro-Linguistic Programming (NLP), founded as a movement in the mid 1970s and with clear links to Korzybski, contains some further useful ideas if one looks beyond the psychotherapeutic dimension. My intention is not to develop a detailed position in this post but to suggest that there are some practices/habits advocated by Korzybski and others that offer a resource for us to consider. Some of the maxims and practices that I think are candidates for education in the new information literacy, hence also a new digital literacy, are:

  • Korzybski’s “extensional devices” are practical habits that stress relationship between things (as opposed to things defined in isolation)
  • Gregory Bateson in “Mind and Nature, A Necessary Unity” presents a number of pre-suppositions that “every schoolboy knows” (sic) that are actually more representative of gaps in thought.
  • The meta-model of NLP provides a set of heuristic questions to identify distortion, generalization and deletion in language. These kind of questions are potentially useful when working across disciplines to reduce the chance of false-reasoning.

I will now complete the title, where the ellipsis left off: “… General Semantics, Neuro-Linguistic Programming and Gregory Bateson”

Open Source, Open Standards and ReUse: Government Action Plan?

Yes, actually there is a document called “Open Source, Open Standards and ReUse: Government Action Plan“. This is the latest (Jan 27th 2010) statement from central government on the topic; previously an Open Source policy was hatched in 2004.

Really the document should be called “Open Source in ICT Procurement: Government Action Plan” as Open Standards get relatively little mention. Indeed, it would have been a more clear communication  if it had stuck to this scope. Having said this, there is evidence of a clear and purposeful approach. Here are a few snippets that I thought worthy of mention…

The Government will expect those putting forward IT solutions to develop where necessary a suitable mix of open source and proprietary products to ensure that the best possible overall solution can be considered. Vendors will be required to provide evidence of this during a procurement exercise. Where no evidence exists in a bid that full consideration has been given to open source products, the bid will be considered non compliant and is likely to be removed from the tender process.

“The agreement to the Cross Government Enterprise Architecture framework and its acceptance by the Government’s major IT suppliers has enabled the disaggregation of ‘closed’ business solutions into component requirements. This which allows sharing and reusing of common components between different lines of business.”

“We have clarified that we expect all software licences to be purchased on the basis of reuse across the public sector, regardless of the service environment it is operating within. This means that when we launch the Government Cloud, there will be no additional cost to the public sector of transferring licences into the Cloud.”

These, and much else in the document, show a clear focus on saving public money in the medium to long term. Great! The actions seem realistic from the point of view of implementation by public administrators. It will take some time but they seem to be pointing in the right direction and committed to fair comparison of OSS vs proprietary software.

There are also a number of references to “Open Source techniques and culture”. These deserve a “D: good effort” to my mind and are rher more challenging for government, civil servants etc. From my experience, Open Source culture and public administration culture (especially in central government) are not particularly close. That’s just the way it is and I’m glad that culture change isn’t the priority in this document. To be fair, they are trying and making some progress but I’m not expecting open email reflectors – e.g. Apache Foundation – to be anything but highly unusual and little things give it away such as the absence of any licence or IP assertion on the document, let alone a Creative Commons or GNU Copyleft licence.

In spite of the above qualifications: ‘good effort HMG CIO Council, keep at it!’ And in the medium term, there are some clear opportunities for open-minded suppliers who understand how to work with OSS in their portfolio.

There is also the Government ICT Strategy, which is the umbrella for the document I am referring to above. This includes lovely names such as the “G-Cloud” (government cloud) and “G-AS” (applications store) but I’ve not digested the content yet…

Slides from Flexible Service Delivery Workshop Jan 2010

Here are the slides from my presentation at the Flexible Service Delivery Strategic Technologies Group meeting of Jan 25th 2010 entitled: Beating Information Mess (without SOA).

This is a high level description of some examples of use of resource-oriented and semantic web approaches drawn from existing published material.

Adoption of Service Oriented Architecture for Enterprise Systems in Education: Recommended Practices

IMS recently released a white paper with the un-catchy but informative title “Adoption of Service Oriented Architecture for Enterprise Systems in Education: Recommended Practices“. While it is fair to say that no publication on SOA can avoid someone taking issue with something, this paper does a pretty good job of meeting its aims of providing those in the (mostly post-compulsory) education technology audience with relevant information on the reasons why they should at least consider service orientation and how they might go about moving in that direction.

Education has many unique challenges associated with integrating business and academic processes and technologies.  This Recommended Practices for Education on Service Oriented Architecture (SOA) from IMS Global Learning Consortium filters the information on the current state of SOA concepts, tools and practices and provides guidance on when adoption of SOA is appropriate in Education to overcome some of its core challenges.” (from IMS)

We (CETIS) produced a complementary look at the service-orientation back in March 2009, which we will update in 2010, with a similarly un-catchy but informative (we hope) title “Technology Change in Higher and Further Education – a service oriented approach“.

Enjoy…