by Kathleen Reed, Assessment and Data Librarian, Instructor in the Department of Women’s Studies, and VP of the Faculty Association at Vancouver Island University

Recently I met with members of an institutional unit outside the library that are working on building a predictive learning analytics system to identify at-risk students so that interventions can be made. The desired model is expansive, pulling in many points of data. The group wanted access to library user records, so they could match student ID numbers with library account activations, check-outs, and physical usage of library space. At my institution, like many others, students agree upon entering the university to have their institutional records be accessed for internal research. But do student actually know what they’re agreeing to when they click the “accept” button? How many of us actually read the fine-print when we access services, be they universities or a social media platforms? While technically the students may have given consent, I walk away from these meetings feeling like I need a shower, and questioning why so many people in education are uncritically hopping on the learning analytics train.

Librarian professional ethics mandate us to resist the panopticon-style student information systems being built by many post-secondary institutions in the name of “student success,” and that are built into learning management systems like D2L and Moodle. The American Library Association has clear policies on Privacy, and the Confidentiality of Personally Identifiable Information about Library Users. The ALA’s Code of Professional Ethics states, “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” (ALA, Professional Ethics) There’s been plenty of librarians talking about libraries and learning analytics; Zoe Fisher has a nice summary on her blog.

Don’t get me wrong – I’m not saying that learning analytics don’t have a place in education. But that place should be driven by informed consent of the people whose data are being analyzed. To me, simply throwing in fine print in a long legalistic document doesn’t count as “informed consent” (and IMHO it also doesn’t stand up to strict British Columbia privacy laws, but that’s a debate for another time). Students need to be told exactly which data are being accessed, and for what purpose. Right now, at least at my place of work, they’re not. I’m teaching in Gender Studies this term, and using the learning management system D2L. When I mentioned to students that I don’t look at the learning analytics that are a part of the instructor view in D2L, most were shocked that professors could look up when and what course information students were accessing.

I sit in Learning Analytics meetings and think “if only we were subject to the Research Ethics Board (REB)…” Despite my early-career eye-rolling at some of the hoops I’ve had to jump through for REB approvals, I’m coming to appreciate these bodies as a valued voice in keeping researchers within solid ethical boundaries. REBs make us stop and think about the choices we make in our research design, and the rights of participants. Because REBs serve this function, the research being done is frequently to a high ethical standard.

Contrast this with internal work being done that doesn’t require REB approval, or any training on ethics or privacy. Much of this work is done under the guise of the Tri-Council Policy Statement – Ethical Conduct for Research Involving Humans (2014) Article 2.5, which exempts institutional research from Research Ethics Board approval. Article 2.5 states:

“Article 2.5 Quality assurance and quality improvement studies, program evaluation activities, and performance reviews, or testing within normal educational requirements when used exclusively for assessment, management or improvement purposes, do not constitute research for the purposes of this Policy, and do not fall within the scope of REB review.

Application Article 2.5 refers to assessments of the performance of an organization or its employees or students, within the mandate of the organization, or according to the terms and conditions of employment or training. Those activities are normally administered in the ordinary course of the operation of an organization where participation is required, for example, as a condition of employment in the case of staff performance reviews, or an evaluation in the course of academic or professional training. Other examples include student course evaluations, or data collection for internal or external organizational reports. Such activities do not normally follow the consent procedures outlined in this Policy.”

What this means is that most of the assessment work done in the library – unless it’s research for articles or conference presentations later on – is not subject to REB review. It’s the same for folks who are building learning analytics tools, or monitoring the progress of students within the institution. From what I’ve witnessed, the projects that fall under Article 2.5 are some of the most ethically-fraught ground within post-secondary education. I’m not arguing that anyone who does internal work should have to go through a full REB approval process. But they should have to have some training on ethics and privacy. Perhaps there should be the equivalent of a Research Ethics Officer for investigations that fall under Article 2.5, to help ensure that internal work is held to the same high ethical standard as research.

The guidance that REBs give and the mindset in which they train us to think is valuable, and should be more widespread in post-secondary institutions regardless of whether research falls into or outside of Article 2.5.

REBs, I take back every shady comment and eye roll I ever threw your way.

This article gives the views of the author and not necessarily the views the Centre for Evidence Based Library and Information Practice or the University Library, University of Saskatchewan.