Last updated: 
3 weeks 6 days ago
Blog Manager
One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks. Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers. NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Group administrators:

Learning Analytics Dashboards

Thursday, May 31, 2018 - 11:14

Learning analytics dashboards, like the class mark books that long preceded them, show tutors a lot of information about their students. That could be pretty intrusive, so should universities and colleges be asking students to consent before tutors look at their data? I don't think so, both because the students most likely to benefit are probably the least likely to provide the positive response that the GDPR requires, but mainly because this seems an ideal opportunity for institutions  to "take responsibility for what [they] do with personal data", in the Information Commissioner's phrase, rather than passing the whole of that burden on to students.

According to the dictionary definition, looking at a dashboard is not an intervention, because it is not an attempt "to affect the outcome of a situation" [Chambers 2003]. That sort of intervention - such as suggesting that a student attend a more advanced class - may follow after consulting a dashboard, but is best treated as a separate data processing activity. In terms of the Jisc learning analytics model: the dashboard is part of the institution's legitimate interest in providing a good educational experience; the suggestion of an additional class is the intervention, to which the student can freely consent or not.

This means that dashboards and their use must be designed to minimise the risk of impacting the students, in particular to avoid infringing their rights and freedoms. In most cases this is likely to be achieved through a combination of technology and policy. Layered dashboards could provide summary information for all students and allow tutors to look more closely at particular individuals who appear likely to benefit from interventions. Appropriate use of such dashboard tools must be a rule of academic policy. Limiting tutors' access to only the students they teach could be done either through technology or, if there are frequent changes, through policy.

Using legitimate interests as a basis also means the benefits of processing must be assessed. Dashboards and the interventions that result from them must have a clear, demonstrable benefit to learning. The balance between that benefit and the risk of processing must be explained to students, and individuals whose circumstances place them at increased risk have the right to have that balance re-assessed in their particular case. Jisc's Learning Analytics Code of Practice provides a framework for these and similar issues.

Adopting and documenting such an approach would contribute to demonstrating accountability, as required by the GDPR. More importantly it should reassure both students and tutors that these powerful tools can, and will, be used to everyone’s benefit.