Domains as Ground Zero for the Struggle over Agency

BYU’s Bold Plan to Give Students Control of Their Data

BYU’s Bold Plan to Give Students Control of Their Data

I was really pleased with Marguerite McNeal‘s article in edSurge on Brigham Young University’s Personal API experiment. It can be hard to explain (at least for me), but she does an excellent job providing an accessible frame for the project by looking at it in terms of students finally being able to manage and control their own data. I think the following paragraph summarizes the idea behind a personal API as clearly as anything else I’ve seen:

A personal API builds on the domain concept—students store information on their site, whether it’s class assignments, financial aid information or personal blogs, and then decide how they want to share that data with other applications and services. The idea is to give students autonomy in how they develop and manage their digital identities at the university and well into their professional lives

The idea of autonomy in relationship to our personal data puts the discussion in a far broader context, and its immediacy is anything but academic. That said, I think it’s telling that a number of universities have been pushing hard to bring the importance of controlling your data to their academic communities. BYU’s work around the personal API is a really exciting early attempt at what this might look like. I could listen all day to Phil Windley talk about what he calls “sovereign source identity,” an idea he credits to fellow Long Islander and UMW grad (we met at UMW though) Devon Loffreto:

“We want to teach students that this isn’t the only way identity happens online. They can create their own,” Windley says. This fall BYU introduced its Domain of One’s Own pilot to 1,000 student and faculty participants. But offering personal Web spaces is just the beginning, Windley says. “Domains help students understand their personal identity. The next step is understanding your personal data and how you control that.”

Absolutely right! And Adam Croom—who has been going gang busters with University of Oklahoma’s Domain of One’s Own project OU Create—frames this argument along the lines of a negotiation that should be taking place but isn’t:

“It’s the idea that tapping into one’s data should be a negotiation that the student gets to make,” says Adam Croom, director of digital learning at the Center for Teaching Excellence at the University of Oklahoma (OU). “Why can’t I manage what apps tap into my data, whether that’s the learning management system or the bursar’s office? Why aren’t there terms and conditions for students to understand who has access to their data?”

Another article I found alongside this one, thanks to the Cassandra of Ed-Tech*, was the article in Education Week proclaiming 2016 will be “The Year of Agency.” If that’s right—and I hope it is—that means more an more universities will need to start rethinking their infrastructure, and APIs have helped BYU and University of Oklahoma do just that. And so much of that work has been make possible thanks to the tireless evangelism of Kin Lane who has provided a vision of what APIs can be for Higher Ed. One we desperately needed.

At the same time, giving students, faculty, and staff more control over their data will not be without some serious struggle. A response to this article published today on EducationDive illustrates why giving students control over their data might be an issue for some:

Schools are tracking student movements around campuses, incorporating data about how many times they visit the library or the tutoring center into performance data, merging that with student information system and learning management system data, and then developing predictive models to help counselors and students themselves. Giving students access to their own data is one thing, but letting them block others from seeing it is a different beast that could derail retention efforts.

Derailing retention? It’s strange to see the idea of allowing students to decide who gets to see their data, for how long, and why as somehow antithetical to keeping them? There is a joke in there somewhere. Fact is, the realities behind the learning analytics applications that have been relentlessly tracking student’s personal data may very soon be coming to a head. I would bet there has been little to no transparency about what student data universities are tracking, and whom they are sharing it with. Hell, I’m sure a number of universities aren’t even aware themselves of what data these third party applications are collecting. The idea that someone empowering students to opt-out of these unilateral relationships with various technology vendors is somehow preventing them from doing their job is demonstrative of just how much of the job of teaching and learning they’re offshoring to third-party technology solutions. And I won’t even get into the insane idea that tracking a student’s movement around campus is a sound academic counseling strategy.

Reclaim Hosting was born out of a movement that is grounded in the principle of empowering students and faculty to take control of their teaching and learning. And as Phil Windley notes, understanding who has access to their data and how it is being used will be ground zero for that struggle if we are, indeed, entering the year of agency.


*I found this article thanks to the all-knowing, all-seeing Audrey Watters, who linked to it in this week’s Newsletter. You’d think given I was quoted in this I might know about it, but Audrey actually reads the web—all of it—unlike me 🙂

This entry was posted in reclaim and tagged , , , , . Bookmark the permalink.

12 Responses to Domains as Ground Zero for the Struggle over Agency

  1. John Doe says:

    Hmm. I have to disagree with most of your opinions. First, I don’t see how providing a personal website to students and faculty has to do with opt-in/opt-out mechanisms for student academic record data.

    Second, you “would bet there has been little to no transparency about what student data universities are tracking, and whom they are sharing it with.” I don’t know where you work or where (or even if) you went to college. There is a law called FERPA that regulates the sharing of academic records within the institution and with outside parties. Colleges and universities hire many lawyers to comply with FERPA. There may be little transparency to the student, but there is plenty of transparency within the institution, to the government and to accrediting bodies.

    Third, you never make a compelling case for giving students control over their data. I don’t even know what that means. Does that mean they can change their grades? I sure as hell hope not! Does that mean they have to grant each instructor permission to add a grade to their record? That would be annoying for the student and the instructor.

    Finally, looking at your many sources shows all these people are academics, at best. You give no opinions from registrars, university administrators or legal experts about the ramifications and legality of this plan.

    • Reverend says:

      Hi John Doe,

      Don’t you think how an institution interprets FERPA, which was designed to protect the student, should be transparent by it very nature? The school ash been asked to help protect that data, and if they are not clear about how they are doing it, and transparent about what data what applications are collecting, than how is they good? Or rather, who is this good for? As for transparency within the institution, I would have t disagree with you there—at least in my experience. FERPA is not fully understood, so it is more often than not used as a bat to keep inline anyone who wants to do anything online for teaching and learning. It’s become synonymous with a culture of fear, uncertainty, and doubt.

      • John Doe says:

        It’s obvious you don’t understand FERPA. But you shouldn’t use your ignorance to suggest what others may know. You still fail to answer my question: how does cheap hosting (in quality, not so much price) provide new freedoms for the sharing of data that didn’t exist before?

  2. Hangbet Marr says:

    You and Phil Windley’s quote assume that there exists a “sovereign source identity.” Sovereign source identity implies the ability to have supreme or ultimate power over an identity. The problem is identities are set of claims made by one digital subject about itself or another digital subject. First , one has to trust the set of claims is correct and assigned to the right person (or thing). To assume (in this case) students have sovereignty over claims regarding their educational experience is ill-founded. Students aren’t the “supreme” owner of their grades. Universities are trusted to determine how grades , GPA’s, semesters, credit hours etc. are calculated. Typically, a university registration office owns the business and the data associated with grades. Furthermore, students may own the right to some of their work but Universities clearly own how students are evaluated and grading rubrics (and may have partial ownership of the academic work — I would refer you to a university copyright office). It is invalid to assume that because a set of claims pertain to a person, the person has ownership and/or sovereignty over the set of claims. Allowing students to create a domain to manage their identity as an academic exercise may have educational value. However, the concept of sovereign identity is not rooted in reality.

    • Reverend says:


      Thanks for the comment here, and I appreciate you framing this philosophically. I think one of the way I think about the idea of Sovereign source Identity is the relations of power, and when you consider how university and college IT systems manage information as a unilateral relationship in which their community, it raises a question about where the negotiation of that information exists. This does not mean certain things don;t need to be established and verified by both parties, a university might retain the official say over the transcripts, but that information should be something a student can manage and share easily in co-operation. I think the idea that this needs to be co-operative is right on, and the extreme idea of sovereign may indeed breakdown. That said, I think the underlying idea of have more agency to manage and control data, and this being a way to start foregrounding this conversation is important. I don;t we are claiming this as THE solution by any means, but it is an intervention into how universities can make members of their community even more FERPA compliant, i.e. give them more say over who sees their data, for how long, and for what.

  3. Thomas says:

    I would like to echo the two previous comments and add that this is bordering on ridiculous. We do not and should not own every piece of information about ourselves. In fact, this is one of the reasons that FERPA is problematic. But regardless of your position on that rather philosophical issue, consider the impracticality of this proposal. Even if a student wanted to manage access to all of the student’s identity information, what university, faculty member, or future employer wants to negotiate with the student’s personal API? And if we get to the point where there is a standard personal AP that third parties would be willing to build against, isn’t most likely that this personal API that is ubiquitous enough to be useful would be managed in some way by a third party, thereby negating all of the benefits that you are claiming under this idea of a sovereign source identity?

    • Reverend says:

      Hi Thomas,
      We have gotten to ridiculous speed already? 🙂 You may be right we shouldn’t own every piece of data about ourselves, at the same time we should also be resisting our current situation where we have little to no control over most of it—which reflects the institutional culture we exist in now. In terms of negotiating a personal API, that is a larger question, and an excellent one, but that is why this is an early experiment, and the fact it is being written off as ridiculous before we even explore it seems premature. I think university IT will have to start coming to terms with APIs and how to share their data with other applications more seamlessly, why couldn’t a faculty members or students as one of those nodes to negotiate be part of that equation. Your third-party vendor question is a good one, and there will always be folks who want others to manage their affairs, but the idea of a basic blueprint for how to manage and control one’s own data need not be dismissed as a result. I understand we live in the real world and some of this may be aspirational, but there is no question that educating a population to be mindful of how they manage their digital identity is not—it is a necessity, and this is one approach that I think has some legs.

  4. Its troubling that well-written and logically coherent people fall victim to the established order of chasing their tails when considering “Identity” as a subject. We keep referencing ideas based on what has been given by experience, but the experience is a failing design.

    Sovereign Source Identity emits from the origin of original authority. When we presume that this is accounted for within a database structure, and each individual human life must be registered into that structure to participate with integrity, we hand over the keys to the kingdom before we ever come to a distinct position in our personal lives to know that such things even exist.

    FERPA is a legislative attempt to fix something broken, and openly recognized as such. But it aims too high on the ladder. The prime cause of identity theft is a baby being given a state-issued identifier using current models of administration. This same exchange model, where you are a data-asset under poor management being leveraged independently of your direct permission is used everywhere…Facebook being its greatest triumph, and taken to the extreme of trading the mass-value of your connected participation on a stock exchange without any conveyance of leverage to the source identities enabling the transaction.

    Schools receive custody of very nuanced identities that represent real people; special education alone makes these identities extremely volatile in nature and managed process. But the core reality is that neither kids nor legal guardians who are most adept at managing the integrity of their participation are enabled to do so today in a manner that represents the structure of reality.

    Instead we have all agreed to close our eyes and use an administrative model of identity that presumes the need for the database in order to give each of us participatory Rights and privileges.

    The BIG FLAW in the initial responses is with the idea that somehow ownership of data means absolute control. This is not the case. Society is a series of relationships. The integrity of these relationships requires shared context. BUT, if you are thwarted from possession personal Sovereign source authority and an identity to represent it, then your context is as a data-slave to a system that owns you. This conflicts with the very definition of what an American citizen should be… and is required to be everytime a need presents itself.

    In this country, we the Individual people stand up the integrity of our governing administration systems. Our governing administration systems do not originate and stand up the integrity of we Individual people. This “Administrative precedence” is the fatal flaw of modern identity, and it is why privacy, national security, educational use, market theft, etc are all running rampant in destructive ways.

    Legislative fixes are band-aids. What Phil Windley is working towards is true Individual integrity within contextual relationships that build communities, Societies and civilizations of such design. Without such effort, the status quo is a police state requiring oversight and permission to simply be contrived as equal and permissioned.

    If that is for you… keep acting like it, and stay ignorant of the meaning of these concepts. Otherwise, pay attention to people like Phil Windley… who devotes a tremendous amount of time to socializing intelligence where identity is concerned. This is not about giving kids websites and domains, this is about the structure of your participation in the most important parts of Society.

    We do not all participate in the same way. And we don’t want to either.


    PS…1 edit… not a grad of UMW 🙂

    • Reverend says:

      I’ll make the edit, and thanks a tone for the comment articulating far better than I ever could the roots and designs of Sovereign Source Identity. Awesome.

    • Hangbet Marr says:

      With all due respect to Devon Loffreto, I am fully aware of Phil Windley, I am not chasing my tail when it comes to identity and I do understand these concepts. You seemed to have read your own biases into my comments. I am not advocating a police state or some 1984 scenario. I was only referring to academia. Furthermore, FERPA isn’t the answer nor am I hiding behind it. I think you are spot on about ownership. Identity is about relationships. Each party has ownership and control over their piece of identity. This is why identity claims are only relevant based on who is making them. Universities own their part of the relationship between it and the student. Hence, why people trust my transcript is authentic. I think it totally reasonable that a university control my academic information since they are liable if it is lost, unprotected and/or destroyed. Moreover, they have to incur the cost to store it and produce it (at my pleasure). I just don’t think the the concept of a Sovereign Source Identity is realistic or pragmatically possible.

    • John Doe says:

      A colleague of mine found this blog some weeks back and told me it would be good for a laugh. Certainly it hasn’t disappointed. 🙂

      I have to say Devon, it’s pretty high and mighty of you to to declare me a tail chaser when you and your buddies have your heads so far up each other’s asses. Anything I research on Sovereign Source Identity leads to the same small group of people repeating the same psychobabble. This isn’t transcendent research, it’s academic absurdity designed to impress the ignorant while distracting from the lackluster credentials of its authors.

      I would offer an intelligent response to your comment, but it is so poorly written. . . . I tried reading the whole thing several times but I had to stop partway through to prevent my head from exploding. If this would have been a submission in one of my classes it would receive a failing grade! I have to admit, the funniest part was Jim Groom (Reverend) declaring your inebriated ranting as articulate. Talk about chasing tails!

      But nothing proves the whimsical nature of this rhetoric more than Dr. Phil Windley’s own admission that he cannot convince anyone of its virtues in a few paragraphs. This sounds like snake oil to me.

  5. John Doe says:

    The biggest irony in this discussion is the fact that a “John Doe” has been able to stir an identity discussion. This proves I am in control of my own identity, and I exercised that control without an API’s, without Reclaim Hosting, without a domain of my own, and without complicated rhetoric.

Leave a Reply

Your email address will not be published. Required fields are marked *