Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Law Journal Article on University Data Stewardship

From: Josh Callahan <josh.callahan () HUMBOLDT EDU>
Date: Fri, 9 Nov 2018 11:22:05 -0800
Bruce Schneier posted a link to this article this morning.  There's some
loaded language in the abstract, but the actual paper seems pretty
balanced.  Definitely some things to think about as we all try balance
privacy concerns with campus operational needs and our ever-growing
security portfolios.

I'm definitely adopting "grey data" and "data exhaust" into my vocabulary
moving forward.

  https://scholarship.law.berkeley.edu/btlj/vol33/iss2/1/

Abstract:

As universities recognize the inherent value in the data they collect and
hold, they encounter unforeseen challenges in stewarding those data in ways
that balance accountability, transparency, and protection of privacy,
academic freedom, and intellectual property. Two parallel developments in
academic data collection are converging: (1) open access requirements,
whereby researchers must provide access to their data as a condition of
obtaining grant funding or publishing results in journals; and (2) the vast
accumulation of “grey data” about individuals in their daily activities of
research, teaching, learning, services, and administration. The boundaries
between research and grey data are blurring, making it more difficult to
assess the risks and responsibilities associated with any data collection.
Many sets of data, both research and grey, fall outside privacy regulations
such as HIPAA, FERPA, and PII. Universities are exploiting these data for
research, learning analytics, faculty evaluation, strategic decisions, and
other sensitive matters. Commercial entities are besieging universities
with requests for access to data or for partnerships to mine them. The
privacy frontier facing research universities spans open access practices,
uses and misuses of data, public records requests, cyber risk, and curating
data for privacy protection. This Article explores the competing values
inherent in data stewardship and makes recommendations for practice by
drawing on the pioneering work of the University of California in privacy
and information security, data governance, and cyber risk.

-Josh

-- 
-------------------------------------------------
Josh Callahan
Information Security Officer and CTO
ITS :: Humboldt State University
1 Harpst St. Arcata CA 95521  707.826.3815
Previous By Date Next
Previous By Thread Next

Current thread: