Privacy issue: how to disable Analytics completely

Privacy issue: how to disable Analytics completely

by Randy Thornton -
Number of replies: 7
Picture of Documentation writers


I posted a question in the Analytics forum a week ago, but got no response, so I am going to cross post here on purpose.

Please see https://moodle.org/mod/forum/discuss.php?d=366393#p1477478

I proposed there a list of items to disable new Insight Analytics from processing and remove any already collected data. 

I would really like some confirmation from someone who knows the inner workings to confirm this or add any items to it. 

Thanks

Randy

Average of ratings: -
In reply to Randy Thornton

Re: Privacy issue: how to disable Analytics completely

by Randy Thornton -
Picture of Documentation writers

For lack of ability to take this code from core without having to figure that out every future upgrade, my clients have decided to drop Moodle altogether and move to another platform.

Average of ratings: -
In reply to Randy Thornton

Re: Privacy issue: how to disable Analytics completely

by Rick Jerz -
Picture of Particularly helpful Moodlers Picture of Testers

Randy, your decision doesn't bother me.  I am still trying to make sense of this privacy issue.  Your post made me wonder which other major LMS supports the privacy that you desire?  Just curious.

Average of ratings: Useful (1)
In reply to Rick Jerz

Re: Privacy issue: how to disable Analytics completely

by Dave Perry -
Picture of Testers

Agreed. Analytics are the main way a tutor can see how their students are doing - in fact, if the OP's client is a college with UK government funding, it is actually a requirement that online learning hours / activity can be reported on to government agencies (as well as assessed) - we're having to deal with this in a different VLE (chosen by our CEO, with no input from my team).
And funding / reporting rule aside, an LMS that doesn't give you some insight into how students are doing seems rather pointless.

Not knowing the use case, I'm minded to assume it's not legally required for this 'institution'?

Average of ratings: -
In reply to Randy Thornton

Re: Privacy issue: how to disable Analytics completely

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers

This might be part of the privacy stuff coming in 3.5 Randy...I have to say I am curious as to why it is such an issue.  It is not creating new data, just reporting on it...

Average of ratings: -
In reply to Randy Thornton

Re: Privacy issue: how to disable Analytics completely

by Randy Thornton -
Picture of Documentation writers

I can not discuss any details of this, for obvious reasons, but the issue revolves around the legal culpability of what the analytics does. The situation involves multiple companies in multiple jurisdictions (including the EU) with various contracts in a industry regulated somewhat differently country to country.

Basically, they want to uncouple the entire analytics engine from Moodle, but it can not be easily removed as it is not a proper plugin; there's no master on/off switch; no tool or documentation about removing the data; and honestly, I got no help in figuring that out --- these were all red flags to my client that Moodle has not thought this through for the various scenarios it might be used in, but rather, as one person put, just "assumes that educational system attitude that they can do whatever they please with student data."

The product they are going to use instead is from a corporate vendor (that I had never heard of before) that has an analytics engine but it is a distinct package and product that works independently. You can use it or not, and you when you do, you have a lot of control over what it does.

Now, the client lawyers disagree strongly with the view this is just reporting, as Emma says. This is not just reporting, this is algorithmic: it learns and changes its decisions based on how it is trained and it also changes as it augments its training based on the ongoing data. It is not just reporting, it's doing more than that, it's analyzing.

And that brings up a big legal red flag for the client due to their situation because someone somewhere has to own the responsibility for that, with a contract. 

Consider this scenario: the algorithm improperly or inaccurately flags a student as having issues, this influences teacher and school attitudes and decisions, the student drops out, burdened with debt. Later, under GDPR right to view, the student find this out. The student sues. The teachers clamor, "It wasn't us, it was the algorithm!”  The lawyers arrive…. Student, data, and teachers both employee and contract, are in different countries with different laws in and out of the EU, different companies, different contracts, and so forth. So, who's responsible for what? 

The answer is: you don’t want to be put into that situation to begin with ;) 

Call it FUD if you like, I call it prudence. They want full knowledge and control of these aspects of analysis so they can meet various and sometimes conflicting contractual and regulatory (including GDPR) obligations. 

If Moodle pushes things into core that cause legal complications for a user, then the safest course may very well be, as in this case, for the user to choose another product.

Analytics is a minefield of privacy and legal issues, with somewhat differing minefields for different users. I guess what it comes down to is my client is not confident that Moodle can help them cross their particular minefield. And from what I have seen to date, I would have to agree.
Average of ratings: -
In reply to Randy Thornton

Re: Privacy issue: how to disable Analytics completely

by Elizabeth Dalton -

I'm sorry I didn't see your post on the analytics forum earlier. Although the analytics tools are part of core, no models are enabled by default, so no data is created by the analytics system by default. Models must be enabled by the site administrator before they can be trained on existing data. I will update the documentation to make this more clear.

Privacy and transparency have been design considerations throughout the Moodle learning analytics project. If anyone has further concerns, please join the discussion at https://moodle.org/analytics. Thank you!

Average of ratings: -