Personal APIs and Academic Libraries

Roger Schonfeld’s “Improving Privacy by Rethinking Architecture” post on The Scholarly Kitchen blog does an excellent job of exploring the question of privacy and third-party data collection for researchers and academic libraries:

By having comparatively little user activity data on their own hands, and fragmenting those data they do keep, libraries may feel they have sidestepped an ethical dilemma [researching anonymously]. But they surely have missed the opportunity to build the personalized discovery and research information management tools that scientists and other academics need. In doing so, libraries have underserved researchers and other users, putting themselves at a competitive disadvantage relative to other providers. But at the same time, they have not placed limits on the data gathering and usage of content providers and other vendors nearly as strictly as they often claim for themselves.

It’s a tricky issue, and Schonfeld adriotly underscores the irony of outsourcing research services as a means of exonerating your library, while at the same time forcing the community you serve into much more precarious conditions. And while steps need to be taken to manage the sharing of data with these third-party services, the deeper issue he gets is that our thinking assuming the current state of IT infrastructure. What if that infrastructure was designed in such a way that academics had control over the data they shared while doing their research. Not only as a means of privacy protection—though definitely that—but also as a means to extend such a “decentralized architecture” to serve as individualized research archives (a personal cyberinfrastructure).

I was excited Schonfeld highlighted the Personal API project Reclaim Hosting is working on with Brigham Young University presently, and I really liked the way in which he extrapolates the vision of providing students more control over their data to researchers controlling access to their own scholarly work, and changing some of the basic ways we understand sharing and publishing one’s work.

If successful, it is possible to imagine such a decentralized architecture being extended to serve the needs of a researcher account in terms of library resources and content platforms. Indeed, I have argued that a cross-platform user account controlled by the researchers themselves would bring vast improvements in the processes of authorizing access to an appropriate copy of an information resource, while dramatically improving one’s control of one’s own data. Such an architecture represents a sea-change compared with today’s systems and it is no small thing to imagine the costs and logistical complexities of a transition.

The logical and political complexities of such a transition are no small thing to say the least. And while organizations like BYU that have visionary folks like Kelly Flanagan and Phil Windley leading the charge are rare, Schonfeld’s final note suggests quite hopefully that alternatives are both possible and important:

Even so, the work that Reclaim Hosting and BYU are undertaking is more than just experimental. It suggests that, when the political and organizational stars align, an entirely different architecture for the control of user data is possible.

That is so awesome, and why not? The time has come, and I know for certain that numerous other institutions are keen on what the folks at BYU are doing, and are prepared to double down on giving people more power over the online identities, personal data, and digital domains. Reclaim is in the air!

Domains as Ground Zero for the Struggle over Agency

BYU’s Bold Plan to Give Students Control of Their Data

BYU’s Bold Plan to Give Students Control of Their Data

I was really pleased with Marguerite McNeal‘s article in edSurge on Brigham Young University’s Personal API experiment. It can be hard to explain (at least for me), but she does an excellent job providing an accessible frame for the project by looking at it in terms of students finally being able to manage and control their own data. I think the following paragraph summarizes the idea behind a personal API as clearly as anything else I’ve seen:

A personal API builds on the domain concept—students store information on their site, whether it’s class assignments, financial aid information or personal blogs, and then decide how they want to share that data with other applications and services. The idea is to give students autonomy in how they develop and manage their digital identities at the university and well into their professional lives

The idea of autonomy in relationship to our personal data puts the discussion in a far broader context, and its immediacy is anything but academic. That said, I think it’s telling that a number of universities have been pushing hard to bring the importance of controlling your data to their academic communities. BYU’s work around the personal API is a really exciting early attempt at what this might look like. I could listen to Phil Windley talk about what he calls “sovereign source identity,” an idea he credits to Long islander and UMW grad Devon Loffreto:

“We want to teach students that this isn’t the only way identity happens online. They can create their own,” Windley says. This fall BYU introduced its Domain of One’s Own pilot to 1,000 student and faculty participants. But offering personal Web spaces is just the beginning, Windley says. “Domains help students understand their personal identity. The next step is understanding your personal data and how you control that.”

Absolutely right! And Adam Croom, who has been going gang busters with University of Oklahoma’s Domain of One’s Own project OU Create, frames this argument along the lines of a negotiation that should be taking place but isn’t:

“It’s the idea that tapping into one’s data should be a negotiation that the student gets to make,” says Adam Croom, director of digital learning at the Center for Teaching Excellence at the University of Oklahoma (OU). “Why can’t I manage what apps tap into my data, whether that’s the learning management system or the bursar’s office? Why aren’t there terms and conditions for students to understand who has access to their data?”

Another article I found alongside this one, thanks to the Cassandra of Ed-Tech*, was the article in Education Week proclaiming 2016 will be “The Year of Agency.” If that’s right—and I hope it is—that means more an more universities will need to start rethinking their infrastructure, and APIs have helped BYU and University of Oklahoma do just that. And so much of that work has been make possible thanks to the tireless evangelism of Kin Lane who has provided a vision of what APIs can be for Higher Ed. One we desperately needed.

At the same time, giving students, faculty, and staff more control over their data will be without some serious struggle. A response to this article published today on EducationDive illustrates why giving students control over their data might be an issue for some:

Schools are tracking student movements around campuses, incorporating data about how many times they visit the library or the tutoring center into performance data, merging that with student information system and learning management system data, and then developing predictive models to help counselors and students themselves. Giving students access to their own data is one thing, but letting them block others from seeing it is a different beast that could derail retention efforts.

Derailing retention? It’s strange to see the idea of allowing students to decide who gets to see their data, for how long, and why as somehow antithetical to keeping them? There is a joke in there somewhere. Fact is, the realities behind the learning analytics applications that have been relentlessly tracking student’s personal data may very soon be coming to a head. I would bet there has been little to no transparency about what student data universities are tracking, and whom they are sharing it with. Hell, I’m sure a number of universities aren’t even aware themselves of what data these third party applications are collecting. The idea that someone empowering students to opt-out of these unilateral relationships with various technology vendors is somehow preventing them from doing their job is demonstrative of just how much of the job of teaching and learning they’re offshoring to third-party technology solutions. And I won’t even get into the insane idea that tracking a student’s movement around campus is a sound academic counseling strategy.

Reclaim Hosting was born out of a movement that is grounded in the principle of empowering students and faculty to take control of their teaching and learning. And as Phil Windley notes, understanding who has access to their data and how it is being used will be ground zero for that struggle if we are, indeed, entering the year of agency.


*I found this article thanks to the all-knowing, all-seeing Audrey Watters, who linked to it in this week’s Newsletter. You’d think given I was quoted in this I might know about it, but Audrey actually reads the web—all of it—unlike me :)