Categories
Marketing & Communications

Beware the plug-in!

A quick note about something, er, noteworthy: those in the public sector should be aware of a recent IPC decision regarding the Halton School Board and its use of browser plugins without adequate vetting and consent.

Higher ed is more my jam than primary or high school, and minors factor less prominently in that space, but still worth observing that the Information and Privacy Commissioner has called Halton School Board on the carpet for the use of browser plugins for educational purposes.

Colleges and universities normally have fairly strong authorization-to-operate processes, and most major software and SAAS is vetted and reviewed by both IT teams and counsel to be sure it’s up to snuff. But this exposes an interesting area of vulnerability that we don’t often think of; institutions may be recommending or even mandating bolt-ons to services that have not been evaluated and collect information in ways that contravene MFIPPA, FIPPA or your privacy legislation of choice.

As I type this, I’m eyeing Zotero and the Zotero browser extension icon in front of me with some suspicion. I’m sure it’s kosher, but as a tool strongly recommended (but not mandated!) for my graduate studies, how has it been vetted? What information is it collecting? And if the rubber hits the road, what’s my institution’s responsibility in encouraging me to adopt it?

Whether minors being watched out for by their guardians or adults looking out for their own interests, there’s an interesting wedge of privacy concerns here that I suspect are underbaked when we look at building cutting-edge pedagogical processes for students.

By mattshepherd

I love storytelling, and helping organizations share their truth with the world. From non-profit media outlets to for-profit boutique agencies to one of Canada's great universities, I've been connecting institutions and stakeholders for a while, and enjoying both the journey and seeing great ideas find great audiences.