For those following the Piazza privacy issues, we have a new update where the company has made three significant changes in their response to privacy concerns from several universities. They are now using true opt-in for their Careers product, they have stopped the practice of using university logos without permission, and they are now offering an easier process to enter into no-cost agreements. For those who have not followed, read here here and here for background. And remember that this case of Piazza's usage of student data can be seen as a case study on third-party learning apps as we move closer to the Next Generation Digital Learning Environment / LMS as Hub concept.
Opt-In vs Opt-Out
In my original post, one of the key issues I called out was that Piazza did not offer with their Q&A platform a true opt-in method for students to choose to allow their personal data to be shared with recruiters through the Careers product.
What does that opt-in look like in practice? Faculty assign usage of the platform, and during setup students see a pre-checked box labeled “Sign me up” for opting into the Careers service.
For every school that I talked to, this was a sticking point. No one seemed to agree that a pre-checked box that could easily be missed (note the size of box vs. "Continue" button) was truly opt-in, as recommended or even required by privacy policies and regulations. That might work in the consumer web application world, but not in education.
Nevertheless, for a while Piazza insisted on leaving this pre-checked box and calling it opt-in, but several weeks ago they changed course as described in an email sent to select clients. In one section, CEO Pooja Sankar describes:
With all the wonderful feedback we’ve received from our supporters — faculty and administrators alike — we have made several changes to our sign up flow, one of the key ones being that in order for students to opt in to Piazza Careers (an optional service that connects employers and students), they must now make an active selection in order to opt in. In addition, we’ve also moved the Piazza Careers sign up to its own page, so no one can miss it.
When a user clicks on "Control what information is shared", they now get this pop-up:
Usage of Logos
Another issue called out in the original story dealt with permitted usage of logos as described by Jenn Stringer from UC Berkeley.
Given the lack of agreement, Stringer pointed out that with the lack of agreement that Piazza is using school logos and trademarks without permission. At this point UC Berkeley is considering what their next step should be.
Like the opt-in issue, Piazza has now changed course and no longer uses official school logos without permission. The home page section has gone from this:
This last change is one that could have an effect on many other free consumer-based learning apps. Piazza was previously reticent to enter into many agreements with institutions, largely based on being a small company with few resources available to deal with contract management. I called out in the first post a problem with this approach.
There is a real problem, in my opinion, with Piazza claiming FERPA compliance when that regulation is based on the institution and the student. When software applications take in student data, the school is responsible for knowing who has the data, how it is being used, and answering students requests about how their data has been shared.
In a change, Piazza is now telling customers that they are willing to enter into no-cost agreements, as described in the email to customers and in their FERPA page:
We are fully committed to entering into no cost contracts with universities that protect students, professors, and the institutions including FERPA, accessibility, and more.
As a free service, and with over 1500 Universities using Piazza, we do have to think long and hard about how to engage with one off requests for expensive and bespoke contracts.
After working with a handful of schools to understand the surface areas of what needs to be covered in a contract, we saw what we expected: that our current practice and policy was on par with what universities needed. It then became an issue of specifically having a legally binding agreement that protected the universities, professors, and students.
Based on these conversations and executed agreements, we offer two straightforward options to universities who wish to get a formal agreement in place:
- You have your own FERPA addendum or contract addendum that is 1-2 pages that reference our TOS and add some specific reassurances that supersede any other terms. This may be the fastest option as it is authored by the university and covers the specific concerns.
- Otherwise we have created a canonical agreement that we offer to all schools. We are of course, open to minor changes that accommodate the spirit of the contract but feel we have covered all the major areas. Sticking with this template should enable us to keep Piazza Q&A a free service.
All three changes are good for the community, and kudos to Piazza for making them. Other companies offering free learning apps should also take notice - as mentioned above, the Piazza story is a case study as higher education moves into broader usage of different tools.