PrivaScope Governance

History - WiFi Data Requests

University faculty told ITS that data would be of value to learning analytics, mobility, and social research. 

As demand for location data in particular has grown, so to have privacy concerns. This has caused the University Privacy Officer to publish a ITS WiFi Location Data Privacy Statement, as well as developing training for staff with access to the data. 

Today, ITS offers faculty, students, and staff access to their own personal WiFi data, as generated by the event-driven Radius infrastructure. Individuals can download their own data and share it if they choose. This individual-sharing infrastructure was requested by MIDAS-awardee Professor Rada Mihalcea, and is deemed acceptable under the ITS WiFi Location Data Privacy Statement.

Current State - PrivaScope, an Ethical & Privacy-Preserving Platform

The primary goal of PrivaScope is to enable researchers to ask aggregate questions across multiple data sets in a ethical, privacy-preserving manner. Part of the proposed Privascope process would be for a privacy and ethics body to review research questions to ensure that inappropriate/individualized questions are weeded out in favor of appropriate/aggregate questions. A secondary goal is to allow researchers to ask aggregate questions across multiple data sets where no researcher has direct access to the data sets. A tertiary goal is to enable ITS to support such queries in a scalable, supportable manner.

PrivaScope Review Board

The PrivaScope Review Board will be appointed by the Vice President for Information Technology and the Chief Information Officer, and will include:

  • Multiple faculty members (to represent both research diversity, and expertise in privacy)
  • The University Privacy Officer
  • A member of the General Counsel’s Office
  • A faculty member with expertise in ethics
  • A technical expert who fully understands the details of the PrivaScope system

Individual board members will be named at a future date.

Relationship Institutional Review Board

Separately, under the existing IRB process, the IRB decides whether to approve the use of administrative or operational data. However, it is up to the researcher to convince the appropriate data steward to make the data available, redacted or anonymized as they see fit or are able to technically do. For example, the Registrar’s Office may or may not be willing to supply some subset of grade data to an IRB-approved researcher. One issues is that no one is looking at the intersection of multiple data sets and how access to other data might undermine anonymization.

PrivaScope is intended to be complementary to and supportive of the existing IRB process. With PrivaScope, data stewards can choose to include some or all of their data within the PrivaScope environment. In this environment, researchers do not have direct access to the data-sets; instead, they have access to the results of algorithms run against that data set and other data sets as well.

Model

PrivaScope will be open to collaborators from other institutions who work with our research faculty and comply with legal guidelines. Possibilities for opening PrivaScope to a wider, national research community will be addressed at a later date.