In December, students in Leiden rebelled against smart cameras on the campus. They felt that their privacy had been invaded and demanded that the cameras be removed. But there is a lot more software that puts privacy at risk, says Rien Wijnhoven.
He is chair of the Tilburg University Council and of the National Platform for University Participation Bodies (LOVUM). Higher education should take more control and simply develop some software itself once again, he feels.
Wijnhoven is not alone in considering this an important issue. The debate has been going on for years. On Tuesday there is an online meeting of the Royal Netherlands Academy of Arts and Sciences on that very subject.
Universities make use of systems supplied by the big players in the market and that is definitely not always the best choice, believes Wijnhoven. For instance, it emerged recently that Proctorio anti-cheating software is unsafe: hackers were able to gain access easily to students’ computers.
But hackers and criminals are not the only problem. We ourselves need to keep a closer eye on the software companies, says Wijnhoven. “The question is, what happens to our personal information and to research data that we store in the systems? This is becoming increasingly important, now that we are doing so much online.”
Data is the new gold, he notes. “We work from home, we stream, we offer blended learning, we make use of student and user data, we deploy algorithms… What happens to all that data?” His point is that you never know precisely what the big companies do with that data and certainly not what they will do with it in the future.
Wijnhoven himself has some experience with ICT. “Previously universities built their own systems”, he explains. “Utrecht University produced Osiris and it was successful. It was sold off years ago and is now in the hands of a big American company, which manages Osiris for a considerable number of Dutch higher education institutions. It seemed like a good idea at the time: leave the administration of such systems to companies that are good at it, because it will then be cheaper and better. I was also guilty of misjudgement in that respect, even though people were already warning about it at the time.”
He advocates a change of course. “We shouldn’t make our education and research dependent on the revenue models of tech companies”, says Wijnhoven. “We have the knowledge, the money and the organisational skill; we can do it ourselves.”
Not all in one go, of course. You cannot build the systems just like that. “But let’s start by managing research data and student data ourselves. Good initiatives have already been taken in that regard.”
Why did that not happen a long time ago? Two years ago, the rectors of the universities wrote an opinion piece in which they said something along those lines, and last year cyber professors gave a warning about The Cloud. “Nothing against our administrators”, says Wijnhoven, “but ICT knowledge can generally be found lower in the organisation. Administrators already have enough to do. For the most part they leave ICT to others.”
That has to change; there needs to be “more vision and in particular more teamwork”, says Wijnhoven. The participation councils are keen to contribute to that discussion. “The subject is raised from time to time, but it’s somewhat fragmented. We talk about specific amounts for new ICT systems, for example. But we also ought to be discussing what such systems do and what the consequences would be for staff and students.”
In the long run there needs to be a public European platform for this, in Wijnhoven’s view. “But that is still a long way off and maybe it shouldn’t be our immediate target. Let’s start here in the Netherlands. It won’t be easy but it’s similar to the battle against climate change: you simply have to start before it’s too late.”