Protecting personal information with user-tailored privacy settings for Total Learning Architecture (TLA)-based systems.
Personal data is collected and shared regularly by countless devices and on most networks. In the TLA-supported digital learning ecosystem, the need to prevent Personally Identifiable Information (PII) from being used in ways that risk user privacy is ever present. Due to the high variability of digital learning user scenarios, and the potential for broad access to PII across many interoperable data systems, there is no one-size-fits-all privacy solution for the digital learning ecosystem.
In line with the privacy-by-design philosophy and prevailing privacy policies, PS4TLA produced recommendations and guidance in a series of volumes to encourage the introduction of privacy measures when developing TLA-compliant systems. The guidelines address user privacy characteristics and incorporate decision-making practices.
About the Project
The TLA enables interoperability among a growing variety of learning technologies and devices within corporate, academic, and government enclaves. Learners will access these learning technologies using a vast array of personal devices, and through formal and informal learning activities, both in-person and online. Personal data collected by these learning systems and any information entered into a learning system database is considered PII according to DoD policy. The purpose of the PS4TLA project was to address privacy challenges associated with managing PII within TLA-based systems, and to enable user-focused personalization and notification of privacy options driven by the data collected during learning activities.
This project encourages the incorporation of comprehensive privacy protections as part of the design process for TLA-based systems and user empowerment to drive privacy solutions based on the individual user’s needs. PS4TLA envisions a user-focused approach that models user privacy preferences to automatically tailor his or her privacy preferences and settings for learning systems connected to TLA services, while remaining compliant with relevant privacy-driven laws and policies. The PS4TLA guidance leverages User Tailored Privacy (UTP) as a means to inform the privacy management practices of TLA-based system users. The UTP methodology accounts for the high variability and context-dependency of people’s privacy decisions by creating a personalized, context-defined model of users’ privacy preferences, and then basing users’ privacy settings on these modeled preferences.
The PS4TLA project also sought to address the complex regulatory and policy environment for user privacy, and its implications on the development of TLA technologies, products and services. PS4TLA: Privacy Support for the Total Learning Architecture Volume 5 - Policy Requirements addresses how privacy regulations and recommendations outlined in Federal laws and memorandums, DoD Directives and Instructions, and standardized guidelines are applicable to TLA-based systems. The volume includes guidelines for onboarding learning activities to make them a trusted and authenticated part of the TLA ecosystem, and procedures to follow when requesting and providing access to personal information, including notice, consent, and disclosure accounting.
PS4TLA: Privacy Support for the Total Learning Architecture Volume 5 - Policy Requirements
2019, Clemson University
Death To The Privacy Calculus?
2017, SSRN Journal, Social Science Research Network