Moving Data Around

In the OLDaily, Stephen Downes shared this story. “Oops! Top Law School Email Screw-Up Reveals Grades, Ranks Of All Clerkship Applicants“.  For my read, it was more than Oops, it was like Yikes!  

Fortunately, I couldn’t find the picture of what I’m looking for on the net.  That’s probably a good thing.

I remember as a first year teacher receiving from the school a red, spiral bound book for my lesson planning and recording of marks.  Before I found it in my mailbox, I had wondered where I was going to buy one of those.  After all, they were the bible for my own secondary school teachers.  I needed one – it would be like a rite of passage.  So, when I did get mine, I carefully put my name and homeroom on the cover.  It went with me everywhere.  After all, everything about my classes was in there.  I didn’t want to lose it.  There was the plan for the day, the marks at the back for each class, and a second that I called reflections where I made myself notes about how I could do things better when I taught the topics again.

My mom and dad had purchased a briefcase for me and, when this red book wasn’t open on my desk, it went into the briefcase and the locking tumblers spun to keep it safe for me.  I even remember the combination to this date.  It was kind of silly – anyone with a sharp knife could be inside in a heartbeat.  For me, it was my lifeline.  It went everywhere.  There was no backup.

As a computer science teacher, I wasn’t big on tests.  Instead, I did my assessments one on one with the students.  At the computer, they would have to enter my test data, carefully designed to generate errors like dividing by zero if not trapped, or I would ask them to modify the program on the fly so that I could see if they truly understood the code that they were submitting.  I could immediately look at their source code and check for documenting, style, variables, and all that good stuff.  In my markbook, I would record a grade and any notes to myself for later use.  My entire school year life was in there.  I couldn’t imagine losing it.

Later on, this dude went electronic.  In the beginning, it started with Visicalc and Microsoft Works.  There actually was a duplication of effort.  I still needed the red binder but when I got home, I transcribed the marks into a spreadsheet to manipulate and do all kinds of mathematics things to my marks.  At the end, there was that day of reckoning when marks had to be finalized and submitted to the office.  I went through many efforts to make life easier for the secretary – students carrying blank report cards around to be signed, entering mark entry sheets, submitting marks in an electronic file, …  Ironically, when I think now of the progression, the protection of student information potentially went down hill with each new latest and greatest idea.  Thankfully, we never got to the point like we had at university where the professor would just post the marks on the bulletin board outside her/his office.

Now, electronic submission is the way business is done.  There’s no doubt about that.  I think, for the most part, concern about security of marks revolves around the media on which it’s stored going bad.  That does bring a smile; I don’t recall ever losing marks that way even though I carefully backed everything in case something bad happened. 

The story above, though, warns us of other dangers.  These days, we toss files around like they’re just pieces of paper which they would be in a former life.  We computer users pride ourselves in being multi-taskers with super human skills.  We can Facebook, Twitter and send email all at the same time while listening to YouTube videos in the background.  I can absolutely seeing the incident in the story happening to me. 

As a sessional instructor at the university, I was never on campus during secretary hours.  I was one of the night owls and we would submit our marks in a carefully described CSV format at the end of the semester.  I remember the first time doing so.  I didn’t want to mess up because I wanted to be hired again.  So, I sent the marks from one email account to another and then downloaded them from there just to make sure that they were good.  Once I confirmed that I knew what was happening, off they went.  I remember thinking at the time that the email actually would make a few hops from my email account to the associate dean who would approve them, pass them along to the support staff who would then entire them into the Student Admin System.  And, CSV is just straight forward ASCII – anyone intercepting the file could easily read it.  I remember talking about a two step process to protect this.  The first step would be to encrypt the file and send it.  A followup email would send the key with which the file could be decrypted.  I’m sure that you know the look that I got when I described the process.

Mark submission is but one thing in our data-driven decision educational environments.  Just think of all of the data that you work with regularly.  What processes are in place to make sure that the data gets where it’s supposed to be in a secure manner?  How about your own computing device.  Is it secured at least with a logon password or pattern?  My briefcase had a combination! 

As I read the story, I do get a sinking feeling in the pit of my stomach.  It could happen so easily.  The fact that the file had more than just marks in it makes it even worse. 

Even worse for the law school.  Have they opened the door to the students and their first class action lawsuit?

OTR Links 06/11/2014

Posted from Diigo. The rest of my favorite links are here.