My mom — and your mom too, I’m sure — used to say, “You don’t get something for nothing,” and as a corollary to that, “If something seems too good to be true, it probably is.”
And yet, when free technology services from companies like Facebook, Twitter and Google first appeared, a lot of us forgot those old adages and dove right in, not realizing — or perhaps just not caring — that these tech giants make their money, in large part, through the monetization of personal data. For years now, many of us have been shoveling terabytes of our personal information their way, breezing over their terms of service and freely giving them valuable insights into our lives and spending habits.
More recently, the tables have turned. After a few highly publicized data breaches and embarrassing revelations, these tech giants are under fire for how they handle, sell and manage user data. Some — including a Facebook founder — even have begun calling for the breakup of their monopoly.
Given all this discussion about data privacy in the media, it’s not surprising that the issue has been raised in conversations with clients in the education technology space. For example, on a recent visit to Brightspace customers and prospects in the Netherlands, I heard a lot of concerns about what educational technology companies are doing to safeguard data.
The first point I raised with my Dutch friends — and have since repeated — is that the differentiation between a company like D2L and Facebook or Google is that we have never been a free service that makes money selling ads based on students’ data.
In our case, protection of user data is as strong as we can possibly make it. We agree not to collect, use or disclose personal information, including user data, except to maintain and improve the service and to prevent or respond to technical or service problems at a customer’s request in connection with a customer support issue or when required by law. And our business model has never included the sale or monetization of learner data in any way. Simply put, with D2L, you get what you pay for — privacy.
At D2L, we have an overriding and simple principle: learner data should be used for learning. The product is the education or learning, not the student’s data for use to sell ads or anything else. Period.
We take data privacy seriously, which is why we’ve pursued ISO 27001 and ISO 27018 certifications to make sure that our safeguards and access to your data follow industry best practices. In fact, D2L is one of the very few learning companies that holds compliance certifications directly and does not rely solely on its cloud partners. And you can review D2L security-related information and request copies of our certificates at www.D2L.com/security/.
The most important aspect of privacy, if you talk to the experts, is not just about data security — it is control and ownership of the data. Data is not valuable — it’s priceless. Data control and data ownership are integral to the concept of privacy. Students and our clients should own their own data because how people learn — and what they learn — is a critical part of a pact or an agreement between educators and learners. And while companies like ours have a role to play in enabling that relationship, we have no business messing around with it.
And we intend to keep it that way.