As I encounter and work with BC educators at all levels of public education who are using–or want to use–social media and cloud computing, it has become evident that they have a range of orientations regarding the applicability of the British Columbia Freedom of Information and Protection of Privacy Act (FIPPA). This can apply to a single teacher, a school administrator, or a wider group as a whole. Now don’t get me wrong–FIPPA is a law and applicable to all educators using social media and cloud computing in BC public institutions and there are consequences for not following it; however, how educators see this varies. My conception of BC educators’ positions is longer than it’s fair to put in a blog post, so like the “Primer” (https://jhengstler.wordpress.com/2013/05/17/a-k-12-primer-for-british-columbia-teachers-posting-students-work-online/), I’ve linked it in this post as a longer PDF. Click on the cover image to download the document or use the link near the end of this post.
Here’s the abstract: Hengstler theorizes a continuum of 6 compliance positions for educators (Avoidance, Ignorance, Knowledgeable Non-Compliance, Approaching Compliance, Establishing Compliance, & Full Compliances) with regard to the application of British Columbia’s (Canada) Freedom of Information and Protection of Privacy Act (FIPPA) to the use of social media and cloud computing tools in BC public schools. The article concludes with a call for collaboration to increase compliance.
Link to article for download: https://www.dropbox.com/s/ridcqq14a7k9543/Compliance_Continuum_5_06_14-1.pdf
I look forward to hearing your feedback and comments.
jhengstler's blog 
Excellent summary of the different approaches to FIPPA in BC. I think your point about the difficulty in identifying what full compliance might look like, is a significant issue for educators and the OIPC. The OIPC has provided guidance to educational institutions and educators in the past, but I think they need to take a more active role in continuing to guide and provide examples of best practices for public institutions in BC (including educational institutions). It is very difficult as an individual educator to achieve compliance without simply choosing to abstain from using cloud computing services. It seems ridiculous that a more coordinated effort has not been taken to develop tools and guidelines for compliance. In the current state, the area of “Full Compliance” will remain vacant as it is difficult to keep up and the bar for compliance very high within the context of available offerings.
Thanks for your thoughtful comments, Blair. I for one am trying to make some headway in contributing to what “compliance” might look like–but clearly, as you say, more coordinated effort is needed. I share my work as a basis hoping others will share back–building, editing, etc. In my research in this area, I have found the Office of the Information Privacy Commissioner for BC to be very approachable on various questions.
Julia, I appreciate and applaud your efforts in research, writing and sharing your work in this area. I agree that the OIPC seems to be forthcoming with information. I wonder whether either the Ministry of Ed. or a collection of districts could create a collection of resources for the related permission/release forms, an up-to-date list of services with terms of service summaries and key points for reaching compliance.
Be sure to take a look at http://www.privacycompass.ca and look over the documentat available here http://breannequist.weebly.com/alphabetical-list.html
It was a project of my past master’s student, now colleague, Breanne Quist.
[…] Julia Hengstler, The Compliance Continuum: FIPPA & BC Public Educators […]
Hi Julia
Thank you very much for your work in this area. I wonder if a public body like a SD hired Google to create a private intranet where documents, websites, etc. were internalized and encrypted / safeguarded, what would informed consent for parents be sufficient to use the service?
I’m imagining Chromebook usage or Google Drive usage in this manner (private cloud, provided by Google.)
Have you seen the Google documentation posted at http://www.privacycompass.ca?
Look under http://breannequist.weebly.com/alphabetical-list.html Originally built as a master’s project by my now graduated student/colleague, Breanne Quist.
[…] Hengstler, a faculty of Ed professor writing about FIPPA with regards to social media and cloud computing compares school board transitions toward FIPPA compliance to being like “seismic […]
[…] this blog, I’ve previously delved (in some detail here) into the nature of BC educators’ compliance (or lack thereof) with BC’s Freedom of […]
[…] a great resource if you want to learn more about the issues (maybe start with her 2014 blog post The Compliance Continuum ? or follow her Twitter […]