Online proctoring by conducting room scans is against the Fourth Amendment of the US constitution, a federal judge in Ohio ruled. Online proctoring refers to online monitoring of a person for various purposes like holding exams and conducting interviews. It can involve analysis of facial expressions, body movements and behaviour of the subject. The Fourth Amendment to the US constitution protects people “against unreasonable searches and seizures.”
Why it matters: As student’s exams moved online due to the covid-19 pandemic, several educational institutes in India adopted online proctoring softwares. But this constant monitoring raises serious concerns on how the data of students is being collected, stored and used. Preeti Mali of Wheelbox, a remote proctoring company, informed ET how their technology assisted “universities, education regulatory bodies in authentication and GPS location of students, verify the IP address and face-recognition of students, etc.” In 2020, data of 4,44,000 users of a proctoring service was leaked by hackers.
FREE READ of the day by MediaNama: Click here to sign-up for our free-read of the day newsletter delivered daily before 9 AM in your inbox.
What happened?
Aaron Ogletree, a college student, was asked to do a room scan before starting his online exam from home, using a proctoring service. The aim was to protect cheating during online exams by recording the nearby environment. A student’s room scan was also visible to other students taking the test. Aaron did the room scan and his recorded data was retained by Cleveland State’s third party vendor. Later, Aaron filed suit alleging that this practice or policy violated his rights under the Fourth Amendment.
Problems with remote proctoring:
Remote proctoring services are primarily created with the aim of reducing cheating and gauging behaviour of the person on the screen. And to do this, continuous monitoring of video and audio is needed, along with computer access to a great extent. However, several problems lie at the core of remote proctoring:
- System access risk: Several proctoring softwares require the student to give complete access of the computer to the software provider. The reasoning behind getting access is to check if the student is using any unauthorised app for cheating. This access could enable the vendor to run scripts and change settings of various apps without the student’s permissions. Moreover, giving complete access to the vendor could also grant them access to personal photos and videos, passwords and financial details stored on your device.
- Browser extension risk: One way vendors get access is by asking individuals to install browser extensions. “Many utilise these browsers for confidential purposes like online banking, social media, and personal correspondence”, according to psionline.com
- Video and audio surveillance risk: Proctoring apps make use of several privacy invasive techniques to see if a student is cheating. “Recorded patterns of keystrokes and facial recognition supposedly confirm whether the student signing up for a test is the one taking it; gaze-monitoring or eye-tracking is meant to ensure that students don’t look off-screen too long, where they might have answers written down; microphones and cameras record students’ surroundings, broadcasting them to a proctor, who must ensure that no one else is in the room”, according to EFF. Even if these tools could help reduce cheating in exams, there’s a greater risk of “mass biometric surveillance of potentially millions of students”.
- Personal and sensitive data at risk: Aside from the biometrics data discussed above, the vendor may also retain details like name, address, phone number, scanned personal documents, device information, GPS location, IP address, ISPs, URLs visited, etc. If these multiple data points are leaked or hacked, even anonymised information can be used to identify people and the data of students at risk.
- Consent: With many educational institutions picking up proctoring softwares for conducting exams, consent often becomes a gimmick. It’s hard for students to say no to sharing their data as it could lead to problems with their institution or with their exams, which could affect their academic results.
- Children’s data at risk: Often proctoring softwares are used for minors studying in school, who would find it hard to read and understand the policies of a third party proctoring software, putting their data at risk.
Conclusion: The judgement discussed in the intro upheld the rights of Aaron by stating that “the home lies at the core of the Fourth Amendment’s protections, as noted above. Though the intrusion in this case was not physical, the same principles protecting the sanctity of the home apply to a visual intrusion conducted through remote technology.” Although this intrusion was virtual, it was an intrusion nonetheless.
It is important to understand that just like we would not give our fingerprints, facial recognition data, passwords and bank details to just about anyone, we should also be careful when giving “access” of our computers to third parties. Proctoring apps are nurturing in India as well and there’s a growing need to regulate them with strong data protection legislations.
This post is released under a CC-BY-SA 4.0 license. Please feel free to republish on your site, with attribution and a link. Adaptation and rewriting, though allowed, should be true to the original.
Also read:
- Supreme Court Opens Sealed Cover Pegasus Report: Only 5 Out Of 29 Phones Infected With ‘Malware’
- Amex Becomes The Last Company To Comply With RBI’s 2018 Data Localisation Norms
- Tinder-Parent Match Group Files Antitrust Complaint Against Apple In India: Report
- Supreme Court Opens Sealed Cover Pegasus Report: Only 5 Out Of 29 Phones Infected With ‘Malware’
