Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier

As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel developments in academic data collection are converging: (1) open access requirements, whereby researchers must provide access to their data as a condition of obtaining grant funding or publishing results in journals; and (2) the vast accumulation of 'grey data' about individuals in their daily activities of research, teaching, learning, services, and administration. The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII. Universities are exploiting these data for research, learning analytics, faculty evaluation, strategic decisions, and other sensitive matters. Commercial entities are besieging universities with requests for access to data or for partnerships to mine them. The privacy frontier facing research universities spans open access practices, uses and misuses of data, public records requests, cyber risk, and curating data for privacy protection. This paper explores the competing values inherent in data stewardship and makes recommendations for practice, drawing on the pioneering work of the University of California in privacy and information security, data governance, and cyber risk.Comment: Final published version, Sept 30, 201

Prim Drift, CopyBots, and Folk Preservation: Three Copyright Parables about Art in the Digital Age

This paper employs a series of case studies from the domains of digital arts and creative/experimental new media to elicit tensions and contradictions in the current state of copyright and intellectual property law. I pay particular attention to the role of the "pirate" as preservationist--rather than taint or corrupt, historically we know that piracy has helped guarantee the survival of important works of literature and art. Throughout, I insist that the humanist is not a dabbler or interloper in these matters; humanistic knowledge, particularly semiotics (the study of sign systems) has the potential to lend consistency and coherence to case law that is currently shot through with loopholes, contradictions, and dead ends. To that end, I also outline the potential of a center devoted to intellectual property law and humanities advocacy

Giving patients granular control of personal health information: Using an ethics ‘Points to Consider’ to inform informatics system designers

Objective: There are benefits and risks of giving patients more granular control of their personal health information in electronic health record (EHR) systems. When designing EHR systems and policies, informaticists and system developers must balance these benefits and risks. Ethical considerations should be an explicit part of this balancing. Our objective was to develop a structured ethics framework to accomplish this. Methods: We reviewed existing literature on the ethical and policy issues, developed an ethics framework called a “Points to Consider” (P2C) document, and convened a national expert panel to review and critique the P2C. Results: We developed the P2C to aid informaticists designing an advanced query tool for an electronic health record (EHR) system in Indianapolis. The P2C consists of six questions (“Points”) that frame important ethical issues, apply accepted principles of bioethics and Fair Information Practices, comment on how questions might be answered, and address implications for patient care. Discussion: The P2C is intended to clarify whatis at stake when designers try to accommodate potentially competing ethical commitments and logistical realities. The P2C was developed to guide informaticists who were designing a query tool in an existing EHR that would permit patient granular control. While consideration of ethical issues is coming to the forefront of medical informatics design and development practices, more reflection is needed to facilitate optimal collaboration between designers and ethicists. This report contributes to that discussion