Same shit, different platform—more problems than just faulty captions?
Panopto is the University’s latest attempt to make online learning slightly more bearable for students and lecturers alike.
Named after the controversial ‘panopticon’, the theoretical system of control where prisoners fearing constant surveillance regulate themselves, the service provides the University with extensive information on student’s interactions with uploaded recordings. Lecturers can see who is watching when and for how long at the individual and course-aggregate level.
Already, this invasiveness has rung alarm bells for online learners. Craccum spoke to some lecturers with expertise in privacy law and digital ethics on what this means for students.
The potential for Panopto as an overseas company to misuse student’s data cannot be understated, with one lecturer noting “The University’s privacy policy tries to comply with Principle 12 of our Privacy Act by saying data transferred out of NZ will be protected, but it’s silent on how.” The policy overlooks obtaining student consent, since “any such consent would need to be after [students] have been informed of the specific risk that their information may not be protected after transfer.” Another lecturer was less critical that Panopto would pose special risks, saying, “All video systems like Panopto are vulnerable to abuse if people aren’t thoughtful about how they use it. The biggest risks aren’t new—they’re the same abuses we’ve seen for years on YouTube, Zoom, and other video platforms.”
The University is not new to controversy in using monitoring techniques for online learning. Its use of Inspera for smart-proctoring exams that allows footage to be taken of users raised ethical concerns over student’s privacy. However, Panopto poses different issues: as one lecturer put it, “Smart-proctoring can be seen as a limited proportionate surveillance tool for a limited purpose, [and is] probably valid from a privacy standpoint. It is very different to the potentially unexpected ways in which lecture recording data might be used.”
If student’s data on their interaction with Panopto was used to determine aegrotats—a real possibility considering the service is more than capable—that would require full transparency from the University. “If one of the criteria for aegrotats is attendance at lectures, this needs to be communicated clearly at the outset and students should not be ambushed later,” a lecturer explained. They went on to add that it would be inappropriate to substitute manual roll-marking by “just relying on a platform which may be inaccurate… the digital way of doing it is subject to error.”
But the lecturers we interviewed saw no cause for alarm just yet. “YouTube and Netflix are collecting more detailed data about your video watching behaviour,” one lecturer pointed out.
“Should we hold the University to a higher standard? Yes! But I trust the University’s intentions more than I trust Silicon Valley’s. We have laws and University rules in place to prevent misuse, such as the Privacy Act 2020, the Public Records Act, and the UoA Data Governance Policy.”
Another recognised since students agree to the University’s conditions when they enrol, “Sometimes you have to trade off privacy for social benefits.” But accountability is crucial: “The trade-off shouldn’t be done in a sneaky way or in a way that people aren’t fully aware of what’s going on.”
Students do have some avenues to take if they have concerns about Panopto over their data sovereignty and privacy. If Panopto is using information for its own purposes beyond the service agreement with the University, students can make a complaint to the Privacy Commissioner. Students can request the company’s Privacy Impact Statement (PIA) for any flagged privacy risks and a copy of summarised key clauses to limit use of collected data in the agreement between Panopto and the University.
As of print UoA has not responded to Craccum’s questions about potential Panopto privacy concerns.
