The Importance of Privacy in Education

EGUCHI Satoshi
Kyoto Women's University

Rihga Royal Hotel Hiroshima
Feb. 27, 2001

Privacy in educational institutions

As you know, one of the ends of the FINE project is to advocate ethical guidelines for computing and networking in educational institutes1. Thanks to discussions held in many places, we can safely say that Japanese teachers who teach computer literacy and information ethics have shared vague understanding on the importance of protecting personal information of students.

The FINE Project, especially FINE Hiroshima, has surveyed the present conditions of the school education and given us a large amount of research materials. We can see some examples of the rules and guidelines of the use of the net on their web site.

We can see that the guidelines are the result of discussion among teachers of each school or the local educational committees. It seems that their primary concern is how educational institutes may and/or should present their students' personal information to outside schools. May we use the names and photos of our students? Can we show our students' work on the web with their name? The resulting guidelines for elementary and secondary schools generally tell us to restrict rather severely teachers sending the information to the public by e-mails and web pages, and even restrict the students' use of the e-mail and web, or give prescription that students should show their e-mails to teachers before they send them to outside people.

The records of lectures and the interviews compiled by FINE Hiroshima give us a vivid image of expectation and agony of the teachers in elementary, secondary and higher education who are engaged in introducing the net to their schools. The teachers generally have understood the usefulness of education of the net, but, many also feel uneasy about letting students use e-mail since they may not be mature enough to communicate with the general population outside school, and are anxious about possible harm caused by information on the web.

Let us see the interviews by FINE Hiroshima. Concerning students' e-mail, Prof. Koshigiri insisted that if we introduce the net to our school at all, every student may well have his/her own mail account2. However, this may cause us problems.

Ms. Mita, a teacher of a elementary school, said that in a class she has the children send and receive e-mails, but she always reads their e-mails, since she isn't sure that children always behave well on the net3. Mr. Watanabe, a teacher of secondary school, said that an increasing number of students fails to acquire the ability to fully understand others' feelings, and unless he repeatedly directs his students to put themselves in the other's place, they are apt to ignore their care for their feelings.

Web pages have also been trouble for teachers. Most of the teachers interviewed are aware of the need to protect their students from harmful information on the web, especially sexually explicit materials and abusive speech and behavior on the web. They are planning use or already have been using some filtering softwares.

Moreover web bulletin board systems (web BBS) have caused a lot of trouble for teachers. Since the BBS in Japan generally have no access control, practically everyone reads and writes on the BBS. Bad behavior on the BBS may seems somewhat interesting and ``cool'' to some students. Even if BBS administrators restrict access by using IP addresses and ``web cookies'', we can write on them practically anonymously with some public anonymous proxy server and web cookies off. Mr Morioka reported and discussed this annoying matter4. Mr. Nagao, who is a teacher of a technical college, reported some cases of his students' intruding web BBS and harassment by e-mail with the open terminals in his school and pointed out the general shortage of manpower to administrate networks in middle-scale schools and colleges5. Mr. Tatsumi reported that in a system he had administered in an university , they technically prohibit the use of anonymous proxy servers and anonymous remailers to prevent students' abuse, and this prohibition itself had caused conflicts between the administrators and the students. The teachers are aware of the need to have guidelines and measures for such troubles6.

On the other hand, some teachers feel that if we restrict the Internet usage of students too strictly, it may retard their effective use and satisfactory understanding of the net, and checking and monitoring students' e-mail and their habits of web surfing may infringe their privacy.

Surveillance and its utility

Teachers feel anxious about letting students use the net, because, as we have seen, ``it may be too late'' when a trouble with outsiders have occurred. In a mailing list on computer education, a teacher wrote that , from an educational view point, we need a mail system that automatically monitors incoming/outgoing mail and reject any if they are not appropriate for children, or warn teachers to inspect them. In fact, several mail systems are on the market in Japan , that automatically reject the mails that contain some particular words.

Of course to prevent trouble with outsiders, which may be caused by students' e-mails or web surfing, are not the only benefit of such a monitoring. For example, a group by Prof. Yoda of Tokyo Kasei Gakuin have made a software that backups group learning in elementary school, that monitors the number and the destination of e-mail sent and received and the number of articles written and read by each student. He says this monitoring is important and useful for a teacher to grasp his/her students' unique and diverse activity in a classroom. In addition, this software protects students from criminal or malicious e-mails from outsiders7.

As is too obvious for us, an administrator with moderate experience can do the same thing without such existing software. In fact I think it may be too easy.

The operation systems like Microsoft Windows and Macintosh, which are very popular in educational institutes, are designed for personal use (it's called ``PC''!). When we share one machine with others, various information, i.e. documents we make, received mails, web cookies and cache files for web browsers can be read by anyone who uses it. Experienced teachers (and students) can easily see how the machine has been used.

Many schools of middle or large scale use some file sharing systems to give the same and unique operating environment to every terminal. In this case, administrators know who uses what computer. If access permission flags of user files are not set appropriately, everyone can read and modify his/her files.

In UNIX systems, which are generally used for mail servers, mails are stored in a directory and the transaction data are stored in log files. Administrators can monitor and read them when he feel it is needed. ``Sendmail'', the most popular mail transfer software, can easily expand to sort out the mails which contain some given words. Web proxy servers like ``squid'', which serves to lessen the amount of net traffic, also record its traffic. Then, he can know who sent and received who's mail, who browses what pages on the net. There are many free software to get statistical data from various log files. Undoubtedly some schools will be going to introduce some filtering softwares before long.

I think some may think it is very useful in itself and some feel it is tempting to use these data to improve school education. For example, we can know how a student has made progress from his/her documents.

In addition, from my experience as a teacher in universities, in the collage level, e-mails and net surfing (include using BBS) are already a main communication channel for students, as well as personal mobile phones. Students as well as we teachers are very fond of communication with their friends or even strangers. Any computer terminal can be used for their personal communication.

Then, from some logs processed statistically, network administrators can guess their students' complex association with their friends, or their concerns and interests toward the world, which can not be seen from a teachers' view so far8. In Japan, after some major cases of juvenile offenders and bad behaver of the youth (including some cases which took advantage of the net), we now are wondering that there be requirements that teachers to control their students strictly. Some of us think that teachers in schools are in charge of take care of the personal life of their unstable youth, and no doubt this possibility of monitoring our students may seem very tempting. Maybe the more earnest a teacher is, the more tempting it seems 9.

Should we realize these possibilities? How and under what conditions?

The importance of privacy

Now we are at the point of looking at why privacy is important. The theoretical points of privacy have been incessantly researched and discussed in the FINE project (esp. at the Kyoto and Chiba forums)10. Let me summarize the main arguments for privacy.

First, privacy is important because it is required in social competition with others. If my idea or strategy is known to others, I will be put in a disadvantageous position. Next, if my personal information, e.g. medical records is known to others, my life may get harder. If I am known to be an alcoholic, it may get harder for me to get a stable job, or, if I know it will be known to others, I will hesitate to go to a hospital, and consequently, I can't get cured by appropriate treatment. Since our society has various prejudices, we may have something we don't want to be known to others. My birthplace should be irrelevant to my employment or promotion, but if it is known, some people discriminate against me. Or, it is simply embarrassing that one's inner ideas, fancies and desires be known. Although I know almost everyone has his/her own sexual desires and know there is no need to hide them, it is embarrassing to have others know what sexual fancy I have now (except my very intimate friends, probably). Again, privacy is important because if my personal information is known, I will become more vulnerable to attacks from malicious people or criminals. In short, privacy is important for security. James Moor11 tells us that we have shared ``core values'' in our society, that is, life, happiness, freedom, knowledge, ability, resources, and security. Privacy is not a core value itself, but an expression of a value, namely, security. We are uneasy and can't feel secure without privacy.

These lines of argument are well known to and agreed with by many scholars and writers in Japan. In addition, we can recall and add a few more that are apt to be ignored in the discussions in Japan. Jeffrey Reiman12pointed out that we need privacy for our freedom. If my personal information and my inner ideas are known, I am apt to be controlled by some authority. And if we are aware of being watched by others, we can't plan and conduct ourselves as we wish, even if what I want to do has nothing to do with others. Privacy is needed for our autonomy and freedom, which make up a central part of our personality and individuality.

Charles Fried13 and James Rachels14 pointed that privacy is important for our relationship with others. Fried said that we need intimate relationships like friendship and love, and such relations again need exclusive exchange of personal information, inner ideas and feelings. If information about me is equally known to everyone, a special intimate relationship among a few people can't be held. Rachels added to this pointing that in our society we need to take different attitudes toward different people, and this can't be done without privacy. Ruth Gavison15and Thomas Nagel16 pointed that we have more or less the ideas that can't be accepted by others, and we need a buffer zone to avoid conflict with others17.

Now you have already understood the importance of privacy in education. Pupils and students are now in on way to develop their personality and individuality, and are learning and seeking to find who they themselves are and who they should keep company with. Already in the mid 19th century, Danish philosopher Sren Kierkegaard suggested to us the significance of having an inner secret and ``inwardness'' to our existence. Those who have no inner secret are only in a ``immediate'' state of existence, and have no idea who they really are18. English philosopher John Stuart Mill told us that our ability to choose (which is essential for us to be happy) is only developed by our actual excise of our ability to choose, and therefore personal freedom should be fully protected 19. We can't deny the importance of letting the youth to have some kinds of inner secrets, exclusive personal relationships, free trials and errors.

But, although privacy is very important in such various ways, we should admit that it is not absolutely important, or the right to privacy is not an absolute right. As Mr Tetsuji Iseda suggested20 the value of privacy is to be balanced with other conflicting values, rights, and obligations. Then, what balance should be sought? What values will conflict with students' privacy?

How should we treat the problem?

These years, the problem of workplace surveillance is well analyzed and discussed by philosophers in western countries.

Some organization and their defenders insists, for example, that employers own their computers and networks, hence they have the rights to inspect their employees' e-mail and/or to monitor their habits of web surfing. It serves to exclude their personal use of the equipments and to find lazy employee, etc., and in consequence it leads to more efficient and profitable business, which then will lower the cost and benefit all consumers. Moreover, since an organization is sometimes taken to have an obligation to see that its employees do not harass their colleagues or abuse the net, therefore an organization not only has the right to, but also the duty to survey their employees behavior on the net.

Many philosophers insist that such workplace surveillance is too intrusive and harmful. We humans sometimes make mistakes, get bored, frustrated, lose concentration. Monitoring their behavior surely will increase stress and lower morale of employees. Weckert and Adeney21says, ``it is certainly not showing them any respect as persons.'' Richard Spinello22 suggested that e-mail inspection surely will be too harmful, because many interactions in the workplace intersperse business and personal information. Employees have need to conduct some personal business affairs from their office. So if an employer checks his employees' e-mail, he intrudes the employee's private affairs, which are none of his business.

Can we apply their arguments against workplace surveillance to school surveillance? Yes, but partially. The immediate aims of workplace surveillance are chiefly (1) to have more efficient business, and (2) to prevent employees' abuse of the net. But, (let us reread (1) as ``more efficient education'') surveillance in school will have an additional and seemingly more important purpose, that is, (3)to protect the youth from harmful information. It is very natural to think the more vulnerable students are, the more serious it is to protect them. Moreover, if our discussion on the importance of privacy does not miss the point, we can safely say that younger students' privacy is not as important as older students, although it surely goes too far to say that the third grade student needs no privacy. I think some may well say that we can reconsider if junior students really need to communicate privately with outsiders at all at the risk of being exposed to harmful information.

Then, what can we say? I think there are a few points that are clear. Firstly, computers and the net should be introduced to schools with much care and appropriate curriculums about network privacy. Architecture of computers and networks, and the impact of using them on our privacy, are hard to understand, especially when users are young. In fact, in modern network systems, to know how secure my files and mails are requires not only the knowledge of the electric architecture of the system, but also the knowledge of human resources and systems of the organization, that is, who administers the system, how the disks are shared, who can read the logs, who can read my files, when backup copies of the files are, what machines my mail goes through, etc. I am not sure all of you have a clear idea about such things. It seems to me that it is surely undesirable and may be ethically unfair that students make use of the net without certain clear conceptions of the security of the net, especially when they have reached the age of needing privacy.

Secondly, in Japan, the problem of students' privacy in education is less discussed than that of the outflow of student's personal information to the outside. I guess it may be partly because the discussion and policy-making up-to-now has been led by professionals and administrators themselves. Since in most educational institutes, there has surely been a digital divide, and schools of small or medium scale don't have much manpower, therefore those who know the net well inevitably have to administer the system. Such high-tech people have some clear idea how they protect their own privacy. We all have a tendency to take matters serious when our security are at stake, and take them light when we have little to do with them. So we should carefully reconsider the guidelines and educational curriculum from a general users' view point. It may include to think about whether we should teach students to use the encryption method to protect their privacy.

Thirdly, the administrative policy should be open to everyone. How they monitor the system, how they treat and process the logs should be known to everyone who use the system. Moreover, since one source of importance of privacy is secure feeling, as Moor pointed out, we should ensure them not only by professional ethics 23 of the administrators, but also by making appropriate institutional reforms (e.g. separation of teaching staff and network administrators, or reviewing by peers) esp. in higher education.

I think we need more detailed discussions, and hope the FINE Project, which mainly consists of the philosophers and common users of the net, will successfully contribute to them. 2425.

... institutes1
about FINE Project and its direction, see Mizutani Masahiko, ``Information Ethics in the age of Internet'', in Ochi, Mizuntani, Tutiya (eds.), Information Ethics, Nakanishiya Pub., 2000. See also Ochi Mitsugu, ``Education of Information Moral'' on teaching information ethics.
... account2
The 17th Hiroshima Forum.
... net3
The 15th Hiroshima Forum, inteviewed by Uemura Takashi.
... matter4
The 13th Chiba Forum
... colleges5
The 7th Hiroshima Forum.
... troubles6
The 8th Hiroshima Forum.
... outsiders7
... far8
For the discussion of collected personal data, see Deborah Johnson, Computer Ethics, Prentice-Hall, 1994
... seems9
In fact, I have once discussed with my colleague about the possibility to use the system to sort the students out who cut their class long time. If a student didn't log-in for long time, or her mail spool is full of unread mails, we can find that she is long absent from our school.
... forums)10
The materials for researchers are collected and printed in Information Ethics Reseach Materials I, 1999, FINE Project and Information Ethics Reseach Materials II, 2000, FINE Project. Henceforth FINE Materials I and II
... Moor11
James Moore, ``Toward a theory of privacy in the Information Age'' in J. van den Hoven (ed.), Computer Ethics: Philosophical Enquiry, Department of Philosophy, Erasmus University, 1997. See also a review by Kodama Satoshi in FINE Materials II.
... Reiman12
Jeffrey H. Reiman, ``Privacy, Intimacy, and Personhood" in Ferdinand Schoeman (ed.) Philosophical Dimensions of Privacy, Cambridge University Press, 1984.
... Fried13
``Privacy'' in Philosophical Dimensions of Privacy.
... Rachels14
James Rachels, ``Why Privacy is important'' in Philosophical Dimensions of Privacy. See a review by Matsunaga Kiyofumi in FINE Materials I
... Gavison15
``Privacy and the limits of law'' in Philosophical Dimensions of Privacy.See also a review by Okuda Taro in FINE Materials 2000
... Nagel16
Thomas Nagel, ``Concealment and Exposure'', in Philosophy and Public Affairs, 1998
... others17
FINE Materials I & II contains many other papers and reviews necessary for discussions on this topic. See the papers by K. Tagaya, M. Okuno, and the reviews of the papers by H. Tabani, H. Nissenbaum, J. van den Hoven, and A. Miller.
... are18
See S. Kierkegaard, Sickness unto Death
... protected19
See J. S. Mill, On Liberty, esp. Chap. 3
... suggested20
See Iseda Tetsuji's ``Information Ethics and its Methodology'' in the Proceedings for FINE99
... Adeney21
John Weckert and Douglas Adeney, Computer and Information Ethics, Greenwood Press, 1997
... Spinello22
Richard Spinello, Cyberethics, Jones and Bartlett Pub., 2000
... ethics23
about professional ethics, see Tutiya Syun ``Professional Ethics of Information Practitioner, in Information Ethics
... them.24
On related problems in management of the system, see also Nagasaki Kensuke's ``Ethical Problems in network management'' in FINE Materials I, and Aihara Reiji's ``The limits of Network Management'' in Information Ethics
I am grateful to my colleague Prof. Yokota Shunji and my friends for their kindness to correct this paper.

EGUCHI Satoshi