International Understanding Education

Disseminate and master the geographical, economic,

cultural and political knowledge of various countries

The risk of educational data in the era of intelligence can not be ignored
2022-05-24 11:52:24

In the era of intelligence, the application of big data technology in the field of education continues to deepen, and the application scene and scope accelerate to expand, which provides a scientific basis for educational decision-making and a strong driving force for teaching reform and innovation and high-quality development of education. However, the privacy and security risks faced by the links of educational data collection, storage, analysis and sharing can not be ignored, and educational data security incidents occur from time to time. With the continuous advancement of educational informatization construction, the value of educational big data as an educational strategic resource continues to improve, and ensuring the safety of educational data has become a necessary answer to run a satisfactory education for the people.


The risk of education data should not be underestimated


Education data involves many aspects such as individuals, schools, courses and resources, and involves a large group of educatees and educators. Once a risk event occurs, it will not only affect students, parents, teachers, schools and other subjects, but also may spill over to other fields, derivative network fraud and Telecommunications fraud, affect more people and fields, and cause economic and other losses. There are three main forms of educational data risk.


First, the risk of infringement, including the infringement of data privacy and the ownership of data assets. In the process of educational data collection, improper expansion of the scope, collection of sensitive data and other violations of personal privacy occur from time to time. For example, in October 2021, Shanxi Xinzhou No. 1 primary school launched a statistical table of students' situation, which makes statistics on students' family situation according to 11 categories, including "leader children" and "enterprise boss children", which has a great negative impact. The rapid growth in the scale of education data, the ultra fast flow speed and the unclear ownership of data are also easy to cause disputes.


Second, regulatory risks, including the disclosure and abuse of educational data. With the continuous improvement of the informatization level of the education industry, a large number of sensitive information such as students' personal information, grades, academic status and degrees are centrally stored in the database system, facing the threats of tampering, theft, embezzlement and disclosure, which brings great trouble to students, teachers and schools. In recent years, blackmail attacks have become a major threat to the security of education data in various countries. In 2021, 18 educational institutions in the UK alone were affected by blackmail attacks.


Third, algorithm risk, including the restriction of free choice by rule algorithm, the deprivation of independent decision-making by data prediction, etc. Some educational data managers use scientific and technological means as an excuse for "black box operation", use algorithms to discriminate against users and improperly interfere with users. For example, some schools use algorithms to assign teachers' work, but in fact, it may have exceeded the load of teachers; Some schools let students with poor academic performance change majors, depriving students of the opportunity of self-decision-making; Some educational platforms rely on algorithms to push online games, vulgar novels, live entertainment and other content irrelevant to learning to learners.


Provide four-dimensional guarantee for data security


In the era of intelligence, standardizing various processes involved in educational data, providing strong security guarantee, and making data resources truly become a sharp tool for educational scientific decision-making and innovative development are the due meaning of the modernization of educational governance system and governance ability.


The security of educational data can be guaranteed from four levels.


First, improve laws and regulations. The state should improve the education law and other laws on the security protection of education data, and explicitly prohibit infringement, privacy disclosure, data abuse and other phenomena. The Ministry of education and other departments should rely on the data security law and other laws to formulate rules and regulations, clarify the boundary of educational data management, and implement effective regulations on the collection, analysis, use, sharing and decision-making of educational data; Clearly define and safeguard the data rights of education data generators and providers, and respect their data personality rights and property rights; Give priority to protecting the privacy of personal data, establish property rights for educational user data, give priority to the appreciation of educational data assets, and give property rights to data collection entities. Provincial and municipal education administrative departments shall formulate targeted measures for the implementation of education data security according to the actual situation of local education development and big data application, strengthen the supervision of schools and after-school training institutions, and provide technical and training support.


Secondly, strengthen risk assessment. The Ministry of education shall cooperate with relevant departments to establish an education data risk assessment system, and control and manage them by classification according to the impact, destructiveness and possible losses of different risks. Establish a privacy protection mechanism based on education data risk assessment, and build a safe storage and transmission mechanism of sensitive data. For the safe transmission of sensitive data such as teachers' and students' personal identity information, students' behavior preferences and school status and education management, we should strengthen the collaborative management of password level, multi-level user authentication system and encrypted e-mail. Relevant websites adopt digital certificates and establish an information security firewall to protect private information and sensitive data from disclosure and theft.


Thirdly, build a regulatory system. Build a national, provincial, municipal and school level supervision system, form a multi-party linkage and multi-layer governance mechanism, optimize the collaborative supervision of education data risks, make full use of intelligent technology, identify and characterize education data risks, comprehensively analyze potential hazards, investigate, warn and resolve education data risks. At the national level, an inter ministerial joint or coordination mechanism can be established by the Ministry of education, the central network information office and the State Administration of market supervision. Led by the Ministry of education, other departments, according to their own rights and responsibilities, undertake the work of network security supervision, compliance review of market subjects, cracking down on illegal acts, etc., especially filing and investigating the infringement or security loopholes of national large platform education data. The provincial and municipal levels can refer to the national level to establish regional education data supervision teams to clearly divide and standardize the authority, responsibilities and obligations of education data supervision. In accordance with the requirements of education data supervision, the school should cooperate with education, Internet information and other departments, transfer technical backbone, establish data security protection mechanism and school-based data supervision team, clarify management rights and responsibilities, and realize rapid response and rapid response.


Finally, regulate ethical values. If we ignore the ethics and value of education, the educational data service based on intelligent algorithm may alienate education and make it manipulated by data and algorithm. Therefore, it is necessary to emphasize the humanistic position of traditional education, return to the humanistic value of education in the pursuit of objective truth, and break the data hegemony. Based on "people-oriented", we should judge ethical dilemmas and blind spots, formulate and optimize ethical risk resolution schemes, abandon data "black box operation" and promote openness and transparency of algorithms. We should establish a data security review and accountability system to ensure the legitimacy, security, integrity and availability of educational data, the educational autonomy of teachers and students and the security of educational privacy data, and punish violations of laws and regulations. Build an ethical risk control mechanism for educational data, promote the compliant application of educational data in educational management, teaching and research activities and student development, and highlight the humanistic care of educational data application.

Related reading