Digital Learning & Design

Brown flags waving in front of the GatesBrown students learning internationally may face unique barriers in the context of hybrid and online instruction due to sociopolitical environments that may make some topics sensitive and legal requirements that may restrict technology access in their learning environments. While Brown students living internationally have extremely diverse learning environments, some challenges and circumstances may include lack of access to some of Brown’s course tools such as Google’s GSuite, YouTube, or Dropbox due to in-country restrictions and internet bandwidth and connectivity issues making it difficult to access course materials or join synchronous class sessions.

Students may also have concerns about online privacy or feel the need to self-censure given local laws around free speech. This raises many questions for Brown’s instructors. Below we focus on frequently asked questions that provide information on Brown data privacy and security practices and offer considerations for faculty supporting learners in these challenging environments.

Data Privacy and Security- Brown Policies

  • CIS complies with guidelines and policies established by the The Data Governance Committee and Data Governance Advisory Group
  • CIS conducts stringent security reviews when licensing and providing access to course tools software. 
  • CIS carefully considers the vendor’s approach to data handling and privacy policies including locations of data servers, encryption of files, etc. by making use of the Higher Education Community Vendor Assessment Toolkit (HECVAT), a questionnaire framework specifically designed for higher education to measure vendor risk. 
  • CIS educates the community on appropriate Zoom settings to ensure privacy in multiple ways: 

 

  • Redundancy of functionality is available through a suite of software tools in support of teaching & learning
    • For example, Zoom recordings of class sessions are distributed to students with the Panopto Media platform. If a country were to block access to Panopto we could use Zoom or an alternative method to distribute that content. 
  • Digital Learning & Design (Sheridan Center) provides guidance on pedagogical approaches.
  • The Sheridan Center provides a new optional syllabus statement that asks students to report any access/privacy concerns to their instructor. 
  • Use of Technology to Support Your Learning in This Course
  • Brown’s relationship with Zoom started in 2017 when the company was experiencing mild growth across the spectrum of the business and educational market.  
  • CIS conducted a competitive assessment process driven by a need to have a system that was globally available, easy to use, accessible, and secure. The decision was based on two key differentiating factors: usability and price.  Given Brown’s large number of active faculty, staff and students Zoom was the right choice for Brown.
  • Zoom is a publicly traded company.  Zoom has subsidiaries in China and other nations.   As do all companies operating in China - including competitors - they must follow the laws of the nations in which they operate.
  • Yes! Zoom provides encryption of data for paid subscribers; free Zoom accounts do not have encryption included in their services suite. 
  • CIS works closely with campus-partners to identify enterprise-level tools in support of key university functions such as teaching and learning. An extensive assessment and review is conducted to identify appropriate solutions for Brown with multiple criteria taken into consideration such as functionality, security, scalability, vendor reliability, cost, and deliverability.  
  • Rather than license redundant enterprise solutions, we integrate platforms and tools to address needed functionality because this provides a better learning experience for our students. 
  • We prioritize the ease of use for instructors and students; this is achieved by providing fewer enterprise solutions so that the community can develop a comfort level and familiarity with key tools. 

Technology Restrictions

  • To be fully transparent, we cannot offer complete assurance about this question because no technical solution can fully protect Brown instructors and students from the possibility of state monitoring.  For this reason, we recommend being aware of this risk and engaging in a conversation with your students to account for your course content and individual circumstances. 
  • CIS considers and evaluates data security and privacy when negotiating contracts. If connections within a country are surveilled, Brown takes proactive steps to reroute users away from data centers to  a free nation where communications can be encrypted.
  • In countries where the internet is state controlled and ‘protected’ by what we in IT call the ‘great firewall,’ companies are subject to both surveillance and regulations requiring them to turn over certain technologies of interest to that nation. In such cases, it is common for  multinational companies and organizations to establish subsidiaries to avoid state control and interference, in order to preserve access to affiliated users.

Guidance for Teaching and Learning

  • Some users are more comfortable recording Zoom sessions to their local computer rather than the cloud. 
  • If you choose to record Zoom sessions to your local computer, we do not recommend emailing the files. Instead, we suggest that you upload files to google drive and use the access control provided within google. 
  • See this article for more information. 
  • Rather than recommending VPN to your student as a way to participate remotely in class or access materials, we suggest that instructors have discussions with their students about what alternatives may work best for them. Depending on the country restrictions and risk of participation, students may prefer to dial into class sessions, replace their zoom nameplate with an alias or anonymous name, request course materials and audio recordings via email, and submit their assignments by email. In considering inclusive approaches and risk reduction strategies, instructors are encouraged to invite students to share their concerns and suggest options for their safe participation.
  • A further challenge is that under U.S. law, Brown may not lawfully export technologies like VPN and DUO (our 2-factor authentication program) to the comprehensively sanctioned countries (Cuba, Iran, North Korea, Syria and the Crimea Region of the Ukraine). These sanctions and restrictions can limit the ability of residents in these nations/ regions to access anything that requires authenticated sign in. A number of additional countries (e.g., China, Belarus, China, Iraq, Oman, Russia, Turkey, Turkmenistan, and UAE) make the use of VPNs extremely difficult, if not illegal. View country-by-country information on legal and practical restrictions to VPN access.