Privacy in the online classroom

One of the benefits of Web publishing is that you can make something as visible and accessible as a billboard, but only to a select audience. Although privacy seems to run counter to the philosophy of the Web - all information for all comers - in many instances you may not want your Web-based materials to be world-accessible.

When considering privacy issues for your course Web site, first determine whether you have a need for restricting access to your materials. If so, evaluate the different restriction methods to determine which best accommodates your needs, and find out which ones are in use at your institution.

Reasons to limit access

Leaving your site open for worldwide access brings many benefits. Your students may do better coursework if they know that it is published in a widely viewed forum. Discussions may become more animated with input from students and scholars from around the world. Colleagues and students at other institutions can use a course site that is unrestricted. In short, access is one of the main advantages of the Web, and restricting access to your course content is a bit like tossing a wet blanket over the whole works.

Yet there are many practical reasons to restrict access. If only your students have access to your site, you may have more choices about the materials you can display. Your content, and your students' work, is less vulnerable to misappropriation. And a Web forum that resembles its classroom counterpart may feel more protected to students, so they may be more inclined to participate.

Copyright

Educators have traditionally relied on the fair use doctrine to use copyrighted materials in their teaching both because classroom use of these materials (mostly) met the criteria of fair use and because there was little chance of discovery: no "moles" lurked in classrooms to spot instances of copyright violation. The Web is different. In most cases, using copyrighted materials without permission on a course Web site does not legally constitute fair use (see Copyright and Web teaching). Also, a Web classroom is an open classroom, so there is a greater chance that unauthorized use will be detected (there are, indeed, Web "bounty hunters" who scout the Web for copyright violations).

Access restriction can be used to model traditional classroom use of copyrighted materials, where access to the materials is limited to class participants. For a course Web site, an implementation of this method would be to set up access restriction on the site and provide students with a course site login. Then, when a page is requested, users are prompted to log into the site, and those without a login are denied access to the pages (see Authentication, below).

When seeking permission to use copyrighted materials, access restriction can be a real selling point. You will have a much better chance of obtaining permission to use materials by ensuring that the content will be viewable only by your students or only within your institution. Also, some licenses for use, such as that from the Electronic Course Content Services from the Copyright Clearance Center, require that Web authors use site restriction to ensure that access to the licensed materials is limited to class participants.

Protection

Web-based materials are generally up for grabs. This is more a characteristic of the technology - it's just plain easy to download stuff - than it is a disregard for intellectual property. However, you may not like the notion of someone playing fast and loose with your Web site materials. For this reason, you may want to limit access to your site to protect yourself and your students from infringement.

If, for example, you are posting student essays on your site, you may find that your students are reluctant to post their hard work on the Web if it can easily be downloaded and used by other students. Restricting access to areas where students post their work provides a safe haven for sharing and exchange; leaving these areas open could inhibit or squelch participation.

Privacy

The grand global scale of the Web has its place, but there are times when it's good to be parochial and to consider local interests first. Teaching and learning are not activities that we have traditionally performed in public. In fact, one of the often cited strengths of classroom teaching is the intimacy it fosters among students and between students and the instructor. Trying to replicate the character of the classroom on the worldwide Web is a bit like trying to have a meaningful conversation in front of thousands of people. By restricting access on your site you get the benefits of privacy while still making full use of the Web as a tool for teaching.

Certain things take place in the intimacy of the classroom that simply cannot happen in a crowd or in front of spectators, such as class discussions or student workgroups. An effective use of the Web in education, however, is to provide students with a convenient way to continue class discussions outside class. If you plan to use a discussion area on your Web site, consider restricting access to allow a greater sense of intimacy. Indeed, you may find that any online exchange of a personal nature will lag unless you restrict access to class participants.

Restriction methods

Access can be restricted on a Web site in several ways. The main distinction is the type of entry users must pass through to get to your content: some ask the user to log in, others check to see where the user is coming from and either let them in or block their entry. With most methods you can restrict access to certain areas of your site while leaving others accessible to the world.

The restriction method you choose will depend largely on the software installed on your Web server. If you are using a courseware tool, access restriction is likely to be a built-in feature of the software. If you are developing your own site, ask your computing support personnel about access restriction options.

Authentication

One method for controlling access to Web-based content is to require users to identify themselves before allowing them access to pages. This portal requires users to enter a login and password, and their entry is checked for authenticity against a central database of users and passwords or against a class login of a single username and password.

A common implementation of this method is Kerberos authentication. When users request a page that is restricted using this method, they are prompted to submit their username and password. The server checks the information against a list of authorized users, and if the entry matches, users are issued a "ticket" and sent the requested page. If the server is unable to authenticate a user, it sends an error page instead.

IP filtering

An IP address describes the location of a computer on the network. Every computer on the Internet has a unique IP (Internet Protocol) address. But all IP addresses at a single institution have certain commonalities. These shared properties make possible IP filtering, a method whereby only computers whose IP address match defined criteria can receive restricted Web pages. A sample IP address is 129.170.18.13, where 129.170 designates the network (Dartmouth College) and 18.13 defines the host (my computer).

To implement IP filtering, you configure the server to send your restricted pages only to computers with certain IP addresses. For example, to restrict access to on-campus users, you would set your criteria such that only computers on the campus network (129.170 in the example above) can view your content. When a user requests a page that falls within this restricted area, the server checks the requestor's IP and, if it meets the criteria, sends the requested page. If the IP does not match - for example, for off-campus users - the Web server sends an "access denied" page instead.

No indexing

If you are considering adding access restriction to your Web site, you may want to take steps to ensure that your pages are not "crawled" by search engine spiders; your materials are not available and so should not be listed as accessible Web content. You can do this on your Web pages or on the server. Neither method guarantees protection because they are conventions, not barriers, which the spiders can heed or ignore. The only way to guarantee that your materials will not be indexed is to keep them off the Web.

HTML exclusion

You can keep spiders from indexing pages by including the robots META tag in the <HEAD> section of your restricted pages:

<META NAME="robots" CONTENT="noindex">

Unfortunately, as of this writing, at most a handful of the major search engines recognize and respect the tag.

Server exclusion

A more reliable method for preventing indexing is to put a "robots.txt" file on the Web server. This simple text file has two parameters: "user-agent," which allows you to specify which search engines should be excluded, and "disallow," which allows you to specify which directories or file names you want to prevent spiders from indexing.

User-agent: *
Disallow: /courses/music101/essays/*
Disallow: /courses/music101/classlist.html


The criteria above would exclude all spiders from all files and folders in the essays directory and from the class list file.

The robots.txt file must reside at the top, or root, level of the Web server directory in order to be recognized. Chances are that your Web server account provides access only to your subdirectory on the server, which means that you cannot add or change files at the root level. You will need to ask your computing support staff about adding robots server exclusion for your restricted pages or directories.

• Site navigation
  • Home
  • Case studies
  • Articles
  • Spotlights
  • Links
  • Resources
• About the site
  • Update history
  • Credits
  • Feedback
  • Copyright

Search Web Teaching

Copyright © Trustees of Dartmouth College
Last update 8 September 2003