This is now one of my principle aesthetics for evaluating assessment systems. Anything that is forced onto the student is immediately in need of careful examination to establish if there are other supporting aesthetics that require this compromise.

 Recall the roles of assessment: evaluation, criticism and ranking. From my personal account yesterday, it would appear that attempts to rank me based on my undergraduate degree were no indicator of future performance, which means that (in one case at least) such measures are unreliable.

We didn’t have grade point averages (GPAs) when I was undertaking my degree but we still had the tyranny of the transcript. Even if you accumulated enough passes throughout your degree to graduate, you could not escape your failures. I see this in student transcripts today. A student comes in and struggles in the first semester or two, then the marks stabilise. The only problem is that we still count those initial semesters into any grading records and they’re still visible on the transcript. We do make concessions for transition in some places; we don’t count first year in our honours calculations for Engineering, for example. But when it comes to the GPA and the cast-in-stone artefact of the transcript? You’re stuck with them.

I saw an excellent keynote at the Australasian Computing Education Conference as part of Australasian Computer Science Week, 2016, where Professor Judy Kay, University of Sydney, talked about user models for the vast quantities of personal data we are generating across the globe, via the many mediating communication systems we’re connected to. Judy does extensive work in computer-human interaction (CHI) and carries out research in areas such as facilitating learning more effectively and efficiently, defining personalisation, and supporting long-lived learning systems.

Her user model approach asked some fundamental questions about what we should be storing, where we should be storing that data, who has control over it, and, ultimately, who we can trust. But it’s a straight-forward premise: in any system where you are providing data, you should be in control of that data.

It should come as little surprise that someone who is opposed to arbitrary and often unreliable single-grade proxies for human achievement feels strongly about the user models for representing that data! I’ve had a student project in this area, looking for Honours or PhD students, where we’ve asked if privacy preserving mechanisms can be used to give a student total control over her or his grades, while still allowing us to work with that data as a University.

Why give a student total control? Well, it’s their money, for starters. Students contribute non-trivial money and, in any other setting, they would have a high degree of control. We can probably argue from authority for how we teach and what we teach but that argument becomes shakier when we demand that students share all of their results as part of the process. Once a student has a degree, or meets a pre-requisite, why is it anyone’s business but hers or his as to whether they achieved a Passing grade in Advanced Stonkology or a Credit? They have met the bar… haven’t they?

Why is a GPA assembled from all grades? I’d like to say that I believe it’s because it’s an accurate reflection of progress but, frankly, I don’t believe it. I think we build GPAs from all the courses in one degree because we have an implicit user model that says “all courses must be visible”. In many cases, I don’t think we’ve talked or thought about it. It’s just what we do.

And the student is not in control of marks that they generated, paid for and, in many cases, may be limited by even if they improve their standing over time. Can we give a student control and still do what we actually need to from an educational standpoint?

There are two sides to this. The first is technical. The second is more organisational, even political and sociological. Let me address the technical one briefly.

Cryptography, the practice and study of secure communications, has a sub-field called secure multi-party communication (SMPC). The aim of traditional crypto is to allow participants to communicate a message, m, without anyone other than the participants being able to read the message. SMPC takes this further. Each participant provides something to be used in some sort of calculation but, this time, we want to ensure that what is provided by each participant is kept secret from all of the others, as well as they people who aren’t involved. We talk about a range of privacy preserving operations where we can do things like ask “Which of these two people has more money” without either party having to explicitly tell the other how much money they have. There is an issue of leakage in these calculations, in that if you keep asking ‘well, is this bigger than that‘ you’ll eventually be able to get a very tight range for the hidden values, but carefully designed mathematical and computational approaches to solve this are well-defined and working now.

To summarise this, the technology exists right now for me to able to calculate if a student has the pre-requisites to undertake further study or graduate without looking at any of the marks personally. There really is no good reason that I can look at my student’s grades in many cases. A quick calculation to say “this requirement is met” is all I need and this would mean that a student’s details would remain private.

Now to the more challenging aspect. What if a student doesn’t want me to see any of their marks at all. We do have students who undertake work as Non-Award, outside of any degree program, but once you put things into a degree, we force the assumption that all of your marks must be counted in there.

I have no problem with a student who says “You can’t see my data on this”, as long as it’s agreed that this means that I can’t do pre-requisite checking or graduation based on this. Some people just like to come to University and I don’t think that there’s really anything like “too much education.” Education is a common good and has a short and long-term benefit for the society that exceeds any graduate salary benefits for the individual.

But can we handle the even more challenging step of a user model where a student tells us which courses they wish to use for their summary calculations for meeting requirements? Do we care about four failing grades in the face of 72 successes? Should a student have to wear the educational mistakes that were made at 17 around her neck forever? (Especially when we are honest about how much early University performance is predicted by factors that are based on socio-economic status and privilege.)

But Total Control of student user artefacts goes further. It says that we don’t store anything about the student that isn’t legally required, even if it’s accidental system storage and never used. It’s being able to say exactly what user data is used for your assistance and how you can opt out explicitly of everything else you don’t want. But a Total Control strategy is one where we, as educators, are open about the implications of that action. In a time of growing usefulness of learning and academic analytics, we have to be upfront with students and say that disengaging from some of the systems may be to their detriment. We also have to struggle with the known issues of anonymity in public computerised systems as a duty to all of our students, to ensure safe and constructive environments. Can we support de-identified students in social forums but not anonymised ones?

This is not a simple problem. This requires us to think deeply about how we build something that is simultaneously good for the student, for students, for the learning teams and for our institutions, who have statutory requirements over the top of this. (I note that I consider “survival of the useful institutions of education” as an aesthetic factor as well. If there are some things we have to do, in order to allow other things to happen, we have to weigh this up and make decisions, even in a beauty framing.)

I don’t think this is impossible and I think that the discussion is essential as we move forward into a highly connected and measured world with a very long memory. Seeing Judy talk about just reinforced how widespread this issue is. Now is not the time to say “We keep this information because we always kept it”. That’s back from a time when a data warehouse search required you to drop one hundred trained scribes into a warehouse in Soho to search stacks of boxes. I can do that with a finger today.

More thought is required.