Data Autonomy FAQ
On this webpage you can explore the main aspects of this initiative at the University of Groningen in four questions. We also invite you to have a look at the ‘work in progress’ section to get more insights on events and research that has been done.
Data should be used in our best interest
In its simplest form, Data Autonomy can be understood as the capacity to make meaningful decisions about our data. As more of our data moves into ‘the cloud’ and is being used to train algorithms and smart systems, organizations and individuals lose track of where and how data is stored, analyzed and shared.
Data Autonomy aims to ensure that our data is protected, secured, remains accessible, and easily shareable. But it also goes beyond that, to make sure that data is being used in our best interest, putting human dignity and institutional autonomy at the core.
Control about data is in the hand of powerful players for now
At the moment, it is too often unclear if, when, to whom, and for which purposes data is - or could be - analyzed, stored, and potentially re-shared in various forms. This is not only a question for privacy and data protection, it affects the autonomy of entire public institutions such as universities and higher education in general.
Currently, we cannot be sure that our data is being used in our best interest, as most digital services we use are either only offered by a handful of parties, or depend on the large scale infrastructure of those parties to work. This undermines the autonomy of public institutions that ultimately depend on the cooperation and good will of those few powerful private actors, who might (re)use the data stored to increase their power while undermining personal, academic and collective autonomy.
Dependency on data-based services and infrastructure
Think of how often you use services such as GMail, the Google calendar, Brightspace, or research platforms such as Elsevier’s Pure. Besides, sometimes someone might use non-officially supported ‘shadow IT Systems’ such as Meta’s WhatsApp. It seems we cannot live without them as we use them everyday as consumers and private customers.
We permanently share our feelings, thoughts, insights, interests and intuitions with these apps to express ourselves and share our work. This allows the data aggregators to build profiles of us as clients and professionals, but also of entire faculties and research groups in order to identify trends and predict what is likely to happen in the future.
If we wanted, could we even switch to other services? Which ones are available? How would we do that? What would it cost and how long would it take? These are all pressing questions for which we need clear answers and a strategy to protect our autonomy and make the best choices for the community as a whole.
Unclear how our data is used
At the moment, it is unclear if, when, to whom, and for which purposes data that we produce, store and edit in ‘the cloud’ (e.g. using Google or Microsoft services) is being analysed, and potentially re-shared in various forms (e.g. How many academic articles does it take to train ChatGPT how to write a perfect assignment, or programme the perfect code?).
Involvement in data control
The control over cloud infrastructure is in the hands of a few powerful players, who might use our data to increase their power to the detriment of our personal and collective autonomy. We are not in the loop when it comes to the meaningful decisions regarding our data control, and this needs to change. This does not mean that data processing and storage can only happen on-site, or based on Open Source systems. But we need to know what is going on behind the scenes, and we need to be sure that data is only used according to our values as an academic community.
Initiatives to increase Data Autonomy
At this moment, several European initiatives have the aim to increase Data Autonomy. In parallel, legislative efforts by the European Union are underway to curb the influence of Big Tech. Nevertheless, Data Autonomy in universities and higher education is being questioned and discussed in the context of public values.
Data Autonomy matters because..
-
Students need safe (digital) spaces for learning and making mistakes, which do not haunt them for the rest of their lives (e.g. when applying for an intership or a job)
-
Researchers need to have tools that are effective and keep them in control of their research data (e.g. without having to share it for further use by big publishers or Big Tech companies to train their AI models)
-
Teachers need tools that support their work while giving them the autonomy to design courses freely (e.g. without having to comply with pre-designed patterns and limited options)
-
Universities need to be able to promote academic freedom and free expression without being factually dependent on one or two providers who can charge for their services whatever they want
By thinking about how to enhance Data Autonomy, we are protecting and promoting our institutional freedom, values such as human dignity, as well as the interests of students, employees and our partners.
The UG has too little control over our data
We can not make decisions about our data on an individual and organizational level alone. Under current circumstances, the UG has only little control over data that is kept in private data centers. The companies that offer cloud storage services are not necessarily aligned with European public values and relevant laws such as the EU General Data Protection Regulation (GDPR), or other upcoming legislative frameworks such as the Digital Markets Act, or the EU AI Act.
Risk of profiling of the university, faculties, research groups, students and staff in general
At the same time there is the risk that all of us are being profiled and surveilled. This does not necessarily have to happen on an individual level to have a profound impact on our everyday lives.
For instance, the metadata of students (e.g. who is in contact with whom, how frequently, at which times) and staff might be used for commercial purposes and to profile entire faculties or departments. It is concerning that the data of three-quarters of all Dutch students is stored at data centers which are controlled by private companies which are primarily interested in short-term economic goals. We should also consider the possibility of data access being denied (e.g. for reasons of national security of countries such as the United States or China), meaning we could lose all our data.
Vendor lock-in
Moreover, the current tendency to store (personal) data in remote/unknown cloud storage infrastructures with little control might result in “vendor lock-in". Once there is no easy exit strategy or no viable alternative, the costs for the use of and access to this infrastructure might increase beyond expectation. There were first signs of this as Universities excited the most severe period of the COVID-19 pandemic.
Respect, protect and promote academic freedom in the digital age
Before making choices, we need to understand the status quo, as well as our needs as a community. This is at the heart of the Data Autonomy project. Besides raising awareness, we investigate with our partners which alternatives are out there, and aim at improving the understanding of who we want to be in this changed world as an institution. Taht is wat we are doing with this initiative.
Data Autonomy for the UG Community
A team of UG experts has come together to build upon the definitions established during the March event of 2023, aiming to create a comprehensive definition that encompasses the diverse groups within the UG community. After extensive deliberation, we have formulated the following working definition, serving as a foundation for further development of the concept of Data Autonomy at the University of Groningen.
Working definition Data Autonomy
Data autonomy is the effective capacity of the academic community of the University of Groningen to make meaningful decisions about access to data, data flows, the uses of data and the design of the informational environment, to the degree necessary to freely and independently pursue the university's mission, to promote knowledge dissemination and to protect the rights of its students and employees. This capacity is required to protect academic freedom and the independence of the university.
Context of the working definition of Data Autonomy
This working definition fully acknowledges the different and diverse contexts of the activities at the UG. Concepts such as ‘meaningful decisions’ have to be interpreted and applied differently, depending on the concrete circumstances. In particular, we suggest to consider the UG through different lenses which show the UG as an educational institution, a research and innovation body, and actor in the entrepreneurial landscape. Therefore, the working definition should be interpreted and applied with a view to the sensitivity of the data used.
Prospect
The working definition requires further consideration and input from the stakeholder community. Themes that guide this discussion about the use of data at the UG include: privacy, ownership, transparency, creation, collection, accessibility, shareability, storage, protection, security, and autonomy related to the use of data and digital services.
Last modified: | 02 May 2024 5.28 p.m. |