Examples of good and bad practice

Student privacy is one of the fundamental ethical challenges in digital education. The way in which recordings, results and personal data are stored and shared can significantly impact their safety and sense of trust. Here are examples of bad and good practices, and ways to avoid the risks.

Example of bad practice:

Student privacy is often compromised unintentionally, but with serious consequences. Examples include publicly sharing lecture recordings with students’ names and faces, publishing test results with personal information, or asking students to reveal sensitive information (e.g., during online discussions). Such practices can lead to feelings of discomfort, stigmatization, or even violations of legal provisions such as GDPR. Ethics dictate that students’ personal data should never be made public without explicit consent.

Example of good practice:

Institutions that protect student privacy use solutions such as limiting access to recordings (only to the course they belong to), allowing students to participate anonymously in surveys and forums, and clearly communicating how the data will be used. An example of good practice is systematically educating teachers to share personal data only at the necessary level (e.g., grades via a secure LMS, not via email). This builds trust and respect for students as equal participants in the educational process.

How to avoid/mitigate such a situation:

Risks can be mitigated by adopting clear privacy policies and consistently enforcing them. Any data collection and disclosure must be purposeful, minimal, and transparent. Students should be actively involved by giving them the opportunity to decide whether their data will be used (e.g., opting out of video recording). In this way, privacy becomes not just a technical issue of data protection, but also an ethical value in the practice of digital education.