Feedback Request: Deprecation/Removal of LTI PII Sharing Consent Dialog

Hi all,

We’re currently working on plans to revamp the way we inform learners that LTI tools in the courseware may receive personally identifiable information (PII) from the edX platform.

If you’re familiar with LTI, you know that if you configure PII sharing via LTI in a course, a learner will see a consent modal before they do an LTI launch that shares PII. Please see the picture below for the current version of the consent modal on Olive.

image1768×808 65.5 KB

Please be aware that we recently made some changes to the consent modal, which will be merged into Olive soon. The modal has been replaced with an inline dialog. Please see the pictures below.

Inline

image1310×496 25.4 KB

New Window or Modal

image2222×470 20 KB

image2226×556 34.2 KB

In any case, our plans are to replace this dialog, which occurs before every launch, with a dialog that appears once per course. It will implemented in the learning MFE. It will be rendered within a unit if a learner has not already agreed to the acknowledgment in the course. If you’re familiar with the Honor Code, it will function very similarly. In place of mocks for this particular acknowledgment, please see the Honor Code below to get a feel for what we’re doing. Copy for the LTI PII sharing acknowledgment is to be determined pending legal and privacy review.

image1174×501 38.5 KB

We are wondering whether anyone in the community makes use of this LTI PII sharing consent dialog in the legacy courseware. Ideally, we’d like to deprecate old LTI PII sharing dialog that is implemented as part of the LTIXBlockConsumer in favor of the new MFE based one. But we’d like to hear your feedback! Thank you.

I’m glad to see this change going in, thank you @mroytmanedx ! Out of interest:

• Is the user’s consent requested once for all LTIs that might request PII, or can users opt-in to some and not others?
• Is there a way to tell the user more about the 3rd party site that’s getting their PII?
  I worry that “3rd party site” will either make no sense to people, or will have a bad connotation. But if we can ask something like, “Click OK to have your username and e-mail address sent to Pearson MyLab”, then they are better equipped to make that choice.

@mroytmanedx Cross-posting from Slack…

We do make use of this, and have been asked if we could provide some means whereby the content could be customized. So, the only request I would have is that the text can be customized per component so we can inform the student about where they’re being directed in addition to confirming permission to share PII data.

Being able to disable it at the component level would also be useful for those cases where we’re launching an internal tool and there’s therefore no external PII sharing.

Hi, Jill. Thanks so much for your feedback!

Is the user’s consent requested once for all LTIs that might request PII, or can users opt-in to some and not others?

Our approach is to think of this more as an acknowledgment and less as a formal consent. 2U’s privacy policy does not require us to get explicit consent for required parts of the course content, and LTI components are necessary for a learner’s progress in and completion of a course. It would be challenging to differentiate between required and optional LTI components and to ask for consent dynamically.

For this reason, we are not including the option to selectively provide consent. We did originally intend for learners to be able to provide and withdraw consent for specific tools, but we decided that it was not necessary, because the choice between consenting and not consenting isn’t a real one - you cannot participate properly in a course if you do not consent to PII sharing in LTI tools in the course. If you’re forced to consent to sharing PII in a course in order to complete the course, it’s not a true consent. It’s akin to proctoring in that way.

We are planning to show the acknowledgment once per learner per course. We want to lower the hurdle of participating in LTI components. We felt that asking for consent on every LTI launch was too onerous.

Is there a way to tell the user more about the 3rd party site that’s getting their PII?
I worry that “3rd party site” will either make no sense to people, or will have a bad connotation. But if we can ask something like, “Click OK to have your username and e-mail address sent to Pearson MyLab”, then they are better equipped to make that choice.

We do have some provisional plans to list all the LTI tools present in the course in this acknowledgment, but we’re considering that an optional second stage of the project. Our MVP is the generic acknowledgment.

I hear you on that, though. For the legacy experience, I think our recommendation would be to use the “LTI Application Information” field, based on the help text on that field.

Enter a description of the third party application. If requesting username and/or email, use this text box to inform users why their username and/or email will be forwarded to a third party application.

But I understand that that’s not ideal. We don’t have plans to add that into the existing dialog right now, unfortunately.

Hmm… if this isn’t a consent question, then it shouldn’t be crafted to look like one. I agree that this is a good UX question – it is onerous to have to answer a popup every time you use an LTI tool. But if saying “no” isn’t really an option, then why are we asking?

It’s interesting that 2U’s privacy policy covers all potential LTI applications that their partners might use – I assume 2U has oversight into which LTI applications can be set up on edx.org, and reviews them all with the policy in mind?

Each organization running Open edX has their own Privacy Policy, and so definitely would need to be able to customize the message used in this dialog, in case their policies don’t cover 3rd party access to student data.

Hi, Scott. Thanks for the feedback.

Feature improvements to the legacy experience aside, you need us to continue supporting the legacy consent dialog, correct? Does the new acknowledgment feature work for your needs?

Thanks!

Hi, Jill. Thanks for following up.

Hmm… if this isn’t a consent question, then it shouldn’t be crafted to look like one. I agree that this is a good UX question – it is onerous to have to answer a popup every time you use an LTI tool. But if saying “no” isn’t really an option, then why are we asking?

I agree with you that it should not be crafted to look like one. The proposed copy for the new acknowledgment is intended not to propose this as a consent. It is simply informational. The call to action is, “I acknowledge this requirement”. The intent is to be transparent about the ways in which PII may be shared in a course. I think there is an implicit acknowledgment via our Privacy Policy that PII is shared this way, but this is a good faith effort to be up front about it within the courseware… but now I’m getting a little out of my purview into 2U legal and privacy land.

It’s interesting that 2U’s privacy policy covers all potential LTI applications that their partners might use – I assume 2U has oversight into which LTI applications can be set up on edx.org, and reviews them all with the policy in mind?

I believe that is the case. I’m not familiar with the 2U LTI tool approval policy, but there is one. However, a wrinkle is that, currently, edX does not have a way to limit which LTI tools are used on the platform. That may be coming at some point in time as the two companies continue to merge. We rely on the judgment of partners, and we do have a process by which a partner requests permission to be able to share PII via the tools they choose to use in their courses.

Each organization running Open edX has their own Privacy Policy, and so definitely would need to be able to customize the message used in this dialog, in case their policies don’t cover 3rd party access to student data.

Would it be acceptable to continue supporting the existing legacy consent dialog as is and hiding the new acknowledgment behind a feature flag?