The second category of actions is more complex, since it relates to decisions that will need to be made specifically based on each individual institution’s mission, culture and values. It also involves the establishment of an explicit process to determine the position that each institution wants to take in regards to specific issues posed by the collection of data and the deployment of data analytics tools.
SPARC’s goal is not to provide answers in this section. Rather, we hope to trigger a broad and thoughtful debate within academic institutions to ensure that these processes are explicitly carried out. The criteria for decision-making in this category are more complex than in the case of risk mitigation actions. It is hard to argue, for example, that the institution should not have a strong privacy policy or conduct a data inventory. The choice between competing actions simply comes down to what is feasible within the institution’s resources, culture, and timeline. On the other hand, this section deals with choices that do not have clear right or wrong answers, and where there will need to be a nuanced debate.
It is vital that these debates involve all stakeholders on campus. These debates will be complex and multifaceted, with ethical, legal, economic, and technical dimensions. Many institutions will have scholars and practitioners in these fields right on campus and would be wise to leverage this expertise in structuring the debate. This is very important because there will be diverging views on what the right answers are, but decisions will be more acceptable if reached after using a well-structured approach.