Trust, Privacy, and the Digital University

Go to Critical Reviews
Go to author's original draft

"Organizations today have to be based on trust. How many people can you know well enough to trust? Probably 50 at most. " Charles Handy, author, management philosopher, and consultant to multi-national corporations (Rapoport, 1994)

The Digital University

Broadly speaking, the term digital university refers to the successful migration of many key activities from paper-based methods to digital methods. Successful migration means not only that we can do things that we now do better, but also that our institutions and many constituencies have opportunities to do things that we could not do before.

While this migration includes the assimilation of e-commerce (the buying and selling of products and services) into our institutions, it also includes many other "e-activities." We are migrating to a digital world that comprises, for example:

As we migrate, we change in a fundamental way how we fulfill our mission. For example, our constituencies will have quick, electronic, and often interactive access to a variety of institutional data and information, and the ability to reuse these. Trust will often be based on electronic, rather than face-to-face, meetings and personal relationships. If we are successful, our institutions will continue to enjoy the trust of our many constituencies while remaining competitive in an increasingly global and multi-faceted higher education environment.

The Importance of Trust

In the 1960s film The Graduate, Dustin Hoffman’s character was advised that the key to success was "plastics." In today’s evolving digital universities, that key is "trust."

Trust is fundamental for many reasons. For one, the rapid pace of technology innovation means that technology change often takes place before we understand its potential implications. For example, what impact, if any, do the hundreds of commercially-sponsored campus web sites and "smart cards" (Van Der Werf, 1999) have on our responsibilities under FERPA (NCES 1998; CAUSE 1997)? How (and how well) are we protecting faculty and institutional intellectual property, including course notes, syllabi, and research on Web sites? From an institutional perspective, how can we best address intellectual property ownership and royalty issues, and manage potential conflicts of interest?

There is no model for migration that we can follow. In the area of distance education alone, for example, some higher educational institutions have entered into a variety of partnerships with for-profit companies, others have joined non-profit educational consortia, some have done both of these and are also delivering courses directly to students, while others have formed for-profit subsidiaries. Faculty are breaking new ground outside of their institutions (Marcus, 1999). Further, the unique circumstances at each of our institutions--including our different missions, funding levels, cultures, strengths and weaknesses, concerns, constituencies, tolerance for risk, and varying infrastructures and approaches to outsourcing--may preclude development of a single model that will work for all of us.

In society at large, there is no coherent set of laws, regulations, and policies on the handling of digital data and information, nor rules for enforcement, that have withstood (or been amended by) diverse challenges over time. In fact, these are just now being worked on at the state, national, and international levels among governments, interest and advocacy groups, and trade organizations.

We are facing issues that we have never had to face before. For example, customer "profiling" (Dembeck, 1999; Gold, 1999) and "targeted marketing" (Tedeschi, 1999) were virtually impossible, or at least much less sophisticated, prior to the digital revolution. Today, a person’s offline and online buying habits can be merged. Private data can be easily obtained (Penenberg, 1999). Students who are working at their computers through dinner can be interrupted by a vendor who sends a pop-up window to their computer screens offering to sell them a pizza (Woody, 1999).

When things go wrong online, it’s the credibility of the institution that’s at stake, not just the reputation of the registrar, accounts office, a school or college, or any individual group. In industry parlance, it’s our "brand name" that’s at risk.

Finally, trust is key because a successful migration to a digital university requires that we build new, "electronic relationships." In some cases, we will want to build community and viable, long-term relationships with people that we have not met face-to-face. We will need to partner with all of our constituencies to share risk and reward so that we may all take advantage of the opportunities that technology offers.

Handy’s comment helps to put into perspective the scope and complexity of the migration that we face. [Something is missing here. Immediately prior to this sentence you need to identify Handy, cite the reference, and what tell the reader what comment he made.] That’s because we need to build trust not simply among his 50 people, but rather among hundreds, even thousands of people---a highly diverse, global audience that includes faculty, students, and staff, as well as parents, alumni, donors, sponsors, vendors, partners, collaborators, governments, and educational institutions.

Two recent surveys into e-commerce--an area in which traditional institutions of higher education lag way behind business, government, commercial education providers, and society in general--highlight the importance of trust. Jupiter communications  found that 64% of survey respondents do not trust a Web site to offer privacy even if there is a privacy policy posted on the site, and Jupiter projected that privacy issues could potentially put an $18 billion dent in the $40 billion e-commerce revenue it projects by 2002. According to Michael Slack, a Jupiter analyst, "It’s not just about having legislation or privacy policy postings. There is a general nervousness about giving personal and credit card information on the Net" ("Industry Privacy Failures," 1999). Similarly, NFO Interactive found consumer concerns about the safekeeping of online personal information was the main factor why people chose not to shop online. Consumers said that what would most entice them to shop at a Web site was "trust that the site would keep personal information private" ("Industry Privacy Failures," 1999). Another survey suggests that to address trust successfully, we need to explore this issue with our constituencies in more detail than we have done so far (Cranor, et al., 1993). Business to business (B2B) e-commerce is also struggling to ensure trust and minimize litigation (Hicks, 1999). It’s no wonder that privacy is reportedly becoming the new "e-industry" (Reuters, 1999), and some anticipate that security lawsuits will replace Y2K litigation in the year 2000 (Mosquera, 1999).

Selected Actions To Help Ensure a Successful Migration

While each of our institutions will have to develop and refine these according to individual circumstances, below are some suggestions as a starting point for creating a mission, guidelines, and action steps.

Mission: To build an integrated, proactive, extended enterprise of education, knowledge discovery, co-invention, and community outreach.

Guidelines: (1) Require that our needs, desires, policies, and concerns drive our technology selections, not the other way around. (2) Within institutions, work cooperatively across functional areas, administrative, academic, research, etc. (3) Work collaboratively with peer institutions. (4) Provide Web-based, constituency access via an interface that is easy to use, customizable by users, consistent in functionality, robust in terms of the data and information that it can provide, secure, and ADA compliant.

Selected Actions.
The National Center for Education Statistics (NCES) recommends that higher-education executives raise the visibility of electronic privacy and security issues, and appoint a leader for institution-wide privacy and security policy (NCES, 1998).

Others recommend improved privacy and security education across campuses. For example, a 1998 FBI/Computer Security Institute survey found that the average loss for security breaches ranged from $2.8 million for "unauthorized insider access," to just $86,000 for "system penetration by an outsider" (Zimits and Montano, 1998).

Finally, not all data and information require the same level and kinds of protection, and resources are not infinite. Consensus-building among constituencies is one way to help determine priorities.


Higher education institutions are becoming digital universities. To migrate successfully, they need to address proactively the role and importance of an "old-fashioned" value (i.e., trust, in a digital world). Institutions must act with a clear sense of institutional mission, set goals, and identify actions. Institutions will likely find that they face some common technical, policy, legal, and other issues. However, they will likely find as well that a successful migration requires unique approaches and solutions.


Cause Task Force (1997). Privacy and the handling of student information in the electronic networked environments of colleges and universities. Retrieved June 1999 from the World Wide Web:

Cranor, L., Reagle, J., and Ackerman, M. (1993, April). Beyond concern: Understanding net users’ attitudes about online privacy. Retrieved December 1999 from the World Wide Web:

Dembeck, C. (1999, July 7). Is it customer profiling or harassment? E-Commerce Times. Retrieved from the World Wide Web:

Gold, S. (1999, November 16). Privacy advocates warn e-commerce sites against profiling. Cable News Network Financial Network (cnnfn). Retrieved November, 1999 from the World Wide Web:

Hicks, M. (1999, October 25). A matter of trust. PC Week Online. Retrieved November, 1999 from the World Wide Web:,4153,2376988,00.html

Industry privacy failures hurting e-commerce, latest surveys show. (1999, September 9). Privacy Times. Retrieved September 10, 1999 from the World Wide Web:

Marcus, A. (1999, November 22). Why Harvard Law wants to rein in one of its star professors. The Wall Street Journal, pp. A1, A10.

Mosquera, M. (1999, November 17). Security lawsuits to replace Y2K litigation. TechWeb. Retrieved November, 1999 from the World Wide Web:

National Center For Education Statistics (NCES) Task Force (1998, September 22). Safeguarding your technology. Retrieved June 1999 from the World Wide Web:

Penenberg, A.L. (1999, November 29). The end of privacy. Forbes. Retrieved December 1999 from the World Wide Web:

Rapoport, C. (1994, October 31). Charles Handy sees the future. Fortune, pp. 155-156, 158, 162, 164, 168.

Reuters. (1999, October 11). The new e-industry: Privacy. Wired News. Retrieved October, 1999 from the World Wide Web:

Tedeschi, R. (1999, May 10). Targeted marketing confronts privacy concerns. The New York Times on the Web. Retrieved June 23, 1999 from the World Wide Web:

Van Der Werf, M. (1999, September 3). A vice president from the business world brings a new bottom line to Penn. Chronicle of Higher Education, pp. A72-75.

Woody, T. (1999, August 6). Back to school in the Internet economy. The Industry Standard. Retrieved August 6, 1999 from the World Wide Web:,1449,5812,00.html

Zimits, E., and Montano, C. (1998, April). Public key infrastructure: Unlocking the internet's economic potential. iWorld. Retrieved June 1999 from the World Wide Web:

Critical Reviews

Critic AAA

I don't rate this article very highly. The concept of  "trust" it uses is very weak. There is a serious and significant  literature on trust in the knowledge economy, and the author seems  unaware of it. Second the definition of "digital university" is poor,  and unhelpful. Many of the applications have been computerized for many  years, and been a feature of HE for 30+ years. There is potentially  something interesting in the argument about the shift of power which new   technologies can involve, but this is dealt with summarily.

Critic QQ

Recommend publishing. A thought-provoking, timely,  "call to action" piece. Many of the items in the lists could be  expanded. However, having them listed provides good emphasis. Covers  topics, trust and privacy in the digital university, that need to be  addressed right now in higher education

Critic V

Thinking my first reaction was too harsh, I decided to  let some time pass and reread this article. My initial impression didn't  change. I can't help but feel that the writer's trying to stretch an  interesting thought into an all-encompassing field theory on virtual ed.  "Trust" just can't bear the load. The virtual phenomenon is much too  complex and defies reduction to a notion as vague as trust. To be  publishable, the writer would need to focus on a specific aspect of   electronic learning that lends itself to the idea of trust and zero in  on it, constructing his case for trust in this specific instance. The  lists in his paper are a good starting point: select one of the items  and develop it. I wondered, too, if perhaps "risk" might be a facet of  "trust" that may be worth investigating as an alternative. I don't want  to discourage the writer. I believe he/she is onto something worth  writing about; however, he doesn't quite have it here.

Critic B

I just did a quick read of the article and I like it quite well. I don't remember seeing anything in TS on this topic yet and it really raises many important issues facing all universities, virtual and otherwise. It could profit from offering a more coherent point of view on where we might or should find the answers. I would say that the author just needs to tighten up the final section using a bit more of a thematic approach; ie, rather than noting all of those bullets, take the top three themes/bullets do a short bit on each. I would then think it a very worthy contribution to TS.