Introducing the data privacy chapter of TBA guidelines

Cover of TBA Guidelines publicationIntroducing the Data Privacy Chapter of the ITC/ATP Guidelines for Technology-Based Assessment

This blog article by John Kleeman, EVP of Learnosity and Questionmark, is part of a series supporting the ITC/ATP Guidelines for Technology-based Assessment.

Why data privacy matters to assessment

Data privacy isn’t everyone’s favorite subject. Software and system developers know privacy matters, but the intricate nature of the rules can be intimidating. There are lots of different privacy laws - and it’s a bit like alphabet soup: BIPA, CCPA, GDPR, LGPD, PIPA, PIPL and many more!

In recent years, technology privacy concerns have exploded due to the rapid increase in the amount of data digital technology capturesPicture of surveillance cameras. Photo by Arno Senoner on Unsplash and can analyze. To take just one example, surveillance cameras on city streets capture a lot of what we do in our daily lives. In the wider world, Bill Gates has made the good point that; “Historically, privacy was almost implicit, because it was hard to find and gather information. But in the digital world … we need to have more explicit rules”.

Similarly, in the past, privacy was not seen as a central concept in the assessment world. Although there were mentions of privacy protection in the 2014 Standards for Educational and Psychological Testing, it did not make the index nor the contents. However, with the increased use of technology assessments that capture rich data and the widespread use of remote proctoring used to monitor test takers at home, privacy has emerged as a significant concern in the field of assessment. Test-takers and their stakeholders seek to ensure their data collected to measure skills or knowledge is managed carefully and fairly.

The story behind the data privacy chapter of the Guidelines

I find the intricacy of privacy and the challenges of balancing privacy against security and other important concerns fascinating. It is one of my favorite subjects! Before I became Chairperson of the ATP, I was co-chair of the ATP’s International Privacy Subcommittee and contributed to several of our privacy bulletins. I am certified in privacy (CIPP/E), but unlike many of my fellow committee members, I’m not a lawyer. I like to think this makes it easier for me to communicate privacy concepts succinctly and clearly to fellow assessment practitioners.

I wrote the initial version of the Data Privacy chapter and helped guide it through to completion. Many others contributed and reviewed, including Alan Thiemann, Dave Foster, Donna McPartland, Gary Behrens, Marc Weinstein, Rachel Schoenig, and Rory McCorkle.

The challenges we faced in writing the chapter were:

  • We wanted to make the chapter accessible and understandable to readers without prior knowledge of privacy concepts.
  • We aimed to ensure the chapter was applicable internationally. This required focusing on general principles of privacy rather than specific laws or regulations that may vary across jurisdictions.
  • The chapter was one of the first written and the editors were keen that the Guidelines should be succinct.
  • Privacy changes fast. but we needed to make the chapter reasonably future-proof.

How did the chapter turn out?

Well, you can see for yourself, if you download the Guidelines from The chapter on Data Picture of delete key. Photo by Ujesh Krishnan on UnsplashPrivacy, chapter 9, has three pages of general introduction and 22 guidelines with brief commentary. There are also useful definitions in the glossary and references for those who want to dig further.

Here are two of the guidelines, relating to deleting assessment data.

  • 9.9: “The retention period for the different types of personal data processed by the assessing organization should be documented.”
  • 9.10: “When the retention period has passed, or if there is no longer a need to retain data, personal data should be securely deleted according to established industry standards in such a way that it cannot be reconstituted.”

The explanatory notes suggest that a testing organization should retain personal information only as long as it is needed for the purpose(s) for which it was collected or for a period of time reasonably related to those purpose(s), obviously as permitted by applicable laws. The notes also suggest that the period of retention may vary with different types of data and generally depends on the sensitivity of the data. For example, it is common to keep copies of government identification cards or biometric data used for identification for a short period but to maintain assessment scores and pass/fail records for a longer period, especially if the test taker has the right to an appeal/challenge of test scores/reports.

The Guidelines don’t specify things like exact durations that data must be held for, as that will vary depending on the purpose of the test and on local laws. They do set the important principle that you need to think about how long to retain data and delete it once it’s no longer needed.

To conclude

Will this be one of your favorite chapters of the Guidelines? I can’t be sure of that, but I hope that it is useful to those building assessments with technology and will help guide everyone to good practice in respecting test-taker privacy.

Again, you can download the Guidelines from



Share this post:

Comments on "Introducing the data privacy chapter of TBA guidelines"

Comments 0-5 of 0

Please login to comment