*3.2. Permissions, Consent, and Privacy Concerns*

Collecting and analyzing data is one element of using big data to make education decisions. Yet, before the data is gathered—especially at public entities and in countries with data protection laws—educational organizations must procure permissions and consent, while ensuring the private nature and confidentiality of most or all data. In this regard, cybersecurity and the safety of big data is paramount for educational organizations [14].

Regarding data storage, Wang asserted that "there is no shortage of concerns over how to store, process, and access student learning data while preventing those data from being abused or misused ... " while "student learning data are collected and stored in different silos—school district offices, online learning systems, and mobile devices—that are not connected to one another" [3] (p. 383). Additionally, Wang argued that "the growth of the Internet outpaces laws and regulations. To date, there has been a lack of Institutional Review Board Protocols or federal regulations that protect human participants in large-scale social experiments on the Internet" [3] (p. 383). Here, educational organizations seeking to make decisions using big data are likely going to face privacy- and cybersecurity-related challenges [14], even if those challenges are mitigated at the beginning of the process because of the speed in which technology and the Internet advances.

Regarding student privacy, Nazarenko and Khronusova explained that "much information about student's behavior is classified like personal data that cannot be collected without special permissions. Moreover, tracking of student's activity needs to be expanded by their personal information, such as temperament type. However, many students are not interested in providing this kind of information" to their institution [15] (p. 678). Here, there are not only challenges with permissions and consent policies related to data, but there is no guarantee that individual stakeholders such as students will consent to have their data gathered, possibly straining relationships between students, teachers, and their educational organizations.

There is also the issue of how permission and consent and safety policies are communicated to stakeholders. Williamson argued that many members of educational organizations have no interest in or knowledge of big data, possibly confusing stakeholders regarding big data and its utility [14]. Similarly, Dishon explained that when education is so data-driven, both students and teachers may not know what data has been collected, by whom, and for what purpose [20]. This sense of confusion could deter educational stakeholders from engaging with big data policies and contribute to their uncertainty about what data is being collected and analyzed, possibly producing a feeling of surveillance which has been found to negatively impact teaching, learning, and a sense of belonging [3,14,20].
