InCommon Federation Discussions About Online Student Services

[Ann West <>]

InC Student Notes from 2/25
----------------------------
Mark, Mark, Linda, Ann, Brendan

Next Meeting
------------
March 11 at 3:00 pm ET

Action Items
-------------
[AI] All to review the two documents sent and send along observations
[AI] Mark to talk to Janie about publication date 
    (Article would be due AACRAO Aug 15)
[AI] Mark will identify a set of questions to ask other stakeholders

Notes
------
Linda and Mark M. sent two documents: the data and an initial draft of a 
narrative. Mark asked folks to look at the SurveyLog (data) for things of 
note. 

Discussions: Regardless of when you pass out the credential or its LoA, the 
type of services accessed are the same. The provisioning of those services 
seems to be independent of risk to the institution. Part of the risk is 
dependent on when FERPA kicks in and when a person is considered a Student. 
Will this push institutions to identify individuals as students later in the 
process?

We can't get away from having individuals acess applications before they are 
identity proofed. Given our processes and cost, we will be assuming some 
risk. Can we balance reasonableness and recruitment with security and 
privacy?  

It takes money to move to the id proofing earlier in the admissions process 
because you're proofing many more folks. Also it institutions put additional 
steps/barriers in admissions process, the prospect might not apply.  
Elasticity of demand. 

What do we have to be compliant with during the admissions process? GLB? 
Maybe the main point is that we should be a good data steward.

The survey results are not scientifically valid, but the practices are fairly 
constant. How vulnerable are we with the compliance and stewardship realm? We 
are in a state of ambiguity. And this quote from Q28:
“It is cumbersome but the reality is that identity theft is the number one 
White collar crime in the United States and it is our obligation to ensure 
the identity of the applicant, the active student, and graduates. What is 
worrisome is that as fast as technology may cover the exposure the dishonest 
individuals respond just as quickly to the security changes.”

How can we include others' thoughts on our findings? 
[AI] We will identify a set of questions and ask:
- LeRoy Rooker
- Auditor (Dennis Skovsted)
- Legal (Beth or Fred Cate)
- Peg O'Donnell at Catholic University

Process Proposals

Mark S updated the process proposals and the group talked about the 
CollegeBoard use case where CollegeBoard, leveraging their SAT identity 
proofing, becomes and identity provider for broad admissions process. In this 
way, institutions can be assured that the person applying is the one 
represented by the credentials. Ann will add that to the proposals.