Data Portability Policies in HEIs

It’s all very academics in favour of openness ranting about the walled garden approaches of Facebook and Apple, and the paywall perimeters put up by embattled media organisations such as News International, but how do our own institutional systems fare on the openness and data portability front?

A recent initiative to encourage sites to publish a data portability policy has made available this handy Portability Policy Generator which covers issues such as:
Identity and Authentication: e.g. do people need to create a new identity for the local site, or can they use an existing one?
Working with Things Stored Somewhere Else: e.g. Must people import things into this product, or can the product refer to things stored someplace else?
Watching For Updates: e.g. Can this site watch for updates that people make on other sites?
Broadcasting Changes Made Here: e.g. If person updates something here, is that change stored only locally or can it notify another product?
Access from Other Products: e.g. Can the person allow other sites to use the things they’ve created or updated?
Backing Up: e.g. Can the person download or remotely access a copy of everything they’ve provided to the service?
Public Data: e.g. Can the person download or remotely access information that others have provided to the product?
Closing an Account: e.g. Will the site delete an account and all associated data upon a user’s request?
Where things are: e.g. Do you disclose where personal data is being kept in the real world?

A quick look at the OU’s policies page links to the computing code of conduct, FOI and data protection policies for example, but not a data portability policy… (I’d be surprised in any UK HEIs have one yet?)

So with HEIs increasingly encouraging students to make use of university provided e-portfolios and contribute to online forums, and researchers to contribute personal information to researcher profiles and media directories, as well as depositing their papers into institutional repositories, is it time they started at least publishing a data portability policy, and maybe looking at ways of supporting data liberation?

See also: Time for Or a local