The Privacy Everywhere Conference, held at the University of Illinois Urbana-Champaign, brought together experts to discuss the critical issue of data privacy. The conference explored a human-centered approach to privacy, balancing innovation with privacy rights and ethical data use. Attendees gained valuable insights into privacy principles from legal, ethical, and industry perspectives, equipping them to implement human-centered privacy practices in higher education and beyond.

Conference organizer Sheena Bishop was thrilled with the level of participation and quality of the presentations, which continue to improve year over year.

“Attendance had a bump this year, with more than 580 registered individuals from across the Big Ten and other universities,” Bishop said.

The current landscape of data privacy

Debbie Reynolds, “The Data Diva”, provided an in-depth look at the evolving landscape of data privacy, emphasizing the growing concerns and expectations of individuals regarding their personal data. She highlighted that a significant majority of individuals desire more control over their personal data. According to the World Economic Forum, 74% of people want greater control over their data, while 79% of consumers are concerned about how companies use their information (InfoTrust). Organizations that prioritize privacy see a 20% increase in customer satisfaction, and 75% of students believe they should control how colleges use their data (Cornell University Business).

Reynolds shared real-world examples of successes and failures in data use. Successful initiatives include privacy-preserving data sharing for research, transparent student data use, and robust cloud data cybersecurity practices. On the other hand, failures such as unauthorized data collection, invasive proctoring tools, and insecure data storage highlight the ongoing challenges in maintaining data privacy.

As innovation accelerates, Reynolds stressed the importance of aligning data protection strategies with technological advancements. Key focus areas include clearly defined data purposes, tracking data lineage, managing the data lifecycle, and ensuring accountability in data handling practices. She also discussed the unique privacy challenges faced by universities due to the diverse range of sensitive data they collect, and the multiple stakeholders involved.

Reynolds emphasized that prioritizing privacy builds trust, effective data strategies go beyond compliance, ethics should guide data use, and privacy is integral to human safety.

Avoiding the creepiness factor with human-centered privacy

Rachel Switzky, Director of the Siebel Center for Design, explored the fine line between convenience and creepiness in technology and how human-centered design can foster trust.

Switzky began with a game called “Convenient or Creepy?” She presented scenarios such as a phone knowing your exact coordinates, a voice-activated assistant promoting pizza companies after overhearing a conversation and using your palm to pay for groceries. These examples highlighted the delicate balance between helpfulness and invasiveness in modern technology.

She emphasized that crossing the line into a creepy experience often stems from a lack of transparency and control. Switzky outlined the characteristics of a human-centered experience, which empowers users with control over their data, ensures transparency, collects only necessary data, prioritizes ethical practices and maintains strong security.

She detailed the human-centered design process, which involves understanding, synthesizing, ideating, prototyping, and implementing. A case study on the development of the University of Illinois’ first student app demonstrated the practical application of this approach.

Switzky invited attendees to continue the conversation on designing for trust, underscoring the importance of human-centered design in creating technology that respects privacy and fosters trust.

Educational Technologies and Data Privacy

Easton Kelso, a senior undergraduate researcher at Arizona State University studying Computer Science, shared insights on the intersection of educational technologies and data privacy. Kelso and colleagues’ research revealed that educational technologies, which faculty and staff are often required to use in the classroom, can be at odds with student data privacy.

Their team gathered data from IT professionals, chief information security officers, and university policymakers across the U.S. It became clear that higher education institutions face numerous challenges with data privacy when trying to keep pace with technological advancements. Protecting the data collected by these tools is crucial, as data breaches and misuses can have serious security and privacy consequences, particularly for students, who are often required to use these tools.

Kelso’s team conducted a semi-structured interview study with participants in EdTech leadership roles at seven HEIs. The study uncovered the EdTech acquisition process in the HEI context, the consideration of security and privacy issues throughout that process, the pain points in establishing adequate protections in service contracts, and the struggle to hold vendors accountable due to a lack of visibility into their systems.

In a separate study, the ASU researchers noted gaps in the auditing and approval processes for educational technologies at both the college and K-12 levels. Despite privacy concerns, instructors continued to use unsanctioned technologies due to ease of use, cost, and accessibility.

More research into educational technology use and acquisition will help uncover ways to better align the needs of instructors, students, and institutions when looking at data through a privacy lens.

As privacy concerns continue to grow, the insights shared at this conference will be key to shaping the future of data privacy in higher education and beyond, noted Bishop.

“I look forward to using what I learned at this year’s event and am especially excited that we had such a wide range of individuals who want to make privacy considerations part of their work as well.”

Members of the university community can look forward to the next Privacy Everywhere conference from the Office of the CIO in January 2026.