Data Privacy & Security – Our commitment now and always



Blackboard has a long-standing commitment to high data privacy and security standards. Over the last few years, I’ve written here on this blog several times about how we have continuously enhanced our data privacy and security programs. With this week’s announcement regarding our definitive agreement to merge with Anthology, another leading global EdTech company, it is important to reinforce our stance on this crucial element of our business.

In our statements about this merger agreement, executives at both Blackboard and Anthology have spoken about the opportunity to “break down data silos and surface insights about the learner.” This is not a new approach. Blackboard’s vision of personalizing experiences has been discussed widely at BbWorld, our annual client conference; in roadmap sessions; and on this blog. But what exactly does that mean when it comes to data privacy?

Our commitments

  • When we “break down data silos,” we do it for our clients. We provide our products on a fee-for-service basis. Accordingly, our business model is very different from that of consumer-facing companies that collect personal information directly from end users to drive revenue primarily through ads and data monetization strategies. When we “break down data silos,” we do this on behalf of and for our clients to help them with insights across their products.
  • Our clients own their data. We understand that personal information of our clients’ users is only entrusted to us. We have a responsibility to protect it vigilantly and only use it in accordance with all applicable data privacy laws and as agreed with our clients.
  • We believe data privacy is a fundamental right for all individuals. We were therefore among the first to adopt the high EU data privacy standards globally. We also have a dedicated data privacy program with privacy by design at heart. You can learn more about our data privacy program by visiting our Privacy Center.
  • We do not sell student data. We do not sell student personal information to third parties or data brokers or use or disclose student personal information for targeted advertising purposes. As Blackboard and Anthology merge into a new company, the related client data will continue to be protected and only used in accordance with the existing agreements with our clients.
  • We aspire to enable data-informed student success. Data-driven insights, personalization and data privacy do not have to be incompatible. With privacy by design, they can go hand in hand. Our vision of personalized experiences fueled by data means that our clients have insights that offer opportunities to create an experience more suited for each individual student. Our Legal/Privacy team has been working closely with our product teams to help develop this vision in a secure and privacy-friendly way and will continue to do so.

Beyond the commitments, actions matter

The last 12 months have brought new comprehensive consumer privacy laws in Virginia and Colorado in the United States. Around the globe, countries like Canada, China and India have continued to review and update their laws to adapt to new technologies and to match the EU General Data Protection Regulation (GDPR) which has become the de facto global standard for data privacy. 

We  know that helping our clients manage regulatory change and security risks requires us to continuously enhance our data privacy and security programs. And that’s exactly what we did in the last 12 months. We helped our clients in Brazil and South Africa implement the new local data privacy laws. Additionally, we rolled out our GDPR-contract terms globally. This means that not just our EU clients, but all our clients around the globe, can benefit from strong contractual data privacy commitments. In the EU, we are continuing to help our clients with the changes to the GDPR data transfer regime leveraging our regional hosting strategy. To provide our clients with independent assurance of our privacy controls, we are preparing to certify some of our key products under the ISO privacy standards 27018 and 27701 with the help of the Security team. We are also formalizing our approach to the ethical use of artificial intelligence. This documented framework will align to industry best practices and prepares us and our clients for emerging legislation like the draft EU AI Regulation. 

We are proud of our achievements. Our continued efforts have helped us to obtain the IMS TrustEd Apps data privacy certification and sign the Student Privacy Pledge 2020 in the last year. We are equally excited about our future data privacy and security roadmap as we continue to enhance our data privacy and security controls for the benefit of our clients and their end users. 

As we enter into the next phase of our company’s journey with Anthology, our commitment to high standards of data privacy and security is unwavering.