Protecting Your Privacy: Honorlock Online Proctoring
Student privacy is incredibly important – to students, to professors and to Honorlock – especially in these uncertain times. While we are all struggling under this “new normal,” we wanted to take a moment to address some unfounded fears that are making the rounds about privacy. Watch the video: Honorlock Protects Student Privacy.
Being students once ourselves, we have sought to build privacy into the Honorlock system. For example, the Honorlock system uses a Chrome browser extension. When the extension is active, there is a flashing red indicator on the extension that indicates whether the extension is recording.
Does Honorlock access other computers, mobile devices, and equipment on the network and scan them for information?
Honorlock does not scan other computers on your network or your phone or tablet and has no access to them. We have a patent that is available for public consumption that explains the exact process we use to identify when a student is searching the internet for exam content. It is a complex method for both scrubbing content from the web and also knowing the exam questions being presented to the exam taker through the LMS. With question sequencing and randomization, we are able to triangulate when a search takes place for the exam questions and content within the exam. This is done through partnerships and other means of self-hosting content. If students are not searching for their exam questions during the time of the exam there is nothing Honorlock can track in regards to any computer, mobile device, tablet, etc. within the household or place the exam is being taken.
At a few schools, students may be asked to download software (in addition to a Chrome extension) which, if enabled by your school, is designed to detect the use of prohibited programs during the exam and may force-quit any such programs that are detected. If your school (like most) only uses Honorlock with a Chrome extension, this does not apply to you.
Does Honorlock route traffic through your servers in order to analyze or monitor information from devices on the server?
What can Honorlock do?
Honorlock acts at the request of your school to proctor your exam to help your school detect (and prevent) academic dishonesty. We collect basic information from your school’s LMS such as your email address, and your name. Before the exam starts you may also be asked to use your computer’s webcam to take a photo of yourself, your ID and do a 360-degree scan of the room you’re in. Honorlock also can, for example, log the websites you go to (or attempt to go to) from Chrome (which processes the request) when you are active in an exam and if enabled by your school, record you (using your device’s webcam) and record your desktop activity during the exam. Using a feature in limited release, a small number of schools can also choose to require that their students install an Honorlock application on their computer, and if enabled by the school for a particular exam, the application will seek to detect the use of any prohibited programs during the exam, and if any are found, to force-quit them.
When you click “end proctoring,” Honorlock stops proctoring your exam and associated data collection from your computer.
Here are a few actions you can take after your exam has ended to make you feel more comfortable about using Honorlock:
- Remove the Honorlock extension when the exam is over. Simply navigate to the extension in the toolbar of Chrome, right-click, and remove. You can reinstall the extension for your next exam. It takes less than 30 seconds to install the Honorlock extension.
- You can create a new Chrome person to complete your testing with Honorlock. Open Chrome, navigate to the People tab across the top of your screen, then click create a new user. This means any bookmarks, passwords, etc., that you have saved will not show up in the Chrome window when you are testing.
- If you have been asked to download software described above (in addition to the Chrome extension), delete the software from the computer using your computer’s standard software uninstall process.
Does Honorlock sell your data?
No. We are in the business of proctoring exams, not selling your data or using it to advertise to you.
If Honorlock sells its proctoring business to another party, the information we’ve described elsewhere could then be transferred to the new owner to ensure continuity of proctoring for your exams under the conditions of your school’s agreement with us.
The bottom line is Honorlock is dedicated to protecting your privacy – it’s a cornerstone of our business. We also take responsibility for ensuring your records are persistent and safeguarded. If you are still concerned, we invite you to contact us. Honorlock support is available 24/7/365. If you encounter any issues or have any questions, you may contact us by live chat, and/or email firstname.lastname@example.org
Honorlock wants to ensure you have a clear picture of what we are OR are not doing. In order to give you the necessary peace of mind, here are the measures we take to ensure your privacy:
- Honorlock is hosted in the cloud through Amazon Web Services
- Data in transit is encrypted using TLS 1.2, with SHA-256 and RSA 2048-bit public key for ALL data transfers in and out of our system. All transmission of data to and from our network is handled using SSL. All data transmitted into our platform is received over SSL to our web servers and our APIs. Data is transmitted back to our customers through our web servers using SSL. Data in transmission is encrypted following up-to-date SSL protocols, as certified by our latest vulnerability scan.
- Data stored on AWS is server-side encrypted using industry standards with AES-256 block encryption.
- Honorlock is not the owner of the data but holds the data for the university. Honorlock employees do not have access to the data unless their job requires it (e.g. support or proctors).
- Honorlock requires no account or password. We use your access to the LMS to give you access to your exam when proctoring is enabled.
- Honorlock employees receive training on how to use our product, FERPA, Incident Response, and Data Protection. All support and proctoring employees also conduct job-specific training for supporting the product, supporting students, and how to proctor effectively.
- Honorlock conducts routine vulnerability assessments, scans, and penetration testing to ensure we continue to protect all data at all costs. These tests are performed by independent third parties. Since 2019, it has also undergone annual independent, outside SOC 2 Type 1 data security-related audits.
- If you’d like to have your data deleted or to get access to it (such as under the GDPR, CCPA, or other applicable law), please contact your school. We will then respond to any requests the school makes of us.