Since a few students asked about using Piazza, I wanted to post an explanation of why I’m not willing to use Piazza for any official course interactions here (these are my personal views, which don’t necessarily reflect those of anyone else on the course staff).
The reason I’m not willing to use Piazza is their business model is based on surveillance of students and monetizing the data collected through this is ways that may be harmful to students forced to use it. (Note: I did use it once, cs4414 Fall 2013, and can talk more about that separately than I will here.)
Piazza’s revenue model is about selling information it collects about students who use it to companies that might want to hire (or not hire) them as a result of this data. The data that is potentially collected is incredibly valuable for this purpose — not only does Piazza collect the names and email addresses of students, it also leans all the classes they are in (at least for the classes using Piazza), as well as when they work, how often they ask questions, the contents of the questions they ask, when they answer questions, and how often and at what times they view any course materials posted there.
You can read their privacy policy here: https://piazza.com/legal/privacy.
Among other high(low)-lights:
“When you use our website, we collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services and upload or post content, error logs, and other similar information.”
“We use the information that we collect through our Services for a variety of purposes, including the following business and commercial purposes: … notify you in the Services about Events and that may be of interest to you; "
“… We may share or disclose certain information, in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.”
(This one should especially scare you, since even if they seem to be behaving mostly responsibly now, in the long run, they either need to find ways to better monetize all the data they are collecting, or to sell out to a company that has less ethical scruples and can monetize it enough to justify the sale price.)
I realize many of your other classes do require you to use Piazza, so you are already providing all this data to them. On the other hand, I don’t feel comfortable requiring you to provide data with these risks to participate in a class that I have influence over.
Beyond the privacy policy, you should also be aware who owns the content you post on Piazza and what limits there are on how it is used. Namely, from their Terms of Use:
By posting User Content on or through the Service, you grant Piazza a worldwide, irrevocable, perpetual, non-exclusive, transferable, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display, distribute, and otherwise exploit such User Content in any format or medium now known or developed in the future, in order to provide the Service subject to applicable law and our Privacy Policy.
I want my course materials to be used openly, and this is the reason for using the Creative Commons BY-NC license on nearly everything that I have control over. You should also think about the intellectual property value of anything you contribute to a course (and I do hope many students produce things of value), and whether you want a for-profit company to have an “irrevocable, perpetual” license to do anything they want with them.
But how is this different from Google/Github/Discord/Slack/etc.?
At some level, the entire Internet ecosystem we use operates under similar business models, so how can I justify requiring students in this class to use Google (forms), Github (owned by Microsoft, to access the course website), and Discord?
It is definitely difficult to figure out exactly where the line should be drawn. I know someone who refuses to use any Internet service that requires an account, but I’m not able to be that principled.
The main difference I see is that none of the ways we use those services are tied what you do in the course as much as Piazza would be. In theory, Google, Microsoft, and Discord could find ways to extract the data they can collect on students in this class to create profiles to sell to recruiters. But, this would be highly unlikely since it isn’t their business model. (In Google’s case since all UVA students are required to use their email, I believe, the additional information they get from your course website accesses is unlikely to put you at increased risk over what they can already extract from your email). Discord’s business model isn’t clear yet, so this does raise some concerns, but I think it is still fairly safe (at least relative to what is already known about Piazza).
I don’t have any problem with Piazza’s original business plan, which was to be a service for students to use to help each other and have their own discussions (assuming they would be transparent and honest about the data they are collecting and what they would do with it, and students would join knowing these risks). But, this didn’t work — the only way to get enough students on the platform was for courses to adopt it officially (but based on instructors deciding to use it, not their universities, who would have needed to do a privacy and legal compliance audit on Piazza before doing this), and for course staff to use it as a required platform for courses. So, if students want to set up a Piazza forum for this course themselves as a totally optional way of discussing topics without any involvement of the course staff, I have no objection to that.
What should students do if they are now uneasy about Piazza collecting dossiers on them?
My suggestions would be, if you are uncomfortable with the data Piazza will collect about you and how it could be abused as a requirement for participating in a course, to first raise that with the course instructor for classes using Piazza. There may be ways to participate in the class without using it, or a way to use a temporary, fake identity for Piazza with the course, that is not tied to your main email adress or the identity you have at UVA.
If none of these work, I would encourage you to still use Piazza without worrying about the implications of the data it is collecting about you when you ask or answer questions or access course materials, since the benefits of interacting fully with a course still outweight the downsides of providing that data to Piazza.