It’s grad’ school admissions time again (yay!) which means I’m knee-deep in requests for letters of recommendation. Just as an example, one student has requested letters for 7 different institutions. Writing the actual letters is not a big deal (hey Nick you owe me a beer!) but the websites some Universities use for admissions are a royal P.I.T.A.<\/p>\n
One such website (used by a mid-size college in that big metropolis near Cape Cod MA) is “LiasonCAS<\/a>“.\u00a0 The premise seems rather innocent and simple at first – the University uses such a site to coordinate the upload of application materials, so nothing gets lost along the way, and presumably this saves a lot of collating work that would have previously been done by a grad’ school administrator. The problem is, there are hundreds of these sites, all commercially operated, and all requiring their own User ID \/ Password combination.\u00a0 This creates 2 problems…<\/p>\n Problem 1 – too many passwords<\/strong><\/span><\/p>\n I’m a strong believer in never using the same password twice, hence my reliance on the open source KeePass <\/a>application, which stores passwords (typically random strings of 20+ characters) in an encrypted file. All told, I have 200+ unique log in IDs. Just to emphasize the size of the problem here, I recently consolidated my logins for Elsevier journals into a single user ID, and it broke the portal set up to do this. It turns out I had reviewed for 37 separate Elsevier journals over the years, and some extensive ‘phone tech support was required to give me a single account to manage them all.<\/p>\n So the problem here is do I really want to register for yet another website<\/em>, create a unique user ID, have all my contact info’ out there in the cloud?\u00a0 Am I ever going to use this website again?\u00a0 Probably not, which means it’ll just sit there waiting to be hacked a decade from now, resulting in a bunch of spam and junk-mail or ‘nuisance phone calls. Over the years, on top of the 200+ login UN\/PW combo’s mentioned above, I would guess I’ve accumulated at least that number again in single-use website visits.\u00a0 This is not good for security.\u00a0 And no, it’s not as simple as me going to the trouble of making another 200+ unique UN\/PW combos for all these sites. I don’t want a KeePass database filled with junk.<\/p>\n Problem 2 – Draconian privacy policies<\/strong><\/span><\/p>\n Like most admissions portals, the one mentioned above requires that you agree to their privacy policy<\/a> as a condition of signing up for the privilege of submitting materials.\u00a0 Most people breeze through these things when signing up for a site, which is no big deal if you’re going to use it regularly and it’s a necessity for your job. Apple’s iTunes EULA is notoriously squirrely about privacy issues, but if you wanna use an iPhone, deal with it.<\/p>\n However, in the case of a single-use site, these policies need a bit more scrutiny. What exactly are you agreeing to, for this one-time use?\u00a0 Here’s the section from LiasonCAS’ policy on what they (the site owner and the University by extension) can do with your information. There’s a bunch of guff about using your contact info’ for contests, surveys and promotions, which is worrying in itself. But then there’s this:<\/p>\n 3.10. Other Uses.<\/b> <\/span>In addition to the uses specifically identified in this Section 3 (Our Uses of Your Personal Information), we may use Personal Information you submit in any other manner we reasonably deem necessary in order to provide you with the information, products and services you request from us….<\/p>\n Essentially what they’re saying here, is they can do what the hell they like with your data, so long as they can write it off as “necessary” for the service you request.\u00a0 What you’re requesting of course, is the privilege of uploading stuff for admissions. And the price you pay is them having the freedom to shill your data out to their spammy partners under the guise of necessity.<\/p>\n This is not cool.<\/p>\n So what to do instead? In this case I found the email address of the Dean for the graduate school in question, and emailed them the letter directly. Sure, it took another 5 minutes but at least all my personal contact info isn’t sitting out there on some nondescript company’s website waiting to be sold.<\/p>\n New Year’s Resolution<\/strong><\/span> for academics – fight the requirement to create a new User ID \/ Password for any website that you know you’ll probably never use again.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" It’s grad’ school admissions time again (yay!) which means I’m knee-deep in requests for letters of recommendation. Just as an example, one student has requested letters for 7 different institutions. Writing the actual letters is not a big deal (hey … Continue reading