“…However, Sanfilippo et al (2023) note how these tools and the reliance thereon by instructors and students “was amplified throughout the COVID-19 pandemic, as digital solutionism paved the way for virtual classrooms and digital proctoring via synchronous and asynchronous means of collaboration between students and instructors.” The problem for student privacy is that, they write, “higher education institutions have access to, and in many cases locally host, substantial amounts of student data on LMS[ s ] that provide third-party mechanisms to enhance interfaces, add new functionalities, and customize user experiences for specific institutions, departments, or courses. The tight integration of first and third-party tools in this ecosystem raises concerns that student data may be accessed and shared without sufficient transparency or oversight.” To address governance issues associated with LMSs and LTIs, Sanfilippo et al (2023) conducted a multimodal study consisting of an online questionnaire collected from information technology professionals at seven universities in the USA and Canada, in-depth interviews with 25 data governance professionals and decision-makers at 14 US research universities, and documentation from 112 universities regarding LMS, plugin and LTI usage and management. Using the Governing Knowledge Commons framework in support of their analysis, Sanfilippo et al (2023) found few legal protections for students concerning third-party data flows, mostly failures of governance at the institutional level (with a few notable exceptions), and opaque decision-making processes.…”