Colleges and universities nationwide are failing to safeguard the digital safety and privacy of their students. At the outset of the coronavirus pandemic, schools faced new challenges when they were thrown into remote learning because of shelter-in-place orders. Now, running predominantly online classes, schools are relying on remote computer access and similar applications to proctor exams online. These arrangements constitute both an invasion of privacy and a possible cybersecurity risk; the schools are overlooking better alternatives.

A wide variety of online proctoring methods is available. Common options include taking a full view of a student’s monitor, disabling web browsers, disabling copy-and-paste functions, or some combination of these.

Some of the most commonly used methods are the most invasive, however. ProctorU, one of the largest online-proctoring vendors, drew criticism for using facial-recognition technology, controlling mouse movements, and retaining the ability to disable background apps, which could cause a computer to operate in an unintended manner. Examus claims to employ eye-tracking, scans of other people in the room, and “emotion detection.”

Students should not be expected to hand over this kind of access to their computers or be subject to this scrutiny, especially when they do not know what else the software has access to. Some remote setups, similar to those that IT technicians use, give proctors access to various connections on a student’s computer.

A student at Boise State University discovered that the proctoring software knew how many monitors he had connected; he had to disconnect his second monitor just to access the test. Such problems turn out to be commonplace, indicative of a high degree of surveillance. How could the student know whether his information was being viewed or even recorded—with someone perhaps waiting to breach it? What were the retention policies for the recordings? These details were not disclosed to this student’s class.

Earlier this year, an executive at the online proctoring service Proctorio released the private-chat support logs of students and got Twitter to take down a student’s critical tweet about the company. Proctorio is now suing a security researcher at the University of British Columbia who tweeted negative views of its product.

Some recommend removing the testing software after exams are completed—but students trying to do so have reported that their completed tests were canceled after uninstalling the software.

In defense of the invasive proctoring, an article published by eLearning Industry argues that students taking classroom tests are usually observed—so they should also be remotely observable. The situations are not analogous, though. Computers contain troves of personal information. A proctor watching students take tests in person cannot see what a remote proctor might see, such as private communications and files.

In contrast to overreaching e-proctoring efforts, reasonable anti-cheat measures are available. For example, Florida State University issued best practices for anti-cheating measures that focus on security within the test itself.

For example, the school can turn off the setting that immediately tells students whether their answers to test questions are correct. This prevents students from sharing confirmed answers with others.

Another innovative strategy, used by a University of California, Berkeley, computer science class, is to issue students a decryption key for the exam separate from the exam. This can prevent unintended recipients from viewing it. After decrypting the exam, the student then joins a private Zoom meeting, at which point they share their screen, which is recorded. A proctor can then periodically join the Zoom meeting at his discretion to check on the student and can review the recording to ensure academic honesty. This private meeting keeps students separate and shields them from seeing one another’s environment. The Berkeley instructor told students that all recordings of their displays would be purged after grading the exam. That practice should be standard.

One reason that recording screen sharing is superior to remote access is that it lessens proctor surveillance of the students’ personal effects. Viewing the names of files, picture thumbnails, sticky notes containing passwords, and desktop shortcuts is over-intrusive, potentially embarrassing to students, and does not provide additional security. We shouldn’t be making desktop peeping easy.

These invasive practices led the UC Santa Barbara Faculty Association to issue a warning about ProctorU last May. “This service ... mines the data of our students,” the group declared, “making them available to unspecified third parties, and therefore violates our students’ rights to privacy, and potentially implicates the university into becoming a surveillance tool.”