Blog Post

Open Badge Passport and the Trust Challenge

Open Badge Passport and the Trust Challenge


The following narrative makes reference to the Open Badge Passport (OBP) and Salava.

The outcome of the DML Trust Challenge, the Open Badge Passport, is Salava, the open source community edition of the Open Badge Passport. The Open Badge Passport (OBP) is the installation of Salava by Discendum and should be viewed as a real life test of Salava.

What is reported is mostly based on the Finnish experience of the Discendum implementation of Salava.

1 Define what trust means to your learners and their community.

Finland is a society of trust. As an observer of the Finnish society writes in her blog    

Imagine a world where you simply expect everyone to follow the rules and do the right thing. This is a world where mothers leave sleeping infants in their strollers outside of little shops while they run in for a quick purchase. This is a society where all school doors are left unlocked and public transportation basically operates on an honor system. It is simply assumed that you have already paid to ride the bus or tram. Here you can see children as young as 7 or 8 years old calmly riding the public bus/tram to get themselves to and from school or walking/ skipping down the street alone. Parents simply expect their kids to make the right decisions and also trust society to be looking out for their child while they are in public alone.

This trust extends to teachers and learning communities: teachers are not assessed, nor are schools individual schools' test results remain confidential. As Finnish Education Expert, 34-year veteran of Finland's National Board of Education, Reijo Laukkanen says: “We trust our teachers” (c.f. interview):

[in Finland] We talk about the culture of trust, and we really can trust [them], because [of] the working morale and the working ethics of the teachers. It's very high, and we can also trust that they are competent; they know what to do. […]
We don't have any evaluation of teachers after teachers have been at university…, have their papers and… get their posting in a school. So nobody evaluates teachers. We don't have that kind of tradition. We had it before, when we had inspectorate in Finland in [the] 1970s and in the beginning of [the] 1980s, but not anymore. Nobody evaluates teachers. 

And yet, Finland reaches high in the international comparisons of educational attainments.

The Open Badge Passport (OBP) addresses a wide range of learners, from secondary to tertiary education, from non-formal learning to corporate training. For each of those communities, trust means:

  • trust in oneself and others
  • trust in teachers who trust pupils and students
  • trust in society who trust their citizens

Unlike other countries, trust is still a central element in the fabric of the Finnish society.

2 How do you describe your purpose/mission? How does it align with your learner’s goals? What are the parameters of your mission? How does your work align with issues of trust?

The mission of Salava is to provide a platform:

  1. Encouraging the building and eliciting of trust relationships and trust networks.
  2. Facilitating and eliciting the recognition of one’s achievements.
  3. Empowering learners to lead the recognition process — giving them the tools to make tangible the trust they have in, and from, others.
  4. Providing learners with access to advanced services built on the badges metadata and established trust relationships.

It is difficult to address the question of alignment to learners’ goals independently from institutional and technology providers goals. For example, although it was a high priority in the initial proposal, OBP users do not yet have the possibility to issue their own badges — as the code is Open Source, a developer could add an extension to make it possible. But for Discendum, the publisher of the Open Badge Factory (OBF) which is an issuing platform, making the new OBP work seamlessly with the less new OBF technology, required additional work that was not possible in the framework of the project.

Beyond the issue of software development, there is a problem of societal development: what would be the value of learners issuing their own badges in a formal education system where badges are used to replace grades, teachers are not trusted by society, where teachers do not trust their students and parents nod not trust either of them? And what is the value of a badge if the only thing one can do with it is to show it to others and none of the metadata contained in the badge is exploited to provide valuable services?

3 How were you able to embed trust into your product or program from the beginning instead of as an afterthought? How will you demonstrate transparency and show you are being thoughtful with data?

Salava is at the service of Open Badges that can be defined as trust statements, trustworthy statements and also verifiable claims. So trust, as Open Badges, was clearly embedded within the project from the beginning.

Transparency: Salava’s code is open to public (experts) scrutiny, so users can have a relative confidence in the services based on the implementation of Salava — there is still the possibility that a rogue service provider patches a version of Salava resulting in inappropriate behaviour.

4 What are the systems and infrastructure you need to create transparency and trust? What best practices were you able to achieve in your current environment?

To create transparency and trust, we need more than systems and infrastructures. Systems and infrastructures are equivocal and can be used in different ways. For example, one of the issues a number of people have with Open Badges is that they they lack “quality assurance”. 

In a Unesco report (Level-setting and recognition of learning outcomes) one can read: “A key criticism of open badges, such as those developed by Mozilla, is that they lack a credible quality assurance component.” (p. 130) and “open digital badges, present significant challenges to current quality assurance regimes, they cannot be ignored.” (p. 156).

This criticism related to the lack of “quality assurance” infrastructure can be challenged on several grounds:

  1. An Open Badge is a medium, just like a sheepskin or the sheet of paper on which a diploma is printed. It can be used to represent high stake credentials (physician) or the mere participation to an event. The quality assurance component, just as with paper diplomas, is extrinsic to Open Badges, therefore it is not a criticism that should be addressed to Open Badges but to the institutions issuing them. Universities have delivered diploma for centuries without any quality assurance mechanism, or even without knowing that such a concept existed…
  2. An Open Badge contains the (meta)data to support quality assurance mechanisms (unlike a sheepskin or a piece of paper): someone reading a badge can have access to the evidence that was used to deliver the badge (if the evidence is made public) against the criteria, verify that the issuer and earners are those they pretend to be —it is not perfect with the current version of the standard, but should be fixed with the next one.
  3. Even the most perfect quality assurance mechanism cannot prevent the obsolescence of qualifications once delivered. What Open Badges allow, with the possibility of adding new evidence, collecting endorsements, etc. is to keep them current.
  4. The informal recognition by a community (local, professional) could be a better indicator of future performance than a formal recognition delivered by an institution—a fluid communication between both is desirable, e.g. to get a formal recognition on the basis of an informal one.

So, to respond to the question related to systems and infrastructures, Open Badges are transparent, a transparency that can be used to elicit and reinforce trust within a community. For example, although it was achieved with the Open Badge Factory, not yet the Open Badge Passport, we have been able to implement for the Girl and Boy Scouts of Finland a system of peer review for the delivery of Open Badges and the feedback was excellent.

5 How did you, or do you plan to gather feedback and engage with your stakeholders? How might you, or did you, involve the learner? What will you, or did you do if you do/did not agree with your stakeholders?

Salava is a software application, so we are in constant communication with our stakeholders.

We have collected feedback through multiple channels (direct communication, workshops, internal messaging, etc.) to improve Salava as described below for two key Salava’s features.

Pages: Salava Pages are the result of a dialogue with users who wanted to use badges as micro-portfolios, an alternative to unwieldy ePortfolio systems. The requirements collected from users included the following elements:

  • page owners should be able to share pages with identified people, such as tutors, reviewers, counsellors, supervisors, peers, etc.
  • badge viewers or reviewers should be able to add comments or endorsement to the page, which would be similar the vendor

Badge Messaging: With Salava, badges can be used as a communication channel. This means that users can message each other with badges. We first planned to allow only internal messaging, so only badge earners could send messages. However, some committed users of the Passport brought up the fact that badges could also be used as communication channels for badge viewers, to send questions to communities organised around badges and get support from them.

Badge Issuing: The extension to issue badges has not been integrated directly within the Open Badge Passport as 1) it is already possible to create a free account on the Open Badge Factory for those who want to issue badges, 2) the demand for badge issuing mostly comes from institutions, not individuals. For those reasons, it was not treated as a priority and should be available in a future release.

The dialogue with the stakeholders was a key means to learn and improve the quality of the service offered.

6 How will you iterate to make your program even better? What barriers might iteration present in the short term? How will you overcome them?

As a software product, the rhythm of iteration is that of software releases. Each release is an opportunity to solve identified problems and propose new and improved services. One of the key elements of Salava is the ability to plug-in new services, so new services could be proposed by third parties without having to wait for the next release.

The barriers to iteration in the short term are principally the lack of third party advanced services plugged-in onto Salava: to have more users we need more and better services, and to attract developers, we need to provide them with a large user base. It is a kind of catch 22.

To overcome this problem, Discendum is working on building and improving a first set of advanced services to expand its user base with the hope that other service providers and developers will adopt the Open Badge Passport as one of the reference platforms.

Another problem is the idiosyncratic nature of Open Badges: is there a way to develop technologies that would be beneficial to Open Badges while being generic enough to be used in other contexts.

It is why a significant part of the project has been dedicated to the exploration of technologies related to blockchains, encryption, digital signatures, linked data and the distributed web in general.

7 These principles endure in a community of trust. How were you able to meet  them?

Notice and Consent

As elicited in the picture on the right, Notice + Consent is probably one of the biggest lies on the web, if not the biggest. There are a number of fallacies associated with consent: that those who tic ‘accept’ have read the notice, that those who have read it, read it fully, have understood it and have taken action based on what they have read. 

The OBP provides clearly visible links at the bottom of each page to Terms of Use and Privacy Policy that people can read at their convenience. To check whether people have properly read those documents would require testing them, which is simply ludicrous. If people discover that the service is not what they expected, they can leave anytime.


Users have full control over who can access their profiles, badges and pages: Badges can be private or public (shared).

Ability to challenge existing data

Most data in the OBP are provided by the users (badges). For the data provided to the service provider, the privacy policy states that “users can access, modify and delete their personal data that the Service Provider has collected by logging into the Service.”

Data security

The personal data is collected into joint databases which are secured with firewalls and other appropriate technical measures. All people handling the register have personal access rights (username, password and access level information) to the register issued by the register owner. Only qualify people who need to carry out their work assignments can access the users’ personal data. These people include the Service Provider’s customer service personnel and the technical administrators of the Service.

The service is monitored to ensure the integrity of users’ data, that it is not used for wrong purposes and that no one can access or change the data without authorization.

Respect for Context

The Open Badge Passport “context” is about the recognition of one’s achievements whether in formal, non-formal or formal learning settings. Different communities use it in different contexts: it is the context that defines how it is being used, including when the consequence is that Open Badges are used to mimic traditional credentials…

8 Accountability: What is your plan to help if something goes wrong, i.e. bullying, data breach?

NB: Accountability has no equivalent in Finnish — trust and respect have!

For th eOpen Badge Passport service build by Discendum on the Salava platform, accountability related statements can be found on from the Term of Use of the service.

Data breach:

Discendum is a professional service provider hosting learning solutions for universities, banks and big corporates, which are very demanding concerning security. The same high standards are applied for the Open Badges Passport. The OBP server is protected by a firewall and monitored by an IDS (Intrusion Detection System) system and Nagios. Critical information such as passwords and data transfer are encrypted. OBP service’s data is backed up daily in a backup server which is behind our firewall and can’t be accessed by the outside world.

Bullying and inappropriate contents:

We have developed admin tools that we can use to monitor users and contents. Users can report inappropriate behaviour and contents. System admin can hide/delete inappropriate contents and lock or delete users.

9 What data will you collect? What is the life cycle of the data collected? Should your organization or organizations using your platform fold or become acquired, what is in place to protect user data?

Data we collect is listed in the service privacy policy document:

Here is a list of the data collected:

Personal data (mandatory):

  • first name
  • last name
  • e-mail address
  • country
  • date of birth

User data (optional):

  •  first name
  • last name
  • e-mail address
  • country
  • date of birth
  • User data (optional):
  • introduction
  • phone number
  • city
  • state
  • address
  • Facebook account
  • LinkedIn account
  • Twitter account
  • Pinterest account
  • Instagram account
  • Blog

What is the life cycle of the data collected? 

User data is stored in the system as long as the user uses it. If the user ceases to use OBP and delete his account, his/her data is deleted from the system’s database. The user can at anytime move his badges to an other badge repository (for example Badgr) or his own computer.

User data cannot be transferred to a third party without their agreement. If for some reason the Open Badge Passport was to be acquired by another organisation, the users would be informed and would have the possibility to stay in the OBP or export their badges and delete account and personal data.

The principle of the Open Badge Passport is “data belongs to the learner.” The data gathered from the users are for monitoring the service e.g. number of badges, 

The code of Salava is public, so it is possible to audit the code. User data has been protected to best of our ability.

10 Has your project identified any considerations of trust not otherwise readily recognized? If so, how might such consideration be taken up more generally in learning environments?

One of the main findings of the project, something that happened at its very inception, is the discovery of the extent of the confusion between trust and security (c.f. The Deleterious Effects of Mistaking Security for Trust): security is intrinsic to trust and there is no alternative to restoring trust but… trusting. When trust is affected, using security measures most likely results in destroying trust even further.

What we have not been able to measure is how authentic trust technologies (not security technology under disguise) could contribute to restoring trust. Considering the high level of distrust regarding formal schooling in a number of OECD countries and beyond, we have an almost unlimited playing-field to experiment with them. It is certainly something worth exploring over the next years.

The other finding is that technology can get in the way of trust. Technologies are equivocal. While Open Badges could be used in building trust, we have witnessed the ability of institutions of formal education to empty Open Badges from their main substance, making them into instruments of control, fashionable browny-points or digital gold stars, a means to provide a cheap face-lift to curricula and grades. And those efforts have been supported by a technology denying learners the right to issue their own badges to express their trust in themselves and others and construct their identities. Within the current implement of Open Badges, one’s identity is primarily defined by others — the announcement of the 2.0 spec should facilitate overcoming those shortcomings but there is no guarantee that it will happen as the problem is first and foremost a problem of mindset…

The other way technology can get in the way of trust is by making digital processes more complicated or more restricted than physical ones or than necessary. For example, in order to express one’s trust in someone else, there is probably no need for a badge. It could be sufficient to simply sign a statement and post it on a CV, a personal page or send it by email. A person reading that statement would be able to verify that it is genuine and could run along the chain of trust to find who the endorser is, who are those who trust this endorser etc. Manifesting one’s trust to someone else should be as easy as a “like” with the option to leave a comment and, possibly, a link to evidence. No need for a “pretty picture.”

This signature technology is a technology designed for the individuals that institutions could use as well. While there are (still!) discussion on whether people should have the right to issue their own badges, one can’t imagine that we could have the same kind of debate in relation to signatures: who would dare to question the right of anybody to sign documents with their own signature? The right to sign is an integral part of our right to express our identity.

While this issue might at first sight appear to belong to a place beyond the learning environment, such a technology could be used within learning to expand the mainly top-down approaches to badges to a bottom-up approach where learners are encouraged to recognise the people and other resources that have contributed to their learning by making it easy to endorse them: “I endorse you for having contributed to my learning.”

It is our hope that the Salava, Open Badge Passport community edition, will be able to include in the near future the mechanisms providing learners with the power to act, not just the power to pack!


No comments