This is the third in our series of posts on MOOCs.  Here, Greg Gibson and Peter Wainman look at some of the legal issues relating to the use of MOOC technology platforms.

MOOCs deliver course content through web-based software.  Typically, the IT infrastructure that hosts the software is located in the “cloud” – in a third party’s data centre that could be anywhere in the world.  Launching a MOOC means going into the business of IT service delivery – and getting up to speed about IT contracting.

MOOC software

Someone setting up a new MOOC would need to consider how to build the software platform.  Paying software engineers to develop something bespoke could be costly - increasingly, MOOCs are being built on existing platforms.  For example, Eliademy is built on the Moodle e-learning platform.

Use of an existing platform means considering the licence terms under which it is made available.  These might require acknowledging the platform owner and making the source code for the new MOOC available for others to use and develop (as part of the platform community).  XBlock, the software development kit for EdX, is available under the Affero GPL licence – which means that improvements must be published and made available to others on the terms of that licence.

Even MOOCs built on existing platforms will generally need significant customisation, so the MOOC provider would need to consider the terms under which any third party developers are engaged – who owns the IP?  When will the developer be paid – a fixed price on delivery or simply based on the resource being used?

MOOC providers

Course providers working with existing MOOC providers such as FutureLearn should consider them as IT suppliers providing application development/maintenance and infrastructure services.  They should look at their contracts with the provider – what commitment does the provider make about making the MOOC available to users?  How quickly will the provider fix problems?  Can the provider make changes to the platform without the course provider’s consent?

They would also need to consider data security.  What security measures does the provider use and what responsibility does the provider take for data backup/loss?  The contract should contain clauses addressing data protection risk – and both course provider and MOOC provider would need to be clear about how students’ data would be used (e.g. through their privacy policies and course documentation).

MOOCs in the cloud

MOOCs are often hosted in the cloud, allowing them to benefit from commodity pricing and adapt rapidly to changing content and volumes of users.  Coursera, for example, is hosted by Amazon.

The use of the cloud puts additional emphasis on data security.  If the MOOC may be hosted outside the European Economic Area, UK MOOC and course providers would need to consider how to comply with their obligations under the Data Protection Act (particularly given the potentially high volumes of student data being processed).  This might mean putting in place EC-prescribed model contracts with the cloud provider or seeking the consent of students to transferring their data out of the EEA.  Either way, students would need to be told that this was happening (see, for example, FutureLearn’s privacy policy).

Mobile MOOC

MOOCs trade on being available across multiple platforms – PC, tablet and mobile.  This adds some additional legal complexity because making apps available for tablet and mobile generally means signing up to the app store terms (which are not negotiable).  Again, MOOC and course providers need to think about how these interact with their own terms and what students will be asked to agree to when signing up for a course.