Implementation FAQ

General FAQ

What is Open Badges?

Open Badges is an initiative by the Mozilla Foundation to help recognize and support lifelong learning through a badge ecosystem. It includes development and deployment of the Open Badge Infrastructure (OBI), the underlying technology that supports badge issuing, collection, and display. The OBI is defined by two aspects: (i) the Open Badge specification, which technically describes an Open Badge standard and (ii) a Badge Backpack, which is a service that provides badge earners a way to collect and manage badges.

What is a “Badge”?

A “badge” is a digital symbol of recognition that complies with the Open Badge specification. Badges are useful in representing many things such as experiences, achievements, skills, competencies, learning, associations, community involvement, peer interaction, etc. They can function in formal and informal settings and can lead to new learning opportunities, jobs, community interactions, etc. Just like a real-life badge, an Open Badge can represent almost anything, like accomplishments in a class you’ve taken, levels of achievement in an ongoing process, your membership in a club, or your skills as a gamer. The things badges represent do not need to have occurred online: they can represent physical activities such as sports achievements, skills like cooking, etc. In the Open Badges ecosystem, badges include an image and a set of metadata that explains the badge and the evidence behind it. The result is that each badge carries all the information needed to understand and value the badge with it as it is exchanged or shared across the ecosystem. All badges initially default to private.

What is a Badge Backpack?

A repository for collecting and displaying badges from a variety of sources, the Open Badges backpack is a user management interface where the Earner can delete badges, import badges, set privacy controls, create and publish groups of badges, etc. Eventually, many entities may choose to host Badge Backpacks, but to start, Mozilla is hosting a reference Backpack (the “Mozilla Badge Backpack”) that can be used as a model for other Backpack Providers.

How does the Open Badges specification work?

The specification found here defines the information, or metadata, that must be included in a badge for it to be considered OBI-compliant. Each Open Badge carries all the information needed to understand that badge as it is transferred throughout the ecosystem. This includes how it was earned, where it was earned, who earned it, if and when it expires, etc. The specification ensures that badges are interoperable with other Open Badges and Badge Backpacks. The Open Badges metadata specification is available under a set of open licenses.

How does the Mozilla Badge Backpack work?

The Mozilla Badge Backpack is a Mozilla hosted service that uses Mozilla’s authentication platform called Mozilla Persona (formerly Browser ID) to tie badges to a specific user. Our specification does not require the use of Persona; however, the reference implementation of the Mozilla Badge Backpack uses it as the primary personal identifier. The first time an Earner agrees to accept a badge from an OBI-compliant issuer, their Mozilla Badge Backpack is created for them. The Mozilla Badge Backpack is a repository where Earners can collect badges from a variety of issuers. Earners can log into their Mozilla Badge Backpack at http://beta.openbadges.org and view and manage their collection, as well as build and publish groups of badges. The Mozilla Badge Backpack is subject to the Privacy Policy and Terms of Use.

How are badges added to the Backpack?

Badges are earned on Issuer sites and by default are marked as private. A badge Earner must initiate the process of adding badges to a Badge Backpack by accepting the badge and pushing it into their Backpack. This pushed badge then has the opportunity to enter the larger Open Badges ecosystem. Earners may also import other badges into their Backpack. Once a badge enters a Badge Backpack, an Earner can take the further step of making that badge publicly findable.

How may badges in a Backpack be publicly displayed?

The badge Earner initiates the display of their badges on any site, including Displayers’ websites. In order to do this, the Earner creates groups of badges within their Badge Backpack and then chooses which site they would like to publicly share this content with. They can create a publicly findable URL that references that specific badge group page or they can push that content to specific Earner-chosen sites.

Does Mozilla Collect Personal Information in Providing the Mozilla Badge Backpack?

Yes. In order to provide the Mozilla Badge Backpack, we ask Earners to provide a Persona username (usually an email address) so that badges can be linked to a specific user. You can find out about the data we collect for the Mozilla Badge Backpack, and how we handle it, in our Mozilla Badge Backpack Privacy Policy. You can find out more about our privacy practices regarding Persona here. Other parties, such as Issuers and Backpack Hosts may also collect personal information from you in relation to OBI. You should check the privacy policies of such parties to make sure you are comfortable with their data handling practices.

Issuer FAQ

What are my Responsibilities as an Issuer if I wish to enable earners to send badges to their Mozilla Badge Backpack?

As an Issuer, you grant us a non-exclusive, worldwide, royalty free license to use badges (including all the content and code in them) pushed to us by Earners from you in connection with the Mozilla Badge Backpack. If you are an Issuer of badges and enable earners to send badges to their Mozilla Badge Backpack, you also agree that:
  1. You will comply with all laws and regulations, including having a legally compliant privacy policy describing your role and interaction with the Mozilla Badge Backpack as well as your collection, use, retention or disclosure of information used in badges as well as the Mozilla Badge Backpack Terms of Use.
  2. Your badges will comply with our Content Guidelines.
  3. You will get Earner consent prior to sending a Badge to the Mozilla Badge Backpack.
  4. You will not send us the information of any user under the age of 13. For more information, see the COPPA FAQ, below.
  5. None of your badges will contain content or other information that infringes the rights of any third party (including intellectual property, privacy or publicity rights);
  6. Badges may only contain the user’s email address, the issuer’s name, the badge name and specific data about what the badge means such as the badge description and criteria URL, which is a URL pointing to a page hosted by the issuer that details all the criteria required for earning the badge. You will minimize any personal information inserted into a badge’s description by limiting that information to the achievement or accomplishment of skills, attainment of certification or credentials. See the technical specifications about badges for more information.
  7. If you are an educational institution, the criteria for earning badges may list required grades or minimum grades but the badge itself may not contain any information indicating the actual grade received by that Earner. For more information, see the FERPA FAQ below.

COPPA:

What if I’m an Issuer and my Service is aimed at Children under 13 or I have children under 13 earning Badges?

The Mozilla Badge Backpack is not available to users under the age of 13. If you have users under 13 who are earning badges, then do not allow those users to push badges to the Mozilla Badge Backpack. Regardless, you can still implement the OBI Specification in conjunction with your internal service or in conjunction with appropriate third party OBI Backpacks. Please speak with your legal counsel about your particular obligations under the Children’s Online Privacy Protection Act. You can also find out more about COPPA at the FTC COPPA FAQs.

COPPA:

What if I’m an Issuer and my Service is aimed at Children under 13 or I have children under 13 earning Badges?

The Mozilla Badge Backpack is not available to users under the age of 13. If you have users under 13 who are earning badges, then do not allow those users to push badges to the Mozilla Badge Backpack. Regardless, you can still implement the OBI Specification in conjunction with your internal service or in conjunction with appropriate third party OBI Backpacks. Please speak with your legal counsel about your particular obligations under the Children’s Online Privacy Protection Act. You can also find out more about COPPA at the FTC COPPA FAQs.

FERPA:

What if I Operate or Work for an Educational institution that is Subject to the Family Educational Rights and Privacy Act (FERPA)?

You will have to review your FERPA compliance requirements with your legal counsel. We’ve provided some information to help facilitate some of that discussion in this FAQ.

What is the Family Education Rights and Privacy Act (FERPA) and does it Apply to me?

FERPA is a federal law that applies to schools and learning institutions that receive federal funding. The law protects the privacy of students who are or have been in attendance at these institutions and about whom the institution keeps education records in any format. Additional information about the law itself can be found here.

Under FERPA, what is an Education Record?

Education records are those records maintained by an educational “agency” or “institution” that directly relate to a particular student.

How does FERPA Protect Students’ Privacy?

FERPA protects against the improper disclosure of personally identifiable information (PII) about students that are contained within their “Education Record”. FERPA protects this information by affording parents certain rights with respect to their children’s education records, and generally prohibits the disclosure of PII derived from those records to third parties without parental consent. Additional rights granted by FERPA include a parent’s or legal guardian’s right to access their child’s education records and the right to request that inaccurate or misleading information be amended. These rights transfer to the student once she turns 18 years old.

When can PII from an Education Record be disclosed Without Consent?

A school is permitted to disclose PII from a student’s education records to third parties without obtaining consent when that information has been appropriately designated “Directory Information” by the school or learning institution.

What is Directory Information?

Generally, Directory Information is information that would not be considered harmful or an invasion of privacy if disclosed. It can include the student’s name, email address, degrees, honors and awards received, phone number, photograph, date and place of birth, major field of study, participation in officially recognized activities and sports, the most recent previous educational agency or institution attended, grade level or year, and enrollment status. Directory information is designated by the school or learning institution and determined at its discretion. A badge may contain a student’s Directory Information, such as her email address and honors, awards, or degrees. Even if you designate information in a badge as Directory Information, a parent or student can request that you not share that information, and you should not send that information after a parent or student has made such a request.

What “Best Practices” Should I Consider Implementing When Disclosing Student Data?

It is your responsibility to discuss your FERPA compliance obligations with your legal counsel in connection with OBI. Regardless of how you classify data, we recommend that students and/or parents or legal guardians have as much transparency and choice as possible when it comes to sharing student data. You may want to ask about some of the following best practices:
  1. Make sure your Privacy and Directory Information policies provide notice of your disclosure practices associated with issuing a badge.
  2. Don’t include actual grades or individual test scores in a badge.
  3. Don’t include sensitive information such as social security numbers, health, medical, or disability information in a badge.
  4. Don’t allow users who are under 13 to send badges to the Mozilla Badge Backpack.
  5. Only include the minimal amount of data that must be embedded in a badge under the OBI specification.