Traditional, paper-based communication of individual student records protects the rights and interests of all stakeholders -- the secondary school officials who curate student records, the students who are both the subjects and owners of their own individual records, and the college admission officers, prospective employers, and others who, with the permission of individual students, receive and review such records. In the traditional process, when a graduating student applies for employment or admission to an institution of higher learning, she asks the guidance counselor at her secondary school for a transcript of her academic achievements to support her application. In response, the guidance counselor prepares a paper record of that student's achievements and presents it to her so that she might forward that transcript to whomever she pleased. In order to prevent forgery of academic transcripts, the paper record presented to the student often includes various marks of its authenticity, such as an imprint of the school seal or the signature of an authorized school official. In order to prevent unauthorized alteration of transcript content, the prepared document is sometimes presented to the student inside a sealed postal envelope which cannot easily be opened without detection -- perhaps aided by tamper-proof tape, signed envelope flaps, or even imprinted wax seals. The integrity of the envelope's physical seal assures the recipient that its contents have not been altered in transit; seals and signatures affixed to the enclosed document assure the recipient of the transcript's legitimacy. The student's privacy is assured by her ability to forward the sealed transcript to whomever she pleases without the knowledge of or further consultation with the school.
Figure 1. Corrupted Model for Exchanging Secondary School Transcripts
While the traditional process of distributing academic transcripts admirably protects student privacy and ownership rights, that process also requires manual effort from the school staff for the preparation of each transcript. On the premise of reducing that effort, some school officials have needlessly misapplied technology in a way that guts student privacy and effectively excludes students from their own business. Figure 1 illustrates an increasingly common aberration. Rather than adopting standardized, readily available technology to protect the integrity of tranmitted student data -- as it had once been protected by their own signatures on sealed envelopes -- school officials interpose themselves (or their agents) between students and transcript recipients, claiming falsely that no other approach adequately assures the confidentiality, origin, and integrity of transcript content or the reliability of transcript transmission. By introducing the role of "third-party processor" in Figure 1, educators disrupt what should be private, bilateral relationships between students and their chosen correspondents, implicitly denying the legitimacy of any technical means by which a student might manage and secure his/her own communication.
By coercing students into a false choice between surrendering their privacy or accepting the limitations of a slow, largely manual system, educators and allied service providers gain significant new benefits at student expense. Among these benefits is the creation of an otherwise unneeded educational services industry to mediate communication between students and transcript recipients -- communication which, by the most natural operation of the Internet, would otherwise be end-to-end. A second consequence of coerced mediation is that the mediators gain unfettered control over school records that would otherwise be private and often protected by law. A third consequence of coerced mediation is that mediators can harvest candid data on student behavior outside the secondary school domain. Even the most basic information about college and employment applications, successful or not, individual or in the aggregate, can have significant value for secondary school officials, college administrators, employers, and general marketing professionals. Moreover, although such data is historically private, it is also more valuable and legally less well protected than internal secondary school records.
Mediated transcript distribution vitiates student privacy while endowing school bureaucrats and their confederates with undeserved privilege, but these political concessions are utterly unnecessary to automated transcript distribution. As suggested by Figure 2, the political concessions intrinsic to mediated transcript exchange can be largely eliminated by the most straightforward automation of traditional transcript process.
EESST is a common format for exchanging secondary school academic transcripts via electronic mail. Because the defined format supports digital signature of transcripts by their originator, a student cannot fabricate or alter transcript information provided by school officials. Because the described format supports encrypted transmission of school transcripts, the distribution of each student's information can remain private and under his or her control. Because the format supports asymmetric cryptography, the origin and integrity of received transcripts can be verified independently by the recipient; confidential content can be independently recovered by an intended recipient while remaining protected from unauthorized access. Because the Internet email protocol provides fail-safe delivery, transcripts are reliably delivered to their intended recipients, and the sending student is directly notified of any exceptions. No centralized, trusted authority is needed to mediate communication between students, transcript originators, or transcript recipients. Thus, a student's need for an authoritative record of his education cannot be exploited to restrict or monitor his/her free and private interactions with colleges, employers, or others. Students can reclaim control over their own personal information and relationships with prospective employers and admissions officers; students can prevent surrepetitious harvesting of information about their affairs. Last but not least, specialized software is not required by most participants in the school transcript exchange protocol: the needs of all students and many transcript recipients can be met by existing, standards-based, secure email clients.