We’ve been there. Enter your email to get a permanent copy of this guide sent directly to your inbox.
It’s frustrating (and expensive!) for testing organizations to spend the time, creativity, and resources developing great test questions, only to have those items disclosed on the internet a short time after publication. The result of such disclosure? Undeserving test takers pass the exam using pre-knowledge (memorizing the answers they found online).
This type of fraudulent activity erodes the validity of your exam and hurts your program’s reputation. On top of that, your investment in developing high-quality assessments goes down the drain. Patrolling the web is a powerful tool that helps to protect your exams from cheating and gives your highly-valued intellectual properties additional validity, lifespan, and security in the current online environment.
Web monitoring is the practice of monitoring common places on the internet for stolen or otherwise exposed test content. Some organizations handle web monitoring efforts in house, while others opt for help through a professional Web Patrol® service (like this one). Web monitoring may not detect the theft in action, but it certainly detects its outcomes and provides the necessary information to take action.
While it may be easy to find public-facing social media posts containing illicit or stolen content, you may not be aware that an entire ecosystem of online forums, chats, and private groups exists for this very purpose. Social media is an excellent place to start your search, but you may be required to dust off your sleuthing skills and assimilate in some corners of the internet you’ve never been before. Here’s an article with in-depth information on how search engine technology impacts web monitoring efforts on social media sites.
Braindump sites, file sharing sites, and affiliated blogs make a practice out of sharing stolen content while dodging requests to take it down. Nevertheless, you must locate and pursue the removal of your content if ever you find it in one of these forums. Make it a practice to regularly crawl the current and most popular sites, and learn the best practices for handling braindumps to aid in your success.
You’re already familiar with search engines and social media sites in your home country, but are you familiar with those of other countries as well? If your exam is being delivered online, your exam is international. You should familiarize yourself with the most popular tools used to share information in other countries and learn how to use them. (Bonus points if you can speak the language!) Here’s an article to help get you started on your international web monitoring strategy.
Exams and tests are not just for organizations dedicated to testing. They’re also for training and evaluation purposes within tech companies, medical organizations, and even civil service groups in order to ensure candidates have the skills necessary to do the job well. But what happens when those tests are leaked online?
Just one online leak can have the effect of compromising an entire exam—or even the integrity of an entire institution. What else is there to lose from long-term, unchecked exposure?
Human web patrollers (as opposed to automated web crawlers) are capable of adapting seamlessly to the rapid evolution of the online social sphere—and to the specific needs of you, the client. Learn more about the differences between automated web crawling and human web monitoring in this article.
How much exposure are my exams getting on the internet?
If your test is administered online, then your web monitoring strategy must be comprehensive and international in scope. You can learn more about international web monitoring strategies in this article.
Crossing regional boundaries of the internet, like crossing into foreign territory, will reveal foreign hotspots of online activity, information-sharing models, consumer behavior, and etiquette (all in different languages).
In Korea and China, people are familiar with the national web platform Naver; it is an integral aspect of their online experience. But how familiar are you with Naver? This is just one example among thousands of potential international blind spots.
Who takes your tests? In what languages? Be sure to monitor for your content in multiple languages across the internet.
Here’s a sample process for monitoring, removing, and mitigating online web exposure:
Are you enlisting help for your organization’s web monitoring efforts or handling things internally? Determine who will be responsible for online threat removal. They should be directly involved and familiar with your exam security efforts. Also consider to whom that person should report their findings—a single individual at the top, multiple team members in different departments, or a representative on your legal team? We recommend a combination of these. Over time, evaluate which processes are the quickest pipeline to threat removal.
Prepare, approve with your legal team, and send a takedown letter to any offending site owner and affiliated web hosting company. Make sure your letter conforms to the Digital Millennium Copyright Act (DMCA) guidelines, found at www.copyright.gov. Please note that these laws apply only to domestic sites. International sites may require different methods and procedures based on the copyright protection in their country. You can learn more about submitting DMCA takedown notices in this article.
Congratulations! Your efforts have paid off and the offending sites have taken down your content. Now that the present threat is cleared, it’s important to follow through with the final step in the process.
Depending on the offending site, threats may be removed within hours of your first DMCA letter. It may also take weeks and multiple letters before you are successful in removing the content from the site. Strong determination and follow up with each and every site are key to getting content removed. In the meantime, if it’s a Google-owned site or blog, you can submit a copyright infringement notice with this 7-step process.
Continual monitoring is the most important step in the process. It is your assurance that if a threat appears again, it will be found quickly and dealt with before it impacts the integrity of your exams. Be sure to periodically take time to consider how your web monitoring efforts are performing. Make adjustments as necessary, and reach out for expert help when you need a hand.
There are hundreds of braindump sites disclosing actual exam content, with new sites being created daily—including thousands of affiliated blogs, filesharing sites, social media posts, and more.
While takedown notifications leveraging the Digital Millennium Copyright Act (DMCA) have been effective in the past, the sheer volume of potential sites today makes it difficult to address all of them with your limited time and resources.
Today, many braindumps never even respond to a takedown request (even after several attempts). Fraudsters often use privacy protection services, making it nearly impossible to find an address for sending a complaint. If you do make contact, a braindump owner may make claims of “fair use,” knowing that the likelihood of your starting legal proceedings against them is slim. Or they remove the material from one of their URLs, only to post it minutes later on several new sites.
DMCA is still a valuable tool.
What can your ongoing DMCA activity tell you about your program? You’ll glean trends on the amount and type of braindumps that share your content, the types of platforms they target, and the number of your exams they have for sale. In conjunction with other online data you’ve gathered about your exams, this information can help you identify trends and provide critical insight into the useful lifespan of your exam items and forms.
Ask your online testing provider to show you the security features of your online tests that will help reduce and track content exposure—like watermarking, secure item types, and more. Make sure you have these important features in your test creation and test delivery software.
It is now possible to build tests that self-protect from content theft, either by reducing overall exposure of your pool or by rendering braindump content unnecessary and ineffective.
While you’re engaging in security-enhancing efforts, be sure to allude to them (and even describe them) to your test takers. Send the message: “If you attempt to cheat, you will be caught.” Learn more about publicizing your test security measures in this article.
It can be hard to stay ahead of exposure, so reduce the consequences! Use AIG to easily and inexpensively create a huge item bank, allowing you to republish your exam quickly whenever the need arises. Learn more about AIG in this ultimate guide.
You don’t need a disposable lid, bag, or box. Just download here.
Want to subscribe to our newsletter?