The Remote Proctor Becomes the Suspicion Interface
AI-enabled remote proctoring does not simply move the exam online. It turns the student's room, body, device, and behavior into evidence before any misconduct has occurred.
The control question is not whether schools may protect exam integrity. It is when a monitoring event becomes evidence: raw recording, automated flag, reviewer interpretation, student response, corroboration, and final finding must remain distinct.
The Exam Enters the Home
Remote proctoring began as an emergency workaround and stayed as an institutional habit.
During the COVID-19 shift to remote learning, schools, universities, licensing bodies, and testing programs needed a way to run exams without exam halls. The practical problem was real. Some tests were high stakes. Some courses had accreditation requirements. Some students could not safely gather in person. Digital proctoring promised continuity: verify identity, lock down the computer, watch the room, record the session, flag suspicious behavior, and let instructors review later.
That promise changed the shape of assessment. The classroom exam used to be a bounded institutional space: a room, a desk, a proctor, a clock, a paper or device, and a shared set of visible constraints. Remote proctoring pushes that space into the student's home. The exam no longer only observes answers. It observes surroundings, posture, eye movement, voice, lighting, network conditions, device state, keyboard activity, mouse movement, and sometimes biometric identity signals.
The result is not just online testing. It is a suspicion interface. The student begins the exam by proving that the space, the body, and the machine are acceptable. It is the assessment counterpart to the AI detector as discipline machine: both convert a probabilistic signal into a presumption a student must then disprove.
For this essay, AI-enabled remote proctoring means a testing workflow that uses software to verify identity, constrain device behavior, record or monitor the test-taker, and classify behavior for later review. A suspicion interface is the part of that workflow that turns ordinary conditions--looking away, moving, using assistive technology, asking for accommodation, sharing a room, losing connectivity, or living in a noisy household--into flags that can travel as administrative evidence.
A proctoring flag is not a finding. It is an event label produced by a technical, human, or hybrid system: face not detected, gaze away, multiple faces, room noise, tab switch, connectivity loss, unusual motion, identity mismatch, or other configured signal. A misconduct finding should require a separate evidentiary step that includes context, student response, corroboration, and reviewer accountability.
Not every remote exam control is the same thing. A password check, a lockdown browser, a live human proctor, a webcam recording, an automated gaze flag, and a room scan make different claims about risk and require different justification. The central governance failure is to let the least controversial layer authorize the most intrusive one.
The stack has to be disaggregated. Identity verification, lockdown browsing, room inspection, live proctoring, automated behavioral classification, reviewer dashboards, and discipline workflows are different controls with different evidence value. A student may reasonably accept one layer and object to another. Governance fails when the legitimacy of basic exam administration is used to smuggle in biometric monitoring or automated suspicion.
Current Context
As of June 23, 2026, remote proctoring is no longer only an emergency workaround. It is part of the broader governance problem described in AI in Education: AI systems now help tutor, assess, monitor, record, and discipline students inside workflows where refusal can carry educational cost.
The EU AI Act makes the boundary explicit. Annex III classifies AI systems intended to monitor and detect prohibited student behavior during tests in education or vocational training as high-risk systems. The regulation's general application date is August 2, 2026, so on June 23, 2026 the main point was not that every duty had already landed, but that the legal category was set. For high-risk systems, Article 14 requires human oversight that lets overseers understand limitations, correctly interpret outputs, override or reverse outputs, and remain aware of automation bias. That does not automatically govern every U.S. classroom deployment, but it gives schools a useful rule of thumb: a test-monitoring classifier should not be treated as a neutral webcam feature.
U.S. law is more fragmented, but California's Student Test Taker Privacy Protection Act gives a concrete state-level example. A business providing proctoring services may collect, retain, use, or disclose a test taker's personal information only to the extent strictly necessary to provide proctoring services, subject to specified exceptions. The rule is narrow, but its premise is important: proctoring data is not just ordinary platform exhaust.
Student-data enforcement has also tightened around security, retention, and misrepresentation. In June 2026, the Federal Trade Commission gave final approval to an order against the edtech provider Illuminate over alleged failures to secure students' personal information; the order requires an information-security program, data-retention schedule, deletion of covered information not necessary to provide products or services, and limits on misleading privacy or security claims. That order is not a remote-proctoring case. It is a reminder that schools and vendors should treat proctoring recordings, biometric signals, ID images, flags, and logs as high-sensitivity education records, not as reusable product telemetry.
FERPA adds another boundary in the United States. The Department of Education's student-privacy guidance allows some vendor access under the school-official exception only when the outside party performs an institutional function, remains under the school's direct control for education-record use and maintenance, and uses personally identifiable information only for the purposes for which the disclosure was made. A proctoring flag that can affect a grade, conduct case, credential, or licensing path should not be treated as vendor telemetry just because a contractor generated it. The same logic belongs in contracts: purpose limits, data-element lists, retention schedules, deletion evidence, subprocessor controls, and a prohibition on unilateral reuse for unrelated product analytics.
Public institutions also have to treat the student's home as a legal boundary, not merely a background image. In Ogletree v. Cleveland State University, a federal district court held that a public university's pre-exam room scan violated the Fourth Amendment in that case; the Sixth Circuit later vacated the judgment after the plaintiff's death, so the district opinion should be read as a warning and not as controlling precedent. Its governance lesson remains narrower: room scans require separate necessity, proportionality, and alternative-access analysis rather than being bundled into ordinary exam setup.
The post-pandemic record also includes institutional retreat. In March 2025, McMaster University announced that Respondus Monitor would no longer be available for remote proctoring effective May 1, 2025, while Respondus LockDown Browser would remain available. The university cited privacy concerns, the vendor's inability to guarantee guardrails required after the Ontario IPC's decision, reduced need after the emergency remote-instruction period, and the academic-integrity office's view that Respondus Monitor outputs had not provided useful evidence in its cases. That example matters because it separates two questions often fused in procurement: whether some exam control is lawful or useful, and whether webcam-plus-AI monitoring is proportionate, governable, and evidentially valuable.
The local governance question is therefore precise: what educational purpose justifies each monitoring layer, what evidence proves it works, what alternative exists, and what happens when a student cannot make their body, room, device, or connection conform to the system's idea of normal?
What Is Being Measured
Proctoring systems vary. Some lockdown browsers mainly restrict the device environment. Others record webcam, microphone, screen, and browser activity. Some add identity verification, room scans, face detection, gaze estimation, object detection, keystroke or mouse monitoring, live human proctors, automated flagging, or post-exam risk reports.
The OECD describes proctoring systems as tools that monitor students during online or digital assessments, including video monitoring and screen, keystroke, or mouse tracking. It also notes that these systems are perceived in many jurisdictions as intrusive and privacy-sensitive. One OECD example from Latvia involved AI-based monitoring for lower-stakes school Olympiads, including desktop, audio, video, biometric identity verification, and real-time behavioral monitoring; the report also notes the system was not allowed for high-stakes state examinations as of 2024.
That distinction matters. A lockdown browser that prevents switching windows is one intervention. A webcam system that records a bedroom and algorithmically flags body movement is another. A human proctor who can answer questions is one governance model. A post-hoc suspicion score is another. The label "proctoring" hides a range of power.
It also hides a chain of inference. An identity check asks whether the test taker is the registered person. A device-control layer asks whether the local computer environment stayed within stated limits. A behavioral classifier asks whether movement, sound, gaze, or scene changes resemble a product's pattern of suspicious activity. A discipline workflow asks whether the school can prove misconduct. Those are not the same question, and the evidence rules should not let a weak answer to one become a strong answer to another.
The evidence chain should therefore stay legible: raw recording, system event, automated flag, reviewer note, student explanation, corroborating evidence, and final decision. Each step has a different reliability profile. If the dashboard collapses them into one suspicion score, the institution loses the ability to tell whether it has evidence of misconduct or only evidence that the system saw something unusual. By the time the output reaches a conduct officer, it can function like synthetic evidence: a system-mediated artifact whose apparent precision depends on hidden collection, classification, and review choices.
The review record should preserve uncertainty. If the only durable artifact is a dashboard score or a red flag, later reviewers cannot see whether the signal came from a lighting failure, accessibility need, product limitation, unsupported device, household interruption, or conduct relevant to the exam. Evidence quality depends on preserving the path from observation to interpretation.
Ontario's Information and Privacy Commissioner made a similar distinction in its McMaster University investigation. The commissioner accepted that Respondus LockDown Browser collected limited information corresponding closely to in-person exam controls. But Respondus Monitor was different: it accessed webcam recordings, collected biometric information in real time, analyzed movements and behavior with an AI-enabled algorithm, and produced reports with suspicious-activity flags for university review.
The important fact is that remote proctoring measures more than cheating. It measures the conditions around the student and converts those conditions into administrative signals. Those signals can later join the durable record layer described in the learning record as student model.
Biometric Suspicion
The most fragile part of this system is behavioral inference.
A student's face leaves the frame. The student looks away. The lighting changes. Another person enters the room. A disability affects movement or gaze. A darker skin tone interacts poorly with a camera or model. A neurodivergent student self-regulates in a way the system reads as abnormal. A caregiver is interrupted. A student in a crowded household cannot create the clean testing environment the software expects. A weak connection creates gaps. A laptop camera sees less than the policy imagines.
In a physical exam room, some of these events might be interpreted by a human in context. In remote proctoring, they can become machine-readable anomalies. The suspicious sign is not the same as misconduct, but the interface can make it feel evidentiary.
These are not hypothetical worries. Journalistic reports from the pandemic period documented Black students attempting remote bar exams who received "unable to identify your face" messages while trying to satisfy repeated identity checks. In 2021, reporting on researcher Akash Satheesan's analysis of Proctorio's facial-detection function alleged substantial failures on images labeled Black and linked the behavior to an off-the-shelf OpenCV model. Those reports are not a universal error-rate study for every product. They are evidence of the practical harm that occurs when biometric verification becomes the gate into a high-stakes exam.
EPIC's 2020 complaint against major online proctoring firms argued that students were being subjected to extensive collection of video, audio, keystroke patterns, biometric data, and AI analysis used to assign risk scores or flag possible cheating. The complaint focused on excessive data collection, opaque logic, potentially biased AI analysis, and the practical inability of students to opt out when a course requires the system.
The European Data Protection Supervisor's technology note makes the same risk concrete: automated proctoring can create privacy and data-protection concerns, and AI-powered components may produce errors or biased outcomes, especially for students with special needs or from minority groups. It also emphasizes the consent problem created by the power imbalance between the educational institution and the student. A privacy notice does not solve that imbalance if the practical alternative is failing the exam, delaying a credential, or exposing more of the student's life to get an accommodation.
Accessibility has to be designed before the exam, not negotiated after a flag. A system that can monitor eye movement, speech, posture, bathroom breaks, room conditions, and assistive tools must also know when those signals are outside its evidentiary competence. Otherwise accommodation becomes a post-hoc defense against a system that should never have treated the behavior as suspicious.
This is the politics of automated suspicion. The system does not need to decide guilt by itself to reshape the exam. It only needs to produce a flag that changes how the instructor, institution, or student understands the event. That is why automation bias is not a side issue; it is part of the evidentiary design.
The Integrity Paradox
Remote proctoring is justified in the name of exam integrity. But integrity has at least two meanings.
One meaning is anti-cheating: the institution wants confidence that the submitted work represents the test taker's unaided performance under stated conditions. That is legitimate. Credentialing systems, professional licensing, admissions tests, and high-stakes courses need evidence that scores mean something.
The other meaning is assessment validity: the exam should measure the relevant learning or competence without introducing unrelated burdens. A tool that increases anxiety, excludes students with disabilities, punishes unstable housing, requires high bandwidth, exposes private rooms, or misreads bodies can damage the validity it claims to protect. It may reduce one form of cheating while adding another form of distortion.
Research by Burgess, Ginsberg, Felten, and Cohney on remote proctoring in legal and medical licensing contexts found concerns across exam integrity, procedural fairness, and security and privacy. Their technical analysis argued that some anti-cheating measures could be bypassed and that proctoring software could pose security risks to users. The point is not that all remote testing is impossible. The point is that surveillance is not automatically a valid measurement strategy.
The Association for Computing Machinery's U.S. Technology Policy Committee framed responsible remote proctoring around equity, privacy, security, accessibility, and efficacy. That list is a useful correction. A proctoring system that is private but ineffective fails. A system that is effective for some but inaccessible to others fails. A system that deters cheating by making the exam environment psychologically hostile may protect a score while damaging the educational relationship around it.
Efficacy should be treated as a live governance claim, not a vendor adjective. McMaster's discontinuation notice is useful here because it paired privacy concerns with an evidence claim: the outputs had not provided useful evidence in academic-integrity cases handled by the university office. That is one institution's report, not a universal study, but it is exactly the kind of local evidence schools should demand before forcing students through a high-intrusion monitoring layer.
Cheating is a real problem. But a system can be anti-cheating and still be bad governance.
The Consent Problem
Remote proctoring often arrives as a condition of participation.
A student can refuse in theory and lose access in practice. If the course, school, degree, certification, scholarship, visa pathway, professional license, or required exam depends on the assessment, "consent" becomes thin. The choice is not between surveillance and no surveillance. It is between surveillance and educational penalty.
This matters because the data is intimate. A proctored exam can reveal home layout, family presence, disability, religious symbols, medical devices, economic conditions, voice, face, ID documents, routine behavior, and device contents. The data may be handled by vendors, stored after the exam, made available to instructors, reviewed during disputes, or exposed in breaches. The EDPS note cites 2020 incidents involving proctoring-related data leaks, including account information, addresses, facial-recognition data, contact data, and videos.
The institutional answer cannot be a checkbox. Schools need necessity and proportionality analysis. What risk is being addressed? Is the exam high stakes? Are there less intrusive alternatives? Does the system actually improve integrity? What data is collected? Who sees it? How long is it retained? What happens when a student cannot use the tool because of disability, housing, hardware, broadband, religious practice, caregiving, or safety?
Consent should therefore be replaced by authorization discipline: what law, policy, or assessment need permits this monitoring layer; what data elements are necessary; what alternative path exists; what consequence can follow; and when the authority expires. A student click-through is not enough to authorize a durable surveillance record.
The OECD's guardrail language is direct: high-stakes evaluations should have a human alternative, and continued use of AI-enabled remote proctoring should include a human proctoring option because students have different connectivity, living space, and home examination conditions. That should be treated as a baseline rather than a courtesy.
Failure Modes
Flag laundering. A webcam anomaly, gaze estimate, audio spike, network interruption, or object-detection event can become a misconduct lead even when the underlying signal is weak. The laundering happens when the dashboard presents the flag as if it were already evidence rather than a prompt for contextual review.
Accommodation inversion. Disability, neurodivergence, assistive technology, breaks, atypical movement, speech patterns, lighting needs, or caregiver interruptions can become suspicious precisely because the system was trained or configured around a narrow model of the compliant test-taker.
Home intrusion. Remote proctoring can turn a bedroom, kitchen, shared room, religious object, medical device, family member, financial constraint, or unsafe living situation into part of the exam record. The institution may learn more about the student's life than the exam requires.
Device coercion. Lockdown browsers and proctoring suites can require invasive permissions, local configuration changes, webcam and microphone access, screen capture, identity documents, and unstable software setups. The student often bears the security, compatibility, and technical-support risk.
Vendor memory. The raw video is only one layer. ID images, biometric templates or features, transcripts, metadata, flags, review notes, support tickets, access logs, and derived analytics can persist after the grade unless contracts and retention rules make deletion real.
Reviewer automation bias. A human reviewer may treat a vendor flag, risk score, or clipped incident video as neutral evidence rather than as a product-shaped prompt requiring context and corroboration.
Record drift. A proctoring event can migrate from exam review into advising files, conduct history, vendor analytics, model-improvement data, or future risk profiles without the student understanding that the evidence changed purpose.
Validity loss. Surveillance can change what the exam measures. A student may be tested not only on course knowledge but also on broadband quality, private space, camera compliance, stress tolerance, and ability to perform normality under observation.
The Governance Standard
A school or testing body that uses remote proctoring should be able to defend the system before the exam begins.
First, separate device control from bodily surveillance. A lockdown browser, an ID check, a live proctor, a webcam recording, a room scan, and AI behavior analysis are different interventions. Policy should name each one instead of hiding them under "online proctoring."
Second, require necessity and proportionality. The more intrusive the tool, the higher the stakes and evidence burden should be. Low-stakes quizzes rarely justify biometric monitoring or room recording. Higher-risk deployments should receive an algorithmic impact assessment before use.
Third, provide real alternatives. In-person proctoring, human remote proctoring, oral exams, project-based assessment, open-book design, timed but unproctored tests, or local testing centers may be better fits depending on the goal.
Fourth, do not treat automated flags as misconduct. A flag should trigger contextual human review, student response, and corroborating evidence. It should not become a quiet verdict. Students need notice and appeal when proctoring evidence can affect grades, credentials, discipline, or professional licensing.
Fifth, protect disability and difference. Accessibility review should happen before deployment, not after students are flagged. Movement, gaze, speech, lighting, assistive technology, breaks, and room conditions need accommodation pathways.
Sixth, minimize and expire data. Collect only what the assessment requires, limit vendor use, prohibit unrelated training or marketing uses, restrict access, log review, set short retention periods, and publish breach procedures. This is the education version of data minimization and privacy and data governance.
Seventh, test the tool's efficacy and security. If a system is invasive, it should have independent evidence that it meaningfully improves assessment integrity without unacceptable harm. Vendor assurance is not enough. Security review should include local device risk, data storage, subprocessor access, incident history, and whether anti-cheating claims survive adversarial testing.
Eighth, train human reviewers. Human oversight means more than putting a person after the dashboard. Reviewers should understand the tool's limits, the risk of automation bias, accommodation rules, and when to disregard or reverse a flag.
Ninth, audit outcomes. Institutions should review proctoring-triggered cases by course, instructor, exam type, disability accommodation, language status, race, income proxy where lawful, broadband or device access where available, and outcome. Disproportionate flagging should be treated as a governance incident.
Tenth, keep assessment design in view. If an exam requires a surveillance stack to be meaningful, the institution should ask whether the exam format is still the right proxy for learning. For youth-serving institutions, this is also a safeguarding question because the monitoring layer can shape how students experience authority.
Eleventh, bind vendor data use by contract. Contracts should prohibit unrelated model training, product-improvement reuse, marketing use, and unapproved subprocessing of proctoring data. They should require deletion schedules, breach notice, audit rights, accessibility commitments, bias testing where relevant, and proof that software can be removed from student devices.
Twelfth, publish a proctoring evidence ladder. Students and instructors should know before the exam what each flag can trigger, what corroboration is required, who reviews the evidence, how accommodations are considered, how long recordings are retained, and how a student can challenge the record.
Thirteenth, separate records from telemetry. If a recording, flag, reviewer note, identity check, or support ticket can affect a student, it should be governed as an education record or discipline record with access, correction, retention, and disclosure controls. Vendor dashboards should not become a side channel around student-record rights.
Fourteenth, review room scans as their own intervention. A room scan exposes a home, dorm room, workplace, shelter, religious object, medical device, family member, or financial constraint. It needs a distinct legal, privacy, accessibility, and evidentiary justification, plus a workable alternative for students who cannot or should not expose that space.
Fifteenth, preserve the abstention rule. A system should be allowed to produce no usable flag when lighting, disability accommodation, network quality, camera angle, language, household conditions, product version, or missing context make the output unreliable. "No reliable proctoring evidence" is a legitimate governance result.
Sixteenth, test the appeal path before deployment. Institutions should rehearse a real challenge: a student contests a flag, invokes an accommodation, asks for the recording, disputes the reviewer note, requests deletion after the retention period, and asks what vendor data remains. If the school cannot answer those steps before launch, it has not governed the system.
What This Changes
The remote proctor is a small institutional machine with a large lesson: when trust breaks, the interface expands.
First the institution loses confidence in the take-home exam. Then it adds a browser lock. Then a camera. Then a room scan. Then biometric verification. Then behavioral flags. Then a dashboard. The exam becomes less a measurement of knowledge than a theater of permitted bodies, permitted spaces, and permitted motions.
This is recursive reality at the scale of a quiz. The system defines suspicious behavior. Students adapt to the system's definition. Instructors read students through the system's flags. The flag changes the social meaning of looking away, fidgeting, sharing a room, using assistive tools, or having a bad connection. The model-mediated category helps produce the institutional reality it claims only to observe.
The answer is not nostalgia for paper exams or naive trust in unsupervised online testing. Institutions need assessment integrity. But integrity cannot be reduced to surveillance density. A school that treats every student as a pre-suspect may preserve some scores while teaching a deeper curriculum: authority now lives in the monitoring layer.
The better path is colder and more accountable. Name the intervention. Justify the intrusion. Offer alternatives. Preserve appeal. Minimize data. Review in context. Redesign assessments when the old proxy collapses. Do not let a camera and classifier become the moral architecture of learning.
Source Discipline
The sources for remote proctoring need to be read by type. OECD, EDPS, ACM, Ontario IPC, California law, FERPA guidance, the EU AI Act, and the FTC are policy, regulator, legal, or standards sources. They establish governance concerns and duties; they do not prove that a specific school's product works or fails. The EU AI Act source also has to be read with its application dates and transitional rules, because classification, provider duty, deployer duty, and enforcement timing are not the same sentence.
The Ogletree room-scan decision is treated here as a concrete public-institution boundary case, not as a nationwide rule for all schools, private testing providers, or every remote exam. The FTC Illuminate order is student-data enforcement context, not a finding about remote proctoring. FERPA guidance establishes disclosure and record-governance constraints, but local application depends on the institution, record type, vendor role, and consequence.
Source discipline should also distinguish flag-generation evidence from misconduct evidence. A vendor report can establish that the system generated a flag. It cannot, by itself, establish cheating, intent, or fairness of consequence. A school record should therefore name the raw source, classifier or proctor action, reviewer interpretation, student response, corroboration, and final decision separately.
Burgess, Ginsberg, Felten, and Cohney provide technical research evidence about remote proctoring in licensing contexts, including integrity, fairness, security, and privacy concerns. EPIC's complaint is an advocacy filing that usefully catalogs alleged risks and industry practices, not a regulator's final finding. Motherboard and National Jurist are journalism about reported incidents and should not be converted into universal error-rate claims. McMaster's discontinuation notice is a local institutional record: useful because it names privacy and evidence-utility concerns, limited because it reports one university's deployment and review rather than the whole market.
Vendor materials should be treated as product claims requiring local validation. The question is not just whether a vendor says the tool deters cheating. It is what the tool collects, how it classifies, how often it is wrong in the local population, who reviews the output, how students contest it, and what remains after the exam is over.
Related Pages
- AI in Education, The AI Detector Becomes the Discipline Machine, The Learning Record Becomes the Student Model, and The AI Tutor Becomes the Shadow School cover the education governance layer.
- The Synthetic Evidence Becomes the Court Record, Automation Bias, Algorithmic Impact Assessments, Notice and Appeal, Human Oversight of AI Systems, AI Audit Trails, and AI Incident Reporting cover evidence and review.
- The Face Becomes the Ticket, Biometric Categorization, Algorithmic Bias, Data Minimization, Privacy and Data, Accessibility, Safeguarding and Youth Protection, and High-Control Interface cover body, privacy, and youth-safety controls.
Sources
- OECD, Digital assessment, OECD Digital Education Outlook 2023, reviewed June 23, 2026.
- OECD, Opportunities, guidelines and guardrails for effective and equitable use of AI in education, OECD Digital Education Outlook 2023, reviewed June 23, 2026.
- Association for Computing Machinery U.S. Technology Policy Committee, Principles for the Responsible Development of Remote Proctoring Software, January 12, 2023.
- Electronic Privacy Information Center, In re Online Test Proctoring Companies, December 9, 2020.
- European Data Protection Supervisor, Automated proctoring, TechSonar, reviewed June 23, 2026.
- Office of the Information and Privacy Commissioner of Ontario, Investigation report PI21-00001: McMaster University's use of Respondus exam proctoring software, February 28, 2024, reviewed June 23, 2026.
- McMaster University Office of the Provost, Updates to Respondus Online Proctoring Tool, March 11, 2025, reviewed June 23, 2026.
- European Union, Regulation (EU) 2024/1689, Artificial Intelligence Act, Annex III, Article 14, and Article 113 application dates, EUR-Lex official text, reviewed June 23, 2026.
- California Legislature, SB-1172 Student Test Taker Privacy Protection Act, Chapter 720, Statutes of 2022.
- Federal Trade Commission, FTC gives final approval to order against Illuminate settling allegations it failed to secure students' personal data, June 5, 2026.
- U.S. Department of Education Student Privacy Policy Office, FERPA school official exception and outsourced institutional services FAQ, reviewed June 23, 2026.
- U.S. Department of Education Student Privacy Policy Office, Responsibilities of Third-Party Service Providers under FERPA, August 2015; reviewed June 23, 2026.
- U.S. District Court for the Northern District of Ohio, Ogletree v. Cleveland State University, No. 1:21-cv-00500, August 22, 2022; later vacated on appeal in Ogletree v. Bloomberg, Nos. 22-3795/23-3043/23-3081, 2023 WL 8468654 (6th Cir. Dec. 4, 2023).
- Ben Burgess, Avi Ginsberg, Edward W. Felten, and Shaanan Cohney, Watching the watchers: bias and vulnerability in remote proctoring software, USENIX Security Symposium 2022.
- Todd Feathers and Janus Rose, Proctorio Is Using Racist Algorithms to Detect Faces, Vice/Motherboard, April 2021, on Akash Satheesan's analysis.
- National Jurist, Some dark-skin students getting 'Unable to Identify Your Face' messages while attempting to take online bar exam, 2020.