Skip to content
Close
SEARCH
WISEflow Log in
Request demo
WISEflow Log in
Request demo
Green background

Proctored exams in higher education: balancing integrity, privacy & trust

Proctored examinations, whether on campus or online, help maintain academic integrity by supervising candidates during assessment. As universities scale flexible, digital assessment, the key question is no longer whether to proctor but how: in ways that are proportionate, privacy–preserving and pedagogically sound, aligned with GDPR/UK GDPR and student trust.

Proctored exams-8

WHAT ARE PROCTORED EXAMS?

A proctored exam is an assessment overseen by an invigilator (human or software) to deter and detect misconduct such as impersonation, unauthorised materials or collusion. In digital contexts this can include identity checks, lockdown environments and different levels of activity monitoring (e.g., randomised screenshots, or where justified audio/video signals).

Sector practice typically distinguishes:

TOUCH
Process optimisation Live remote invigilation
Live remote invigilation

Human proctor watching in real time

 

TOUCH
Raise_student_630x500 Record–and–review
Record–and–review

Sessions captured for post-exam triage

TOUCH
Authentics_630x500 Automated or AI–assisted flagging
Automated or AI–assisted flagging

Signals prioritised for human review

This taxonomy appears in sector primers and service offers and is reflected across European guidance.¹

WHY DO UNIVERSITIES USE PROCTORED EXAMS?

Universities usually cite three drivers:

1
Learning is fundamental

Integrity and fairness. Preserving confidence that grades reflect individual attainment.²
2
Flexibility and scale
Supporting distance learners, placements and students with mobility constraints.³
3
Operational resilience
Continuity during disruption and alignment with online learning models.⁴

European case law has also clarified that online proctoring can be lawful if it is necessary and proportionate for the assessment purpose, and if less intrusive alternatives are not viable for that specific case – coupled with DPIA and transparency.⁵ ⁶

SOFTWARE APPROACHES THAT SUPPORTS PROCTORED EXAMS

Lockdown browsers

Restrict local computer functions and access to external resources; evidence suggests they reduce opportunities for casual cheating, though student anxiety and accessibility require care.⁷ ⁸

Live remote invigilation

Human oversight via webcam/screen share; effective for high–stakes contexts, but relatively intrusive and resource–heavy.³.         

Record–and–review with triage

Capture sessions for later review; scalable when invigilator capacity is limited.                  

 

Automated/AI–assisted flagging

Identity (face match/liveness), audio triggers, simple behavioural anomalies, always with human adjudication to avoid false positives and bias.⁹

ADVANTAGES & DISADVANTAGES

Potential advantages
  • Maintains fairness in distributed settings and deters misconduct; reduces large–hall logistics.¹⁰
  • Enables flexible scheduling and BYOD delivery when designed well.⁹ ¹¹

Common disadvantages and risks
  • Privacy & data protection. Webcam/audio/screen capture, biometrics and behaviour analytics engage special–category data and home environments; strict purpose limitation, minimisation and retention are essential.¹² ¹³
  • Student experience & equity. Documented anxiety due to surveillance, differential device quality and study spaces, and accessibility considerations.¹⁴ ¹⁵
  • Bias/false positives. Automated flags can misinterpret disability–related behaviours or cultural norms; human–in–the–loop remains critical.⁹ ¹⁶

Ethical guidance emphasises transparency, participation of students in policy co–design, and preference for least intrusive measures that still meet the aim.¹⁷

TYPES OF PROCTORED EXAMS (WITH EXAMPLES)

On–campus invigilated The traditional hall; can include digital tests in managed labs.
Remote live proctoring Synchronous webcam/screen supervision with an initial ID check.³
Record–and–review  Asynchronous capture, later human triage of flagged segments.
Hybrid “soft proctoring” Proportionate, minimally intrusive signals (e.g., randomised device screenshots, limited identity checks) plus strong exam design (item randomisation, open–book rules where appropriate) and clear incident workflows.

A PRIVACY-FIRST, SOFT PROCTORING STANCE

A soft–proctoring approach aims to minimise surveillance and data collection while still providing defensible integrity controls and auditability. In practice this means:
  • Start with assessment design (authentic tasks, item banks, randomisation, clear rules).
  • Add environment controls (e.g., lockdown) only where closed–book conditions are educationally required.
  • Use targeted signals (e.g., device screenshots, light–touch identity checks) only if necessary – with human review, short retention, and transparent student notices.
  • Always run a DPIA for higher–risk features and publish a student–facing summary.

Regulators repeatedly stress necessity and proportionality, especially where biometrics are involved.¹² ⁶ ⁹

 

WHERE WISEflow FITS: LOCKDOWN FIRST, SOFT SIGNALS ONLY WHEN JUSTIFIED

WISEflow is an end–to–end digital assessment platform used widely across Europe. It supports onsite and remote delivery, with role–based workflows for authoring, invigilation and marking – at scale – while keeping privacy central (data minimisation, transparency, auditability).

 

FLOWlock: SECURE LOCKDOWN FOR CLOSED-BOOK EXAMS

FLOWlock provides secure, closed–book exams on students’ own devices (BYOD). Students work in WISEflow’s editor; institutions can allow–list specific tools and web resources needed for the discipline, while disabling application switching and the desktop. This protects the assessment environment without defaulting to continuous AV surveillance.

OPTIONAL INTEGRETY SIGNALS YOU CAN ADD TO FLOWlock (ONLY IF NECESSARY)

Randomised facial comparison (optional)
  • Periodically captures a still image via the webcam during the exam and compares it with the entry image to provide an identity match score for invigilators.

  • There is no continuous video stream; the purpose is limited to identity assurance.

  • Because this engages biometric data, institutions should complete WISEflow’s Facial/Audio DPIA addendum, set conservative retention, and use human adjudication on any low–score cases.
Voice detection & transcription (optional)
  • Records ambient audio and provides a live transcript; can flag multiple voices (possible collusion).

  • Designed as a soft signal – focused on speech events rather than full environmental surveillance – with short, policy–aligned retention and limited access.

These options surface to invigilators in WISEflow’s Participation Monitor for in–exam triage or post–exam review. Both features are configurable per exam and should be enabled only where the controller can evidence necessity and proportionality (e.g., higher–stakes, remote closed–book exams where impersonation or collusion risk is materially elevated).


Governance note: adopt the DPIA – Facial/Audio addendum, update student notices, and keep humans in the loop for all decisions.


The optional facial and audio features are powerful signals. They should be enabled only where a documented DPIA and policy show that their added risk is justified by the assessment need, and where alternatives would not meet the purpose with equal effectiveness.

 

WISEflow DEVICE MONITOR (FOR OPEN-BOOK MONITORING)

For open–book or resource–limited settings where lockdown isn’t appropriate, Device Monitor can capture randomised screenshots and light process information from the participant’s device during the exam window. By default, participants can review their own screenshots on submission, supporting transparency and natural justice. This is a distinctly soft alternative to continuous AV capture and is best used with clear “permitted resources” policies.

PRACTICAL RECOMMENDATIONS FOR UNIVERSITIES

1
Lead with assessment design

Use question banks, randomisation, authentic tasks and clear “what’s allowed” rules; reserve closed–book for genuine learning–outcome needs.
2
Adopt a tiered integrity model
Match controls to stakes and risk: on–campus invigilated → lockdown (FLOWlock) → soft signals (device screenshots, optional biometrics/audio) → only exceptionally, live remote invigilation.
3
Run a DPIA and publish a student–facing summary
Explain what is captured, why, who can access it, retention periods and appeal routes; provide practice sessions and reasonable alternatives where appropriate.
4
Keep humans in the loop
Use automated flags to prioritise review; rely on trained staff to interpret context, accessibility needs and cultural considerations; escalate only when evidence is corroborated.
5
Prefer soft proctoring by default
Start with lockdown and/or device monitoring; enable facial comparison or audio only when justified and time–bound.
6
Step Title
Description. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et

CONCLUSION: INTEGRITY WITH RESTRAINT

For universities seeking fairness at scale without over–surveillance, WISEflow’s FLOWlock offers strong exam–environment control, and its optional integrity signals – randomised facial comparison and voice detection/transcription – can provide proportionate assurance when truly needed. Combined with good assessment design, transparent notices and human–in–the–loop review, this model strengthens trust and standards while minimising unnecessary data collection.

FREQUENTLY ASKED QUESTIONS

What is a proctored exam?

A proctored exam is an assessment supervised by an invigilator, either a human or software, to deter and detect misconduct such as impersonation, unauthorised materials or collusion. In digital settings this can include identity checks, lockdown environments, randomised screenshots, and in justified cases limited audio or video signals.
Why do universities use proctored exams?

Institutions typically use proctoring to maintain fairness, support flexible and remote delivery, and ensure operational resilience. Proctoring helps confirm that grades reflect individual achievement, supports distance learners, and provides continuity during disruptions or fully online learning models.
Is online proctoring lawful under GDPR/UK GDPR?

Yes. When necessary, proportionate, and used only where less intrusive alternatives won’t meet the assessment purpose. A DPIA, transparency, limited retention, and clear purpose statements are essential, especially when biometric signals are involved.
What types of proctoring approaches exist?

Common models include:

  • Live remote invigilation: Human oversight via webcam and screen share.
  • Record-and-review: The session is captured for later triage.
  • Automated/AI-assisted flagging: Identity or behaviour signals flagged for human review.
  • Lockdown browsers: Restrict device functions to maintain closed‑book conditions.
What are the main advantages of proctored exams?

Proctoring helps maintain academic integrity across distributed settings, reduces the need for large exam halls, and enables flexible scheduling and BYOD delivery. When applied proportionately, it strengthens trust in assessment outcomes.
How does WISEflow support proctored examinations?

WISEflow offers a privacy‑first, scalable assessment environment with role‑based workflows. It supports onsite and remote delivery, integrates secure lockdown exams (FLOWlock), offers optional integrity signals when justified, and provides auditability, transparency, and data minimisation aligned with GDPR.
What optional integrity signals can be added in WISEflow?

wo optional signals can support higher‑stakes or elevated‑risk exams:

  • Randomised facial comparison: Periodic still images compared to an entry image for identity assurance.
  • Voice detection & transcription: Light audio monitoring that flags multiple voices.
    Both require a DPIA, conservative retention, transparent notices, and human review. They should only be enabled when proportionate and justified.

Want to know more about WISEflow?

If you’d like to see how WISEflow’s flow types, rubrics and integrity tools can support both formative and summative assessment across your programmes, we will be more than happy to take up the discussion with you and provide a demontration.
Request a Demo

SELECTED REFERENCES & FURTHER READING

Regulators & case law Dutch DPA (Autoriteit Persoonsgegevens): Online proctoring – requirements and DPIA guidance (incl. Amsterdam judgment summary). https://www.autoriteitpersoonsgegevens.nl/en/themes/education/digital–distance–education/online–proctoring ⁵ ⁶ ¹³
Amsterdam Court of Appeal (UvA/Proctorio): necessity & proportionality clarified in the specific COVID–19 context. https://gdprhub.eu/index.php?title=Gerechtshof_Amsterdam_–_200.280.852/01
EDPS TechSonar: Automated proctoring – features, risks and human oversight. https://www.edps.europa.eu/data–protection/technology–monitoring/techsonar/automated–proctoring_en
Research & commentary Han, Nikou & Ayele (2023): Digital proctoring in higher education – a systematic review. Emerald Insight (open access). https://www.emerald.com/insight/content/doi/10.1108/IJEM–12–2022–0522/full/html
Mutimukwe et al. (2025): Privacy in online proctoring systems in higher education (stakeholder perceptions). Springer (open access PDF). https://link.springer.com/content/pdf/10.1007/s12528–025–09461–5.pdf
Lee et al. (2023): Promises and perils of AI remote proctoring – equity and anxiety considerations. https://www.erudit.org/en/journals/cmej/2023–v14–n2–cmej07995/1099350ar.pdf
Balash et al. (2021): Students’ privacy/security perceptions of online proctoring services. https://arxiv.org/pdf/2106.05917
Practice & sector resources British Council: overview of live, record–and–review, and automated models. https://globalexamsservices.britishcouncil.org/assessment–services/online–proctoring
Jisc (assessment & ethics resources, EMA guidance): https://www.jisc.ac.uk/guides
About WISEflow’s privacy approach (for readers who want the governance detail)

Controller–processor model (institution as controller; UNIwise as processor).


GDPR principles embedded (lawfulness, purpose limitation, minimisation, storage limitation, integrity/confidentiality, accountability).


Feature–specific DPIAs available (e.g., Device Monitor, Facial/Audio addendum).


Short, policy–aligned retention defaults; role–based access; audit trails; student transparency by design.
Footnotes ¹ British Council; sector primers on live/record/automated models.
² Han et al., 2023.
³ British Council overview.
⁴ Lee et al., 2023.
⁵ Amsterdam District Court (2020).
⁶ Amsterdam Court of Appeal (2021); Dutch DPA summary.
⁷ Mohammed & Ali, 2022 (lockdown effectiveness).
⁸ University guidance on anxiety/accessibility (various; see Balash et al., 2021).
⁹ EDPS TechSonar; Lee et al., 2023.
¹⁰ Han et al., 2023.
¹¹ EDPS TechSonar.
¹² JIPITEC, 2023; EDPS TechSonar.
¹³ Dutch DPA guidance on DPIA and proportionality.
¹⁴ Ruzgar & Chua–Chow, 2023.
¹⁵ Balash et al., 2021.
¹⁶ EDPS TechSonar (bias/false positives).
¹⁷ Ethics/practice guidance (e.g., eLearningIndustry 2024; Jisc communities).