the law, the internet and higher education john reynolds senior vice president azusa pacific...
TRANSCRIPT
The Law, the Internet and Higher Education
John ReynoldsSenior Vice PresidentAzusa Pacific University
A Brief Summary of the Evolution of the Internet
1945 1995
Memex Conceived
1945
WWWCreated
1989
MosaicCreated
1993
A Mathematical
Theory of Communication
1948
Packet Switching Invented
1964
SiliconChip1958
First Vast ComputerNetwork
Envisioned1962
ARPANET1969
TCP/IPCreated
1972
InternetNamed
and Goes
TCP/IP1984
HypertextInvented
1965
Age ofeCommerce
Begins1995
Internet Growth Trends
• 1977: 111 hosts on Internet• 1981: 213 hosts• 1983: 562 hosts• 1984: 1,000 hosts• 1986: 5,000 hosts• 1987: 10,000 hosts• 1989: 100,000 hosts• 1992: 1,000,000 hosts• 2001: 150 – 175 million hosts• 2002: over 200 million hosts• By 2010, about 80% of the planet will be on the Internet
By September 2002The Internet Reached Two
Important Milestones:
Netsizer.com – from Telcordia
Growth of Internet Hosts *Sept. 1969 - Sept. 2002
0
50,000,000
100,000,000
150,000,000
200,000,000
250,000,000
Time Period
No
. of
Ho
sts
The Internet was not known as "The Internet" until January 1984, at which timethere were 1000 hosts that were all converted over to using TCP/IP.
Chart by William F. Slater, III
Sept. 1, 2002
Dot-Com Bust Begins
Statistics from the IITF Report The Emerging Digital Economy *
• To get a market of 50 Million People Participating:• Radio took 38 years • TV took 13 years• Once it was open to the General Public, The Internet
made to the 50 million person audience mark in just 4 years!!!
• http://www.ecommerce.gov/emerging.htm– Released on April 15, 1998
* Delivered to the President and the U.S. Public on April 15, 1998 by Bill Daley, Secretary of Commerce and Chairman of the Information Infrastructure Task Force
What did this mean for Higher Education?
• No freshman student today has not had access to the internet in the U.S.A.
• The average age of faculty is now 54 in US colleges and universities
• There is no limit to accessing data in text, image, sound or stream format
• The internet is now the accepted starting point for all research
Areas for today’s conversation
• The Internet and the student• Controlling the internet through
legislation• The Internet and the Institution• Questions
The Internet and the InstitutionConcerns
• Use of bandwidth for non-academic purposes• Capacity issues• Streaming audio and video• Pornographic and hate sites• Interference with legitimate research and
academic use• Hacking/Security• Cost• Privacy• Web Domain Management• Libraries • License Management• Public Address Lists
Email and Appropriate Use
• Appropriate Use Policy• Accepted Internet Use Policy
Internet acceptable use policy
Example from APU:Azusa Pacific University's domain name (APU.EDU) and other
University computer, network, and electronic mail systems exist for the primary purpose of transmitting and sharing information for the University's purposes. The use of apu.edu by any member must be consistent with the mission of Azusa Pacific University and is subject to control by the University. Computer, network, communications, and Internet services exist to promote the purposes of the University. Every attempt to protect privacy will be maintained, but observation of traffic flow and content may be necessary at the University's discretion for security and legal reasons. The end-user who originates traffic will be responsible if the traffic does not conform to this policy.
Internet acceptable use policy
User Requirements
• Respect the privacy of others. For example, users shall not intentionally seek information on, obtain copies of, or modify files belonging to other users.
• Only use your own account and password; never misrepresent yourself as another user.
• Respect the legal protection provided by copyright and licenses to programs and data.
• Respect the integrity of apu.edu so as not to interfere with or disrupt network users, services, or equipment. Interference or disruption includes, but is not limited to, distribution of unsolicited advertising, propagation of computer viruses, and use of the network to make unauthorized entry into other computational, communications, or information devices or resources.
Internet acceptable use policy
Acceptable Uses:
• Use as a vehicle for scholarly or University-related communications
• Use in applying for or administering grants or contracts for research or instruction.
• Use in activities of research or direct support for instruction.
• Use must be consistent with University standards as defined in its publications.
Internet acceptable use policy
Unacceptable Uses:
• Use of apu.edu or any other University computing resources for illegal purposes.
• Use of apu.edu or any other University computing resources to transmit or receive threatening, obscene, or harassing materials.
• Sending unsolicited advertising.
• Use for personal for-profit business is not permitted.
• Use of the network by employees for recreational games is not acceptable during working hours.
Internet acceptable use policy
Enforcement and Violations
Action may be taken by system management, subject to the guidance and authority of the Internet Policy Committee, to prevent possible unauthorized activity by temporarily deactivating any member. Reasonable efforts will be made to inform the member prior to disconnection and to re-establish the connection as soon as an acceptable understanding has been reached. Any disciplinary action deemed necessary will be handled through the normal channels as explained and set forth in the student catalogue, student handbook or other materials published by the office of the Dean of Students.
P2P
http://www.acenet.edu/washington/legalupdate/2003/P2P.pdf
• http://www.stereophile.com/news/101104copyright/
Peer to Peer Policy (P2P)
For the purposes of this policy, a Peer-to-peer file sharing application is any application that transforms a personal computer into a server that distributes data simultaneously to other computers.
Peer to Peer Policy (P2P)
Issues:Copyright Infringement
Downloading or distributing copyrighted material, e.g. documents, music, movies, videos, text, etc., without permission from the rightful owner violates the United States Copyright Act and several university policies. While it is true that a number of artists have allowed their creative works to be freely copied, those artists remain very much the exception. It is best to assume that all works are copyright-protected except those that explicitly state otherwise.
Peer to Peer Policy (P2P)
Impact to APU's network
A user's computer acting as a server can place an enormous burden on APU's network(s). If the computer/server is popular and does excessive, high-volume transfers of files, this single computer/server can severely impact the performance of APU's network. Imagine the impact if there are several computers/servers functioning in the same manner. For example, music files (MP3) are usually very large files, between 2 and 10 MB in size, and movie files (DivX) can be enormous, averaging 600 MB in size. Some Peer-to-Peer applications let you choose NOT to be a server, but others, such as Gnutella, don't. If users simply install the software and don't take the time to read the documentation, they may not realize that their computer is acting like a server. Make sure you understand what the software does.
Peer to Peer Policy (P2P)
Security
Another serious problem with setting up your computer as a server is that faculty/staff and students could be reducing the security of their system, allowing a cracker (computer criminal) to more easily compromise their entire computer and gain access to private and/or University data. Furthermore, any compromised computer on the University network increases the potential risk to all other devices and systems within that same security context of that network. Peer-to-peer file sharing applications differ in how much security they provide. Be cautious.
Peer to Peer Policy (P2P)
PornographyLastly, new reports indicate that Peer-to-Peer applications are being used to disseminate pornography. It is not known at this time if this is done with the authorization or knowledge of computers/servers participating with Peer-to-Peer applications.
Peer to Peer Policy (P2P)
Policy It is the policy of APU that the university's
network connections may not be used to violate copyright laws. The unauthorized reproduction of copyrighted materials is a serious violation of APU's Internet Acceptable Use Policy, as well as the U.S. Copyright Laws.
Peer to Peer Policy (P2P)
Background Discussion of Copyright Law and Potential Liability for Students Engaged in P2P File Sharing on University Networks
Peer to Peer Policy (P2P)
Electronic Privacy Information Center
http://www.epic.org/privacy/student/p2pletter.html
Peer to Peer Policy (P2P)
What Is Higher Education Doing About P2P?
http://www.educause.edu/asp/doclib/abstract.asp?ID=EDU03156
SPAM and Viruses
Spam
The first federal anti-spam legislation, the CAN-SPAM Act of 2003, was signed into law by President George W. Bush on December 15, 2003. The Act is effective January 1, 2004. The Act sets rules for commercial e-mail, although it makes no distinction between solicited and unsolicited commercial e-mail. Commercial e-mail is defined as "any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose". Several states have passed similar anti-spam legislation.
Spam
Six years after spam legislation was first introduced, the first federal spam law was signed by President Bush on December 15, 2003. Despite this milestone, the CAN-SPAM bill remains a "work in progress." While it includes popular provisions from several bills, including making spamming a criminal offense, it also calls for at least five follow-up reports to be submitted to Congress over the next 24 months. These reports call for continued work on such things as defining the "primary purpose of an electronic mail message," what constitutes a "transactional or relationship message," and what is a suitable identifier for mail that contains sexually oriented material. The law also calls for the Federal Trade Commission (FTC) to submit a plan and timetable for a "do not spam" registry.
Spam laws by state
http://www.spamlaws.com/state/summary.html
Proposed Policy
• Case StudyThe academic cabinet of your institution
has complained to you about the large number of “SPAM” messages being received in their mail inboxes. You as the senior administrator have decided that the best course of action is to filter these messages before they are received. What do you think should be taken into account as you develop and implement this policy?
Copyright
• Digital Millenium Act http://www.loc.gov/copyright/legislation/dmca.pdf
• Intellectual copyright http://www.benedict.com/
Privacy and Security
• Auditors • Personal Privacy• Harassment
Policies
• Network access (Wireless)• Password Management• Authentication • Authorization
Network Access
• http://apu.edu/imt/network-access-policy.php
• http://apu.edu/imt/network-account-policy.php
Security
• http://www.signonsandiego.com/news/computing/20040317-9999-news_7m17hacker.html
• GLB Act (Gramm Lilley Beech)• Sarbanes-Oxley Act
Electronic Mail
• http://www.buys.co.za/casestudies_email_failure_content.htm
• http://apu.edu/imt/electronic_mail_usage.php
External Legislation
US Patriot Act 2001
• In essence the Patriot Act is an Extension of FERPA
• That allow federal agency to request information without the consent of the student.
• Limited liability, not tested, no precedent.
US Patriot Act 2001
Four primary areas:1. The privacy of student records2. Information and Technology3. Subpoenas and warrants4. Environmental health and safety
Privacy of Student Records
• The request must be by a US Assistant Attorney General or higher ranking official.
• It must be through a court order.• There must be a certification that there
are specific and articulable facts supporting the request.
• Institutions do not violate FERPA by responding to such and order without student consent.
Privacy of Student Records
• APU does not need to make a record of disclosure (this is an exception to the current FERPA requirement).
• APU should not be liable to any person for good faith disclosure of educational records in response to such and order.
• There is a monitoring of foreign student session; John Reynolds analysis is that the new information requirements through SERVIS (the students and exchange visitors program information system) should cover this information.
Information Technology Requirement
• Permit government officials to seek stored voicemail messages without wiretap authorization
• Requires APU communication providers to respond to a subpoena for, long distance, local telephone connection records, times and duration, telephone numbers, assigned network addresses, means and source of payment for these services.
Information Technology Requirement
• To provide URL records, technically difficult for APU.
• Authorizes the government to install devices to track internet use.
• Penalties for computer hacking crimes have been increased and these include accessing and transmitting or destructive programs such as viruses. Threshold $5000.
Subpoenas / Warrants• A court order for educational records forces
APU, without student consent, but supported by a court order, to provide officials with educational records that are relevant to a terrorism investigation.
• Subpoenas can reach beyond paper documents and include digital information as well as voice mail, emails, and Internet usage.
• Allows law to intercept wire or electronic communication that relates to terrorism and computer fraud/abuse.
Subpoenas / Warrants
• Allows the FBI to seize with a court order business records pursuant to terrorism investigation.
• The patriot act does restrict APU from disclosing that these request were ever made.
Environmental Health and Safety
• Less relevant for APU• 10 year imprisonment and a large
fine for possessing a biological agent toxin or delivery system that is not reasonably justified by research or other peaceful purposes.
Licensing
• ACACIA
The TEACH Act
• http://www.ala.org/Template.cfm?Section=Distance_Education_and_the_TEACH_Act&Template=/ContentManagement/ContentDisplay.cfm&ContentID=25939
• Legislates what can be used without copyright infringement in Distance Education
Libel
• http://www.ilaw.com.au/public/cullenarticle.html
FERPA
• http://www.geocities.com/jnsteinke/ferpa/ferpa.htm• “There is no guarantee of confidentiality of
sending grades via the Internet. The institution would be held responsible if an unauthorized third party gained access, in any manner, to a student’s education record through any electronic transmission method. A third party in this definition could be parents or guardians, boyfriend or girlfriend, roommate, etc. Only secure web sites are approved by FERPA for accessing grade information.”
•
The Gramm-Leach-Bliley Act
• Took effect May 23, 2003, with an extrayear to conform third-party serviceprovider contracts entered into prior toJune 24, 2002.
Standard for Safeguards• Each financial institution must develop,
implement andmaintain a comprehensive information securityprogram that is written in readily accessible part(s);
• The program must contain administrative, technicaland physical safeguards that are appropriate to:
1. the size and complexity of the financial institution;2. the nature and scope of its activities; and3. the sensitivity its customer information.
Required Elements – Each financialinstitution must:
• Designate one or more employees tocoordinate its program;
• Assess risks to the security of customerinformation;
• Design and implement safeguards to addressrisks, and test and monitor their effectivenessover time;
• Oversee service providers; and• Institute a training program.• Adjust the program to address developments.
Other ACTS
• HIPPA (Health Insurance Portability and Accountability Act) 1996
• ECPA (Electronic Communications Protection Act)– Unauthorized use of interception of the
contents of any wire, oral or electronic communication.
• CFAA (Computer Fraud and Abuse Act)– Unauthorized access to a protected
computer with intent to do data damage
Web Resources
• Azusa Pacific University www.apu.edu/imt
• Chowan College (Murfreesboro, NC) http://www.chowan.edu/informationtech/policies/default.htm
• Columbus State University (Columbus, GA) http://cins.colstate.edu/policies/
• Linn-Binton Community College (Albany, OR) http://www.lbcc.cc.or.us/aup.html
Web Resources
• Portland Oregon Community College (Portland, OR) http://www.pcc.edu/lrc/aup.htm
• South Georgia College (Douglas, GA) http://www.sgc.peachnet.edu/ComputerCenter/policies/comppol.htm
• Umpqua Community College (Roseburg, OR) http://www.umpqua.cc.or.us/library/dlibaup.htm
• University of North Carolina Greensboro (Greensboro, NC )http://www.uncg.edu/cis/
• University of Southwestern Louisiana (Lafayette, LA) http://www.usl.edu/InfoTech/Policies/comp_net.html
• Vanderbilt University (Nashville, TN) http://www.vanderbilt.edu/HomePage/aup.html
Web Resources
• http://www.lectlaw.com/inll/99.htm• Software Piracy
http://www.siia.net/piracy/education.asp• Educational and Web Issues
http://www.agocg.ac.uk/reports/mmedia/legal/legal.pdf
• National Statistics http://nces.ed.gov/pubs2004/2004011.pdf
• Internet Case Law http://northnet.net/~midwest/0comlaw.htm
• APU Policies http://apu.edu/imt/policies.php
Questions?
Break
Internationalization
• Why do we engage in internationalization or Globalization in Higher Education
• Health, Safety and Security• Globalization Framework• APU Policies and Procedures as an
example
China – 09/04
Why?
• Aligned with the mission• Globalization/World View• Cross-cultural experience• Knowledge creation• Non-isolation of critical and innovative
thinking• Social Justice• Staff mobility• Research
What?
• Teaching and Learning– Recruitment of international students– Provision for overseas study
So what do we do?
• Globalization Framework (Handout)• International Travel Committee
(Administrative)• International Studies Council
(Academic)• Policies and Procedures
External Compliance/Resources
• SEVIS - Student and Exchange Visitor Information System (SEVIS)
• http://www.ice.gov/graphics/sevis/index.htm• The Overseas Security Advisory Council
(OSAC) was established in 1985 by the U.S. Department of State to foster the exchange of security related information between the U.S. Government and American private sector operating abroad.
• http://www.ds-osac.org/
So what are the issues?
• Academic integrity– Articulation– Credits– Accreditation– Library resources
• Social– Language– Immersion or bubble– Housing
So what are the issues?
• Organizational– Legal (agreements, Licenses, labor etc.)– Risk (Security, waivers etc.)– Use of faculty– Financial (exchange rates, tuition etc.)– Safety– Health– Emergency Procedures– Student Policies
Online and Distance Learning
• Teaching (Pedagogy)• Assessment• Supporting services
APU Policies and Procedures
• International Travel Policy• International Study Abroad
Procedures• International Missions
International Travel
• It is the policy of Azusa Pacific University that all international travel by faculty, staff or students for academic or business purposes must be approved by the International Travel Committee.
• Academic or business purposes is defined as receiving academic credit, student financial aid assistance, or receiving financial support of university funds (operational budgets), or representing the university in an official capacity.
• Approval is for purchasing of tickets and final travel clearance. Budget and management of international travel is determined by the supervising Academic Dean, vice president or the university president. The procedure for approval will be maintained in the Office of Administration and Information. Approval will not be granted for travel to countries listed on the U.S. Department of State Current Travel Warnings List (http://travel.state.gov/warnings_list.html)
• If APU faculty, staff, or students (on APU business) are in a country when it is placed on the U.S. Department of State Current Travel Warnings List, the President’s Cabinet will be notified by the Office of Administration and Information. The traveler may be required to leave the country at the discretion of the President’s Cabinet.
• Appeals of non-approved requests may be sent to the President’s Cabinet through the provost or vice president.
• For international emergency situations, a comprehensive and current list of all APU faculty, staff, and students traveling internationally will be available to the university president through the administration and information office through the implementation of this policy.
Web Resources
• State Travel Warningshttp://travel.state.gov/• Safety abroadhttp://www.secussa.nafsa.org/
safetyabroad/default.htmlUSC Site for Global Educationhttp://www.lmu.edu/globaled/ro/
abstracts/abstract894.html
Questions?
http://Home.apu.edu/~jreynolds