policing the internet: higher education law and policy rodney petersen, policy analyst wendy wigen,...
TRANSCRIPT
![Page 1: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/1.jpg)
Policing the Internet:Higher Education Law and Policy
Rodney Petersen, Policy Analyst
Wendy Wigen, Policy Analyst
EDUCAUSE
![Page 2: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/2.jpg)
Introduction
• How is law enforcement going to operate in an electronic and interconnected world?
• What role will institutions of higher education play conducting monitoring and surveillance on behalf of the government?
• What is the legal framework that will govern law enforcement and intelligence access to information?
![Page 3: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/3.jpg)
Current Legal Framework• Bush Administration Policy• U.S. Constitution
– 4th Amendment: protection against “unreasonable search and seizure”
• Federal Law– Foreign Intelligence Surveillance Act (FISA)– Title 18 of U.S. Code– Electronic Communications Privacy Act (ECPA)– FERPA, HIPAA, GLB Act, etc.
• State Law
![Page 4: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/4.jpg)
USA PATRIOT Act• Uniting and Strengthening America (USA)
by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (PATRIOT)
• Sunset Provisions:– e.g., emergency disclosures of email without a court
order, interception of computer trespasser communications without a court order, lowering standard for pen registers and trap and trace devices under FISA, access to business records under FISA, etc.
• Permanent Provisions– e.g., pen registers for the Internet, National Security
Letter exceptions to privacy laws, definition of domestic terrorism, sneak and peek searches, etc.
![Page 5: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/5.jpg)
Communications Assistance for Law Enforcement Act (CALEA)
• Requires facilities based internet service providers to standardize their equipment to facilitate wiretaps.
• By Court decision: private networks are exempt:– Are you a private network?– Do you support the connection to the
commercial ISP?
![Page 6: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/6.jpg)
To comply or not to comply?
Don’t support the connection
Support the connection
Private Network
Exempt
Compliance required at gateway
Public Network
Exempt * Full compliance required
![Page 7: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/7.jpg)
Mandatory Data Retention
• Why is data retention necessary or desirable? (i.e., what is the problem we are trying to solve?)
• Scope:– What data is to be retained?– Who should data retention requirements apply
to?
• How do we accomplish the desired goals?
![Page 8: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/8.jpg)
Policy Issues
Do these laws:
1. Pose a threat to personal privacy and security?
2. Undermine public trust in the Internet?
3. Impact competitiveness and innovation?
4. Show promise of being effective?
5. Create undue burden and expense?
![Page 9: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/9.jpg)
Practice Implications
• Take stock of logging and monitoring practices
• Establish privacy policies and practice “data minimization”
• Secure information captured and retained
• Develop and enforce internal policies and procedures for use of information
![Page 10: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/10.jpg)
Responding to “Compulsory Legal Requests for Information”
• Designate or person or office to receive all requests and coordinate responses– Not just an IT issue!– Someone knowledgeable of basic issues– Develop working relationships with others
• Types of compulsory legal requests• Common issues• Reference Guide• Resources
![Page 11: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/11.jpg)
CALEA Technical Requirements
• Status of Trusted Third Party Providers
• Status of equipment venders
• Standards process
“Without standards, there is no safe harbor”
![Page 12: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/12.jpg)
CALEA Security and Personnel Requirements
A (telecommunications carrier) shall:
1. Appoint a single point of contact
2. Establish standard operating procedures
3. Report any act of compromise
4. Maintain secure and accurate records
![Page 13: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/13.jpg)
Conclusion
• How law enforcement will operate in an electronic and interconnected world
• The role that institutions of higher education will play in conducting monitoring and surveillance on behalf of the government
• The emerging legal framework that will govern law enforcement and intelligence access to information
![Page 14: Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE](https://reader035.vdocument.in/reader035/viewer/2022080901/56649cf95503460f949cb304/html5/thumbnails/14.jpg)
Discussion
For more information, contact:
Rodney Petersen, [email protected]
Wendy Wigen, [email protected]
www.educause.edu/policy