USF Values Students
over Government Compliance
By: Andrew Noerr
With
all of the mayhem that has surrounded the National Security Agency and
citizens’ invasion of privacy, there is perhaps one group of people that have
been overlooked in all of this chaos, and that group is college students. Student
data such as grades, health records, and housing information can all be seen as
valuable in the eyes of the NSA. However, a careful examination of the policies
that the University of San Francisco has in place considering data privacy
would convince anyone that the school cares about its students more than
complying with government requests for sensitive information.
In fact, this issue could matter a lot more in the coming
months. Later this fall, an international student-run organization called the
Student Net Alliance will be grading universities on a myriad of topics such as
how schools protect student data, whether universities have strong online
privacy policies, how they support student developers, and other subjects as
well. The grades will then be published in their “Campus Internet Policy
Gradebook.”
Even though the online group hasn’t released the
gradebook yet, the criteria for it were released during the previous summer.
Luckily, USF has posted some of their privacy policies online. An inspection of
these policies and a discussion with the Information Security Officer of the
ITS Department at USF named Walter Petruska has shed a lot of light on how USF
could potentially be graded this fall.
For starters, the Student Net Alliance advocates for
universities to have policies considering encryption of data, free speech on
campus, and cyberbullying. For the most part, USF does impose rules on those
subjects. The university has its policy on data encryption posted online, and
it specifically states that “Confidential or Highly Confidential” data such as
academic, financial, and disciplinary data among other types are absolutely
encrypted for the means of protecting it from unauthorized use. Encryption of
data refers to the process of converting data into a code so that it can be protected
from potential hackers.
As for free speech on campus, USF does not have a
specific policy for that, but freedom of students on campus is mentioned in the
school’s core values. As listed on the USF website, one of the core values of
the school is to promote “freedom and the responsibility to pursue truth and
follow evidence to its conclusion.”
Cyberbullying also does not have its own policy, but USF
does have general rules concerning acts of harassment on campus. Specifically,
according to the USF Fogcutter
Student Handbook, acts of intolerance such as showing hatred towards a person
for his or her ethnicity, gender, sexual orientation, or other things is
strictly forbidden, and that is especially true if it is done on the Internet.
The Student Net Alliance also favors universities that
notify their students when government agencies such as the NSA request any of
their data. In most situations, USF does alert students if their data is
requested by any outside organization. However, according to Petruska, not all
students are granted full privacy when it comes to their sensitive data.
“International students are treated differently,”
Petruska said. “It’s all about them having visas. They have to be in school if
they want to be in the United States. So, if a government agency requested data
such as their academic records to make sure they’re in class, they would
automatically get it.”
Still, Petruska disclosed that in cases when a government
agency requests data about students such as where they work or where they live
on campus, then that data would not be disclosed without the consent of the
student. Also, student data is generally protected by law under FERPA (Family
Educational Rights and Privacy Act). According to the National Law Review,
FERPA doesn’t allow third parties to receive educational records of students
over 18 years old without the consent of students and their parents, although
there are many exceptions.
There
is still more that the Student Net Alliance asks of colleges today though. The group also hopes that colleges advocate
for student developers who wish to develop technology such as apps to be
allowed to release data about on-campus activities. For example, the Student
Net Alliance favors colleges who allow students to make data sets about stats
such as course registration and dining hall data. Afterwards, they would be allowed
to make that data public.
Fortunately, they are indeed allowed to do so at USF.
According to Petruska, the ITS Department permits student developers to make
technology such as apps that include USF data.
Petruska said, “I definitely encourage our students to
use USF data to make apps. The ITS Department hires students to work in our
labs to work on projects like that. I’m all for it.”
One example of an app that incorporates USF data is one
called “USFmobile.” According to the webpage on the USF website dedicated to
this app, USFmobile allows students to learn about campus events, check their
schedules and their grades, and check registration holds. The app presents an
example of USF data that can be accessed on mobile devices.
All of the criteria previously described indicates that
USF does value data privacy, but there is still another bar that schools are
asked to climb. The Student Net Alliance also inquires about if schools allow
students to install what has become notorious software called “Tor.”
Tor has proven to be extremely useful while also
controversial at the same time. According to the official Tor website, the
software prevents outside people or organizations from learning users’
locations and from doing traffic analyses on users’ browsing habits. Outside
groups such as the NSA would then theoretically not be able to discover how
users of Tor use the Internet and what sites they check on a daily basis.
The invention of this new software has raised some
intriguing concerns. While it certainly is useful for online privacy, it can
also help hackers and other criminals to commit crimes and not have their
actions be detected by any outside organizations.
With this in mind, Petruska revealed that USF still
allows students to have the software on their computers, even though it may not
be a popular decision.
“USF students are allowed to have Tor. However, lots of
colleges block Tor on their campuses,” Petruska disclosed. “Students are
allowed to have it until they are caught using it illegally. I believe that I
have a legal obligation to approach students in those cases.”
Presumably, this hasn’t been a problem at USF since not
many college students would know how to commit serious crimes online or do any
serious hacking. Still, Tor has become an interesting option for those who
truly value online privacy.
Examination of all of these criteria would indicate that
USF should be graded highly this fall in the Campus Internet Policy Gradebook.
Although there were other small criterion such as school’s viewpoints on patent
reform, training on how to use Tor, NSA recruitment programs, university
transparency reports, and legal options for students who are threatened by
outside hackers, Petruska noted that USF doesn’t have or need policies on those
topics. He believes overall that the school does a quality job in valuing
student data over government compliance.
“The
ITS Department cares about privacy of student data greatly,” Petruska said. “We
do whatever we can to protect the community.”
No comments:
Post a Comment