The Acceptable Use Policy will be altered, with two policies — one for employees, one for students — created to assure students their Internet use isn’t threatened. Chief Information Officer Brett Coryell said the changes NIU has made to work with students makes it harder for NIU to provide information when law enforcement asks about user activities, and NIU will need to have a campuswide conversation about the network and how it is used.Whenever I hear Soemone In Authority speak of a "conversation" I cringe. It usually means an explanation of why moose-turd pie is healthy. "Law enforcement asks about user activities." Hands behind your back, interrogatee!
The Acceptable Use Policy hasn’t been changed since it was created in 2007 and it “needs to be reexamined for the modern generation,” Coryell said. A committee composed of employees, students and an alumna who expressed concern over the policy will give feedback on changes to it, Coryell said.The missing elephant: no mention of faculty governance, no attempt to square with the institutional objective of becoming the premier student-centered, research-focused public university in the Midwest.
“... The primary change that needs to happen is to be able to distinguish what types of activities are allowable for employees versus what types of activities are allowable for students,” Coryell said.
The policy does not “differentiate well” between what students and staff can do, said Information Security Director Jim Fatz.The policy came to Jezebel's attention after a student got the warning whilst researching the Westboro Church. And these days, students might be investigating p0rn sites for work opportunities, financial aid being what it is.
“The policy was a blended policy that included restrictions on employees and staff that are legal restrictions ...,” Fatz said. “They’re not supposed to be surfing social media, they’re not supposed to be using their work time for personal use, they’re not supposed to be doing political activities while they’re working, and that’s a state law. The Acceptable Use Policy really was primarily designed to cover that.
“But, along with the Acceptable Use Policy we also included students because no matter who you are, you also can’t use the network for illegal activities. ...
“The most obvious example that we’re struggling with is pornography. So, for example, any employee of the university sitting at their desk at work, they’re not suppose to surf porn, but it’s fine for students to surf porn. Nobody’s denying that.”
The changes have hurt NIU’s ability to comply with law enforcement requests for information about Internet users, Coryell said. He said NIU will not be able to offer as much information about what users did during Internet sessions if law enforcement reports a threat being made from someone using the NIU network.Spell out your loss function. Is it worth becoming an institution mocked worldwide for a ham-handed response to a low-probability event?
“If the Secret Services shows up on campus and wants to know who was sending a threatening email to the president or if the Secret Service shows up on campus and they want to know who was accessing a website about making bombs or something like that, there’s a little bit we can do to try to satisfy their request for information, but I think ultimately ... we aren’t going to be able to provide the information about illegal activity that we might have,” Coryell said.
Here's more from Samantha Kruth of the Foundation for Individual Rights in Education.
The text of the policy emphatically does not support the claim that the policy addresses employees and not students. It states that “all individuals, including, but not limited to, employees, students, customers, volunteers, and third parties, unconditionally accept the terms of this policy.” (Emphasis added.) The policy does not indicate that certain provisions apply only to employees. If parts of the policy concern only employees, they should be clearly labeled as such. They aren’t. If NIU wants to regulate staff use of the Internet, it should write a separate staff policy—making sure that it applies only to non-academic staff, of course, since professors also shouldn’t have to receive warnings when trying to visit Wikipedia!That's apparently now being worked on, although an ad hoc task force outside the ambit of faculty governance is an administrative usurpation. So much for being either student-centered or research focused.
FIRE often warns that as long as poorly-written written policies exist, the possibility that they will be enforced exists—and here, we’re seeing what happens when they are. If NIU truly does not intend to apply the policy to students, then it should take it down from the university website and stop threatening to punish students when they try to access Wikipedia or any other websites containing clearly protected content.We can take on the state surveillance another day? Or the pathetic Ethics Act?
Nobody should be reassured by NIU’s mealy-mouthed responses. NIU must revise its policy and ditch its firewall to make sure that neither the policy nor the firewall is being used to censor certain viewpoints or to deter students from accessing constitutionally protected expression online.