events_sidebar_calendar_header.gif


Polar Bear Plunge Pics
CLICK ON IMAGES TO VIEW THE GALLERY

community_header.jpg
visitors_guide.jpg
annual_manual.jpg
best_of_athens.jpg

SoA_Anews_ad.jpg


 

 

 

 

 

 

 
Home / Articles / Editorial / Readers Forum /  Welcome to the brave new computer surveillance world of OU
. . . . . . .
Sunday, February 26,2012

Welcome to the brave new computer surveillance world of OU

By Bernhard Debatin

The IT department of Ohio University (OIT) is introducing a new practice, the so called "network registration requirement," which can only be called a step toward total user surveillance. The text on the OIT website (http://www.ohio.edu/oit/netreg/) reads as follows:

"Ohio University requires that all devices connected to the University wired or wireless network be registered. Students will need to register their devices once per academic term. Faculty and staff will need to register their devices annually. Registered devices will be subject to periodic security scans to identify OS vulnerabilities, virus infections, and other potential security risks."

This new practice will not only apply to OU-owned computers and devices, but also to privately owned ones if and as soon they are connected to the OU system. The "security scan" gives OIT full access to the scanned computer or device.

This "network registration requirement" is in fact the forcible implementation of the earlier "audit scan," which was introduced last spring – first as a voluntary service and then as a mandatory practice. However the "audit scan" only applied to OU-owned computers, and it also encountered some resistance by OU faculty and staff, which is why its implementation has not been successful.

The "network registration requirement" is a far-reaching, highly intrusive surveillance system that is (a) completely unwarranted; (b) not anywhere justified by OIT (they only declare its existence but don't even try to give any specific reasons for it), nor by any existing OU policy; and (c) a stealth intrusion into anybody's and everybody's electronic devices, no matter whether they are OU property or privately owned.

We should all be asking and be concerned about the following questions:

1. Since when and how exactly does "OU require" this registration? Is there a policy about this? Has there been any input from Faculty Senate or related committees on this issue?

2. What warrants these full-blown "security scans" of EVERY registered computer/device? Shouldn't there be some principle of proportionality in place that balances intrusive scans against potential threats? Did OIT conduct any sort of cost/benefit analysis that would justify such blanket surveillance?

3. How is it even possible that such a far-reaching, systematic and intrusive surveillance action is not only applied to OU-owned computers/devices but also to privately owned ones? (It is one thing to require users to register their devices; it is another one to use that as an opportunity to arbitrarily invade their devices!)

4. What measures, if at all, are in place to prevent abuse? These "security scans" open up computers and other electronic devices to abuse and exploitation. This abuse can range from an IT employee's accidental receipt of private information about somebody that may lead to a conflict of interest at a later point, to a situation where an IT person could actively pull data from or manipulate data remotely on a faculty or staff member's computer. Indeed, what keeps a dishonest IT person from manipulating or stealing data, including things like credit card and online banking information from a private computer?

5. What are the implementation and annual costs of this system? In times of scarcity and cuts of faculty and staff positions, is this really the area we want OU to invest money in?

6. Given that all recent IT problems at OU with regard to security breaches had to do with deficiencies of the IT department and their individual employees (e.g. having hard drives with sensitive data stolen from a car), but were NOT caused by the many users of the OU system, it is mystifying why the IT department seems to be putting all its energy on surveilling OU users. Is there any explanation for this?

I am seriously distressed and dismayed by these new surveillance activities. This is the kind of overreaching practice that we would quickly (and rightfully so) criticize if it were to happen in a dictatorial nation.

 

  • Currently 3.5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
REPLY TO THIS COMMENT

Nice tin foil hat you have there...

 

REPLY TO THIS COMMENT

I'm with you Bernhard. If the level of access and surveilance is as you describe, then this is certainly an unwarranted and over reaching step into the privacy of every student at OU who is forced to use their wireless nearly exclusively for two years in the dorms.


Far too often now we have to confront parties who wish to own and digest the flow of information on the web, and OU is setting a dangerous precident with this surveilance. It's not about whether or not you have something to hide, it's about the importance of free and unregulated thought on the web.

 

REPLY TO THIS COMMENT

Update: From what I'm hearing it may not be exactly as you describe. I'd like to get some more technical info on this.

 

REPLY TO THIS COMMENT

Yea, it appears that you got a lot of your facts wrong with this one.  Great article for the "Weekly World News" as there is just enough truth to get people's attention.  Next time please research your facts and make sure they are valid BEFORE you report such blatantly false accusations.  I would have thought that this was something an editor would have required some kind of PROOF on before they would print.  I will in the future know that your journalistic style is more "Shock and Awe" and less factual reporting.  Thanks!

 

 

 
 
Close
Close
Close