ARI SHAPIRO, HOST:
How much privacy and free speech should be guaranteed to faculty and students at public universities? California is grappling with that question after the president of the state university system secretly installed data monitoring systems on college campuses. NPR's Laura Sydell reports.
LAURA SYDELL, BYLINE: This story really began last summer. Hackers broke into the computer network at the UCLA medical center. A few months later, the president of the University of California quietly ordered a new security system to monitor Internet traffic on all University of California campuses.
ETHAN LIGON: And the people who had to put the box in place were ordered to do so and also ordered to keep quiet about it.
SYDELL: But they didn't. Professor Ethan Ligon found out. He teaches agricultural economics at UC Berkeley. He and other members of the faculty were surprised that they weren't consulted.
LIGON: There's a long tradition that dates back to the '30s at the University of California that gives faculty the right to share in shaping policies at the university both on the campus and across the UC system.
SYDELL: The security system which was installed not only monitors Internet traffic. It stores it for at least 30 days. The idea is to allow security personnel to go back through the traffic to look for breaches. But experts like Vinnie Liu, senior partner with the Internet security firm Bishop Fox, says this kind of system creates a trove of information for hackers.
VINNIE LIU: Well, you rely on that as a central point of, you know, control. If that monitoring system were to be compromised, if it's not deployed correctly or it's not managed correctly, then, yes, it would absolutely be a very bad situation.
SYDELL: At a recent meeting of the UC Berkeley's graduate assembly, many students learned about it for the first time. Students like Andrew Stevens were not pleased.
(SOUNDBITE OF ARCHIVED RECORDING)
ANDREW STEVENS: How many people here have research with human subjects where you're ensuring them that your communications are private? That information is now sitting in a repository that could be subpoenaed.
SYDELL: And then Marten Lohstroh, a student in electrical engineering and computer science, raised what was on a lot of students' minds.
(SOUNDBITE OF ARCHIVED RECORDING)
MARTEN LOHSTROH: The question I have is, how, as the University of California, did we end up having a president that was the former secretary of homeland security?
LOHSTROH: How did that happen?
SYDELL: Last week, the graduate assembly passed a resolution in opposition to the university president's coordinated monitoring activities. Napolitano's office said it didn't have anyone available to speak with NPR in time for this broadcast, but in a letter to university chancellors, Napolitano said her office had no interest in individual emails or browsing history, but network monitoring is a critical element of cybersecurity.
Christine Borgman, a professor of information studies at UCLA, recently got a chance to meet with representatives from Napolitano's office who stressed the urgency that they felt after the UCLA break-in.
CHRISTINE BORGMAN: We can understand that you need to scale up your security, and you don't want to broadcast exactly what you're doing because you're only going to invite certain kinds of attacks. But that doesn't mean that we couldn't have talked through more of it as we went.
SYDELL: But Janet Napolitano happens to be presiding over a university system with a stormy history around free speech and spying by the federal government, especially at Berkeley, where Eric Brewer is a professor of computer science. He says J. Edgar Hoover spied on Berkeley faculty and students during the Cold War.
ERIC BREWER: He was worried about Berkeley being a hotbed of communism, and so he felt free rein to monitor what was going on there.
SYDELL: Of course, these days, most of us expect our employers are monitoring us at work, but the academy is different, says Barmak Nassirian of the American Association of State Colleges and Universities.
BARMAK NASSIRIAN: The very substance of higher learning really would not be possible unless the faculty and students have some guarantee of confidentiality that they can pursue, perhaps, crazy ideas and speak with each other without the fear of the stuff coming back to haunt them.
SYDELL: But universities are also a favorite target of hackers because of all the personal and professional information on their servers, which means it's going to be a tough balance between security, free speech and privacy. Laura Sydell, NPR News, San Francisco.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.