Sep 30 2015
Data Analytics

UC Berkeley Releases Electronic Communications Transparency Report

Data on students and faculty are often requested by government agencies. How did UCB respond?

Showing it has nothing to hide, the University of California, Berkeley (UCB), recently released a report detailing how electronic information on its students, faculty and staff is handled.

The report, available online through the Office of the Chancellor's ethics website, gives readers a keen insight into the inner workings of the data collected at higher education institutions. The Daily Californian called the transparency report the first of its kind in higher education.

It tallies the number of requests for and approvals of nonconsensual access to electronic data — including data concerning e-mail, calendar, online document collaboration, online storage and individual computing devices — and how each case was dealt with in accordance with the school’s electronic communications policy.

“UCB sometimes gets requests from government, law enforcement, or an internal source asking for access regardless of the record holder’s knowledge or consent. When required by law or UC policy to comply with such a request, we will do so,” the university explains in a post on its website.

From January 2014 to June 2015, the university processed 51 nonconsensual access requests and approved 41 — of these, only one was a student record, and the release was required by law, according to the report.

These numbers are nothing without context; according to Slate, UCB has more than 37,000 students, 77,000 active university email accounts and the capability to have 100,000-odd devices connected to its network simultaneously.

Requests for information aren't granted to just anyone for any reason. In cases where the record owner has not given consent to release the information, the university can be compelled to do so for the following reasons:

  1. Required by and consistent with law.
  2. Substantiated reason to believe that violations of law or of specific university policies have taken place.
  3. Compelling circumstances.
  4. Under time-dependent, critical operational circumstances.

The report also does not include requests made via national security letters, a subpoena with a gag order, or requests from law enforcement that are submitted directly to vendors, referring specifically to Google.

“The University will have no knowledge of requests for information from law enforcement that are delivered directly to vendors, including Google under those terms. We recommend you read Google's Transparency Report for more information on how Google handles these requests,” according to the UCB post.

The university intends to update the report every six months.

The report comes as a token of goodwill from Berkeley during a time of growing uncertainty about the rules that higher education institutions must abide by when it comes to student data, particularly as more students are taking courses online.

As EdTech previously reported, the data collected from students enrolled in massive open online courses (MOOCs) may be independent of federal protections, according to the U.S. Education Department's chief privacy officer, Kathleen Styles.

Wavebreakmedia Ltd/Thinkstock

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.