Besides avalanches of spam, spyware and viruses, operators of college computer networks have another potentially expensive headache to keep an eye on: The federal government.
Changes to a wiretapping law could force schools to overhaul their networks so law enforcement can have easier access to electronic communications, as long as they get a warrant. And while campus officials say it's too early to panic, they hope to convince the Federal Communications Commission to go easy on them when it finalizes the changes.
“We have no idea what we'd have to do to comply and how much it would cost,” said David Cossey, Union College's chief information officer, echoing several others.
In August, the FCC passed a ruling that requires many providers of high-speed Internet access to gear up for wiretaps. Previously, the Communications Assistance for Law Enforcement Act applied only to more traditional telecommunications services.
Last week, the clock began ticking on an 18-month time frame institutions have to comply with the ruling — although the government has yet to spell out what compliance means.
Colleges, hospitals and other institutions that run their own networks are subject to the new rules. They aren't opposing the change on civil liberties grounds, because law enforcement still needs the same legal clearance to spy on individuals as it ever has.
Cost, though, has them concerned.
Sky-is-falling estimates could result in schools paying millions of dollars apiece, and billions nationwide, to completely revamp their networks. Because the FCC has yet to say what it wants, though, and is in the midst of weighing input from outsiders over how far to go and whom should be exempted from the requirements, technology pros are tempering their concern.
Even so, many in academia are asking: What's the point?
Of about 3,400 wiretap warrants issued in the United States last year, “we can't come up with more than a handful that came up on college campuses,” said Wendy Wigen, policy analyst with Educause, a national group that represents computer professionals at colleges and universities.
At the University at Albany and many other campuses, technology staffers say the schools already have the ability to give law enforcement access to electronic communication. But if the government wants to, say, monitor those communications remotely, or provide access to the communications as they happen, as opposed to sifting through them later, it could become a very expensive proposition.
“We don't want to have to re-engineer the entire network infrastructure for all of higher ed for 12 possible instances,” said Christine Haile, UAlbany's chief information officer. “I'm in a quandary of knowing exactly how to proceed.”
The FCC said it is applying the new standards because it wants to keep up with technological shifts.
Tim Lance, president and chairman of NYSERNet, an Internet provider that serves several nonprofit groups in New York State, said he recognizes that imperative. “We really want to help you be part of the answer, because we want to get the bad guys as much as you do,” said Lance. But he wasn't sure that new rules were the best way to go.
“It isn't clear what's broken that's being fixed by this,” he said.