In the headlong rush to get connected to the internet, few school districts take enough time to examine all of the many ramifications of opening Pandora’s Web.
Enough attention has been given to filtering pornography and documents called “acceptable-use” agreements that most public school managers have cobbled together something resembling internet policies and procedures. But even where state law requires schools to adopt policies on proper usage of computers, networks, and internet access, there is often a significant gap between the mandate and the practice.
One rather nasty confrontation arose recently in New Hampshire, where the Exeter Regional Cooperative School District forgot that enforcement of an acceptable use policy is just as important as having one in the first place (see story, page 16).
Like all school systems, Exeter was concerned about how it was going to control adolescent meanderings throughout the darker nooks and crannies of the web. The district had a pretty good policymuch better than many policies I have reviewed from around the country. It put students and faculty on notice that direct adult supervision would be required for all internet journeys by elementary pupils and that older students would be supervised.
In addition, the watchful eyes of Net Monitors were aided by modern technology. According to Exeter’s policy, “All access to the internet is monitored using a ‘firewall.’ This firewall will immediately contact us if any students or staff access undesired sites.”
If the image of a bright red light flashing in the principal’s officeperhaps accompanied by a robot-like voice intoning “Danger! Danger!”has you doubled over with mirth, the folks up in Exeter have even more delights in store. In reality, the ominous warning about instant exposure of students or staff who wander, intentionally or accidentally, onto the dark side of the web was highly exaggerated.
In fact, like most firewall monitors, the software just kept a log of each data transfer to and from the netno content, but size and origin of data packets were logged. Nevertheless, even though no sirens, bells, or whistles would announce transgressions of the acceptable-use policy, the school district could look at the logs and tell whether violations had occurred.
A crucial question (and the source of the lesson du jour for us all) is, If you have all of this good policy and software monitoring capability, what will really get you into major hot water? Answer: Not bothering to look at the logs to check compliance with the policy.
Apparently, that is what happened, because when a local citizen (and parent of a student) decided to ask for a peek at the logs, the school district turned him down flat and called its lawyers. The reason for the district’s reticence may have been revealed several months later at a board meeting, when the administration reported that a review of the internet history log files revealed that some unidentified users had been accessing “objectionable” web sites.
The school district has thrown up a barrage of legalistic defenses, ranging from the thin-but-arguable (internet logs are not “public documents” under the New Hampshire public access law) to the truly sublime (revealing the logs would violate the federal wiretap statute). The school district’s “invasion of privacy” defense is especially laughablebut therein lies the irony of this case.
One of the cornerstones of any acceptable-use policy is that users have no expectation of privacy when they use the internet. Like student lockers and teachers’ desk drawers, the schools’ computer system is public property, and users are told that data transmissionsfrom eMail messages to MP3 downloadswill be monitored.
Because of these and similar policies, the courts already have turned down legal arguments claiming invasion of privacy when employers monitor internet use. In United States v. Simons, for example, the Supreme Court tied its denial of “invasion of privacy” under the Fourth Amendment directly to the announced government “open inspection and monitoring” policy.
In short, if your school system announces that the web is “public” space for users, your claims that it is private for other purposesincluding freedom of information lawsare likely to fall on deaf ears in a courtroom.