Educause Security Discussion mailing list archives
Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status
From: "David L. Wasley" <dlwasley () EARTHLINK NET>
Date: Thu, 13 Jul 2006 15:42:07 -0700
I have to say that the people involved in making and interpreting these rules do not seem to have the technical background to understand what they're dealing with. Specifically the following doesn't make any sense:
"An institution should be exempt where it restricts the use of its network to particular classes of users (e.g., students, faculty, and administrators), and where the institution relies on a third party (such as a commercial ISP or a regional network) to provide the transmission and switching facilities used to route traffic to the Internet, rather than self-supplying such facilities," the analysis concludes. The FCC order explicitly states that colleges and universities operating private broadband networks will be subject to the new obligations if they support a connection to the Internet. The FCC explained during the court proceedings that "support" refers to "private network operators that provide their own connection to the Internet," as opposed to "those that contract with an ISP for that connection."
To say that a campus network is not part of the Internet but that it becomes so if it provides it's own cable to some external node is ludicrous. As we all know, the "Internet" is the intersection of all IP-based networks, etc.... I would suggest a more sensible "interpretation" be something like the following. A "private network" is one operated for a specific community (e.g. university campus). The edge of that network is the point at which traffic to or from that community may be merged with traffic to or from other communities. Under this "interpretation" the cable connecting a campus network to the nearest Internet access node is part of the "private network" because it carries only traffic originating in or destined to the campus's network. That said, a campus would be strongly advised -not- to provide "back door" Internet connections to non-university organizations, e.g. a research or business partner. This would result in a co-mingling of traffic that would render the campus network no longer a "private network" under CALEA. Whether non-university housing units, e.g. apartment complexes occupied primarily by students, could be accommodated is a judgement call, much like the "library terminal" use case. I wonder what other real world cases there are. Perhaps I am missing some subtlety here but I'm trying to make some rational sense out of this craziness. David
Current thread:
- POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Rodney Petersen (Jul 13)
- <Possible follow-ups>
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status David L. Wasley (Jul 13)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Jeffrey I. Schiller (Jul 13)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Alan Amesbury (Jul 14)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Valdis Kletnieks (Jul 14)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status George C. Russ (Jul 14)