1 / 22

Google Apps, etc. — Legal and Policy Issues

Google Apps, etc. — Legal and Policy Issues. Steve Worona September 26, 2007. No shaggy-dog photos – Just lawyer jokes. No shaggy-dog photos – Just lawyer jokes. “It depends.”. No shaggy-dog photos – Just lawyer jokes. “It depends.” “What do you want it to be?”.

britney
Download Presentation

Google Apps, etc. — Legal and Policy Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Google Apps, etc.—Legal and Policy Issues Steve Worona September 26, 2007

  2. No shaggy-dog photos –Just lawyer jokes

  3. No shaggy-dog photos –Just lawyer jokes • “It depends.”

  4. No shaggy-dog photos –Just lawyer jokes • “It depends.” • “What do you want it to be?”

  5. No shaggy-dog photos –Just lawyer jokes • “It depends.” • “What do you want it to be?” • FUD vs UnFUD • Wow, that’s scary; don’t do it! • If you want to do it, here’s how

  6. No shaggy-dog photos –Just lawyer jokes • “It depends.” • “What do you want it to be?” • FUD vs UnFUD • Wow, that’s scary; don’t do it! • If you want to do it, here’s how • Common issues when outsourcing comes up • FERPA • E-Discovery

  7. FERPA – Background • 1974, aka “The Buckley Amendment” • Limits what you can do with “education records” that you “maintain” • FUD: Don’t tell anyone anything • VT: Think again (or, at least, think) • Plug: Oct. 17 EDUCAUSE Live! (McDonald/Tribbensee) • Plug: Nov. 5 EDUCAUSE Live! (Blythe) • Legal nuances • “Education record” • “Maintain” • Directory info, opt in/out, need-to-know, etc. • Leave it to the lawyers/registrars!

  8. FERPA – Enforcement • FPCO: Family Policy Compliance Office • Leroy Rooker • Your Registrar • FUD: Complete loss of student funding • Since 1974, imposed ___ times

  9. FERPA – Enforcement • FPCO: Family Policy Compliance Office • Leroy Rooker • Your Registrar • FUD: Complete loss of student funding • Since 1974, imposed zero times • UnFUD: Letter from Leroy • You seem to be in violation of FERPA; stop

  10. FERPA – Enforcement • FPCO: Family Policy Compliance Office • Leroy Rooker • Your Registrar • FUD: Complete loss of student funding • Since 1974, imposed zero times • UnFUD: Letter from Leroy • You seem to be in violation of FERPA; stop • FUD: If we do that, some student will sue us

  11. FERPA – Enforcement • FPCO: Family Policy Compliance Office • Leroy Rooker • Your Registrar • FUD: Complete loss of student funding • Since 1974, imposed zero times • UnFUD: Letter from Leroy • You seem to be in violation of FERPA; stop • FUD: If we do that, some student will sue us • UnFUD: Gonzaga v Doe (2002)

  12. FERPA and Outsourcing • Mail as maintained education record (FERPA data) • What do you want the answer to be?

  13. FERPA and Outsourcing • Mail as maintained education record (FERPA data) • What do you want the answer to be? • Mail as vehicle for FERPA-protected data • FUD example: “Notification of grades via email is in violation of FERPA. There is no guarantee of confidentiality on the Internet. The institution would be held responsible if an unauthorized third party gained access, in any manner, to a student’s education record through any electronic transmission method.”

  14. What FPCO Really Says While the law does not prescribe specific methods that should be used to protect education records from unauthorized access or disclosure, the prohibition in FERPA against disclosing or permitting access to education records without consent clearly does not allow an educational agency or institution to leave education records unprotected or subject to access by unauthorized individuals, whether in paper, film, electronic, or any other format. We interpret this prohibition to mean that an educational agency or institution must use physical, technological, administrative and other methods, including training, to protect education records in ways that are reasonable and appropriate to the circumstances in which the information or records are maintained.

  15. FERPA and Outsourcing • Mail as maintained education record (FERPA data) • What do you want the answer to be? • Mail as vehicle for FERPA-protected data • FUD example: “Notification of grades via email is in violation of FERPA. There is no guarantee of confidentiality on the Internet. The institution would be held responsible if an unauthorized third party gained access, in any manner, to a student’s education record through any electronic transmission method.” • UnFUD: Common sense, prudence, notification, …

  16. E-Discovery — Background • New federal rules as of late 2006 • Document, enforce, formalize maintenance and backup standards • Know where all of your corporate data is

  17. E-Discovery — Background • New federal rules as of late 2006 • Document, enforce, formalize maintenance and backup standards • Know where all of your corporate data is • Prepare for “litigation hold”

  18. E-Discovery — Background • New federal rules as of late 2006 • Document, enforce, formalize maintenance and backup standards • Know where all of your corporate data is • Prepare for “litigation hold” • CIO’s: Fear and trepidation in their hearts

  19. E-Discovery — Background • New federal rules as of late 2006 • Document, enforce, formalize maintenance and backup standards • Know where all of your corporate data is • Prepare for “litigation hold” • CIO’s: Fear and trepidation in their hearts • Lawyers: $$$ in their pockets

  20. E-Discovery — Background • New federal rules as of late 2006 • Document, enforce, formalize maintenance and backup standards • Know where all of your corporate data is • Prepare for “litigation hold” • CIO’s: Fear and trepidation in their hearts • Lawyers: $$$ in their pockets • Case law and refinements eagerly awaited

  21. E-Discovery and Outsourcing • First figure out your business practices • Backups • How to treat desktops, home systems • “Customer” vs “corporate” data • Then treat outsourcing in the context of agency • Well-established legal concept • Understood by attorneys on both sides • Contracted terms of relationship and responsibilities • What do you want the answer to be? • FUD: It’s all in flux; let’s wait and see what happens • UnFud: It’s all in flux; no reason not to go ahead

  22. Questions&Discussion

More Related