UCOP Ordered Spyware Installed on UC Data Networks

In recent weeks The Senate-Administration Joint Committee on Campus Information Technology (JCCIT) has learned that UCOP installed hardware on the campus network designed to monitor and possibly record all network traffic coming or going to the campus.

This secret monitoring is on-going.

 UCOP would like these facts to remain secret.  However, the  tenured faculty on the JCCIT are in agreement that continued silence on our part would make us complicit in what we view as a serious violation of shared governance and a serious threat to the academic freedoms that the Berkeley campus has long cherished.

 Some salient facts:

 - The UCOP had this hardware installed last summer. 

 - They did so over the objections of our campus IT and security experts. 

 - For many months UCOP required that our  IT staff keep these facts secret from faculty and others on  the Berkeley campus.

  - The intrusive hardware is not under the control of local IT staff--it sends data on network activity to UCOP and to the vendor.  Of what these data consists we do not know.

 - The intrusive device is capable of capturing and analyzing all network traffic to and from the  Berkeley campus, and has enough local storage to save over 30 days of  *all* this data ("full packet capture").  This can be presumed to include your email, all the websites you visit, all the  data you  receive from off campus or data you  send off campus.

 - UCOP defends their actions by relying on secret legal determinations and painting lurid pictures of "advanced persistent threat actors" from which we must be kept safe.  They further promise not to invade our privacy unnecessarily, while the same time implementing systems designed to do exactly that.  

-- It is very far from clear that UCOP has a better plan or better qualified IT security people or infrastructure than does the Berkeley campus, and they've shut these qualified people out of the picture.

EMAIL 2: January 29, 2016

According to other members of the Senate-Administration Joint Committee on Campus Information Technology (JCCIT):

A network security breach was discovered at the UCLA Medical Center around June 2015.

UCOP began monitoring of campus in networks around August 2015.

ONLY AFTER this monitoring, on August 27, 2015, did UCOP issue a new cybersecurity policy online under the heading of "Coordinated Monitoring Threat Response." The policy describes how UCOP would initiate "Coordinated Monitoring" of campus networks even though it is believed that such monitoring was already underway prior to the announcement of the new policy.  

On Dec. 7, 2015, several UC Berkeley faculty heard that UCOP had hired an outside vendor to operate network monitoring equipment at all campuses beginning as early as August 2015. The process was apparently shrouded in secrecy and staff were instructed not to talk about it because of "attorney-client privilege" although it remains unclear how attorney-client privilege applies in this situation.  Extensive monitoring and storage of inbound and outbound Internet traffic at UC Berkeley was being performed, including storage and possible transmission to the outside vendor of packet headers with URLs and email metadata (to-from fields). The Berkeley campus IT staff does not collect this type of information because it violates UC Berkeley IT Privacy policy.

 On Dec. 18, 2015, those UC Berkeley faculty sent a letter to UC President Janet Napolitano requesting more information and asking that the monitoring cease.

On Dec. 21, 2015, UC Vice President and CIO Tom Andiola met with most of the faculty who signed the Dec. 18, 2015 letter and Berkeley Assoc. Vice Chancellor and CIO Larry Conrad, and Berkeley Academic Senate chair Ben Hermalin.  Tom confirmed that monitoring equipment was installed at the Berkeley campus by an outside vendor and that it would be removed promptly and publicly disclosed by UCOP.

 On Jan. 12, 2016, The Berkeley Joint Committee on Campus Information Technology (JCCIT) met with Larry Conrad and others.  The committee was informed that contrary to the Dec. 21, 2015 statements, UCOP had decided to continue the outside monitoring and not disclose any aspects of it to students or faculty.  The Senior faculty members of JCCIT met privately after the meeting and deliberated carefully about options, concluding it was their duty to come forward. To protect staff, administrators, and non-tenured faculty, it was decided an open letter should come from a group of tenured faculty, stating that "We are UC Berkeley faculty who have reason to believe that extensive monitoring and storage of inbound and outbound Internet traffic at UC Berkeley is being performed by an outside vendor at the request of the UC Office of the President, with no disclosure to UC Berkeley faculty or students...." A draft open letter "To Whom It May Concern" was circulated to all senior faculty who signed the Dec. 18, 2015 letter, stating our intentions to forward this to the New York Times.  Eleven senior faculty signed it.

On Jan. 15, 2016, the letter was sent to the New York Times and reached reporter Steve Lohr. Senior campus administrators in the Chancellor's office and UCOP were also sent copies.

On Jan. 19, 2016, UCOP Exec. VP and COO Rachael Nava sent a letter to those who signed the Jan. 15, 2016 letter.  The original version was marked "CONFIDENTIAL: DO NOT DISTRIBUTE" and invoked "Attorney-Client privilege". After several recipients responded to her via email questioning who is the client and why her letter must be kept secret, a revised version of the letter was sent the next day removing that language, stating: "All: Please accept my apologies with regard to the confusion on the attorney client privilege language on the letter.  It was a clerical error and was not intentional. Please find a revised version of the letter with the language removed." The letter admits that extensive monitoring is being performed by an outside vendor but does not provide a rationale for continuing this monitoring six months after it was initiated nor for the ongoing lack of disclosure from UCOP to students and faculty.