In part three of a series of posts I will continue to examine the elements that go into many (most?) school district acceptable use policies, sometimes also called an AUP. You can view part 1 here and part 2 here.
To review, every school district should have an AUP which covers the terms of use for their computing resources. This of course also should deal with the Internet access provided from their computing resources. A proper AUP should spell out not only acceptable student use, but also that of the district’s staff members. Why? Because a good AUP can provide the basis for a legal defense in that it shows that the school district is being diligent in its duty to protect users entrusted to its care.
(Note: The legalities are also covered in more detail in this post :http://blog.connected.info/2009/03/21/legal-aspects-of-social-networking-in-a-school-community-part-1/)
Some common elements of an AUP include:
- The Intended Purpose of Internet Access & the AUP
- CIPA compliance issues – no inappropriate content
- District’s right to monitor user activity
- Activities which are not allowed
- Security and Privacy
- Copyright issues
- Application licensing
- Consequences of non-compliance with the AUP
(The wikipedia post on AUPs covers some of the same topics at a more general level here)
Application licensing
Many school districts have adopted a policy which locks down the application content of a school computer and only allows the execution of applications from an approved list. However, in some cases, school districts have yet to deploy such solutions. This leaves them open to software piracy on the part of their users. Applications the district has purchased can be copied and moved to other computers, violating most software vendors license agreements. Also, inappropriately obtained software from the Internet can be installed on school district computers. This can open the district up to potential lawsuits and/or the expense of paying for software installed by a user, but not purchased by the school district. In some cases, even software considered “free” or open-source can open the district up to legal issues.
The AUP should detail out what is and is not allowed with respect to application use. There should be a statement of what the district’s policy is, for example, “The school district treats software license agreements very seriously and intends to comply with the terms and conditions set forth by the individual software vendors.” Then, the AUP should state that either a) software not on the district’s approved list (location) should never be installed on district computers by any user or b) software not on the district’s approved list may be installed by a user on a district computer, but is subject to removal by district technical staff should the district become aware of any violations of the license agreement for such software. In the case of b), users should be advised to retain proof of purchase or some other proof of the ability to legally use the software.
Consequences of non-compliance
The AUP should include a very detailed section on what the consequences are of not complying with the AUP. There will by and large be a increasingly severe level of consequence as well as the always important “repeated offense” consequence. Any financial burdens assumed by the parents of students should be spelled out clearly and in such a way that a parent signing the form can not miss it. Having a place in the AUP where the financial burdens are initialed by the parent is a good idea.
Some common consequences include loss of use of district computing resources for a specific period of time, suspension, expulsion, as well reimbursement to the district of any expense associated with the use of the equipment in an inappropriate manner.
Summary
It is surprising to see school districts that have not invested an appropriate amount of time into the creation of a good AUP. While other districts hire outside legal counsel or pay consultants to create their AUP, other school districts seem to feel that it is not worth the time because they have not experienced an issue to date. Frequently, this is called security by obscurity. In other words, because the district is not large or located in a remote part of the country, they may not attract the attention of other districts. Also, and this is a broad generalization, the frequency of lawsuits brought against a district does tend to scale with the size of the metropolitan area served by the school district. This really isn’t a good excuse for not having an AUP. Also, the terminology used in an AUP can be an important learning opportunity for students, teachers, and parents. Whether or not the school district feels a responsibility for teaching digital citizenship, students need to learn somewhere.
For further information on writing an AUP or the location of examples, see the links below:
Very Basic AUP template in txt form
Virginia Department of Education site – includes downloadable templates
Awesome Library site – good coverage of AUP topic and includes samples
