Speaking of Bad Timing

• By Katherine Grayson
• 04/29/05

With more campus security breaches reported daily, is this the time to nationally centralize already vulnerable data?

In the final weeks of March and the first weeks of April, the mainstream media reports of campus security breaches finally became too much for even the most laissez-faire technophile to bear. And yet, compounding the bad news of breaches at UC-Berkeley, Boston College, George Mason, Northwestern, and Cal State-Chico, was the announcement by the Department of Education that it intends to require every college and university in the US to report confidential academic, demographic, and financial student data—including social security numbers—to a national data bank that would then offer up the data to researchers studying American college students as they move through the higher education system. This, says D'E officials, would be a vast improvement over the aggregated statistics the department currently gets to chew on.

Is the Department of Education completely removed from the wretched data-security struggle of US colleges and universities, or is it just that lousy timing is a notion wholly foreign to our government officials?

When the President of Gettysburg College, Katherine Hayley Will, planted her objections to the D'E proposal in the Washington Post in March, it was hard to read her words without feeling her rage. “The Education department’s proposal to gather unprecedented amounts of personal data on individual students is dangerous and poorly conceived,” she wrote.

Will’s objections to the plan, and the outcry across US campuses, transcend the arguments for expectation of privacy and department or division ownership of data. Her objection is more about insensitivity and obtuseness to the conditions in which we live.

If the D'E wants to make its mark on higher ed in 2005, it should put its might behind helping US colleges and universities quickly move away from SSNs and poorly controlled, monitored, or maintained databases on campuses, and rapidly toward tightly controlled campus IT systems (disparate or centralized), and the use of randomly generated identifiers. Instead of withholding federal dollars from students attending institutions not participating in a national database program, the D'E should offer incentives to schools, to help them make the urgently needed technology and security changes that will stem the coming tidal wave of campus security breaches.

It’s not the D'E’s desire to better track students in our higher ed system that is at fault; and, in general, centralization of data is more cost-effective, efficient, and inevitable. But d'es that mean that the plan for a national database charges forward like a locomotive out of control even as another—carrying as-yet unthwarted hackers, viruses and worms—hurtles toward it?

In life, there are times you’ve got to hold back on what might otherwise be a good idea, as you take stock of what’s going on around you. Only a blind man would head out for a walk with a twister coming down the pike.

—Katherine Grayson,
Editor-In-Chief

What have you seen and heard?
Send to: [email protected].