Re: 2014 Omnibus Appropriations Act & NIH funding

[Matt Morton <mmorton () UNOMAHA EDU>]

Fascinating topic.  Now - not that I believe the provisions in this ACT are valid the following is how I explain my 
understanding of academic freedom when reconciling the needs of security with openness.

While the goal of the faculty is to teach, complete research, and grow new ideas, the goals of administration are to 
function in a manner that does not interfere with this process (at least in my opinion?).  So, to manage the 
environment in an effective and efficient manner we must review tradeoffs between the level of interference or doing 
the extra effort to structure ourselves to meet the demands of research and compliance.  This also means we have the 
responsibility to do the difficult work of segmenting concerns on campus to provide the appropriate level of 
compliance.  

Segmenting concerns can create more effort but it is an effort that increases the effectiveness of what the overall 
goal of the academe’ is.  A good read on academic freedom is at the following link.  
http://www.aacu.org/about/statements/academic_freedom.cfm

I would be interested in any feedback or anything that I am missing since I noticed yet another article on academic 
freedoms in the Chronicle today and this continues to be a point of discussion.

In regards to this particular item,  I wonder if the "intent" is this the segmentation of concerns at the network 
between administration and the academe' ?  And isn't "intent" what will be used to evaluate its enforcement?

Matt

Matt Morton, CISSP, MHEA
Chief Information Security Officer
University of Nebraska at Omaha
6001 Dodge St., Omaha NE  68182
402.554.2425 (o)
402.214.5943 (g)
402.708.2176 (m)

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary 
Warner
Sent: Monday, February 24, 2014 11:33 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] 2014 Omnibus Appropriations Act & NIH funding

Note WHERE in the doc the four mentions are as well:

None of the funds made available in
this Act may be used to maintain or establish a computer network unless such network blocks the viewing, downloading, 
and exchanging of pornography.

Porn block:
- p. 197  (Division B - Sec. 534) - Commerce, Justice & Science
- p. 684  (Division F - Sec. 555) - Department of Homeland Security
- p. 1021 (Division H - Sec. 528) - Labor, HHS, and Education
- p. 1128 (Division J - Sec. 409) - Military construction & VA

I believe when we are dealing with OMNIBUS bills, "Act" refers to anything within the Division where the word Act is 
mentioned - not to the overall Omnibus bill.

For example, Division H is sublabeled as:

DIVISION H—DEPARTMENTS OF LABOR, HEALTH AND HUMAN SERVICES, AND EDUCATION, AND RELATED AGENCIES APPROPRIATIONS ACT, 2014


----------------------------------------------------------

Gary Warner
Director of Research in Computer Forensics The University of Alabama at Birmingham Center for Information Assurance and 
Joint Forensics Research
205.422.2113
gar () cis uab edu

-----------------------------------------------------------

----- Original Message -----
From: "Tracy Beth Mitrano" <tbm3 () CORNELL EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Monday, February 24, 2014 11:21:31 AM
Subject: Re: [SECURITY] 2014 Omnibus Appropriations Act & NIH funding

Well I’ll be darned, it is mentioned four times in this document … along with China and detainees of Guantanamo and a 
host of other restrictions … but for the life of me, I do not know how or if the pornography provision has ever been 
challenged, perhaps I will post to the NACUA list and see if the legal eagles know more about it and get back to you 
guys.

Thanks, and to those who send me the unwrapped link especially!

Tracy

 
On Feb 24, 2014, at 11:36 AM, Manjak, Martin <mmanjak () ALBANY EDU> wrote:

> Tracey,
>
> It 404ed because the link is wrapped.
>
> Try this: 
> http://docs.house.gov/billsthisweek/20140113/CPRT-113-HPRT-RU00-h3547-
> hamdt2samdt_xml.pdf
>
>
> Marty Manjak
> ISO
> University at Albany
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv 
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tracy Beth 
> Mitrano
> Sent: Monday, February 24, 2014 11:25 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] 2014 Omnibus Appropriations Act & NIH funding
>
> Hi Josh,
>
> This case is interesting.  First, when I hit on the link, I get a 404 error.
>
> More important, I cannot believe that this appropriation act would meet constitutional scrutiny.  Pornography is 
> legal; obscenity and chid pornography are not.  Unless there are separate rulings related to grants or some such 
> thing, the federal government is not allowed to restrict this form of "speech" via First Amendment law.  
>
> And as a matter of policy, UPenn strikes it exactly correct for a research university especially.
>
> If you have more information on that act, please share?  (Maybe Time 
> Warner is blocking it! JK :-)
>
> Tracy
>
>
> On Feb 24, 2014, at 11:01 AM, Joshua Beeman <jbeeman () ISC UPENN EDU> wrote:
>
> > Hi,
> >
> > I received an email recently from a grants administrator asking 
> > whether or not we had a filter in place to block pornography.  Her 
> > question was prompted by a new provision in the 2014 Omnibus 
> > Appropriations Act, which (as I understand it) includes NIH funding.  The provision states:
> >
> > "None of the funds made available in this Act may be used to maintain 
> > or establish a computer network unless such network blocks the 
> > viewing, downloading, and exchanging of pornography."
> >
> > http://docs.house.gov/billsthisweek/20140113/CPRT-113-HPRT-RU00-h3547
> > -
> > hamdt
> > 2samdt_xml.pdf
> >
> > Penn does not block pornography at the border, because of the diverse 
> > nature of research at Penn, and the problems with defining pornography.
> > That said, local network segments/subnets may have network security 
> > devices (e.g., next generation firewalls, web proxy's, etc.) that can 
> > perform this function.
> >
> > Is anyone aware of and/or reviewing this new provision in relation to 
> > grants and grant applications?  If so, any thoughts, suggestions, 
> > comments?
> >
> > Thanks, as always, for any input.
> >
> > Sincerely,
> > Josh
> >
> >
> > --
> > Joshua Beeman
> > University Information Security Officer University of Pennsylvania / 
> > ISC
> > 3401 Walnut Street, Suite 230A
> > 215-746-7077 / jbeeman () isc upenn edu