Managing university internet access: Balancing the need for security, privacy and digital evidence

The provision of high speed, reliable Internet access and the ability to support secure and flexible on-line systems for research, teaching and administration has become critical to the success of Australian Universities. An exponential growth in Internet traffic has led to ever increasing costs for the provision of these services at a time when most Australian Universities have been experiencing tighter budgetary conditions. Significantly, alongside these financial concerns, Universities have started to recognise the emergence of a range of other issues related directly to the nature of on-line behaviours engaged in by the diversity of users that Universities are now expected to support. These on-line behaviours are challenging Universities to find responses to balancing users' right to privacy and freedom of speech with the need to protect against legal action arising from criminal, illegal or inappropriate behaviours by some users on University networks. As part of the responses being developed, many Universities have introduced Internet Management Systems (IMS), similar to the systems used by many Internet Services Providers (ISPs). This paper presents a case study on the experience of the University of Tasmania (UTAS) in introducing an IMS. The case study covers the period from the initial 'call for proposals' through to the deployment of the new IMS system. The paper highlights that decisions pertaining to the IMS systems have direct implications for balancing the competing rights, interests and requirements of different stakeholders. More specifically the case study highlights the impact of the changing nature of users' relationshipswith the Internet and the need for vigilance on the part of users, network administrators, service providers and policy makers. The dangers of failing to get the right balance are presented and the paper argues for the importance of user education, change management and communication throughout the University and its broader community of users. The paper also briefly considers how Australia's planned accession to the Council of Europes Convention on Cybercrime may impact on these issues. More broadly, this paper suggests that additional changes will emerge as IPV6, companies like Google and cloud computing architectures reconfigure individual users relationships with 'their' information and access to the Internet. These developments will continue to transform themeaning of concepts such as ownership and control, privacy and freedom of speech within and beyond on-line environments. © 2010 Springer-Verlag France.