MIT follows up on questions raised in Aaron Swartz case

At recent meetings of Academic Council — MIT’s senior academic and administrative leaders — President L. Rafael Reif led discussions about several questions raised in a report to the president concerning the case of Aaron Swartz, who committed suicide in January 2013 and who faced criminal prosecution for actions that took place on MIT’s campus.

Upon Swartz’s death, Reif asked Hal Abelson, the Class of 1922 Professor of Computer Science and Engineering, to lead an analysis of MIT’s actions in the case. In July 2013, Abelson, who was joined in his work by MIT economist and Institute Professor Emeritus Peter Diamond, submitted to Reif a report: “MIT and the Prosecution of Aaron Swartz.” This extensive document concluded with a set of questions that the authors believed the MIT community ought to consider. Some of these questions centered on broad issues of national or global significance; others centered more tightly on issues relevant to MIT policies and resources.

Reif, upon receiving the report in July 2013, made it public. In his letter to the MIT community commenting on the report, he wrote that he was tasking then-Provost Chris Kaiser and Faculty Chair Steven Hall with leading community discussions about the broadest questions, and that he was asking Executive Vice President and Treasurer Israel Ruiz to lead a review of MIT’s policies on the collection, provision, and retention of electronic records. He also wrote that he would ask Academic Council to review any other questions related to MIT policies and resources.

Concerning the questions the report raised about open access, intellectual property, and ethics in the digital domain, Reif wrote, “Because these questions bear so directly on the expertise, interests and values of the people of MIT, I believe we should explore them, respectfully debate our differences, and translate our learning into constructive action.”

Electronic records policies

At the request of Reif, Ruiz convened and chaired a working group of faculty, students and staff to conduct a review that would address the following question from the Abelson Report:

Should MIT policies on the collection, provision, and retention of electronic records be reviewed?

On Dec. 17, 2013, the working group led by Ruiz presented its findings and recommendations to Academic Council. Academic Council endorsed these recommendations, and MIT is now moving forward to implement them.

As the group first approached its work, it quickly realized the possible immensity of its charge, given the extensive quantity and variety of electronic records across the Institute. It therefore narrowed its review to electronic records and their backups that are primarily machine-generated, exist solely in electronic format, and are maintained centrally. The group focused particularly on records and backup procedures for records that often require weighing the need for privacy and the need for security in the course of making decisions about the collection and provision of certain information. These include network logs, card-access swipe logs, video surveillance tapes, and audiotapes of emergency communications, such as 911 calls.

The key recommendation of the working group was that MIT form a standing presidential committee on electronic records and online data privacy. Due to the variety of electronic records and the diverse needs and viewpoints of the MIT community around issues of privacy and security of electronic data, the working group believes that proper treatment of these important issues requires ongoing commitment and focused attention. A critical aspect of the committee’s work will be to develop for MIT an online data privacy policy. The committee will also develop a set of principles to govern access and retention periods, refine and clarify policies and procedures where needed, and address any gaps that may exist.

The working group also recommended that the Institute regularly communicate policies and procedures pertaining to electronic records and online data privacy. A gateway website will be developed to provide, in a single location, easy access to documentation concerning policies and procedures, helpful resources and guidance materials, and links to documentation maintained in various offices across MIT. An annual email to the MIT community will highlight relevant policies and procedures, and training will be provided for those with access to and oversight responsibility for sensitive electronic records.

“The working group’s recommendations are intended to provide a sound approach to treating sensitive electronic information with integrity and care, and are offered with respect for the values that we as a community embrace,” Ruiz says. “We are committed to protecting the electronic information we create every day.”

The membership for the presidential committee is now being considered, and it is expected that the committee will convene early this spring.

MIT’s commitment to open access

Academic Council asked Steve Gass, interim director of libraries, to address the question from the Abelson Report that concerned the Institute’s commitment to open access:

Should MIT strengthen its activities in support of open access to scholarly publications?

Gass reported to Academic Council that now is an opportune time for MIT to be asking itself this question, given that the Institute is approaching the fifth anniversary of MIT’s Faculty Open Access Policy, which encourages MIT faculty members to share their scholarly articles openly over the Web. Since the passage of the policy, MIT Libraries have deposited into DSpace@MIT — MIT’s publicly accessible research repository — about 37 percent of the papers written by faculty members: some 10,800 papers. More than 1.6 million downloads of those papers have been made: Currently, about 90,000 downloads are happening every month.

Gass noted that when the open-access policy was established in 2009, it was determined that the policy would be reviewed in 2014 by the Faculty Policy Committee. In the spirit of providing thoughts for that required review, as well as for addressing the Abelson Report’s related question, he and a small group of Libraries colleagues explored ways that MIT could build on the success of its open-access policy.

The primary possible action that emerged for this working group concerns the way MIT’s open-access effort is governed. Gass suggested that MIT consider creating a new faculty body to lead the effort, rather than relying on a working group of the Faculty Committee on the Library System, whose charge limits it to issues around implementation. A restructuring of some sort could allow for broader issues — such as exploring new models of journal publishing — to be addressed more effectively.

The group led by Gass considered what other issues such a newly formed group might investigate. One was whether MIT could benefit from expanding the current open-access policy to include graduate students, postdocs and research scientists — and to expand what is being shared to include not only journal articles, but also data and educational works. The group also suggested that MIT might make it easier for faculty members to understand what federally funded research they are required to make accessible, and how to do so.

The group recommended that MIT consider offering greater financial support for faculty members faced with publication fees charged by open-access online journals. It also raised the possibility of MIT partnering with the MIT Press to host an open-access journal at MIT and recommended that MIT give thought to advocating more forcefully for open access, in particular for the rights of authors and for the creation of new publication models: The group suggested that this might be achieved through concerted outreach to professional societies, commercial publishers, and the federal government. Finally, the group noted that MIT might consider examining its assessments of the quality of open-access journals, in so far as those assessments bear on MIT’s tenure-and–promotion processes.

The suggestions and recommendations made by the group led by Gass are being submitted to the Faculty Policy Committee for consideration in its pending review of MIT’s open-access policy.

“The question posed by the Abelson Report regarding open access was both good and timely,” Gass says. “It helps give energy to an effort that we have long known we will make this year, which is to keep MIT at the leading edge of progress on making access to scholarly publication as open as possible. I was glad that the group I led was given the chance to help shape discussions that will help us move forward with purpose.”

Broad questions

Reif charged Kaiser and Hall with convening members of the MIT community to discuss the broadest questions raised by the Abelson Report. Kaiser and Hall have convened a meeting of faculty and a meeting of graduate students; in the coming weeks they will convene meetings for undergraduates and staff. In the meetings convened to date, they introduced and invited dialogue around all of the eight questions posed by the Abelson Report, with a focus on these particular questions:

Should an MIT education address the personal ethics and legal obligations of technology empowerment?

What are MIT’s obligations to members of our extended community?

How can MIT draw lessons for its hacker culture from this experience?

In both the faculty and graduate-student meetings, attendance was low. Of MIT’s 1,000 faculty members, about 22 attended the faculty meeting, while 15 of MIT’s 6,500 graduate students attended the meeting convened for them.

In the faculty meeting, participants had a wide-ranging discussion that touched on MIT’s mission, opportunities for community learning and policy concerns. The views were divergent enough that no sense of a “right” takeaway emerged, but there was a shared feeling that ongoing discussion of these issues is important, and that MIT should be a leader in the relevant academic areas.

Individual meeting participants made a variety of suggestions. One such suggestion was that MIT ought to make a strong effort to teach students where the ethical and legal boundaries are on campus, and what consequences might be in store for given actions. Meeting participants also shared more general ideas: One notion shared at the meeting was that MIT takes great pride in its hacker culture in the abstract, but that it is hard to know what this means in practice.

Various individual viewpoints about specific changes were expressed by participants, including the recommendation that MIT increase its internal expertise around computer crime and policy issues; that MIT strengthen mechanisms for issue-specific consultations by the administration; that MIT limit data-sharing with law enforcement; and that MIT strengthen support for open access.

In the meeting of graduate students, some attendees expressed a desire for MIT to be a leader in broad issues around technology. Some individuals argued that MIT ought to have made a public statement about the Computer Fraud and Abuse Act; others argued that it ought to have made a public statement characterizing Swartz’s access to the MIT computer network as authorized.

Some participants suggested that MIT was too conservative in its handling of the Swartz case and that it ought to have honored the spirit of risk taking and experimentation that they felt Swartz’s actions represented. Other participants raised concerns about the Computer Fraud and Abuse Act and whether students at MIT are at risk of violating it; some participants expressed a desire for clarity from the administration about where it stood with this law and whether it would help protect students who might become targets of criminal prosecution.

An idea expressed by some participants was that members of the MIT community would benefit from guidance from the MIT administration on ethics and legal risks around computer hacking. It was suggested that the Office of the General Counsel should consider the idea of providing regular briefings for interested community members about the legal issues around hacking, and that online resources also be made available.

Once they have convened the undergraduate and staff meetings, Kaiser and Hall will report to Academic Council, which will then decide if further action ought to be taken.

“These community meetings are important,” Hall says. “They allow people who care deeply about these issues to express their views confidentially, and they allow faculty leadership to hear and weigh thoughts from our diverse community. At the conclusion of our series of forums, we expect to have a good picture of what the community would most like to see addressed going forward. Once we have the full picture, we will share it with the president and the leadership of MIT; that wisdom will help MIT ensure that its policies reflect its values.”

Reif expressed gratitude to those who addressed these questions, and he thanked Academic Council for acting on the recommendations put before it. “The work here is not finished, but I am pleased that we have concrete results,” he says. “We now have a lasting mechanism in place to consider the critical issue of how we collect, provide, and retain electronic records, and MIT will soon have an online data privacy policy. I am confident that we will also put important new energy behind our longstanding commitment to open access to scholarly research. I look forward to further input from Chris Kaiser and Steve Hall on the community’s take on the broadest questions posed by the Abelson Report: The issues around hacking, personal ethics, and the extended MIT community are important and merit the ongoing discussion taking place on our campus. MIT’s leadership will continue to listen for, and act on, good ideas.”