Computers and information technology are an integral part of college and university life. The increased convenience and power of this technology also brings with it a wide range of compliance concerns, from social media and free speech considerations, to data privacy, identity theft, and copyright issues.
Americans With Disabilities Act (ADA)
The Americans With Disabilities Act (ADA) is a civil rights law that prohibits discrimination against individuals with disabilities in all areas of public life, including jobs, schools, transportation, and all public and private places that are open to the general public. The purpose of the law is to make sure that people with disabilities have the same rights and opportunities as everyone else. This applies to campus technologies and websites as well.
Accessibility - Section 508 of the Rehabilitation Act
The Accessibility - Section 508 of the Rehabilitation Act of 1973 mandated that "all electronic and information technology used by the federal government be accessible to people with disabilities." Although the original intent of Section 508 was to provide accessibility in the federal sector, it has been widely accepted that colleges and universities are subject to its requirements underTitle IIbecause they almost universally receive some form of federal funding. Because of this, accessibility — especially in ICT — is becoming one of the most challenging areas for higher education to recognize and address proactively.
The CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations. The CAN-SPAM Act covers all commercial messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” including email that promotes content on University websites. The most critical requirement for SPU is honoring opt-out requests promptly but constituents not wishing to receive communications from the University.
The Computer Fraud and Abuse Act criminalizes unauthorized access to a "protected computer" with the intent to obtain information, defraud, obtain anything of value or cause damage to the computer. A "protected computer" is defined as a computer that is used in interstate or foreign commerce or communication or by or for a financial institution or the government of the United States. In light of the "interstate or foreign commerce" criterion, the act of "hacking" into a secure web site from an out-of-state computer, which may have occurred when the Princeton admissions officer accessed Yale’s "secure" web site, could be considered a CFAA violation (although both schools took pains to say that they were not seeking any civil or criminal prosecutions). The fact that both ECPA and CFAA are criminal statutes considerably raises the ante.
TheElectronic Communications Privacy Act broadly prohibits the unauthorized use or interception by any person of the contents of any wire, oral or electronic communication. Protection of the "contents" of such communications, however, extends only to information concerning the "substance, purport, or meaning" of the communications. In other words, the ECPA likely would not protect from disclosure to third parties information such as the existence of the communication itself or the identity of the parties involved. As a result, the monitoring by institutions of students’ network use or of network usage patterns, generally, would not be prohibited by the ECPA.