Critiquing Acceptable Use Policies

An essay written in June 1995 by Dave Kinnaman
This technological shock to our moral codes means that in the future, we are going to have to teach our children well. -- Howard Rheingold

Contents

AUPs on the Scene
Issues Addressed by AUPs
Collections of K-12 Acceptable Use Policies
Individual School's Acceptable Use Policies
Advice from Experts
Logistical AUP Procedures
Whose Acceptable Use Policy Is This?
Does Your AUP Work Against Itself?
Tech Lords at Work
Let the Punishment Fit the Crime
Protecting Children's Rights
Is an AUP the Best Approach?
The Future of AUPs
Afterward - Eight Years Hence
Protecting Children's Rights circa 2003


AUPs on the Scene

As schools increasingly incorporate the Internet into their everyday curriculum, concerned administrators and parents have more opportunities to impose overzealous rules and limitations on teacher and student use of the Net. Some are banning the Internet altogether, fearing disastrous situations. Others are clamping down on access to some Internet resources or tools in an effort to avoid the worst possibilities. This essay reviews the K-12 Acceptable Use Policies (AUPs) available on the Internet in June 1995, and draws on teacher and student experience to comment on how AUPs are working today.

Amidst all of this hubbub about controlling access to Internet resources, the American Library Association (ALA) has a long standing and well reasoned opinion that minors should have free access to libraries in an atmosphere of intellectual freedom and free inquiry. Because the Internet is in effect a huge library, many people have suggested the ALA position applies also to minors using the Internet. Most schools are finding a common ground that both deals with the fears instilled in the public by news of isolated abuses, and also deals with the need to avoid censorship while introducing and teaching important technological and ethical concepts. Many of these schools are investigating and writing AUPs.

School AUPs are usually prepared in the form of contracts between the Internet users and their school. At a minimum, they must be written, publicly available statements of official school policy, even if they are not in the form of an agreement. The idea is that it's better to know the rules before one embarks on the road.

Many schools are adopting AUPs, as recommended in Internet RFC 1578 (also known as FYI on Questions and Answers to Commonly Asked "Primary and Secondary School Internet User" Questions). The AUPs currently available on the Internet provide a means to discover how AUPs are working in schools today and to ask if the AUP format is the best way to address these complicated issues.

Most AUPs deal with multiple issues, frequently attempting to meet all possible concerns. Here are some of the diverse areas covered in Acceptable Use Policies.

With this broad mission to fulfill, most AUPs are packed with information.

AUPs run the gamut from dealing primarily with educating students and their parents to dealing almost exclusively with controlling access to resources. Most K-12 AUPs cover many of these issues. Here are some links to AUPs for you to investigate.

Collections of K-12 Acceptable Use Policies

[Sadly, as of August 2003, I no longer found any acceptable collections of AUPs. The next link is therefore provided for historical purposes only.] Visit previous versions of this essay.

Also, by doing a few Veronica, Lycos, Webcrawler, and Google searches for words like "acceptable," "internet," "policy," and "protect," in combination with "child" and/or "school," I found several K-12 AUPs. Here are some of them:

Individual School/District Acceptable Use Policies

NUEVANET Acceptable Use Policy, Hillsborough, California
Los Angeles Unified School District, Los Angeles, California
Lennox School District, Lennox, California
Newport-Mesa Unified School District, Costa Mesa, California Adobe Acrobat [AUP PDF File] format document
North Monterey County Unified School District, California
Waipahu High School, Waipahu, Hawaii
Monroe County Community School Corporation, Bloomington, Indiana
Indiana Department of Education, Indiana
Jessamine County, Kentucky
Lexington Public Schools, Lexington, Massachusetts
Crocker R2 School District, Crocker, Missouri
Hannibal School District, Hannibal, Missouri
Kearney Public Schools, Kearney, Nebraska
Monmouth County Vocational School District, New Jersey
Carthage Central School District, Carthage, New York
Eugene 4J School District, Eugene, Oregon
Plano Independent School District (K-5), Plano, Texas
Salt Lake City School District, Salt Lake, Utah
Charlottesville City Schools, Charlottesville, Virginia
Bellingham Public Schools, Bellingham, Washington
Lake Washington School District, Redmond, Washington

Advice from Experts

Reviewing these policies and learning from others who have written and dealt with AUP issues is good preparation for writing an AUP. Many wise networking educators, having already wrestled with these issues, are willing to share their expertise. For instance, Clancy Wolf of Educational Service District #114 in Bremerton, Washington shares his knowledge as the "Internet Coordinator" for fifteen school districts. His report is titled "Developing a School or District 'Acceptable Use Policy' for Student and Staff Access to the Internet." which was once at gopher://inspire.ospi.wednet.edu:70/00/Accept_Use_Policies/IN_policies.txt In it, he reproduced and critiqued three AUP samples adapted from Selma, Indiana; Northville, Michigan; and Hilo, Hawaii to demonstrate different approaches being taken in schools. Mr. Wolf also included his recommended AUP, which combined features of the others.

Bill Hanson and Sally Laughon also shared their insights in a speech outline called "Student Drivers on the Internet" which was once at gopher://k12.oit.umass.edu/00%2Finternet%2Fpolicy%2Fethics%2Einternet% 2Econf%09%2BText%2Fplain%20En%5FUS

Various writers on this topic agree that in a pluralistic society there are, and should be, a very wide range of belief systems. This leads to a need for tolerance of a vast array of opinions and experiences. So AUPs, then, must serve as a way to moderate and guide us in situations where divergent beliefs come into conflict.

Logistical AUP Procedures

While AUPs can address divergent beliefs, AUPs share many procedural characteristics. Having students and their parents each sign the AUP is universal. Additionally, some districts are including a "sponsoring" teacher signature on each AUP. Some also expect sponsoring teachers to provide specific instruction to their charges. I assume that where librarians or media coordinators exist, they and other professionals are qualified to sponsor student Internet use.

Another preparative step used by many schools is an orientation session for students, parents, teachers, community members and/or others. This orientation and training happens before students are issued an account "login" name and password, or at the same time. The purpose of the session is to discuss concerns and issues addressed in the AUP, and to give preliminary and basic instructions for use of the account.

Each AUP should serve its users' needs. Small middle schools and junior highs getting their first and only modem in the library or media center, for instance, have very different policy needs than large high schools that already have universal student access.

Many AUPs go to special efforts to say that student computer network use while not at school is not the school's responsibility. While it is rarely explicit, I believe this means that schools expect parents to supervise all non-school computer use - whether at home or elsewhere. Avid parental involvement and supervision of student computer use is also recommended by Larry Majid's pamphlet, Child Safety on the Information Highway. Majid says that computers should not become "electronic baby-sitters."

Whose Acceptable Use Policy Is This?

If you already have an AUP, have you asked how it came into existence? Unless the origin of the AUP is credible, it rests on a weak foundation. Students, teachers, parents, and administrators all need to have confidence that their concerns are well represented. Were each of these groups included in the drafting of your AUP?

Does Your AUP Work Against Itself?

Some of the AUPs I found include confusing or offensive rules. Others seem to be written by lawyers for lawyers. To the extent that an AUP is murky, confusing, or belittling it will be less effective.

People will not believe in your AUP unless it is, at least, well written, logical and internally consistent. For example, I found several writing errors in the sample AUPs available on the Internet. Official signature forms, to be taken seriously, should be clear, spelled correctly, and use correct grammar. It is much harder to respect and take seriously a form that shows inattention to communication details.

I also have seen some AUPs that were not consistent within themselves. On one page it might say "Anyone found trying to go to an objectionable site will have their privileges lifted." And two pages later the same AUP might say "Every attempt will be made to warn students and teachers of violations before removing access." Users should have the right to know the possible consequences of misbehavior without unnecessary waffling within the AUP itself: Do I get one warning, or not?

Using the same example, when an AUP says "Anyone found trying to go to an objectionable site will have their privileges lifted," is illogical. Experienced Internet users know that you often do not know the nature of a link before you open it. How can you? Anyone who has used URouLette knows that you simply don't know where you're going to land, and many Web pages have similar links that are intriguing but not well explained. To hold a single mouse-click against a user as an AUP violation is somewhat extreme. This policy, on the other hand, would be quite understandable if it said, "Repeated visits to objectionable sites will elicit a warning. Further attempts will result in a loss of privileges."

Another illogical AUP states that students "should not intentionally obtain copies of ... files ... or data that belong to someone else." On the face of it, this AUP forbids collaborative student projects and sharing of student creative products! They mean, I'm sure, that students should not obtain one another's files without permission, but that is, unfortunately, not what the form actually says.

The most disturbing inaccuracy I found in several AUPs is a confusion of ethical behavior with civility. Typically, AUPs set a high standard of civility by stating a rule that users must be polite in their dealings on the Internet. Then, pages later in the signature block at the end, the student/user is asked to confirm that all violations of these rules are "unethical." The word in the signature block should be "unacceptable" rather than "unethical," because standards of politeness vary greatly and because civility is not the same as being ethical. An unethical act can be performed with extreme politeness and civility, but the act does not become ethical through the addition of civility.

Tech Lords At Work

There is a secret language of technical power talk that is intended to intimidate computer users while confusing them. It is meant to diminish user demands on systems administrators. Some systems administrators and other so-called computer experts use this special jargon to reduce user understanding of computer/network systems, because they mistakenly believe that ignorant users will cause less trouble for them. When faced with these self-appointed threshold guardians of Cyberspace, some new users feel helpless and abandon exploration.

Sometimes in AUPs, systems administrators or systems operators are given the majority of decision making power concerning Internet use. In conjunction with their power, the wording of the AUP may include technical terms or vague generalities that make it difficult to determine what boundaries the policy defines. This type of AUP makes it possible for authorities to revoke Internet priveledges with little or no warning or explanation, leaving users confused and reluctant to explore the Internet.

A bewildering phrase I repeatedly found in the available AUPs is "From time to time, (named school) system administrators will make determinations on whether specific uses of the network are consistent with the acceptable use policies." What does this mean? If it means "We reserve the right to change these rules as we learn new information?" why not just say so?

If the ground rules are open to change, shouldn't it also say that any proposed changes will be announced before they are implemented so that users can always know the rules they are expected to follow?

And, sadly, some folks, whom I refer to as Tech Lords, take to ruling over the use of the Internet. Listen to this Tech Lord proclaim:

"Based on the acceptable use guidelines outlined in this document, the system administrators will deem what is inappropriate use and their decision is final."

In addition to these types of proclamations, some policies actually stress that there is no appeal process available.

Are Tech Lords using your AUP to unnecessarily accrue power and reserve authority to themselves? Are they using vague language in your AUP to unnecessarily keep users at a distance? One way to tell is to ask them what they mean by a confusing statement in the AUP. If the system administrator becomes defensive or changes the subject, this is not a good sign. If, on the other hand, they explain in simpler terms, try to get those simpler terms used in the AUP! A useful AUP will be understandable rather than intimidating to its users.

Let the Punishment Fit the Crime

While clarity on what you will be punished for has not been reached, the punishments are remarkably similar across all K-12 AUPs: they all say you'll lose your Internet account, temporarily or permanently. And maybe you'll also be criminally prosecuted, and/or be processed through the school discipline system. Another punishment that I haven't seen enacted but may fit the crime is the use of the network printer. Many teachers say that often the evidence of Internet misbehavior is found at the network printer. It seems appropriate for AUP punishments to include routine printer cleaning and maintenance, purchasing printer paper, recycling toner cartridges, or other natural consequences of network printer misuse.

Protecting Children's Rights

Several AUPs acknowledge the human rights of student computer network users. The child's right to privacy is mentioned. For instance, the AUP at the Peddie School in New Jersey [once acknowledged] students' "legitimate needs (including experimentation)."

Interestingly, I found some advice that deals openly with certain child abuse concerns by carefully emphasizing to the student that many troublesome events are not the victim's (child's) fault. Larry Majid's insightful pamphlet, Child Safety on the Information Highway, was written in association with the National Center for Missing and Exploited Children. Howard Rheingold's directions to his own child carefully reinforce several additional important elements for children using computer communication.

[The Afterward below includes many additional links to good information about children's rights.]

What about duplicity and perversity? Many AUPs warn students not to accept e-mail messages without some skepticism as to their source and to their content. Messages can be forged, and people do deceive.

Just like in real life in our home communities, there are also outrageous, profane, appalling, detestable and repugnant expressions and displays on the Internet. People can sometimes be obnoxious, insulting, rude, or exploitative on the Net. Children should have some idea of how to respond to these circumstances if they occur.

Is an AUP the Best Approach?

The following quotation was written by Jennifer D. Barovian, an avid computer network user who recently graduated from high school and received an award in a national contest for an essay about her own use of the Internet since eighth grade, Could this be a Modem? She is working this summer [1995] as an Internet trainer at Case Western Reserve University, pending her freshman year of college beginning in September, 1995. In an exchange of several e-mail messages, I asked her views on how one could tell if students might be ready for access to the Internet, and I asked further about her position that age-based restrictions ignore the maturity of the individual child. I pointed out one of the well-known risqué areas, and asked when she was allowed to exercise her own maturity with access to that risqué location. In her careful reply she directs me back to the real purpose and educational value of the Internet:

"The Internet is exactly like real life, in regards to the availability of information... A student could, for instance, learn how to make a bomb from someone online -- but he could gain the same knowledge from a chemistry book, so does that mean we have to ban books and stop teaching science, too?"

"Of course not. It's just human nature to fear and protect against something we don't understand. It's too bad that there are still so many who distrust the Internet, rather than being open to comprehending the advantages."

Jamieson McKenzie makes a similar argument when he says (in the June 1995 edition of his Web newsletter From Now On), in the article Protecting Our Children From the Internet (and the World), that the Internet has the same risks found everyday on your cable TV, printed in your local newspaper, or delivered to your postal mail box. I would add libraries and telephones to the list of comparable risks. The Internet is every bit as risky as your public telephone or library.

McKenzie also makes an excellent point when he reminds us that the best goal is for children to attain self-control.

"As children mature, we begin to rely less and less upon physical barriers, trying to teach them to respect boundary lines and values without being tied down, locked in or physically blocked from entry. We expect our children to begin exercising judgment and restraint."

"This expectation only makes sense as the young person begins moving toward adult life. Self control is an essential element in the development of an independent, well-balanced adult member of society. We hope and expect that our children will begin to adopt certain values as their own, 'internalizing' a distaste for cruelty, for greed, for wanton destruction, for dishonesty and for other things we have identified as negatives. At the same time, we hope they will come to cherish certain traditions, behaviors and attitudes which we hold dear."

Howard Rheingold, author of the influential book The Virtual Community, presents similar ideas in his article Why Censoring Cyberspace is Futile. Here is a brief quote from the article:

"Yes, we have to think of ways of protecting our children and our society from the easy availablity of every kind of abhorrent information imaginable. But the 'censor the Net' approach is not just morally misguided. It's becoming technically impossible. As Net pioneer John Gilmore is often quoted: "The Net interprets censorship as damage and routes around it."

"The Net's technological foundation was built to withstand nuclear attack. The RAND Corporation designed the network to be a throughly decentralized command- and-control communications system, one that would be less vulnerable to intercontinental missles than a system commanded by a centralized headquarters."

"This decentralization of control means that the delivery system for salacious materials is the same worldwide one that delivers economic opportunity, educational resources, civic forums, and health advice. If a hacker in Helsinki or Los Angeles connects to the Internet and provides access to his digital pornography files, anybody anywhere else in the world, with the right kind of Internet connection, can download those steamy bits and bytes."

"This technological shock to our moral codes means that in the future, we are going to have to teach our children well. The locus of control is going to have to be in their heads and hearts, not in the laws or machines that make information so imperviously available. Before we let our kids loose on the Internet, they better have a solid moral grounding and some common sense."

The Future of AUPs

As a final contribution, I would like to paraphrase another brilliant idea shared with me by teenage Internet expert Jennifer Barovian: It may be that we shall soon see a different attitude, and we may need different approaches to Acceptable Use Policies, because students are now increasingly required to participate in an Internet curriculum. Until quite recently, voluntary initiative was the basis of educational involvement in the Internet. But now there may be less personal choice available to students, and perhaps our AUPs will need to be adjusted for this new reality.

Good words of advice: We need to take a look at why and how we write and implement AUPs to ensure the successful use of the Internet for learning.

Back to the top of this essay



[Comments below added in 1998, and later]
Critiquing Acceptable Use Policies was written in 1995 by Dave Kinnaman.

In 1996 Dave co-authored the book Researching On The Internet with Toronto broadcast journalist and author Robin Rowland.
In 1997 Dave wrote a book for K-12 schools, a "How-to" for AUPs. The publisher tried to edit it to scare people about the Net in order to sell additional copies of blocking software. Dave refused, and withdrew the book. It has not yet been published. Also in 1997 Dave mirrored the Peacefire teen anti-censorship site, ensuring that his Internet Service Provider is entirely blocked. During 1997 he also created the official Texas Internet Service Provider Association's (TISPA's) web page for blocking software, to meet requirements of Texas state law: http://www.prismnet.com/~kinnaman/pchealth/draft.html


[Afterward, added 2003]

The original scope and purpose of this essay, as defined by GNN, did not include the issues covered below. These are currently (August 2003) useful links for schools now dealing with Internet education and AUP issues.

Protecting Childrens' Rights, circa 2003


Contents

AUPs on the Scene
Issues Addressed by AUPs
Collections of K-12 Acceptable Use Policies
Individual School's Acceptable Use Policies
Advice from Experts
Logistical AUP Procedures
Whose Acceptable Use Policy Is This?
Does Your AUP Work Against Itself?
Tech Lords at Work
Let the Punishment Fit the Crime
Protecting Children's Rights
Is an AUP the Best Approach?
The Future of AUPs
Afterward - Eight Years Hence
Protecting Children's Rights circa 2003



Readers are welcome to write to Dave at <kinnaman@world.std.com>
Version 6.3
This page resides at http://www.prismnet.com/~kinnaman/aupessay.html

Copyright © 1995-2006 Dave Kinnaman, all rights reserved worldwide.
Page archives courtesy of Archive.Org Wayback Machine Previous page archives courtesy of Archive.Org Wayback Machine