Duke ITAC - November 1, 2001 Minutes

DUKE ITAC - November 1, 2001 Minutes


November 1, 2001

Members Attending: Ben Allen, Ed Anapol, Landen Bain, Mike Baptiste, Pakis Bessias, Ken Hirsh for Dick Danner, Angel Dronsfield, Brian Eder, David Ferriero, Nevin Fouts, Ed Gomes, Alan Halachmi, Patrick Halpin, Alfred Trozzo for Paul Harrod, Billy Herndon, Ken Knoerr, David Jamieson-Drake, Roger Loyd, Kyle Johnson for Caroline Nisbet, George Oberlander, Lynne O'Brien, Mike Pickett, Tom Rowe, Mike Russell, Fred Westbrook, Robert Wolpert

Guests: Chris Cramer (OIT), Tony Zanfardino (HR), Ginny Cake (OIT), Steve Woody (DCRI), Judith Ruderman (Vice Provost), Michele Rasmussen (Trinity College), Bob Thompson (Arts and Sciences), Chris Meyer (OIT), Rob Carter (OIT), Mark Spence (OIT), Bruce Cunningham (Registrar's office), and Kathy Pfeiffer (SISS)

Call to Order: Meeting called to order at 4:05

Review of Minutes and Announcements:

  • There were no comments about minutes of 10/04

CIO Search Update

Billy Herndon

The CIO search will be narrowed down from 6 candidates to 3-4. Finalists will be brought back in for second interviews. The goal is to recommend the 3-4 finalists to Dr. Trask and Provost Lange sometime in December.


Plagiarism, the Web, and turnitin.com

  • Vice Provost Judith Ruderman and Dean Bob Thompson

    The University has implemented a new group (Academic Integrity Council) whose charge is to study all aspects of our culture, coordinate ongoing efforts on various fronts, take action steps as appropriate, and set policy recommendations. The Council is comprised of 7 faculty members, several administrators, two undergraduates and a graduate student TA. The Council will have a long-range plan in place by year-end.

    Various studies have been reported in the U.S. News & World Report, November 1999: "A new epidemic of fraud is sweeping through our schools." One study of a single school district in New Jersey in 1999 showed cheating at a high level in the 5th grade. A 1998 survey of 3,123 college- bound seniors listed in Who's who found that 80% admitted having cheated, 83% said it was common at their school, 53% did not believe it is a serious ethical violation. Studies over time in Georgia, between 1969 and 1989 show increasing levels of dishonesty. A study of 4500 high schoolers in 2000/01: cheating widespread, students rationalize it, think teachers ignore it, don't consider some behaviors cheating, Internet makes cheating easier. Research throughout the 1990s nationwide have shown 5-10% of college students survey in 1999 download papers from the Internet. Approximately 25% don't think it's cheating. 10-25% have cut and pasted material without citing sources and almost half don't think it's cheating.

    Duke has reported in a May-June 2001 article in Duke Magazine: "A Matter of Honor." A study performed by CIA- Templeton, that since coming to Duke, 45% of students have engaged in unauthorized collaboration, 38% in copying a few sentences without footnoting, 37% in falsifying lab or research data, and almost a quarter in getting test answers or questions from someone who has already taken it. Only around a quarter of respondents think that unauthorized collaboration or falsifying data are serious.

    Very few of Duke's teaching faculty put information about cheating or plagiarism on the syllabus or discuss the importance of integrity with students or take other steps to foreground academic integrity or reduce temptation towards its opposite.

    There are ways that Duke can make a difference.

There is a three-pronged approach we can take:

      1. Policing,
      2. Prevention and,
      3. Promotion.
    1. If a faculty member has probable cause to suspect that a student's written assignment contains plagiarized material, he/she should
      1. request that the student provide the paper to him or her in an electronic format,
      2. forward this electronic version of the paper to the student's dean along with a request for an originality report. The faculty member should also provide a brief explanation of why the paper is suspicious.
    2. The dean who receives the student's paper will submit it to Turnitin.com and request an originality report. * Once the report is received, the dean will forward the report to the requesting faculty member and will serve as a resource for his/her consideration of the appropriate course of action in light of university policies and procedures.
    • write a letter to each student giving them the principles of academic integrity ,
    • have resources available on academic integrity to guide students, and
    • write a letter to faculty asking them to identify early in their courses what is to be expected of students and have principles of academic integrity in their syllabus.
    • How are criteria set when something comes back that looks suspicious?
      Response: There is nothing in the system that sets criteria.
    • How much of an invasion privacy is posed to whomever is accessing the paper?
    • Do students know ahead of time that their paper is being submitted for review?
      Response: No.
    • Technically this may be a copyright issue. What does it do with explicitly quoted materials and what does it do with paraphrases? Response: If it is a legitimate citation and a faculty member sees it as legit, then nothing happens. If it doesn't find exact chunks of matches, then it will not be determined as plagiarism.
    • Is there an option to not store a paper in the database? Response: The system is set up that all papers entered will be stored in the Database. There is no option to not store a paper in the database.
  • Turnitin.com can play a major part in this. Though the Duke survey revealed a low self-report of downloading papers from paper mills, there is more of this going on in high schools, and those students are the Duke students of the coming years. The use of turnitin.com may seem antithetical to building a climate of trust that is sine qua non for a culture of academic integrity. It could be a negative rather than a positive way to approach cheating. Turnitin.com is one strategy that can cover policing, prevention and promotion. It is only one part of a comprehensive approach and helps to create a culture that defines expectations clearly and does not tolerate cheating.

    Dean Thompson added to the report by saying that from a perspective as a Dean, he understands the issue of academic integrity is important. It is essential to educate students with their role in academic integrity and even if they know it, they need to be reminded of the importance of it. He stated a few ways that he, as Dean of Trinity College, can help promote academic integrity.

    Duke's role is to have a resource in line if there is a situation of cheating and there needs to be information to share with the Duke community to take control of the first steps when cheating has occurred.

    Michele Rasmussen presented on turnitin.com services: Turnitin.com is a web-based application that analyzes submitted papers, essays, and assignments for similarities to documents on the Internet and in Turnitin's database of student papers from universities and colleges in the U.S. and United Kingdom. Once a paper has been submitted and analyzed, Turnitin.com will generate an electronic Originality Report. The report is divided into three sections. The first section gives the number of documents with similar or identical text passages as the submitted paper. The second section of the report lists Internet links to the suspected text sources for the student's paper. These links are color-coded to correspond to color-codes sections of the student's paper that are presented in the third section of the originality report. This makes it relatively easy to compare the student's text to the potentially plagiarized source material. You can view a sample originality report by visiting the following url:


    Turnitin will be applied as follows:

    Faculty with questions about university policies and procedures regarding academic dishonesty can also contact
    Kacie Wallace,
    Associate Dean for Student Development,
    Ph. 684-6313,

    NOTE: The following items are comments /questions from committee members as part of the discussion:

The cost of Turnitin is $4,000 annually. This amount is based on the number of students at Duke University.

Here is a follow-up from Turnitin.com

We have spent considerable time and expense researching this issue. The consistent opinion of our attorneys, plus those of the several schools that have looked into it, including the University of California, is that fair use does in fact allow us to store the student's papers. Here is a summary of the reasoning:

We believe that use of the student's paper would be deemed fair because rather than constituting infringement, the use prevents infringement of that paper from occurring. The student's paper is only being used to catch someone who might have stolen from it. That's the primary purpose of the use and so it would likely be accorded even more deference than other recognized purposes of fair use such as education, commentary and research because its promotion of the underlying goal of the copyright statute, i.e., to promote creativity, is higher.

Most major recent fair use cases have identified "transformative use" as the key question in fair use analysis. Transformative use means that the new work is being used for a different purpose than the old work. In this case, transformative use is present because the instructor is not using the paper for its original purpose, i.e., turning an assignment in, research into a topic, but is making a new use of the paper, i.e., checking for infringement.

Of the four fair use factors, effect on the market for the work is generally considered the most important. In this case, the instructor's use of the student paper isn't affecting any reasonably likely market because it's not reasonable to assume that individual students could start licensing papers to individual teachers for this purpose.

Thus, although the issues are complicated, we feel confident that the use of Student papers in our system does constitute fair use. That being said, a few precautions can greatly simplify the relationship between student, institution and Turnitin.com.

Informing students of the use of the system in each course syllabus using the product is the most important tool. This is the stop sign that prevents most of the plagiarism in the first place (which should be the goal), and it also insures that students are agreeing to take that course with the provision that their papers may be submitted to our system.

Having students submit their work, rather than instructors submitting it, adds one more level of consent on the part of the student, as nothing is done without the student's knowledge. We do not feel that this is required to meet the requirements of fair use, but it certainly removes any ambiguity.

Finally, offering the students an off-line alternative makes their consent absolutely clear. For instance, as an alternative, the student could be required to turn in a photocopy of the first page of all reference sources used, an annotated bibliography, and a one page paper reflecting on their research methodology. Such an option would be unlikely to be chosen by any students, but if they did choose it, the chances of plagiarism would also be vanishingly thin.

Please let me know if you need additional information or have any questions.

Paul Wedlake
Director of Sales iParadigms, LLC./Turnitin.com
1624 Franklin Street, Ste. 818
Oakland, CA 94612
Ph: 510-287-9720 ext. 223
Fax: 510-444-1952
Email: pwedlake@turnitin.com

Senior registration on SISS

Bruce Cunningham

Senior registration is in good shape. This is the fourth time students could register through the Web. When registration was done via telephone, there were 39 phone lines available. On ACES Web, up to 300 students can register simultaneously. At 7:00 a.m. (start time) 300 students were waiting to register. By 7:03 a.m. 261 students were registered. By 7:15 a.m. over 700 students were enrolled and things started to slow down. There were 1,588 potential registrants and by 7:30'ish there was a smattering of people still registering.

Alan Halachmi noted how well he thought that the senior registration had gone this year. He said that students were very pleased. Alan presented some suggestions from students concerning the next senior registration. These suggestions will be given to SISS for consideration and review to incorporate into the system. Other suggestions and comments may be sent to Bruce Cunningham.

Proposed HR data encryption procedures

    1. Secure (SSL) Web Connections
    2. PGP encrypted data transmitted over an encrypted or non-encrypted link
    3. Secure FTP (sftp)
    4. Password protected ZIP files (with a minimum 8 character password length
    1. the use of an encrypted access mechanism such as ssh or a recent encrypted version of PC-Anywhere
    2. unencrypted access mechanisms (such as older versions of PC-anywhere) where the maintenance account is closed and only opened after a phone call from the vendor (password should be changed after each unencrypted access).
    • How is password for ZIP file protected? By phone.
    • Tony Zanfardino explained to the committee that a business procedure would be written and published once this procedure is approved.
    • Email is not a way to ensure password security
    • Vendors must provide information in secure format
    • At what point will we turn internally on this? SFTP is being looked at by SAP and the procedure will be looked at outside of Duke first, then internally.
    • Melissa sent a couple of comments through email to Chris.
      • password protected ZIP files are not well- protected.
      • In some cases we cannot get vendors to maintain systems to protect encrypted files.
  • Chris Cramer and Tony Zanfardino

    Chris Cramer and Tony Zanfardino presented a Draft of Duke University's Data Encryption Procedures. The purpose of this document is to outline procedures that protect the security and privacy of Duke employees' personal information in an electronic format. It is important that information that must be shared with outside sources for legitimate reasons, be transmitted and maintained in a manner consistent with its sensitive nature.

    When electronically transmitting personal information, the University requires that data be encrypted using strong cryptographic protocols. Duke requires vendors desiring to receive data electronically to use at least one of the following transit mechanisms that are recognized as being secure. These mechanisms are subject to yearly review and update as technologies change:

    Systems located at Duke which contain personal information are maintained remotely by outside vendors. Duke requires that the access mechanisms and procedures be secure and considers the following mechanisms to be reasonable protections for such systems:

    Once the vendor has been entrusted with confidential information about Duke employees, it is important that the vendor maintain the confidentiality of that information. Contracts with vendors should specify how Duke's data is securely maintained and in what ways it will subsequently be used.

    Duke departments transmitting data to outside vendors should begin immediate discussions with those vendors regarding secure transmission mechanism with a goal of securing all such transmissions within X months. Procedures for securely maintaining Duke systems containing personal information should also be established with vendors within X months. Contractual requirements for vendors to maintain Duke information confidentially and in a secure manner should be addressed at the time of (re) negotiation of the contract.

    NOTE: The following items are comments from committee members as part of the discussion:

Follow-up on PC recycling security issues

    • There is concern that a security office of the Health System went to surplus and purchased many computer and approximately 50% contained medical records of patients.
    • It was decided that we need to make certain when a computer leaves the University and Health System that it is clean. Several options/recommendations to look at:
      1. make it a requirement that each department cleans computers before leaving the University
      2. everything that leaves the University goes through surplus and they clean it up
      3. each department requires that Surplus be paid for cleaning computers
      4. departments can send to Surplus for cleaning or clean themselves (this was strongly recommended by the group)
      5. OIT can provide a CD to clean computers.

      It is important that data does not leave the University.

    • Ken Knoerr asked if it is possible to review the track system of donating and tagging equipment? Response - yes.

  • Chris Cramer

Meeting was adjourned at 5:30.