Social Media Monitoring, (University of California, Davis)

Working Narratives filed this request with the University of California, Davis of California.

It is a clone of this request.

Status
Completed

Communications

From: Nick Szuberla

To Whom It May Concern:

Pursuant to the California Public Records Act (California Government Code §§ 6250), I hereby request the following records:

1. All records regarding the purchase of, acquisition of, installation of, subscription to, payment for, or agreements concerning software designed to access information from social media services;

2. All records that contain any information about the functioning of software designed to access information from social media services that is used or has been used by your university;

3. All records regarding correspondence about or with a company that offers software designed to access information from social media services, including but not limited to all correspondence about or with the companies Brightplaent, Geofeedia, Intrado Inc, LifeRaft, Magnet Forensics, Media Sonar, Signal Corporation, and ZeroFOX;

4. All records regarding the policies that govern access to or use of software designed to access information from social media services;

5. All training materials and all records used to instruct members of your agency in the proper use of software designed to access information from social media services or of the information such software is capable of accessing;

6. All records regarding the sharing with entities outside the university of information obtained from or obtained by using software designed to access information from social media services;

7. All records referencing social media profiles, comments, posts, messages, or events accessed or retained from social media services through use of software designed to access information from social media services.

The requested documents will be made available to the general public, and this request is not being made for commercial purposes.

In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.

Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 10 calendar days, as the statute requires.

Sincerely,
Working Narratives

From: Public Records

Dear Working Narratives via MuckRock News,

UC Davis is in receipt of your request for information and a search for records is underway within the appropriate UC Davis offices. This email is to formally acknowledge your request under the California Public Records Act (CPRA) received January 13, 2017. All responsive records will be identified, reviewed and released in accordance with relevant law and University policy.

Although the requested records have not yet been gathered and reviewed, it is likely, based on the information requested, we may contact you to clarify the request and or get additional information to ensure you are receiving the correct records. Please also note, the material may contain information exempt from disclosure pursuant to the Public Records Act. However, this is not a determination that the requested records are necessarily exempt from disclosure. This office will provide you with a status update and an anticipated date of release, once the requested records have been identified and thoroughly reviewed.

For your information, the California Public Records Act allows agencies to make records available “upon payment of fees covering direct costs of duplication.” (Calif. Govt. Code § 6253 (b)). Should your total request result in fewer than 25 pages, we will waive this fee and forward the records to you directly as requested. Should these records total 25 or more pages, we will contact you to confirm your continued interest in receiving the records and your agreement to pay the charges. Prepayment is required before release of public records, and can be accomplished by remitting a check made payable to University of California Regents (UC Regents).

Should you have any questions, or need additional information, please contact publicrecords@ucdavis.edu<mailto:publicrecords@ucdavis.edu> or call (530) 754-6295.

Regards,

UC Davis Public Records

Email: Publicrecords@ucdavis.edu<mailto:Publicrecords@ucdavis.edu>
[cid:image001.png@01D27312.EA4D8480]

From: Kelley N Walker

The password to access your records is: MuckRock2017-13-01

Should you have any questions, or need additional information, please contact publicrecords@ucdavis.edu<mailto:publicrecords@ucdavis.edu> or call (530) 754-6295.

Sincerely,
UC Davis Public Records
[cid:image001.png@01D2813A.4069FDA0]

UC Davis Public Records
Email: Publicrecords@ucdavis.edu<mailto:Publicrecords@ucdavis.edu>

From: Kelley N Walker

Please follow link to: https://ccds.ucdavis.edu/link/muckrock.zip

Password will be provided under separate cover.

Should you have any questions, or need additional information, please contact publicrecords@ucdavis.edu<mailto:publicrecords@ucdavis.edu> or call (530) 754-6295.

Sincerely,
UC Davis Public Records
[cid:image001.png@01D2813A.3F500220]

UC Davis Public Records
Email: Publicrecords@ucdavis.edu<mailto:Publicrecords@ucdavis.edu>

From: Public Records

February 7, 2017

Sent via E-mail to: requests@muckrock.com<mailto:requests@muckrock.com>

Dear Working Narratives via MuckRock News,
This communication is in response to your inquiry regarding the status of your request and clarification of your California Public Records Act request submitted on January 13, 2017.

As indicated, UC Davis has reviewed your request, and undertook a search for responsive records regarding social media (your specific request is provided below for reference). Based on review of your request, UC Davis is providing information we believe responds to your request.

Under separate cover, via File Transfer Protocol, UC Davis Records Management shall provide the following in response to your request:

University of California and UC Davis policies, guidelines and manuals related to Information Technology, Cyber Security and use and access of social media platforms and devices, which responds to # 4 of your request. These policies are provided un-redacted at no charge.

University of California Policies:

· BFB-IS-2: Inventory, Classification, and Release of University Electronic Information – guidelines for the classification of information assets; and roles and responsibilities regarding the access to, release, or disclosure of University information.

· BFB-IS-10: Systems Development Standards – standards for developing (or purchasing and installing) and maintaining computer applications for administrative purposes at the ten campuses and at the Office of the President (OP) of the University of California

· BFB-IS-11: Identity and Access Management – guidelines for identity and access management at the University of California.
University California Davis Policies & Procedures:

· Social Media Guidelines – guidelines to help guide participation on UC Davis-hosted social networks or online in official capacity tied to the University; applies to students, faculty, staff, administrators and members of the greater community.

· Chapter 310, Communications and Technology:

o Section 22, UC Davis Cyber-Safety Program (310-22)

§ 310-22A Exhibit A, UC Davis Security Standards

o Section 40, University Communications: Publications, Graphic Standards, Marketing, Social Media and Media Relations (310-40)

o Section 70, World Wide Web Standards

§ 310-70A Exhibit A, Web Page Privacy

· Chapter 320, Records and Archives

o Section 20, Privacy of and Access to Information (320-20)

§ 320-20A Exhibit A, Authorization to Disclose Personnel Record Information to Third Party

§ 320-20B Exhibit B, Record of Disclosure

§ 320-20C Exhibit C Rules of Conduct for University Employees Involved with Information Regarding Individuals

Regarding #5 of your request, UC Davis develops, maintains, and provides an electronic learning portal for training purposes. Below is a description of the training module which we believe responds to # 5 of your request:

· UC Cyber Security Awareness, Initial Training – provides information on threats facing the University and what each of us can do to mitigate them. This course is video-based and has audio. Initial training must be taken once by all UC employees

· UC Cyber Security Awareness, Refresher Training – provides additional information on threats facing the University and what each of us can do to mitigate them. The course is video-based and has audio. The refresher course must be taken annually by all UC employees once the initial course has been taken.

In order to provide response to the remainder of your request, we will need clarification, specifically related to accessing information from social media services, enumerated in # 1, 2, 3, 6, and 7. To assist with clarification, we provide the following information.

It appears your request is for information concerning the collection of potential personally identifiable information (PII) of individuals who may interact with UC Davis social media platforms. Please note UC Davis neither collects nor shares any personal information of any kind with any outside agency, software/application company or entity outside of the university.

Please provide clarification regarding the term ‘access information from social media services’:

- 1) “All records regarding the purchase of, acquisition of, installation of, subscription to, payment for, or agreements concerning software designed to access information from social media services;” [emp added]

- 2) “All records that contain any information about the functioning of software designed to access information from social media services that is used or has been used by your university;” [emp added]

- 3) “All records regarding correspondence about or with a company that offers software designed to access information from social media services, including but not limited to all correspondence about or with the companies Brightplaent [sic], Geofeedia, Intrado Inc., LifeRaft, Magnet Forensics, Media Sonar, Signal Corporation, and ZeroFox;” [emp added]

- 6) “All records regarding the sharing with entities outside the university of information obtained from or obtained by using software designed to access information from social media services;” [emp added]

- 7) “All records referencing social media profiles, comments, posts, messages, or events accessed or retained from social media services through use of software designed to access information from social media services.” [emp added]

Please provide response and clarification regarding your request, if the portion of your request above provides enough clarification to identify the records you seek, we will contact you to determine if you are still interested in receiving the records. Those records will also be provided electronically upon payment of fees, should records exceed 25 pages. Please note we are waiving the fees associated with the UC and UC Davis policies referenced above, as they are readily available to requestors. If we do not receive a response by February 17, 2017, we will consider your PRA request completed and closed.

Should you have any questions, or need additional information, please contact publicrecords@ucdavis.edu<mailto:publicrecords@ucdavis.edu> or call (530) 754-6295.

Sincerely,

UC Davis Public Records
[cid:image001.png@01D28138.924A4BE0]

UC Davis Public Records
Email: Publicrecords@ucdavis.edu<mailto:Publicrecords@ucdavis.edu>

Files