CQ(LEGAL) - TECHNOLOGY RESOURCES

PEIMS

Children's Internet Protection Act

Definitions

"Harmful to Minors"

1.Taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex, or excretion;

2.Depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and

3.Taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors.

47 U.S.C. 254(h)(7)(G); 20 U.S.C. 7131(e)(6)

"Technology Protection Measure"

Universal Service Discounts

Certifications to the FCC

With Respect to Minors

Is enforcing a policy of Internet safety for minors that includes monitoring their online activities and the operation of a technology protection measure with respect to any of its computers with Internet access that protects against access through such computers to visual depictions that are obscene, child pornography, or harmful to minors;

Is enforcing the operation of such technology protection measure during any use of such computers by minors; and

Is educating minors, as part of its Internet safety policy, about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms and cyberbullying awareness and response.

47 U.S.C. 254(h)(5)(B)

With Respect to Adults

Is enforcing a policy of Internet safety that includes the operation of a technology protection measure with respect to any of its computers with Internet access that protects against access through such computers to visual depictions that are obscene or child pornography; and

Is enforcing the operation of such technology protection measure during any use of such computers.

47 U.S.C. 254(h)(5)(C)

Disabling for Adults

Internet Safety Policy

1.Access by minors to inappropriate matter on the Internet and the World Wide Web;

2.The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communications;

3.Unauthorized access, including "hacking," and other unlawful activities by minors online;

4.Unauthorized disclosure, use, and dissemination of personal identification information regarding minors; and

5.Measures designed to restrict minors' access to materials harmful to minors.

47 U.S.C. 254(l)

Public Hearing

"Inappropriate for Minors"

ESEA Funding

1.Has in place a policy of Internet safety for minors that includes the operation of a technology protection measure that protects against access to visual depictions that are obscene, child pornography, or harmful to minors; and enforces the operation of the technology protection measure during any use by minors of its computers with Internet access; and

2.Has in place a policy of Internet safety that includes the operation of a technology protection measure that protects against access to visual depictions that are obscene or child pornography; and enforces the operation of the technology protection measure during any use of its computers with Internet access.

Certification to DOE

20 U.S.C. 7131

Transfer of Equipment to Students

1.Any data processing equipment donated to the district, including equipment donated by a private donor, a state eleemosynary institution, or a state agency under Government Code 2175.905;

2.Any equipment purchased by the district; and

3.Any surplus or salvage equipment owned by the district.

Education Code 32.102(a)

1.Adopt rules governing transfers, including provisions for technical assistance to the student by the district;

2.Determine that the transfer serves a public purpose and benefits the district; and

3.Remove from the equipment any offensive, confidential, or proprietary information, as determined by the district.

Education Code 32.104

Donations

1.Donations of data processing equipment for transfer to students; and

2.Gifts, grants, or donations of money or services to purchase, refurbish, or repair data processing equipment.

Education Code 32.102(b)

Use of Public Funds

1.Purchase, refurbish, or repair any data processing equipment transferred to a student; and

2.Store, transport, or transfer data processing equipment under this policy.

Education Code 32.105

Eligibility

Return of Equipment

1.Five years after the date the student receives the equipment;

2.The date the student graduates;

3.The date the student transfers to another district; or

4.The date the student withdraws from school.

Education Code 32.106

Uniform Electronic Transactions Act

Digital Signature

Security Breach Notification

To Individuals

To the Owner or License Holder

To a Consumer Reporting Agency

Criminal Investigation Exception

Information Security Policy

Business and Commerce Code 521.053; Local Gov't Code 205.010

Definitions

"Breach of System Security"

"Sensitive Personal Information"

An individual's first name or first initial and last name in combination with any one or more of the following items, if the name and the items are not encrypted:

Social security number;

Driver's license number or government-issued identification number; or

Account number or credit or debit card number in combination with any required security code, access code, or password that would permit access to an individual's financial account; or

Information that identifies an individual and relates to:

The physical or mental health or condition of the individual;

The provision of health care to the individual; or

Payment for the provision of health care to the individual.

Business and Commerce Code 521.002(a)(2), (b)

Access to Electronic Communications

Electronic Communication Privacy Act

Intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept any wire, oral, or electronic communication;

Intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication when:

Such device is affixed to, or otherwise transmits a signal through, a wire, cable, or other like connection used in wire communication; or

Such device transmits communications by radio, or interferes with the transmission of such communication; or

Such person knows, or has reason to know, that such device or any component thereof has been sent through the mail or transported in interstate or foreign commerce; or

Such use or endeavor to use takes place on the premises of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or obtains or is for the purpose of obtaining information relating to the operations of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or

Such person acts in the District of Columbia, the Commonwealth of Puerto Rico, or any territory or possession of the United States;

Intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the prohibited interception of a wire, oral, or electronic communication;

Intentionally uses, or endeavors to use, the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the prohibited interception of a wire, oral, or electronic communication; or

Intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, intercepted by means authorized by 18 U.S.C. 2511(2)(a)(ii), 2511(2)(b)–(c), 2511(2)(e), 2516, and 2518; knowing or having reason to know that the information was obtained through the interception of such a communication in connection with a criminal investigation; having obtained or received the information in connection with a criminal investigation; and with intent to improperly obstruct, impede, or interfere with a duly authorized criminal investigation.

18 U.S.C. 2511(1), (2)(d)

Stored Wire and Electronic Communications and Transactional Records Access Act

Exceptions

By the person or entity providing a wire or electronic communications service;

By a user of that service with respect to a communication of or intended for that user; or

By sections 18 U.S.C. 2703, 2704, or 2518.

18 U.S.C. 2701(c)

Definitions

"Electronic Communication"

"Electronic Storage"

Any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and

Any storage of such communication by an electronic communication service for purposes of backup protection of such communication.

18 U.S.C. 2510(17), 2711(1)

"Electronic Communications System"

"Electronic Communication Service"

"Facility"

"Person"

Cybersecurity Information Sharing Act

Protection and Use of Information

Security

Removal of Personal Information

Review such indicator to assess whether it contains any information not directly related to a cybersecurity threat that the district knows at the time of sharing to be personal information of a specific individual or information that identifies a specific individual and remove such information; or

Implement and utilize a technical capability configured to remove any information not directly related to a cybersecurity threat that the district knows at the time of sharing to be personal information of a specific individual or information that identifies a specific individual.

6 U.S.C. 1503(d)(2)

Use of Information

Be used by a district to monitor or operate a defensive measure that is applied to an information system of the district, or an information system of another non-federal entity or a federal entity upon written consent of that other entity; and

Be otherwise used, retained, and further shared by a district subject to an otherwise lawful restriction placed by the sharing entity on such indicator or measure, or an otherwise applicable provision of law.

6 U.S.C. 1503(d)(3)

Exception

Law Enforcement Use

Exemption from Public Disclosure

Deemed voluntarily shared information and exempt from disclosure under federal public information law and any state or local provision of law requiring disclosure of information or records; and

Withheld, without discretion, from the public under federal public information law and any state or local provision of law requiring disclosure of information or records.

No Duty

Definitions

"Non-Federal Entity"

"Cybersecurity Purpose"

"Cybersecurity Threat"

"Cyber Threat Indicator"

Malicious reconnaissance, as defined in 6 U.S.C. 1501(12), including anomalous patterns of communications that appear to be transmitted for the purpose of gathering technical information related to a cybersecurity threat or security vulnerability;

A method of defeating a security control or exploitation of a security vulnerability;

A security vulnerability, including anomalous activity that appears to indicate the existence of a security vulnerability;

A method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system to unwittingly enable the defeat of a security control or exploitation of a security vulnerability;

Malicious cyber command and control, as defined in 6 U.S.C. 1501(11);

The actual or potential harm caused by an incident, including a description of the information exfiltrated as a result of a particular cybersecurity threat;

Any other attribute of a cybersecurity threat, if disclosure of such attribute is not otherwise prohibited by law; or

Any combination thereof.

6 U.S.C. 1501(6)

"Defensive Measure"

"Information System"

"Security Control"

"Security Vulnerability"

Edinburg CISD

CQ(LEGAL)-P

UPDATE 105

DATE ISSUED: 7/25/2016