Update from APLU and AAU
Click here if you are having trouble viewing this message.
To:     APLU and AAU Presidents and Chancellors

From: Peter McPherson, President, APLU
           Mary Sue Coleman, President, AAU

cc:      APLU Council of Academic Affairs
           APLU Council on Governmental Affairs
           APLU Council on Research
           APLU Council on Strategic Communications
           AAU Chief Academic Officers
           AAU Council on Federal Relations
           AAU Senior Research Officers
           AAU Public Affairs Network

Date:   April 22, 2019

Re:      Responding to Undue Foreign Influence and Security Concerns on Campus

Over the past year, federal intelligence, security, and science agencies, as well as Members of Congress, have expressed increasing concern regarding the participation of academic researchers in foreign talent recruitment programs, theft of intellectual property, breaches in scientific integrity, targeted cyberattacks, and other forms of foreign interference relating to research performed at U.S. universities. These concerns have stemmed from countries including, but not limited to, China, Russia, Iran, and North Korea. The Hoover Institution’s November 2018 report
China’s Influence & American Interests: Promoting Constructive Vigilance outlines concerns specific to China along with steps that universities might take to mitigate risk. Human Rights Watch’s March 2019 report Resisting Chinese Government Efforts to Undermine Academic Freedom Abroad similarly proposes a 12-point Code of Conduct for adoption by universities in response to Chinese government threats. Furthermore, Congress included language in Section 1286 of the FY 2019 National Defense Authorization Act (NDAA) requiring the Department of Defense to work with academic institutions performing defense research and engineering activities to protect researchers from undue foreign influence and other security threats.

To assist universities in responding to these increasing concerns, late last Fall APLU and AAU conducted a
survey to collect examples of effective policies, practices, tools, and resources that universities are using to ensure the security of research and to address ongoing and emerging foreign security threats. A summary document, outlining effective security practices identified in the 140+ examples from 40 universities received in response to the 2018 survey is linked here. The document includes a sampling of activities already in place at universities to comply with existing federal security requirements along with activities recently implemented by universities to address emerging security concerns. We thank the American Council on Education (ACE), Council on Governmental Relations (COGR), Academic Security Counter Exploitation Consortium (ASCEC), and Association of University Export Compliance Officers (AUECO) for providing additional survey-related support and analysis.

We believe it is imperative for our universities to take these concerns seriously and to take proactive measures on campus. The
summary document may be helpful as you consider what additional steps your campus might take to address growing concerns about security threats and undue foreign influence. Specifically, we encourage every campus to consider the following actions:
  1. Conduct an inventory of current campus security-related activities.
    If your university has not done so, we encourage you to assess what your campus is already doing to address security concerns. Some universities have benefited from convening a task force or working group to assess various policies, procedures, and activities across campus and to strategize and coordinate future activities. We further encourage you to make public what you are doing in these areas to ensure that the public and policymakers are aware of steps being taken by your university to address security concerns.

  2. Communicate with faculty about potential security threats and provide reminders of federal and university disclosure and export controls compliance requirements.
    After assessing what your campus is already doing to address security concerns, we encourage you to alert faculty to existing security activities and procedures and to provide reminders of their responsibilities with respect to ensuring the security of research and complying with existing disclosure requirements. Some universities have sent campus-wide letters on safety and security to faculty and have created easily accessible, public webpages to share information.

  3. Consider implementation of additional campus policies and practices to bolster security and mitigate risk.
    We encourage universities to review the
    summary document and to consider implementing these practices, as appropriate for your campus. We wish to highlight a few specific effective practices for your attention:
    • Establishing a clear campus point of conduct and developing a rapport with local law enforcement and regional federal security officials, including those from the Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Defense Security Service (DSS).
    • Utilizing university Conflict of Interest and Conflict of Commitment policies to identify foreign affiliations, relationships, and financial interests which may conflict with a faculty member’s responsibilities to their home institution or federal funding agencies.
    • Reviewing and appropriately strengthening existing institutional policies and programs to ensure full compliance with federal export control and other existing security control requirements.
    • Employing software solutions such as Visual Compliance to conduct restricted or denied party screening for collaborators as well as visitors to campus.
    • Developing new processes for monitoring systems and networks for intrusions, reporting suspected breaches, and improving data security.
    • Implementing foreign travel policies and safeguards for faculty, to include screening for export compliance, software use restrictions, and other safety and security concerns.
If you have questions or feedback about the effective security practices summary document or would like to be put in contact with institutions effectively addressing a particular activity, please contact Sarah Rovito at APLU or Meredith Asbury at AAU.