Earlier this year, Charles Lieber, chair of Harvard University’s chemistry department and a nanotechnology expert, was arrested and charged with lying to federal law-enforcement officials about secretly working for the Chinese government. (His attorney, Mark L. Mukasey, told Scientific American that Lieber “maintains his innocence and eagerly awaits the chance to tell his side of the story.”)
While less extreme than the Lieber story, there have been many more incidents of U.S. researchers allegedly failing to properly disclose relations with outside governments or otherwise safeguard their research from foreign intervention. In fact, officials at the National Institutes of Health have reportedly begun inquiries into at least 200 NIH-funded researchers at more than 60 U.S. institutions for potentially violating NIH conflict-of-interest, conflict-of-commitment or research-integrity rules.
Many of these ideas and technologies are important to national security. U.S. universities and institutions are taking steps to ensure that we protect the intellectual capital generated through taxpayer-supported federal research. My association represents America’s most distinguished large research universities, and our institutions take these issues seriously. That is why we, in conjunction with our colleagues at the Association of Public and Land-grant Universities, asked our members to collect their most effective practices to combat these risks. Here is what we found:
Universities are strengthening and enforcing conflict-of-interest policies. For example, institutions once used forms that were not always clear for faculty to disclose funding sources. Now universities are adding more targeted questions and providing faculty with case examples, scenarios and FAQs on what should be included. Some are also requiring much more detail about time that faculty spend consulting with outside organizations, companies and universities to avoid potential conflicts of interest.
Leaders at these universities are also using new Web sites and direct communications to alert all their researchers about possible security threats and to clarify security protocols. And research administrators are directly engaging faculty who have significant levels of foreign research engagement to ensure that they fully understand their responsibilities to disclose such funding and to comply properly with all relevant federal laws, regulations and university policies. Universities are developing new training programs for both faculty and students to educate them about security risks and to make them aware of ethical research practices that must be followed (including what kinds of information can and cannot be taken or shared outside the laboratory). And some institutions are now offering for-credit courses for graduate students on complex ethical decision making and responsible conduct of research.
Crucially, universities are establishing stronger relations with their local FBI offices and other federal law-enforcement agencies; at the same time, the FBI is working to establish clear campus liaisons in their regional and local offices. New processes are now commonplace for monitoring data systems and networks for cyberintrusions, reporting suspected breaches and improving data security. For example, institutions are regularly adding IT security agreements that stipulate where data will be housed and how they will be protected by contracts used with third-party service providers. Visitors to research facilities can likewise make that information vulnerable, so our members are expanding required security screening to cover all visiting scholars.
Universities have put in place additional protections for research involving classified or otherwise sensitive or controlled information. For example, universities have established strenuous technology-control plans and cybersecurity safeguards to appropriately restrict access to such research. Research universities now employ specific staff to secure and manage such data. None of these actions prohibits the exchange of knowledge among legitimate scientific collaborations, which are key to scientific progress. But if universities fail to police themselves adequately in these areas, we face the specter of more draconian reactions from lawmakers.
The good news is that members of the Association of American Universities and others are stepping up to the plate and taking actions to secure sensitive research. We hope all universities will follow our example. We in the scientific community owe it to ourselves to be proactive in pursuing constructive vigilance.