FEATURED
An ongoing battle is being waged between University of California professors and system IT leaders over a cybersecurity surveillance software program that faculty argue is far too intrusive and “brings the risk of warrantless surveillance.”
Professors across the state are being told to install a software program called Trellix that monitors scholars’ computers for threats, but also provides potential access to UC information technology officers on what professors are up to on their devices.
An October memo from UC faculty union leaders called for a halt to the program’s rollout, arguing it enables “the distinct risk of warrantless governmental access to sensitive academic materials.”
“Once installed, Trellix EDR software grants unrestricted administrative or root-level access to faculty computers, enabling unchecked, comprehensive, and invasive monitoring, extraction, alteration, and even deletion of files without user consent or notification,” the memo states.
“This is an extraordinary intrusion into the privacy, right to freedom of expression, and intellectual security of faculty, which constitute core principles of the university’s educational and research missions.”
Chris Hoofnagle, faculty director of the Berkeley Center for Law and Technology, told The College Fix that computer security “is often a contest between different values and risks.”
“To be more clear here: in my opinion, most faculty would benefit from the Trellix software because it will protect them from sophisticated malware and attacks,” Hoofnagle said via email.
“[T]he overriding issue is that the software gives administrators remote administration of your computer, at the root level. It is what we call a rootkit in security land.” By Hoofnagle’s description, the Trellix controversy is a “security versus security issue.”
Tensions between UC faculty and administrators have been growing for more than a year over the controversy.
“Trellix, the EDR system used at UC, can in certain situations track endpoint website browsing, delete files and folders, and remotely shutdown devices without saving work in progress,” stated a May 2024 letter from Kyaw Tha Paw U, the now-former chair of the University Committee on Academic Computing and Communications, to James Steintrager, the chair of UC’s academic council at the time.
This was also concerning because some personal devices used by faculty and staff for academic purposes might also be required to utilize the program. Other concerns included possible difficulties in forwarding university emails to non-university accounts and penalties for faculty who have extramural grants or serve as department chairs if those working under them fail to comply with the mandate.
“The plan proposes a corporate-style cybersecurity model that appears unsuitable for UC,” stated one faculty letter to system leaders. “UCACC emphasizes the challenges of implementing these requirements in a distributed environment where the majority of faculty own their own devices.”
A UC Berkeley Information Security Office FAQs page denies Trellix engages in many of the activities about which faculty have voiced concern, stating that Trellix “does not track personal browsing habits, private files, or non-work-related activity.”
A May 2025 academic senate resolution, however, suggested faculty are not convinced by such reassurances and demanded “the immediate suspension of the implementation and use of Trellix or any similarly invasive monitoring software on faculty and researcher computer systems” and that “any future monitoring software considered for deployment must undergo a transparent and inclusive evaluation process involving faculty representation to ensure the safeguarding of privacy, academic freedom, and research integrity.”
At present, reporting from the Daily Californian and Science’s news site suggest some variation in policies related to Trellix’s roll-out at different universities within the UC system.
The College Fix reached out to the University of California Office of the President, as well as Van Williams, UC’s Vice President of Information Technology Services and Chief Information Officer, regarding these reported differences in policy between universities within the UC system, but did not receive a response.
In an email to The College Fix, senior staff technologist Bill Budington of the Electronic Frontiers Foundation, a digital privacy watchdog organization, said it is “the university’s prerogative to secure the devices it issues.”
“However, concerns about administration and possibly governmental access to faculty research materials raises legitimate concerns about privacy and academic freedom in a political climate that’s already chilling to First Amendment rights.”
“Moreover,” Budington added, “this software is being mandated even for employee-owned devices that merely connect to the university network. That’s a clear overstep, and the UC administration’s opacity in all this has done little to allay the faculty’s fears.”
Over the past several months university and Trellix representatives have defended the implementation of Trellix while downplaying the privacy and surveillance concerns.
Kyle Gibson, a UC Berkeley spokesperson, for example, told the Daily Californian that Trellix “stores only about 10 minutes of system activity data locally on the device” and denied claims that the program monitors all activities performed using a device.
Megan Haley, a Trellix representative, told the publication it only discloses user information when required by law or the federal government.
MORE: Plagiarism expert warns of AI false positives following Adelphi University lawsuit
