Institutions of higher education are up in arms over an FCC ruling on wiretapping they say could cost them billions of dollars in upgrades, expose their networks to more attacks, and jeopardize rights to privacy and freedom of speech.

Discuss: We've set up a CALEA forum.

A petition in the U.S. Court of Appeals for the District of Columbia could determine if higher-education networks - and perhaps private corporate networks - will be required to allow wiretapping by law enforcement agencies as soon as next year.

Oral arguments will be heard late this week in the petition of the American Council on Education (ACE) vs. the FCC, which was submitted in mid-March to the court. The petition is part of an ongoing appeal of the FCC's Sept. 23, 2005, ruling that extends the 1994 Communications Assistance for Law Enforcement Act (CALEA) wiretapping order to broadband Internet providers and "interconnected" VoIP providers next year.

The higher-education community is concerned the FCC ruling does not distinguish between public and private networks, and could potentially extend the CALEA compliance requirement to university and enterprise networks.

"For university networks, the worst-case scenario . . . would mean potentially replacing every switch and router in our system," says Wendy Wigen, policy analyst at Educause, a nonprofit association promoting the use of IT in higher education. "Just for the hardware cost, we're looking at $400 to $500 per student, which is about a $7 billion price tag for all of the colleges in the United States."

Last fall's ruling does not state specifically that institutions of higher learning need comply with CALEA. It does not rule that out either. Because it extends the wiretapping order to facilities-based Internet access providers, CALEA by default includes colleges and universities, Wigen says. Broadband Internet access and VoIP providers have to be CALEA-compliant by May 14, 2007, the FCC says.

"Under the old CALEA . . . universities were exempt because they were considered a private network," she says. "But when law enforcement wanted CALEA extended to Internet service providers, they did not distinguish between private and public - they said anyone who supplies a connection to the public Internet will have to be CALEA-compliant. Well, on university campuses that's one of our main functions."