DeKalb, IL. (ECWd) -
In our previous article entitled "NIU’s IT Director, James Fatz, used NIU equipment in for-profit private business – " we wrote about James Fatz' use of Northern Illinois University software in a private for-profit business, according to court records.
We are in possession of documents where he indicated to attorneys in a court case that he "had a cross-use agreement" with NIU to use their software in his business, Cyber Tech Security (https://www.ct-security.com).
He also indicated he had an ethics opinion from the previous NIU Ethics Officer (thru his use of misleading language) telling him it was OK to use NIU software in his private for-profit business. When asked for a copy of both the "cross-use agreement" and the previous ethics opinion, he did not produce them.
He was asked for the EnCase ID number for the software dongle and provided it.
The attorney found the dongle license belonged to Northern Illinois University and asked him if he had an arrangement with NIU to use their software in his personal business.
His reply is what tipped me off to submit a Freedom of Information Act request to NIU: He stated he did have an arrangement with NIU: "Yes. As long as there is no cost incurred in the usage there is no ethics issue. I have cross share between my company and NIU for various tools."
When asked if he would be willing to provide a copy of whatever arrangement he had for licensing between CyberTech Security and NIU, he replied with apparent misleading language. His response was that he would check with the "current" ethics officer and get an "updated" opinion. Use of the term "updated" would imply there already was one in place at some time in the past. There wasn't. Additionally, there is no record available showing he provided a copy of any arrangement with NIU. NIU denies any agreement is available.
My FOIA Request:
- Copy of all agreements (or cross-use agreements) between Northern Illinois University (“NIU”) and “Jim Fatz”, “James R. Fatz”, “CT Security”, “CyberTech”, “CyberTech Securities” or any other similar names allowing use of NIU equipment, computers, personnel, time, software dongle, or software license, for other than NIU business.
- Copy of all agreements (or cross-use agreements) between Northern Illinois University (“NIU”) and “Jim Fatz”, “CT Security”, “CyberTech”, “CyberTech Securities” or any other similar names permitting use of non-NIU equipment/software/dongles for NIU business.
Time frame for the above two items is anytime during his employ at NIU, or the two most recent of each instance.
- Copy of the time cards of Jim Fatz, which annotate the hours/days worked in August, September, and October of 2015.
- Copy of all Ethic Opinions of item number 1 and 2, above.
NIU Response? No agreements could be found:
"We have contacted relevant records holder in Procurement Services, the Department of Information Technology, and in our Contract Department. They have informed us that no agreements or invoices could be found pertaining to James Fatz or his company under any of the names listed."
There was also no Ethics Opinion available, but their Ethics Officer did provide a statement that was quite interesting. In the statement, reference was made to Microsoft allowing limited "personal use" of certain software licensed to NIU by their employees, which is pretty much standard fare for large organizations and Microsoft. What he did not mention was any such agreement for "private for-profit business" use of their software.
I have not read the EnCase license agreement, but it is pretty telling when Mr. Fatz did not follow thru with his "updated" ethics opinion, and instead purchased his own license to use EnCase.
Has NIU looked into unauthorized use of their EnCase software license?
Has NIU notified EnCase there was a breech in their licensing agreement?
Will this information have an affect on Fatz' ability to continue providing testimony in State and Federal civil and criminal cases?