"We are a district under siege since Saturday night." - LAUSD Superintendent Alberto M. Carvalho
Public entities like the LAUSD must follow strict rules when procuring goods and services to prevent corruption. An open bidding process helps to ensure that taxpayers are receiving goods and services for the best price possible and limits the ability of those working for the district to steer contracts to suppliers with whom they have a personal relationship. The process also promotes accountability as the requirements of the district are stated upfront committing suppliers to set standards.
Understandably, these requirements are set aside in times of crisis in order to speed up reaction time. LAUSD Superintendent Alberto M. Carvalho felt that the recent hack of the district's computer systems was worthy of this type of designation and asked the School Board to provide him with emergency powers during the September 13, 2022, board meeting. Before they voted on this request, I explained why the decision needed to be delayed during public comment:
When the Superintendent made an unagendized appearance before the Special Education Committee last week, he did so not to discuss "some of the most fragile students within our community," but instead to address the recent cyber attack against the district. During this speech, he made the claim that the district was attacked "one time, not more than one time." He said that the hack was immediately identified and intercepted as it was happening in "real-time" on Saturday night and that the district immediately brought its systems down to protect itself.
It is accepted that during a criminal investigation, there are facts that should not be released to the public, especially if doing so will compromise the possibility of identifying those who are responsible. However, the public should never be deceived, especially when they are affected.
I have heard from several sources who access different district computer systems that anomalies were occurring as early as Wednesday night. Surely the Superintendent has heard these same reports. Is he trying to control the timeline to cover up failures by district staff?
The word "control" might seem to be hyperbolic but the Superintendent made his intentions very clear at the Special Education Committee meeting. For example, he claimed that those who were not towing the district's narrative had "garnered the attention of federal authorities." I understand that he previously worked in Florida under a governor with authoritarian tendencies, but he now works in California. In this state, we still respect the First Amendment.
Later today the board will consider a resolution submitted by the Superintendent that would declare that "Emergency Conditions Exist" and authorize "certain contracts without advertising or inviting bids." Never let a good crisis go to waste. Will this provide another opportunity to contract for technical services with the Florida Department of Education?
Interestingly, Megan Reilly approved and presented this resolution. As a long-time leader of the LAUSD, including a stint as Interim Superintendent, why didn't she recognize these "emergency conditions" before the hack happened? Was she not aware of the 2020 report that "identified key vulnerabilities" in the system? The public deserves to know if these recommendations were followed. If they were not, who will be held responsible?
I am not an expert on computer systems, but it seems strange to me that an attack that jeopardized student and employee data also resulted in the shutdown of the Board of Education's website. Why would a public-facing site be on the same server as systems containing sensitive data? There are a lot of questions that need to be answered.
The Board needs to delay consideration of the proposed resolution until the facts can be properly researched. A bureaucracy that has failed at protecting data should provide assurances that it knows what it is doing before it starts handing out public funds through contracts that have not been fully vetted. I would also recommend that you ensure that this resolution will not be used to pay a ransom to the bad actors.
The Superintendent is correct. We are in a crisis situation. You should think really carefully about how he allowed it to happen before broadening his powers.
While I appreciate the four board members who listened attentively to what I had to say, three, including Board President Kelly Gonez, were not even in their seats during public comment. Once again, Gonez has shown that she is not interested in community engagement.
Unfortunately, my words did not change the outcome of the vote. Later that afternoon the board voted unanimously to give the Superintendent the emergency powers that he sought. The same Beaudry Bureaucrats who allowed this crisis to happen will now use no-bid contracts to clean up the resulting mess. In the meantime, system outages are still being reported two weeks after the initial attack. Even Welligent, the system used for students with special education needs is not working properly despite the Superintendent's assurances that this system was a priority.
The Superintendent's successful power grab is just the latest in a string of incidents where the Board of Education has failed to maintain proper control of the person that they hire to run the bureaucracy. Carvalho's predecessor, Austin Beutner, never fully divested himself from Vision to Learn as he promised to do when he was hired. He was also given free rein in negotiations with UTLA, resulting in a strike. Before Beutner, John Deasy was forced to quit after a "disastrous" $1 billion iPad plan and the botched implementation of MiSIS, costing students over $189 million. What assurances does the board have that Carvalho will do any better?
(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).