Don’t share University computer accounts. Don’t use University computers to run a private business. Don’t spam in newsgroups.
The University’s Acceptable Use Policy is filled with rules, such as those above, restricting people who use the school’s computer network. But missing from that policy — or any University policy — are rules protecting students, staff and faculty from having their hard drives and e-mails searched.
Other colleges have specific electronic communication privacy policies, but the University, ranked in 2000 as one of the “100 most wired” campuses in the nation by Yahoo! Internet Life magazine, does not, according to Joanne Hugi, associate vice president of information services.
Hugi said a draft version of a privacy policy is currently in front of University general counsel Melinda Grier. Grier did not return repeated calls seeking comment.
The absence of a privacy policy first came to light in October. University computing officials monitored heavy bandwidth use, which they said is a possible sign of uploading and downloading of copyrighted material, and looked at the files being transferred.
State laws and University policies exist to protect personal information, such as social security number and date of birth, from being accessed inappropriately or released without the owner’s consent. But no policy addresses surveillance of e-mails or personal files.
OUS Director of Legal Services Ben Rawlins said students aren’t protected from file searches. “The premise is that it is the University’s equipment you are using,” he said. “So the University is extending the privilege to use it, but it is the University’s property.”
Rawlins also said there is no threat of the University policing users’ files. “They have a right, but they would not choose to do it,” he said. “It gets into a terribly expensive proposition, and it is inconsistent with the ethics of academia.”
During fall term, the University searched files of high-bandwidth users, found more than 250 students in the residence halls illegally downloading copyrighted material and pulled the plug on them, said Norman Myers, residence hall computing services coordinator.
After meeting with the Office of Student Conduct, students can have their computer ports turned on again.
Since Jan. 1, Myers said, the University has turned off the ports to more than 25 residence hall users for copyright violation. Nothing protects students from having their files examined on the probable cause of heavy bandwidth use.
OPEU Local 085 Chief Steward Ellen Klaastad said that the union representing University workers is aware of the situation.
“We tell our members to use a free e-mail service,” she said. Free services, such as Hotmail or Yahoo!, don’t store e-mails on the University server, so they can’t be watched in the same manner.
For its part, the Oregon University System, which oversees the administration and operation of Oregon’s seven public universities, leaves the establishment of such policies to individual campuses, according to OUS spokesman Bob Bruce.
University of California campuses, on the other hand, operate under a systemwide “Electronic Communications Policy,” which states, in part, that campus network users’ files may not be examined without their consent, except in “emergency circumstances,” such as a known violation of law or immediate threat to person or property.
UC spokeswoman Mary Spletter said a general policy was developed over the last few years, and individual campuses are free to establish more specific policies. Spletter said the Electronic Communications Policy was designed to encourage innovation as well as offer protection.
“We look at our role as helping develop the new technologies,” she said, “rather than setting ourselves up as police guards.”
An Internet search of the nine California campuses’ press releases, newsletters and student newspapers found no instances of a UC school searching through files on a user’s computer to determine copyright violations. At UC Santa Barbara and UC Berkeley, students have been caught illegally sharing music by the Record Industry Association, but not by network administrators for the schools.
In an e-mail interview, UC Berkeley’s network services director Cliff Frost said the university doesn’t see heavy bandwidth use as a rationale to search users’ files. Frost said he is unaware of the university ever looking at a user’s files.
UC system officials might not see themselves as “police guards,” but privacy protection is explicit in the Electronic Communications Policy, which says, in part:
“The university does not routinely inspect, monitor or disclose electronic communications without the holder’s consent. … Such actions must be authorized in advance and in writing by the responsible campus vice chancellor.”
George Gregg, assistant housing director at UC Santa Barbara, told the school’s student paper, The Daily Nexus, that the campus doesn’t monitor the university network for copyright violations “as a matter of principle. We aren’t Big Brother.”
But until the University of Oregon adopts a draft policy — and it includes protection from file searches — students should expect that heavy bandwidth use could set off alarms.
E-mail copy chief Michael J. Kleckner
at [email protected].