jc@raven.bu.edu (James Cameron) (05/24/91)
Newsgroups: comp.admin.policy Subject: Harrassment via email Distribution: comp [..Editorial note: I do hope this thread dies soon...] I work for two different departments here at Boston University, in Boston, Massachusetts, USA. I would like to add and respond to a few things posted here. Just a little background on myself: I am a Senior Consultant for Information Technology (BU Computer department) and I am the SysAdmin for a few engineering Sun labs. I am still new (as I am 20) but I have seen a lot. *8-) First of all, if someone is harrassing a user through email and it goes to the extent where I am asked to become involved, then YES, I will. If it is on one of the machines I administer, I will send mail to the administrator of the machine where the offender is sending from. (This does not happen at our labs.) If it is on the machine where I consultant, then I would transfer the user to another Staff member who is in charge of such things. Most likely, if it was offensive then there is a very good chance that the account will immediately be disabled. There are 8,000 active users (over 21,000 accounts) and this is the necessary course of action. Appended to this message is Boston University's Computing Ethics policy. I had planned to respond to some of the postings, but have decided to refrain from doing so. This is in part due to the fact that I would like this thread to die and in part that I don't feel that discussion will sway people. This is almost a moral question...almost. And it is time that we deal with the colder, more logical side of things: the computers itselves. (* smile *) (Couldn't use "themselves" there...just couldn't. *8-) ) But, I will make a few statements.... 1. IT IS sometimes necessary to take a position on matters dealing with your users which may seem like the police. Ie, one user hogging all the resources during the middle of the day, user taking up too much of a partition, user harrassing another, etc. 1a. IT is NOT the most enjoyable part of our jobs. 2. Our jobs are NOT similiar to the phone technicians. (I really can't believe someone actually suggested that.) 2a. And if *your* job is, then you are NOT a SysAdmin. 3. Harrassment in many cases in real life (ie, non-computer world (if such a beast exists)) is done anonymously. Ie, phone calls, threatening letters, etc. Most email can be traced to a user. Thus, something can be done about it. If I am threatened over the phone by someone I know, and it continues after requesting the person to stop, then YES, of COURSE I can go to the police. Oh well...enough. One letter just really got me going, and I had to send this. *8-( jc -- James Cameron (jc@raven.bu.edu) Signal Processing and Interpretation Lab. Boston, Mass (617) 353-2879 ------------------------------------------------------------------------------ "But to risk we must, for the greatest hazard in life is to risk nothing. For the man or woman who risks nothing, has nothing, does nothing, is nothing." (Quote from the eulogy for the late Christa McAuliffe.) [...here's the ethics policy...] Boston University Information Technology ethics Conditions of Use and Policy on Computing Ethics March 26, 1990 ________________________________________________________________________ CONDITIONS OF USE To protect the integrity of the University's computing facilities and the users thereof against unauthorized or improper use of those facili- ties, Boston University reserves the right, without notice, to: limit or restrict any individual's use, and to inspect, copy, remove or otherwise alter any data, file, or system resource which may undermine the author- ized use of any computing facility. Boston University also reserves the right periodically to check any system and any other rights necessary to protect its computing facilities. The University disclaims responsi- bility for loss of data or interference with files resulting from its efforts to maintain the privacy and security of those computing facili- ties. As used herein and in the Policy on Computing Ethics below, the term "computing facility" means, refers to and includes any and all forms of computer-related equipment, tools and intellectual property, including computer systems, personal computers and computer networks and all forms of software, firmware, operating software and application software, which is owned by the University or is under the University's possession, custody or control. Users of the University's computing facilities are required to comply with and, by using any such facilities, agree to comply with and be sub- ject to the Boston University Information Security Policy, the Policy on Computing Ethics and these Conditions of Use. The University reserves the right to amend these Conditions and Policies at any time without prior notice. POLICY ON COMPUTING ETHICS Thousands of users share the computing facilities at Boston University. These facilities must be used responsibly by everyone, since misuse by even a few individuals has the potential to disrupt University business or the work of others. You are therefore required to exercise responsi- ble, ethical behavior when using the University's computing facilities. This includes, but is not limited to, the following: 1. You must use only those computer resources which you have been indi- vidually authorized to use by the University. The unauthorized use of computer resources, as well as the providing of false or misleading information for the purpose of obtaining access to computing facili- ties, is prohibited and may be regarded as a criminal act and treated accordingly by the University. You must not use University computing facilities to gain unauthorized access to computing facilities of other institutions, organizations or individuals. 2. You may not authorize anyone to use your computer accounts for any reason. You are responsible for all use of your accounts. You must take all reasonable precautions, including password maintenance and file protection measures, to prevent use of your account by unauthorized per- sons. You must not, for example, share your password with anyone else. 3. You must use your computer resources only for the purposes for which they were authorized. For example, non-funded research or student accounts may not be used for private consulting. Non-funded research or student accounts may not be used for funded research without prior approval from the University. You must not use your computer resources for unlawful purposes, such as the installation of fraudulently or ille- gally obtained software. Use of external networks connected to the Uni- versity's networks must comply with the policies of acceptable use pro- mulgated by the organizations responsible for those networks. 4. You must not access, alter, copy, move or remove information, pro- prietary software or other files (including programs, members of subrou- tine libraries, data and electronic mail) without prior authorization from the appropriate University data trustee, security officer or other responsible party. You must not copy, distribute, display or disclose third party proprietary software without prior authorization from the licensor. Proprietary software must not be installed on systems not properly licensed for its use. 5. You must not use any computing facility irresponsibly or needlessly affect the work of others. This includes transmitting or making acces- sible offensive, annoying or harassing material; intentionally, reck- lessly or negligently damaging any system; intentionally damaging or violating the privacy of information not belonging to you; intentionally misusing system resources or allowing misuse of system resources by oth- ers; or loading software or data from untrustworthy sources, such as free-ware, onto administrative systems. 6. You are encouraged to report any violation of these guidelines by another individual and any information relating to a flaw in or bypass of computing facility security to Information Technology, University Information Systems or the Office of Internal Audit. The unauthorized or improper use of Boston University's computer facili- ties, including the failure to comply with the above guidelines, consti- tutes a violation of University policy and will subject the violator to disciplinary and/or legal action by the University, and, in some cases, criminal prosecution. In addition, the University may require restitu- tion for any use of service which is in violation of these guidelines. Any questions about this policy or of the applicability of this policy to a particular situation should be referred to Information Technology, University Information Systems or the Office of Internal Audit. -- -- James Cameron (jc@raven.bu.edu) Signal Processing and Interpretation Lab. Boston, Mass (617) 353-2879 ------------------------------------------------------------------------------ "But to risk we must, for the greatest hazard in life is to risk nothing. For the man or woman who risks nothing, has nothing, does nothing, is nothing." (Quote from the eulogy for the late Christa McAuliffe.)
kadie@eff.org (Carl Kadie) (05/25/91)
jc@raven.bu.edu (James Cameron) writes: [...] >[...here's the ethics policy...] > > Boston University Information Technology ethics > > Conditions of Use and Policy on Computing Ethics March 26, 1990 [...] In the name of protecting privacy, the policy attacks privacy. It says the University has the power to "without notice, ... inspect ... any data [or] file" It imposes speech restricts that would be ridiculed if applied to the campus as a whole. It says the user may not "mak[e] accessible offensive [or] annoying material" It is incomplete, saying that that required behavior "is not limited to [] the following: [...]" It is circular. It prohibits users from misusing computer resources by "misusing system resources". It is ephemeral, saying that the University has the power "amend these Conditions and Policies at any time without prior notice." Imagine this policy generalized to the University as a whole: * The University has the power to, without notice, inspect any assigned office space or dorm room. * Members of the University community may not distribute or make accessible offensive or annoying material. * Members of the University community may be punished for infractions against rules that are not listed here. * Members of the University community must not "misuse University property", where "misusing University property" is defined as misusing University properity. * The University has the power "amend these Conditions and Policies at any time without prior notice." -- Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu -- But I speak for myself.
gln@cs.arizona.edu (GaRY NEweLl) (05/30/91)
In article <JC.91May24115354@raven.bu.edu>, jc@raven.bu.edu (James Cameron) writes: > Boston University Information Technology ethics > Conditions of Use and Policy on Computing Ethics March 26, 1990 > > CONDITIONS OF USE > To protect the integrity of the University's computing facilities and > the users thereof against unauthorized or improper use of those facili- > ties, Boston University reserves the right, without notice, to: limit or > restrict any individual's use, and to inspect, copy, remove or otherwise > alter any data, file, or system resource which may undermine the author- > ized use of any computing facility. Boston University also reserves the And just how does BU intend to determine if a file "may undermine the authorized use of any computing facility"???? Great line but it sure sounds like this is defending the right for some potential scumbag sysadmin to poke around as he or she pleases - if anyone tried to set up a rule like this here at Arizona I would expect that even the faculty would choke on it (but I could be wrong). > right periodically to check any system and any other rights necessary to > protect its computing facilities. The University disclaims responsi- > bility for loss of data or interference with files resulting from its > efforts to maintain the privacy and security of those computing facili- This is truly revolting in my opinion. Why don't they just say "we can do any damn thing we like and you can't say anything!" ? > POLICY ON COMPUTING ETHICS > 4. You must not access, alter, copy, move or remove information, pro- > prietary software or other files (including programs, members of subrou- > tine libraries, data and electronic mail) without prior authorization > from the appropriate University data trustee, security officer or other Huh? You can't remove email without permission? From a "University Data Trustee" no less? I can only assume that this means others programs and email right? > 5. You must not use any computing facility irresponsibly or needlessly > affect the work of others. This includes transmitting or making acces- > sible offensive, annoying or harassing material; intentionally, reck- Ah - now here is where I have been having a problem with most of what I've read in this group of late, with respect to this issue. Would one of you care to define what is and what is not "offensive" or "harrassment" or even better still "annoying" - since when does someone lose his right to be annoying because he has computer access? Geezuz..... Seems to me this all reduces to the "I know porn when I see it" argument - rather than be explicit about what can or cannot be said or done (because that is too risky!) some sysadmin is going to be given the power to make decisions about what is harrassment or what is offensive and in effect, this technical employee will be given the right to influence students - he will be taking an academic role for which he is most likely not qualified and certainly wasn't hired to do. > 6. You are encouraged to report any violation of these guidelines by > another individual and any information relating to a flaw in or bypass Maybe it is just me but I think that there are sections of this "policy" that simply reek to high heaven. This whole thing seems to set up an environment where suspicion is rampant and where people are actually encouraged to undermine other students/faculty etc. This does make sense in cases of sabotage and theft and so on - but to tie "net-behavior" into this is absurd in my opinion... > -- James Cameron (jc@raven.bu.edu) gln
marchany@vtserf.cc.vt.edu (Randy Marchany) (05/31/91)
In article <1545@caslon.cs.arizona.edu> gln@cs.arizona.edu (GaRY NEweLl) writes: > Ah - now here is where I have been having a problem with most of what I've >read in this group of late, with respect to this issue. Would one of you >care to define what is and what is not "offensive" or "harrassment" or >even better still "annoying" - since when does someone lose his right to >be annoying because he has computer access? Geezuz..... Seems to me this >all reduces to the "I know porn when I see it" argument - rather than >be explicit about what can or cannot be said or done (because that is too >risky!) some sysadmin is going to be given the power to make decisions >about what is harrassment or what is offensive and in effect, this technical >employee will be given the right to influence students - he will be taking >an academic role for which he is most likely not qualified and certainly >wasn't hired to do. > I think the point of having a policy is to define the computing environment at a particular site. We can't be judging what is a "restrictive" or "wide-open" environment in this group because of the wide variety of member site environments. If my user community agrees to operate in a "restrictive" environment, no one in this group is in a position to tell me that my regulations are not correct. It really doesn't matter whether the site is a university, company or government agency. If the users agree to operate under a particular site's rules, what does it matter to someone outside of the net? The existence of a policy statement allows a site to protect its user environment from within the site and from outside of the site. I suspect that if you were the victim of some form of "harassment" (not just confined to email,i.e, someone changes data in your dirs or deletes a file from your dir) and the offending party when confronted says "Kiss off" that your opinion would change slightly. There is a famous quote, "A conservative is a liberal who was mugged." A well thought out policy statement should PROTECT the user rights by defining their RESPONSIBILITIES. As for the last sentence, I can't resist. I wasn't aware that "technical employees" had the right to "influence student", etc. Jeez, we better run out and tell other staff people such as librarians, athletic coaches, clergy, lab techs, dining hall staff that they're not qualified to influence students. :-) As far as universities go, please remember that students are NOT the only users of university computer systems. >> 6. You are encouraged to report any violation of these guidelines by >> another individual and any information relating to a flaw in or bypass > > Maybe it is just me but I think that there are sections of this "policy" that >simply reek to high heaven. This whole thing seems to set up an environment >where suspicion is rampant and where people are actually encouraged to >undermine other students/faculty etc. This does make sense in cases of >sabotage and theft and so on - but to tie "net-behavior" into this is >absurd in my opinion... > "Net-behavior" most certainly needs to be addressed. A internet site in AZ could be subject to "sabotage and theft" from a site anywhere in the world. An environment where "suspicion is rampant" is created when the "creators" of the environment act in that way. The better approach is to educate the user community that responsible behavior is critical to a productive environment. Point 6 really is no different than someone saying " you should report a murder being committed". I don't think the intent is to create a community of spies but to ensure that an injustice is handled properly. Again, if you as an educator take the "Big Brother" approach, then you will foster a suspicious environment. On the other hand, if you take the approach of teaching responsibity, you create a better environment in the long run. -Randy Marchany VA Tech Computing Center Blacksburg, VA "my opinions are mine and mine alone" >> -- James Cameron (jc@raven.bu.edu) > > > gln
gln@cs.arizona.edu (GaRY NEweLl) (05/31/91)
In article <1803@vtserf.cc.vt.edu>, marchany@vtserf.cc.vt.edu (Randy Marchany) writes: > In article <1545@caslon.cs.arizona.edu> gln@cs.arizona.edu (GaRY NEweLl) writes: > > Ah - now here is where I have been having a problem with most of what I've > >read in this group of late, with respect to this issue. Would one of you > >care to define what is and what is not "offensive" or "harrassment" or > >even better still "annoying" - since when does someone lose his right to > >be annoying because he has computer access? Geezuz..... Seems to me this > >all reduces to the "I know porn when I see it" argument - rather than > I think the point of having a policy is to define the computing > environment at a particular site. We can't be judging what is a > "restrictive" or "wide-open" environment in this group because of the > wide variety of member site environments. If my user community agrees > to operate in a "restrictive" environment, no one in this group is in > a position to tell me that my regulations are not correct. It really I don't buy this for a minute. If you are talking about restricting a site due to the nature of their work and so forth, then I understand your point - otherwise I do not see how it relates to you or anyone else dictating what is "annoying" behavior and making it punishable by restricting access - it seems pretty clear to me that one can easily say - "that is a restrictive organization". > doesn't matter whether the site is a university, company or government > agency. If the users agree to operate under a particular site's rules, Of course it matters - it matters very much. Agreement (a poor choice of words when one considers that individuals who do not agree must sign on in order to gain access to the resources - there is no choice involved what-so-ever) to poorly defined regulations does not give a sysadmin the right to abuse an individual's rights. This is particularly true in an academic setting where, in my opinion, a sysadmin has absolutely *no* authority to discipline, or endager the academic standing of any student. he/she fills a service role (albeit an important one) in the form of a technical position and is simply not qualified to do more than advise and inform others who can/should make the judgements (and be willing to deal with the ramifications of course). > The existence of a policy statement allows a site to protect its user > environment from within the site and from outside of the site. Again, statements such as "Thou shall not annoy anyone" or "we can look at any file or piece of email correspondence anytime we feel like it" simply step beyond the realm of reasonable policies, in my opinion. This may not hold for some govt sites or private organizations, but it certainly should at any institution of higher education. > I suspect that if you were the victim of some form of "harassment" (not > just confined to email,i.e, someone changes data in your dirs or deletes > a file from your dir) and the offending party when confronted says "Kiss > off" that your opinion would change slightly. There is a famous quote, First, I would never support the theory that one creates and enforces laws based on one's supposed personal response as a hypothetical victim. Second, I've received my fair share of what I would call harrassing msgs. and have had students try to break into my account and so on (I should add that I have also sent private correspondence in the form of electronic mail to others which they might have viewed as harrassment - certainly annoying) . Also, I am talking about e-mail not truly harmful actions which can be clearly defined and regulated (such as your data-changing and file-deletion examples above) - there is I believe, a difference. > "A conservative is a liberal who was mugged." A well thought out policy > statement should PROTECT the user rights by defining their > RESPONSIBILITIES. True - and the policy that I responded to was far from well thought out. It was an attempt (again in *my* opinion) to cover all of the bases by assuming broad and general authority to those in charge of the system and by completely eliminating the rights of users including the right to privacy and free speech. You can protect a user's files and so forth without going anywhere near as far as this policy went. > As for the last sentence, I can't resist. I wasn't aware that "technical > employees" had the right to "influence student", etc. Jeez, we better > run out and tell other staff people such as librarians, athletic coaches, > clergy, lab techs, dining hall staff that they're not qualified to > influence students. :-) Influence their careers in a negative way - I should have been more clear. For example, you are hired to keep a system up and running, manage equipment purchases perhaps, and so on - you are *not* hired to play judge and jury over what I would classify as academic issues nor are you qualified to take actions which could have a negative effect on a student unless ordered to carry out anothers decision (say a dept. chair) - so yes of course you can inform the proper individuals that a problem exists, and yes you can then go ahead and carry out the decision of the dept. chair or dept. faculty committee or whatever, but you (not you personally of course - just a sysadmin in general) should have no right, IMHO to determine that a problem exists and then decide on the penalty that will be paid. > As far as universities go, please remember that students are NOT the > only users of university computer systems. But they are the only ones whom I am interested in arguing for at this time. Perhaps in a couple of years I'll join you for the faculty version. :-) > "Net-behavior" most certainly needs to be addressed. A internet site in > AZ could be subject to "sabotage and theft" from a site anywhere in the > world. An environment where "suspicion is rampant" is created when the > "creators" of the environment act in that way. The better approach is > to educate the user community that responsible behavior is critical to > a productive environment. Again - this is not what I mean by net-behavior - I am still referring to the attempt to legislate what is harrassing or better yet what is offensive or (my favorite) annoying - this has little or nothing to do with sabotage and I see no need to include it in any policy designed to combat sabotage and theft - the policy did however. > Point 6 really is no different than someone saying " you should report > a murder being committed". I don't think the intent is to create a > community of spies but to ensure that an injustice is handled properly. NO - when applied to netnews or mail it says "if you are a humorless drip and someone says something that you do not like, then turn him in to the local sysadmin for punsihment and justice". Here at Arizona truly damaging activity is pretty clearly spelled out (sabotage to others files and so on as well as theft of course) and a similar - "if you see someone ripping us off - please tell us" approach. However, this same aggressive approach is not the norm (IMHO) with respect to issues of expressing one's opinions on the net or through e-mail. I still see no reason to tie the two together. > Again, if you as an educator take the "Big Brother" approach, then you > will foster a suspicious environment. On the other hand, if you take the > approach of teaching responsibity, you create a better environment in > the long run. Very true - did you find the policy to be designed to teach responsibility? It sure looked like Big Brother had a hand in drafting it to me..... > -Randy Marchany gln
kadie@herodotus.cs.uiuc.edu (Carl M. Kadie) (05/31/91)
In <1803@vtserf.cc.vt.edu> marchany@vtserf.cc.vt.edu (Randy Marchany) writes: [...] >"A conservative is a liberal who was mugged." [...] And a liberal is a conservative who has been arrested. What is needed is balance. The computer policy at BU and many other schools is very one-sided. It reminds me of the general student policies that were in effect at many universities until the late '60s and early '70s. In 1967, the Joint Statement on Rights and Freedoms of Students was adopted by many university-related organizations (like the American Association of University Professors). Many (most?) universities then incorporated the principles of the Statement in to their student code. Here at the U. of I., for example, the principles were recognized in 1971. The Statement asserts (in contradiction to the BU computer policy) that Students have free expression rights, privacy rights, and due process rights. It also asserts that students have the right to participate in the formulation and application of University policy. If you are at an academic site, please review the Statement (and your own Univeristy's general policies) before setting down a computer policy. The Statement is available via anonymous ftp from eff.org as file academic/student.freedoms. The Computers and Academic Freedom archive also includes a history of general student policy at the U. of I. from 1904 to present. It is as file academic/reg2rights. - Carl -- Carl Kadie -- kadie@cs.uiuc.edu -- University of Illinois at Urbana-Champaign
plutchak@pilsner.geo.brown.edu (Joel Plutchak) (06/01/91)
In article <1547@caslon.cs.arizona.edu> gln@cs.arizona.edu (GaRY NEweLl) writes: >In article <1803@vtserf.cc.vt.edu>, marchany@vtserf.cc.vt.edu (Randy Marchany) writes: >> The existence of a policy statement allows a site to protect its user >> environment from within the site and from outside of the site. > > Again, statements such as "Thou shall not annoy anyone" or "we can >look at any file or piece of email correspondence anytime we feel like >it" simply step beyond the realm of reasonable policies, in my opinion. >This may not hold for some govt sites or private organizations, but >it certainly should at any institution of higher education. > Hmmmmm.... every institution of higher education I've ever attended, worked for, visited, or even walked by, has been either a government site or a private organization. Can you explain what you mean? -- Joel Plutchak, Research Programmer/Analyst Brown University Planetary Geology Unix: plutchak@porter.geo.brown.edu VMS: plutchak@pggipl.geo.brown.edu -or- PGGIPL::PLUTCHAK (VMS: Just say NO!)
gln@cs.arizona.edu (GaRY NEweLl) (06/01/91)
In article <77253@brunix.UUCP>, plutchak@pilsner.geo.brown.edu (Joel Plutchak) writes: > In article <1547@caslon.cs.arizona.edu> gln@cs.arizona.edu (GaRY NEweLl) writes: > > Again, statements such as "Thou shall not annoy anyone" or "we can > >look at any file or piece of email correspondence anytime we feel like > >it" simply step beyond the realm of reasonable policies, in my opinion. > >This may not hold for some govt sites or private organizations, but > >it certainly should at any institution of higher education. > Hmmmmm.... every institution of higher education I've ever attended, worked >for, visited, or even walked by, has been either a government site or a private > organization. Can you explain what you mean? I can try :-) I suppose that I am trying to make the .gov .edu .com distinction with respect to regulation of email and news. Universities and colleges may be public or private (both of course receiving govt funding) but what I am referring to as a govt site might be something like a government lab or office where one could argue that national security is at stake and it is necessary to have tighter restrictions and security on the flow of information in and out of the organization. By "private site" I was referring to say IBM or Digital - a private industry which may feel the need to make available only certain news groups or not allow email out of their site unless checked for security reasons (i.e. you don't want the source code for your latest grand piece of work to be sent around the world). Frankly, I haven't thought through policies at such organizations. I do however feel that it is counter to the concepts and ideals of higher education to put excessive limitations on the freedom of expression of students at any University. The original policy stmt. which was posted referred to "annoying behavior" - to me that is a ridiculous concept with which to try and enforce a policy - some of the most "annoying" individuals I've ever met in Computer Science were not students - in fact they were often individuals who have the responsibility of enacting these policies. I realize that any university has not only the right but the responsibility to enforce rules which go beyond those set by society (for example, I would hope that no one would argue that an individual accused of attacking another student and causing physical harm should be allowed to stay on campus until the legal system decides to try him/her) but to argue that an individual gives up his right to voice his opinions or to be "annoying" seems absurd to me. It is counter to the concept of technology transfer and extending existing knowledge to deny an indivual access to resources because he did not voice a politically correct stmt. or he sent email to some uptight old fart telling him to kiss off. It seems to me that a simple, required disclaimer attatched to news articles or even email stating that what is contained is the opinion and views of the individual and are not meant in anyway to represent the views etc. etc. of the organization, is enough to cover the concerns that have been voiced with respect to this issue. Again, I am not talking about actions which are clearly illegal (physical threats amongst others) or intended to damage anothers properties (such as the examples of deleting someone else's files or breaking into their account etc) I am simply speaking about attempts to legislate what can or cannot be said by an individual student when given access to resources by a dept. or university. Here in the CS dept. at Arizona there are many many views on this. I have spoken with faculty who feel strongly that the only acceptable policy with respect to such restrictions is *no policy* at all. They feel strongly that any attempt to limit this expression is counter to everything that they believe in. Others feel strongly in the other direction and would just as soon see email and especially news access simply eliminated for students. Most, I think, fall somewhere in between. I simply do not believe that anyone has the right to remove or deny access to an individual because of ill-defined terms such as "annoying" or "offensive". To get back to your original question - I don't how or if my feelings extend to private industry or the government scetor - I haven't thought about it enough although I am more than open to experiences or views that others might have with respect to this issue. I do not know if I am "right" about this or even if there is an opinion that is "right" at all. I know that if I were given the responsibility to set a policy I would produce something similar to what our dept. requires of students. It consists of a "contract" signed by students which lists the terms and conditions of Account use. It is, in my opinion, pretty specific about the use of resources when it comes to things such as tinkering with another individuals account or files or attempting to obtain another's password and so on. It covers file copying, quotas printer use and various "off-limit" utilities. It does not, however, cover what is or is not "offensive" "annoying" or "obscene" and it is backed up by simple security procedures such as key cards for the various labs and precautions taken to secure all hardware and prevent as much theft and damage as possible. I would probably extend our policy to include a standard disclaimer on outgoing news articles but beyond that I would not try to legislate what an individual can or cannot say. I also would not attempt to claim the right to examine any files as I see fit, without first obtaining the permission of the individual whose files I intend to take a peek at. That does not mean that I cannot kill a job that is "out of control" or that I can't monitor disk usage and ask that quotas be maintained - it simply means that I am notr going to go searching through a users files looking for things that I don't like nor am I going to in anyway examine personal correspondance in the form of electronic mail. gln
jb3o+@andrew.cmu.edu (Jon Allen Boone) (06/03/91)
gln@cs.arizona.edu (GaRY NEweLl) writes: > Maybe it is just me but I think that there are sections of this "policy" that > simply reek to high heaven. This whole thing seems to set up an environment > where suspicion is rampant and where people are actually encouraged to > undermine other students/faculty etc. This does make sense in cases of > sabotage and theft and so on - but to tie "net-behavior" into this is > absurd in my opinion... > You mileage may vary, but in our department, there isn't much (if any) suspicion - I was hired as sys-admin and when I signed up as such, I agreed not to go rampant in other people's directories. In fact, other than two times when the people couldn't be reached, I haven't gone into people's directory areas without prior permission being given. I've very little interest in snooping on my users. Certainly, time and again, I think it might be keen to know what was REALLY going on and where, but I have never seen any of the problems like what you mention that you suspect. Certainly, we have a few problems in our campus-wide facilities which encourage people to be suspicious - I've known a number of undergrads (sorry for the stereo-type, but they really were undergrads) who abuse or attempt to abuse the facilities. However, I've not heard of a case (other than a particular CS prof) where someone caused rampant destruction and wasn't an undergrad. (Note: The CS prof put a virus on a piece of software that was distributed to 3 or 4 classes (about 200 people each) and was publicly availble via appleshare - it was kinda funny - but then again, I didn't have to use the software that semester! ----------------------------------|++++++++++++++++++++++++++++++++++++++++ | "He divines remedies against injuries; | "Words are drugs." | | he knows how to turn serious accidents | -Antero Alli | | to his own advantage; whatever does not | | | kill him makes him stronger." | "Culture is for bacteria." | | - Friedrich Nietzsche | - Christopher Hyatt | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
gln@cs.arizona.edu (GaRY NEweLl) (06/04/91)
In article <1549@caslon.cs.arizona.edu>, gln@cs.arizona.edu (GaRY NEweLl) writes: > of enacting these policies. I realize that any university has not > only the right but the responsibility to enforce rules which go beyond > those set by society (for example, I would hope that no one would > argue that an individual accused of attacking another student and > causing physical harm should be allowed to stay on campus until the > legal system decides to try him/her) but to argue that an individual > gives up his right to voice his opinions or to be "annoying" seems I have received some email about the remarks above and thought that I might be able to clear up what I meant - in particular, two individuals made a remark that the university must be held to the concept of "due process" which my remarks seem to discount. In fact, the courts have ruled frequently that the university must supply due process - but that should not be confused with what we expect of society through the judicial process. In cases dealing with students who had been accused of rape, armed robbery, assault and various other crimes, the courts have held that the university must supply a hearing (not a trial - simply a hearing where the accused is allowed to state his/her case and others are allowed to make stmts about the situation) - there is no requirement that the accused be allowed to call witnesses nor is there any requirement that he/she be allowed to examine or cross-examine those who do provide information. There must also be some form of reasonable appeal procedure available to appeal any suspension dismissal etc. - it has been a while since my last "Higher Ed and the Law" course but I can probably dig up some case references for anyone interested (you'll have to give me some time since I'm pretty swamped right now).