 |
 |
At 03:27 PM 3/30/2005, Bosman, Don wrote: >After those who have to keep the machines running, citing the AUP as the reason of course, refuse to work on those machines they don't have permission to look at. Maybe systems people need "HIPPA" forms from every patient? You've hit on an aspect of this that seems just plain wrong. Let me see if I can explain it. Let's forget about students and faculty for the moment and consider only the case of department-owned computers that are assigned to staff to carry out work for their department. Let's focus on a secretary and his or her workspace. Among other things, there's a desk with drawers, a file cabinet and a computer. My understanding of workplace rules (even at the University) is that the secretary's supervisor has complete rights to look at material in the secretary's desk or file cabinet without getting permission. The desk and file cabinet themselves, as well as the records and materials that the employee works with and stores within them, are the property of the department, not of the employee. To cite a specific example, suppose the secretary is out of the office (for fifteen minutes or two weeks, it doesn't matter) and the department needs a document that is stored in the employee's desk. My understanding is that the supervisor can go get it from the desk without asking anyone for permission. (As a side note, if the employee has personal things stored in the desk and the supervisor happens to see them while looking for the needed document, that's the employee's problem, not the supervisor's.) Or let's take a more extreme example--The supervisor says she needs a certain document that is in the employee's desk and the employee refuses to provide it. Again, my understanding is that the supervisor has the right to open the desk over the employee's objection and get this piece of department property. (Let's assume there's no physical force required.) On the other hand, the discussion here seems to be saying that the rules for the computer in the employee's workspace are totally different than for the desk or the file cabinet, i.e. that the supervisor cannot get a department file from the employee's computer without his permission. This makes no sense to me at all. The computer is owned by MSU, is provided to the employee specifically to do the job for which she is paid, and the files in question are the result of that work. To put this kind of block between an employee and the employing department, in the name of privacy, is ridiculous. And keep in mind that I am an MSU employee and I'm applying this to myself, so I'm saying that my supervisor (the department chair) should have full rights to get any kind of file or log from my computer or even to delegate to someone else the authority to do that. This is why we need the provision for local AUPs. I fully agree that at the university level MSU should have a tight AUP, to protect the privacy of university email, the privacy of AFS space, to prevent users from snooping on each other, etc. But a department (or other unit) should be able to make different rules for certain computers or groups of computers that, in the most extreme case, might even say that users of a particular system have no guarantee of privacy at all. The relationship of a student to the university is very different than that of an employee to the university. It seems impossible to me to try to apply a single AUP to both relationships. (I would also point out a very interesting sentence in the draft SAU: "Users have the right to expect that the information content created, stored, and transported within information technologies will be granted the same degree of privacy as communications and written and graphic content using traditional paper and telephonic media." Doesn't that say that if the department has the right to look at things in the employee's filing cabinet that they also have the right to look at things on the employee's computer? Does this mean the proposed SAU is looser than the current one, with less guarantee of privacy?) --Chris ============================================== Chris Wolf Computer Service Manager Agricultural Economics [log in to unmask] Michigan State University 517 353-5017