 |
 |
I think we generally agree on all those points you made. To answer your one question: "They should have unlimited rights to your web browser's cache and the pages displaying your mail.msu.edu messages in it?" This is obviously a complicated question. Modern technology raises a number of not-so-obvious issues like this. I can understand why it's taking so long to come with a modern SAU and guidelines for applying it. Although there's more than one way to look at the issue of email in the cache, let me play the devil's advocate about it. Regarding email in general, I agree that MSU can and probably should, at the university level, define MSU email accounts and their contents as private while they are on the university mail servers and passing through the network. Everyone at MSU should be required to respect this policy. The question in my mind is what happens after the employee receives the mail. Suppose an employee prints an email message and leaves it in a public area, where someone else picks it up and looks at it. Is the employee guaranteed privacy for that sheet of paper? That seems unlikely to me. Suppose the employee leaves the printed message on her desk. Is she guaranteed that the supervisor who comes in her office is not permitted to look at it? I doubt it. This is somewhat analogous to your situation of the mail page in the browser cache. Hasn't the employee now stored this copy of the message on the department computer, where the department might have different rules about privacy than the rules that the university applies while the mail is in transit over the network or when it is stored on the university server? The employee has complete control over this copy in the cache, and if the employee is concerned about its privacy the employee can remove it. If the employee fails to do so, because of ignorance of how the cache works or whatever reason, it's a lot like leaving a printed copy in the workplace where someone can see it. To continue the example, my understanding of the federal law that Linda brought up is that it is a crime to open an item sent through the U.S. Postal Service and addressed to someone else. However, the law is specifically intended to protect the mail while it is in transit. Once the proper recipient opens the envelope and takes the contents out, it is no longer U.S. mail and the protection of that law ends--it has just become another piece of paper with no more legal protection than your shopping list. Isn't that essentially what the copy of the mail in the browser cache is--an opened message that has been left somewhere by the employee? If the department has a policy that the entire computer used by the employee is department property, just like a desk, why should the cache (or the logs, or anything else you can think of) have any special privacy? All of this just illustrates how difficult it is to update old rules and policies for new technology. Different people may see different analogies between the old and the new, and thus reach different conclusions about how things should work. That's why we have the current conflicts over ownership of media and the legality of file-sharing networks. At 05:32 PM 3/30/2005, George J. Perkins wrote: >My understanding is that this is a "workplace rule", and one's rights to >one's own desk and its contents are set out as part of the set of workplace >rules, which may vary from unit to unit, some allowing 'private space', >and some perhaps not. Of course, if there is 'private space' allowed, >documents which may need to be seen/used by someone else should not be >put there. In any case, there is some fundamental set of rules known to >both employee and supervisor. The SAU simply extends this to the >electronic realm. As long as both employee and supervisor know what >policy applies to what directories on the computer, there is no problem. >It would be best if private space is allowed on a computer, it be clearly >labelled as such, and work documents not be put there. All common operating >systems (assuming plain old DOS and old versions of MacOS are at least on >the way out, if not already gone) provide technical means for setting up >explicitly private and explicitly shared directories. Then it's just a >"work rules" issue to make sure everyone knows which place which document >should go into. --Chris ============================================== Chris Wolf Computer Service Manager Agricultural Economics [log in to unmask] Michigan State University 517 353-5017