The key here, Chris is that you are speaking of a draft document which is not yet an "administrative ruling" or policy. If that document were to become "policy", then that is what we would need to live by. But at the moment it is just "ideas". Now... there IS a part of our current AUP that states (under part III): "2. Because computing systems at MSU serve diverse purposes and diverse constituencies, System Sponsors are accorded wide discretion in establishing reasonable and appropriate policies applicable to their systems. (For example, some System Sponsors, to achieve their particular goals, may permit or encourage the playing of computer games. On other systems, System Sponsors may legitimately prohibit game-playing in order to conserve scarce resources.) The effectiveness of such policies depends substantially on their systematic communication to Users, typically at the time usage authorization is first granted by the System Manager or by Facility Staff." This, however, does not give IT staff the right to go out and make everyone agree to a doc that would make us all "network Nazis", pardon the vernacular and no offense is meant to those with a pro-Nazi viewpoint ;-). However, we cannot usurp the rights of faculty that ARE system owners even though they may be part of our department and we cannot take away certain basic rights such as that to privacy and free speech. What it does say however, is that what may be prohibited in some places (ie: chat or computer games) may be encouraged in other places by unit policies. Prohibiting certain behaviors as contrary to business need by departmental policy is one thing, usurping the authority of the Vice Provost and the AUP is entirely another. Let me give you an example an office environment may have a policy that bans chat during business hours and that is perfectly acceptable, BUT they cannot go through the user's logs, temp files, etc to see if the person had been chatting or not without the user's permission, a subpoena or the permission of the Vice Provost. It just cannot be done under our current AUP. On the other hand, under the part of the AUP quoted above, another department (perhaps consulting) may actually encourage chat so that the technology might be learned, understood and utilized. This is my "official" position under our current AUP which may or may not reflect any personal views I have on the matter. ~~~~~~~~~~~~~~ Randall J. Hall MSU Network Acceptable Use Policy Compliance 409 Computer Center Michigan State University East Lansing, MI 48824 (517) 432-5340 [log in to unmask] -----Original Message----- From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of Chris Wolf Sent: Wednesday, March 30, 2005 1:10 PM To: [log in to unmask] Subject: Re: [MSUNAG] AUP At 10:39 AM 3/30/2005, Randall J. Hall wrote: >A department really has no authority to write their own AUP and neither would the type of agreement proposed below be appropriate. What you are saying contradicts the discussion here several years ago and also contradicts the draft document http://www.msu.edu/~ncc/Documents/SysOp/SysopD10.pdf It specifically says that each system may have its own AUP, which may provide fewer privacy rights to users of that system than would be provided by the University AUP. My understanding is that the type of agreement proposed below would be entirely acceptable. The only requirement is that it be "aggressively advertised to users of the system". >In the case that a user is having problems with their machine, they may give permission for you to access appropriate logs, settings, etc; however, browsing through their private files, emails, etc is strictly prohibited and would be a violation of the AUP. It is, however, very appropriate for a department (or other unit) to issue a statement of policy concerning compliance with the AUP. For instance, a departmental chair (as the local system sponsor) may ban office personnel from using chat during business hours, because they are chatting rather than doing their jobs. That doesnt mean, however, that the IT staff can go in and search folders to see if a user has inappropriate files without proper authorization. > >There may be certain specifications (for business reasons) put on office computers, for example it may be required that each computer have an antivirus program set to automatically update, have a firewall in place, be set for an automatic Windows update, etc. In the case of faculty computers however, it is very likely that the faculty member is the system sponsor (ie: purchased their computer from grant money, etc) in which case they hold that particular authority, not the department. That faculty member may request that their computer be set up to be accessed remotely or they may be asked if they will allow it, but it is inappropriate for IT to force the matter on them. Guidelines and/or suggestions, will go a long ways toward remedying this situation. > >As far as desktop administration software, it does have legitimate uses and in and of itself is not a violation of the AUP. In many cases, I dont think that it is being used as it should be, but that is because of what is being done with it, not because of the application itself. When it comes down to it, IT support and proper usage is a matter of integrety more than anything else. > >If you have any questions about this or any other AUP matter, please feel free to call me and I will be happy to answer any questions you might have. > >~~~~~~~~~~~~~~ >Randall J. Hall >MSU Network Acceptable Use Compliance >Academic Computing and Network Services >409 Computer Center >Michigan State University >East Lansing, MI 48824 >(517) 432-5340 ><mailto:[log in to unmask]>[log in to unmask] > > >From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of Peter Cole >Sent: Wednesday, March 30, 2005 9:29 AM >To: [log in to unmask] >Subject: Re: [MSUNAG] Virtual Network Computing > >What happens if we wish to write a departmental AUP of sorts? Well, more like a signed "computer support agreement" between the user and the IT staffed that, for example, stated (paraphrased), "I the user give the IT staff of Department X permission to view any and all system logs at their leisure." Would this written and signed permission then satisfy the AUP requirements? > >- Peter --Chris ============================================== Chris Wolf Computer Service Manager Agricultural Economics [log in to unmask] Michigan State University 517 353-5017