And of course there's nothing that would prevent the employee
from deciding that it's easier to just put the mail into a .pst, instead of
going through the hassle of forwarding. (Other than lack of knowledge of how to
do it, I suppose.)
Thank you. Ed and Nick, I think you were
probably the most help.
At this point, I’m just going to give them X
number of days, if they don’t have it done before they leave, to forward
emails of a personal nature. After that period, they’re just out of
luck.
Thanks!
-dak
On 6/23/10 10:18 AM, "Kwiatkowski,
Nicholas" <[log in to unmask]">[log in to unmask]>
wrote:
[I am not a lawyer]
One thing to keep
in mind too – in today’s world we have lots of student privacy laws we have
to worry about. Things like FERPA require us to be very conscious of
the data we keep about students. Seemingly innocuous data containing student
grades, or email addresses simply in an email would require us to keep this
data on preemies. This includes data from student employees.
Another item to consider would be data that is
considered confidential to the university. Things like passwords to
servers, access codes to websites, security codes to buildings, or just
private information from vendors, etc. is all information that I’m sure the
University wants to keep.
I feel that anything I create in
email is property of the university. This would not be something I
should expect to take with me.
[/Psudo Lawyer
Talk]
-Nick
From: Kramer, Jack [mailto:[log in to unmask]]
Sent: Wednesday, June 23, 2010 9:52 AM
To: [log in to unmask]">[log in to unmask]
Subject: Re:
[MSUNAG] Outgoing employee's email...
I
think the biggest concern with this whole thing is not just MSU policy but
our legal obligations as admins to preserve information that may be
necessary for a discovery process at a later date. There are several
different laws that would govern that and they all overlap in strange ways,
especially in the realm of higher ed. I think before we can really establish
any kind of policy as a community we need clear direction from counsel – we
are, after all, paying those attorneys the big bucks.
As far as
privacy / publicity goes, there was a Supreme Court decision very recently
that dealt with a similar issue in California, where a police officer was
investigated for personal texts sent with an employer-provided device, even
though the police officer had agreed to pay for overage charges on the
device. The court found that the police department was legally allowed to
request and view the text messages sent through the device, no matter the
content. This will be especially relevant to us as we are technically
employees of a local unit of government (universities are organized as
governments under state law) and so are covered by the decision. The point
I’m making is that our students are paying for a bandwidth service — in
effect, the university acts as their ISP — and are covered under the laws
that apply to that situation. As employees, we are afforded no such
privileges. An employee should not consider their communications using
employer-provided devices to be private, personal property; rather, they
should be considered a privileged use of employer resources and information.
At the end of the day, those communications belong to the university and not
the user. I see no reason why this would not apply to student employees, nor
do I see any reason why this would apply to the private
communications of a student who happens to also work for the university. If
drawing a distinctive line is worrisome, why not simply provide email
accounts to student employees? A secondary NetID is easily purchased or an
account can be established on an internal mail system.
Of course,
none of that answers the more pressing questions of how we are expected to
archive emails, how long we must retain them, and what ability we have (if
any) to release emails to departing employees. A simple regulation like
those applying to retention of tax records would ease the burden
significantly. I know that I should be retaining 7 years of tax records in
case of an IRS audit — it’s a clear regulation easily discerned from the
law. What we need, as I said before, is clear direction from the general
counsel’s office before one of us finds themselves on the wrong end of a
legal discovery process.
----
Jack Kramer
Computer Systems
Specialist
University Relations, Michigan State University
w:
517-884-1231 / c: 248-635-4955
> From:
Alexander Hawley <[log in to unmask]">[log in to unmask]>
> Reply-To: Alexander
Hawley <[log in to unmask]">[log in to unmask]>
> Date:
Wed, 23 Jun 2010 09:13:40 -0400
> To: "[log in to unmask]">[log in to unmask]" <[log in to unmask]">[log in to unmask]>
> Subject: Re:
[MSUNAG] Outgoing employee's email...
>
>> all MSU (non-student) e-mails ... should be turned
over to Archives for
>> preservation
>
> And employees who are also students?
>
> Student employees?
>
> So the day a student is hired
fulltime the AUP switches from privacy to
> publicity? That's
weird.
>
>
>> delete an
email message
>
> Nightmare. I've
seen some instructions for admins on how to silently replicate
> all
incoming & outgoing for this very purpose. Ouch.
>
> Or,
better yet. Forward (do not keep copy) to Gmail or other.
>
>
> -AH
This message is only for the intended recipient(s). If you are not the
named recipient you should not read, distribute or copy this email. Any
views or opinions expressed in this email are those of the author and do not
represent those of Michigan State University or the College of Music.
Any information obtained from or contained in these emails is
confidential. No information will be shared or given to any persons
outside of the appropriate department(s).