From: comp-academic-freedom-talk-request@eff.org Reply-To: comp-academic-freedom-talk@eff.org Precedence: bulk To: comp-academic-freedom-talk Return-Path: Date: Tue, 23 Apr 91 04:42:59 -0500 Sender: "Carl M. Kadie" Subject: FYI: Re: New NCSA e-mail policy inconsistent with Academic Freedom Status: R Newsgroups: uiuc.general Path: m.cs.uiuc.edu!kadie Sender: kadie@m.cs.uiuc.edu (Carl M. Kadie) Subject: Re: New NCSA e-mail policy inconsistent with Academic Freedom Message-ID: <1991Apr23.083947.3254@m.cs.uiuc.edu> Organization: University of Illinois, Dept. of Comp. Sci., Urbana, IL References: <1991Apr23.082959.78@m.cs.uiuc.edu> Date: Tue, 23 Apr 91 08:39:47 GMT Lines: 88 [Here is text of the letter setting out the policy. Any typos are probably mine - Carl] University of Illinois at Urbana Champaign National Center for Supercomputer Applications 152 Computing Applications Building 605 East Springfield Avenue Champaign, IL 61820 217 244-0072 Date: April 1, 1991 Sender: Michael D. Smith, Associate Director, Computer Operations and System Administration NCSA Security Officer Phone: (217) 244-7714, E-mail: msmith@ncsa.uiuc.edu Re: Policy on the Use and Security of NCSA E-mail Facilities NCSA wishes to inform its e-mail users of the primary purpose of the e-mail facilities, as well as when and user what circumstances individual e-mail messages may be monitored or examined. NCSA's e-mail facilities were established and intended to be used for center business only, as opposed to personal or private business. NCSA does not promise or guarantee that individual e-mail messages are private or secure. Authorized system administrators and/or security staff may be required to monitor or examine e-mail messages udner the following circumstances: 1.) In order to support e-mail, system administration personnel routinely monitor the successful delivery of e-mail to users. Undeliverable e-mail due to incorrect addressing, unknown users, and the like may be returned to the system postmaster for delivery resolution. The system postmaster must at a minimum, read the header containing crucial information about who and where the e-mail was being sent in order to determine why the message was not deliver to the designated recipients(s). In the course of the above mentioned operator, the text of the message of course is also open to view. 2.) NCSA networks require monitoring as a standard for network maintenance and problem resolution, capacity planning and product testing. This requires watching information actually moving across NCSA networks. In the course of network monitoring, it is possible that electronic mail messages will be part of the information packets moving across the network. As such, this mail might be exposed to the person actually doing this activity. [page 2] 3.) In order to protect NCSA's e-mail facilities from flagrant abuse of the above mentioned purpose of the system, as well as protect NCSA staff from threats to their personal safety and well being, protect NCSA against fraud, attempts to disadvantage NCSA, prevent and/or ensure NCSA against inappropriate information disclosures, it might be necessary for authorized system administration and/or security staff to monitor or examine and individual employee's and/or user's e-mail. This type of activity is only performed for legitimate security reasons; only when there is cause for such activity and only at the discretion of the NCSA's Director. The users themselves can minimize occurrences of two of the three above mentioned activities (items 1 and 3) by following common sense guidelines regarding the use of e-mail. First, always take care when address e-mail messages, thus reducing the chance of the e-mail being forwarded to the system postmaster for resolution. Not only will this reduce the chance of your e-mail being examined, but it will also significantly reduce the workload of our various system postmasters. Second, strive to use the e-mail facilities for their intended purpose as stated above. E-mail is an inappropriate vehicle for the transmission of extremely personal and/or confidential information which one would not disclosed to others. Hardware and software problems to arise which might send your e- mail to an inappropriate addressee whose receipt of such you might not have intended or desired. Good judgment should be exercised when deciding to incorporate such personal and/or confidential information. cc: James R. Bottum, NCSA Judith S. Libman, OVCR Larry, [sic] L. Smarr, NCSA Harvey J. Stapleton, OVCR Steven A. Veazie, OUC -- Carl Kadie -- kadie@cs.uiuc.edu -- University of Illinois at Urbana-Champaign