Over the summer former Interim President Coltrane enacted three emergency IT policies. The administration is now looking to make them permanent, and is asking for feedback. My own initial reaction, as someone that Coltrane’s administration tried to fire over the UO Presidential Archives release (and he did fire two others) is that these policies need to say a lot more about the rights of students, staff and faculty to use IT without excessive fear of reprisals, and about the UO’s obligations w.r.t. public records law, transparency, and academic freedom.
But the King explained it long ago: “Here we go again. We’re caught in a trap. We can’t build our dreams on suspicious minds. And you can’t hear the tears I’m crying”:
Comments welcome, you can expect these policies to receive careful review by the Senate, as well as the SEIU and faculty unions.
Info Security Policy, here. One snippet:
“Monitor the University networks to identify malicious activity”
Malicious. That word covers a lot of territory, including some that is protected by the US Constitution, etc.
Data Classification Policy, here:
- Internal (moderate level of sensitivity)
Access to “Internal” data must be requested from, and authorized by, the Data Trustee or Steward who is responsible for the data. Data may be accessed by persons as part of their job responsibilities. The integrity of this data is of primary importance, and the confidentiality of this data must be protected. Examples of Internal data include purchasing data, financial transactions (that do not include sensitive data), and information covered by non-disclosure agreements.
Sounds reasonable, but what would prevent some interim president from going rogue and trying to fire a professor, and firing a few librarians, over a self-described “unlawful release” of presidential archives?
Date: January 20, 2015 at 7:39:38 PM PST
From: “President’s Office” <email@example.com> Reply-To: firstname.lastname@example.org
Subject: Archive release investigation
We have recently learned that a significant number of archived records from the President’s Office have been unlawfully released. These records contain confidential information about faculty, staff and students, but our current understanding is that no social security numbers, financial information or medical records were shared.
We have launched an investigation of the incident, and we have put staff members on administrative leave, pending that investigation. The information was sent to a university professor, and we have already requested that the professor return the information and refrain from any public release of confidential information. To our knowledge, only one record has been shared externally at this point.
We are committed to taking steps to mitigate the potential injury associated with this situation.
Scott Coltrane, Interim President
While we’re on that topic, do these policies follow ALA rules on the privacy of library circulation records?