Seizing the Opportunity to Restore Trust
Bits and Pieces 2013-04-06
Summary:
The best part of Tuesday's FAS faculty meeting (see the Harvard Magazine site for the most complete account) was President's announcement of the independent authorities she is calling on for help: a privacy task force, and also an outside lawyer to check the facts of the particular email searches that took place recently. What comes from these two initiatives could be very helpful in putting this issue finally to bed and reassuring the community about what may and may not happen in the future. Let's start with the privacy task force. Here is what President Faust said about it:
I am forming a task force which I will ask to develop recommendations on a set of policies and guidelines about email privacy. Those recommendations will be submitted for community discussion and Corporation consideration by the end of the fall term. I am pleased to report that Professor David Barron, the S. William Green Professor of Public Law at Harvard Law School, has agreed to chair this task force. Professor Barron is a graduate of the College—a history concentrator—and of Harvard Law School. He worked as a journalist early in his career, served as a Supreme Court clerk, and recently completed two years of service heading the Justice Department’s Office of Legal Counsel in Washington. I am very grateful to him for agreeing to lead this process. The task force will draw members from across the university and will be broadly consultative in its work.Professor Barron seems to be a perfect choice to head the group. More importantly, I am thrilled that a University-wide policy will exist. (That is, a better one than the we-can-do-anything-we-want policy that now exists.) Back around 2005 when I started pressing for a policy that would provide some reassurance to FAS faculty, I knew made no technical sense to have a policy restricted to FAS (consistent with that, can email to lewis@harvard.edu be monitored as it enters the harvard.edu domain before it is directed to the FAS or SEAS network?). I also personally felt ethical qualms about leaving the staff exposed while the faculty got strong protections. But I also knew that we had to start somewhere. If I remember correctly, after I stopped being involved Richard Hackman, who recently died, was the one who pressed to get the policy adopted. In Tuesday's meeting, the president remarked, quite correctly, that the policy is ill-known and oddly situated within the Harvard web. So that is all good. And I personally recognize that this ultimately needs to be a Corporation policy, not one adopted by individual faculties, though of course I hope whatever the task force comes up with will be the subject of faculty discussion and feedback before the final version is adopted. However, especially because the level of anxiety and mistrust is now so high, I hope the charge of this task force will be broader than the privacy of email. I hate even thinking about this stuff, because I hate to think that anyone in a position of authority at Harvard would need to be told not to do these things. But if part of the objective is to reassure members of the community that the University administration is not monitoring or snooping on their communications, then the policy needs to cover more than email. (And more than faculty, staff, and student email, by the way: The Alumni Association runs a server that gives alumni "@post.harvar.edu" email addresses.) A proper policy should cover all network usage, including what web sites are visited, for example, It would be unfortunate if the rule was "no, we did not peek at your email, but we did notice that you visited the following URLs …–no policy against our peeking at that." Likewise, any form of online social communication--tweets, texts, etc. And while we are at it, "pen register" data, that is, phone numbers dialed, and the numbers from which phone calls have been received, for both land lines and Harvard-owned cell phones. (Again, we don't want some future resident dean to have to answer to "We don't know whether you were emailing any Crimson reporters, because of course there are rules that say we can't check those records, but we did notice that you have been calling these two reporters.") There are plenty of other examples one could come up with–for example, Harvard will not install key-logging software on Harvard computers, in order to capture employees' passwords. (I assume wiretap law applies to Harvard phones, though I don't actually know that.) And maybe the policy needs to say something about the extent of Harvard's right to unlock my office door while I am out to lunch and search the files on my hard drive. If the administration of the university won't say it won't, except under limited circumstances, faculty and staff will have to assume they will. I should stress that there can be legitimate reasons for accessing any of these. If a student disappears, it is certa
Link:
http://harry-lewis.blogspot.com/2013/04/seizing-opportunity-to-restore-trust.htmlFrom feeds:
Berkman Center Community - Test » Bits and PiecesFair Use Tracker » Current Berkman People and Projects