Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!cs.utexas.edu!uunet!vtserf!marchany From: marchany@vtserf.cc.vt.edu (Randy Marchany) Newsgroups: comp.admin.policy Subject: Re: harassing mail Message-ID: <1766@vtserf.cc.vt.edu> Date: 23 May 91 15:17:22 GMT References: <1991May23.030459.8377@osh3.OSHA.GOV> Organization: Virginia Tech, Blacksburg, VA Lines: 52 In article scs@iti.org (Steve Simmons) writes: > >But this is clearly not the case. Eric is the guy who trundles the >mail cart down the hall. He is overstepping his own authority if he >attempts to manage user behaviour in any way, shape or form. Until >then, the proper course for him to take is to put complaintants into >touch with those who have authority. >That's not what was suggested. There are lots of things Eric could >do to help. But he should not take those actions unilaterally, and >the CEO (or person in authority) has to be made aware of both the cost >of the actions taken (yeah, rewrite all the sendmail.cf files so as >to exclude mail from person a to person b) and has to take responsibility >for dealing with the end user. I think we need to keep a few things in perspective. First, the sysadmin is responsible for the smooth operation of the systems under his control. Generally speaking, the sysadmin usually becomes aware of "harassment" problem when the "harassee" notifies him of the occurrence. At that point, the sysadmin should be shown a copy (electronic or otherwise) of the harassing notes by the "harassee". At no point, has the sysadmin monitored any email. Most sysadmins have the authority to warn a user of inappropriate behavior and to deny them access to the computer system. If you're not sure of that authority, you should check with your supervisor and straighten that point out. Presumably, your site has issued some type of policy statement that clearly states what is acceptable use (or what is not) and this statement should also state the sysadmin' authority. If the "harasser" persists in the inappropriate behavior then the sysadmin becomes a liaison for the dept. head (or CEO, etc.) in handling the situation. I don't think sysadmins are "cart trundlers", censors, judges, etc. Their function is more similar to an apartment manager, i.e., they create a workable environment and stay out of the way UNLESS someone complains about something. It is not our function to determine what is "obscene", "harassment", etc. That is for the legal system to decide. It IS our function to be able to collect the necessary information for others to make those judgments. In this sense, we are like the police,i.e., patrolling, responding to complaints, collecting evidence, transferring the evidence to the judiciary. The key point is that an adequate computer usage policy is critical for enforcing responsible use of computer facilities. The next step is having some sort of proof that the user is aware of and AGREES to abide by these rules. As sysadmins, we should focus our discussion on how to devise this policy statement and how we can enforce such a policy. I think this should be the main point of this group's discussion. -Randy Marchany VA Tech COmputing Center Blacksburg, VA 24060 INTERNET: marchany@vtserf.cc.vt.edu