Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!topaz!root From: root@topaz.RUTGERS.EDU (Charles Hedrick) Newsgroups: net.mail Subject: Re: Congress is now debating the future of Usenet Message-ID: <5615@topaz.RUTGERS.EDU> Date: Tue, 26-Aug-86 01:51:36 EDT Article-I.D.: topaz.5615 Posted: Tue Aug 26 01:51:36 1986 Date-Received: Tue, 26-Aug-86 02:59:56 EDT References: <1632@well.UUCP> <1013@hoptoad.uucp> <15341@ucbvax.BERKELEY.EDU> Organization: Rutgers Univ., New Brunswick, N.J. Lines: 46 One of the interesting issues is how the proposed changes would affect mail within our campus. Currently we have what I regard as a reasonable privacy policy. Users' files will not be divulged to anyone else unless there is a good reason for doing so. However good reasons can include University proceedings, and investigations by the system administrators involving resource usage or system security. I am hoping that nothing in the law will require me to get a court order to look at mail files on my own system, should I have a good reason for doing so. (Note that this is not something that I do under normal circumstances. But if I have probable cause to think that a user is doing something damaging, and that looking at their mail file will show it, I do not want to have to go to the police in order to proceed with an investigation. It should be possible to authorize this by an internal administrative proceeding of some sort. In general we try to avoid bringing down even the campus police on our students, except in really extreme cases.) It is not clear to me exactly what is protected. Most people seem to think that mail in transit through my site is protected. But once mail gets into the user's files, is it still protected? I am hoping that it is not. Otherwise we will have to have special flags in each byte to indicate whether the byte arrived via computer mail or not. It is also not clear to me that everything that is called electronic mail really is, according to the law. The law clearly has in view third parties providing a service to the public. Presumably it should still be possible for a company to route its memos among its staff electronically, without suddenly finding that it can't look at its own memos if the right person doesn't happen to be around to authorize it. I suspect that our lawyers will take the position that we are not providing general electronic mail service to our students. Rather, we are providing simplified ways for them to receive and turn in assignments, etc. I.e. they are using our computer only for what is broadly considered University business. They are not end users in the same sense as a user of a public timesharing system. If the term "public" turns out to have a crucial role, as I suspect it will, we are likely to find ourselves in the same situation as with our campus roads. Once a year we close all of our roads, just to prove to people that these are strictly internal University resources, and not a public road. I think we may want to take the view that we have an agreement with a few neighboring sites to exchange data via UUCP, but we are not provding an electronic mail service to the public. Once a year we may decide to bounce all communications for a day, just to make it clear that we are not in the mail business. Does this make any sense to anybody?