Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!sri-unix!hplabs!sdcrdcf!trwrb!trwspp!spp2!jeff From: jeff@spp2.UUCP Newsgroups: comp.edu Subject: Re: Ethics Message-ID: <1242@spp2.UUCP> Date: Mon, 16-Feb-87 14:57:25 EST Article-I.D.: spp2.1242 Posted: Mon Feb 16 14:57:25 1987 Date-Received: Tue, 17-Feb-87 23:13:58 EST References: <3075@sdcc6.ucsd.EDU> Reply-To: jeff@spp2.UUCP (Jeff Hull) Organization: TRW Inc., Redondo Beach, CA Lines: 58 Summary: The system owner owns the information unless specifically protected. In article <3075@sdcc6.ucsd.EDU> ix200@sdcc6.ucsd.EDU (Bruce Jones) writes: > > I am attempting to write a code of ethics for >for our use of the ACC's computer systems and our obligation(s) to >the students. >In particular two students complained when I placed a "broadcast" >(i.e. /etc/motd) message that showed up at login. ... >The students were upset about the invasion of privacy. They previously >thought that their files were somehow inviolate. If someone could put >broadcast messages in their account it was obvious that the same person >or persons could do more, and might. ... All they saw was an invasion >of privacy. > >What I am interested in is how the issue of "access" is handled at >other sites, ... I am >talking about the extent to which the user of a given account is >informed about the relative privacy of his/her files. Every time I have been given access to a computer system, there has been a stated purpose for the access, e.g., to perform some task of my employment or to perform some task related to my academic coursework. Any use of the system other than that purpose is improper, whether or not the system owner chooses to police the use or prosecute violations. This has been upheld in several court cases. Systems operated as a service for sale, e.g., Telenet, the contract specifies ownership of information and privacy conditions and remedies and penalties, e.g., how liable Telenet is should your information be disclosed, i.e., they're not. These contracts have been, generally, upheld, but some limitations have been placed on their liability provisions relating to "reasonable and prudent" practice. For systems owned by profit-making entities and operated by same for internal use, the system owner is also the owner of the information. Employees have very restricted rights, either to the information or to privacy, and dismissals for storing personal or illegally obtained information on a company system in violation of stated company policy to the contrary have been upheld. This is analogous to dismissal for having Schedule 1 drugs found in your desk drawer; the company has a right to check your drawers ( in your desk, anyway ) and to dismiss you for violation of company policy or the law. Academically owned and operated systems partake of something of both service bureaus and internal systems. There should be a written policy, approved by an appropriate authority and distributed to all users of the system. It should be carefully enforced, with flexibility and understanding and great firmness. ( Gee, I said "should." I guess that means I SHOULD label this paragraph as opinion 8-> ) -- Jeff Hull decvax,hplabs \ 13817 Yukon Avenue ihnp4,sdcrdcf -> !trwrb!trwspp!spp2!jeff Hawthorne, CA 90250 ucbvax,vortex / It was great when it all begaaaaaaan, I was a regular faaaaaaan, ...