Path: utzoo!attcan!uunet!husc6!mailrus!uflorida!gatech!gitpyr!is813cs
From: is813cs@pyr.gatech.EDU (Cris Simpson)
Newsgroups: news.sysadmin
Subject: Re: Ethics of the System Administrator
Message-ID: <6748@pyr.gatech.EDU>
Date: 12 Nov 88 20:02:24 GMT
References: <7586@dasys1.UUCP>
Reply-To: is813cs@pyr.UUCP (Cris Simpson)
Distribution: na
Organization: VA Rehab R&D | Ga Institute of Technology
Lines: 35

In article <7586@dasys1.UUCP> seth@ctr.columbia.edu (Seth Robertson) writes:
>
>Someone recently asked this question, but I never saw it answered.
>
>What are the professional/ethical standards for a System
>Administrator.  (i.e. are we legally/morally prohibited from looking
>in User's files?  Does it take a court order?  If a police guy or an
>authority in your company/university asks to see his files should you
>let them?  Can you look in people's files to see if they are
>performing criminal acts (e.g. "cracking")?
>
>A major part of that question might be answered  if somebody knows if computer
>data stored on/off line is private property or not.





  There is a case in which a user succesfully sued a pay BBS sysop
for revealing info from her files and messages.   She had  deleted them,
and the sysop retrieved them from backups and released them.  I would 
think that it would take a court order to make you release someone's files -
search and seizure and all that.  Of course, if the owner (university, say)
wants to look, you may be in trouble.   Another problem is that if 
a user does something illegal from your system, you may be liable for 
"contributory" damages to the victim.

Sleep well,
cris

-- 
||...despair! Despair I can handle, it's the hope...    J.Cleese,Clockwise ||
Cris Simpson
                  is813cs@pyr.gatech.edu               GA Tech      Atlanta,GA
            ...!{akgua,allegra,amd,hplabs,seismo,ut-ngp}!gatech!gitpyr!is813cs