Re: legal expertise

Ron Force (rforce@uidaho.edu)
Thu, 16 Apr 1998 10:02:05 -0700

Jo Williams wrote:
>
> Re: U of I email directives
>
> When I log on to the University computers, the first thing to pop up is
> the notice that 'everything I do may be monitored'. Maybe some of the
> University legal types can share their expertise on this;
> 1) what is the status of legal responsibility for service/connection
> providers as relates to the users' excesses? If the U were not liable for
> what users did/said, maybe we might have more privacy, less regulations,
> and more direct responsibility for our own actions. I don't want my
> postal mail 'monitored' , I don't want my phone conversations monitored,
> and I don't want my email monitored.

The courts have held that "employees should have no expectation of
privacy when using employer supplied communications". Employers are
free to read or monitor U.S. mail sent from the business e-mail,
telephone calls, as well as inspect the contents of company owned
computers. Do employers (and the university) regularly do this? No, of
course not, because it would consume a tremendous amount of time and
effort. It does give employers the power to investigate when they think
something is not according to Hoyle.

If you want a semblance of privacy, you can personally contract with an
Internet Service Provider, however, they usually have clauses in their
which allow them to read or monitor messages or disc contents when they
reasonably suspect system misuse. Telephone companies, however, cannot
monitor calls without a court order.

You can get encryption programs that would be difficult for anyone
outside the NSA to break. In general, however, you should assume that
anything you send over any computer network could be read by someone
other than whom it is intended.

> 2) are the responsibilities different for students than employees-- and
> should they be.

Students using university supplied computers or networks are subject to
the same monitoring.

Should employers monitor phone calls of employees??

> 3) who does the monitoring at the U, and what guarantees do we have that
> any monitored acts will stay with the monitor?

Computer Services is responsible for the systems and networks. Ethics
is what stands between you and disclosure. There is nothing to prevent
an unethical person with access to systems from reading your
communications. This includes "hackers and crackers" who can break into
systems. There is a Federal law which penalizes the disclosure of
intercepted telephone conversations.

> If ATT gets to listen in on my conversations just because they provide
> the lines, maybe we need to discuss changes in legislation.

AT&T can't, without a court order--but the University could if they pay
for the phones.

-- 
***********************************************************************
Ron Force				rforce@uidaho.edu
Dean of Library Services		(208) 885-6534
University of Idaho 83844
************************************************************************