Harvard to review privacy polices in wake of email search scandal

Lack of standard policies 'highly inadequate,' university president says

By , Computerworld |  Security

Harvard University President Drew Faust has ordered a comprehensive review of the university's email privacy polices amid disclosures that a secret search of some deans' email accounts by administrators was broader than originally acknowledged.

Speaking at a meeting with Harvard's Faculty of Arts and Sciences (FAS) on Tuesday, Faust expressed concern over the university's "highly inadequate" institutional policies and processes for protecting email privacy.

"We have multiple policies across the university that vary across schools, with some faculties lacking any explicit policies at all," Faust said in remarks posted verbatim by Harvard Magazine.

Calling the lack of email policies an "institutional failure," Faust said she would create a task force to develop recommendations on university-wide policies and guidelines for email. Those recommendations will be made available for community discussion and university consideration by the end of the fall term.

Faust's remarks come a few weeks after the Boston Globe detailed how university administrators had secretly searched the email accounts of 16 resident deans at Harvard. The university was looking for the source of a leak about a cheating scandal, the Globe reported.

Harvard acknowledged the search, but maintained it was done in an extremely limited manner and only to identify an individual who shared a confidential email with an unauthorized person. The email, which contained advice on how to counsel students accused of cheating, was shared with the Harvard Crimson student newspaper and later picked up by the Globe. Harvard administrators said they decided to conduct a search out of concerns for the privacy of students involved in the cheating scandal.

Harvard officials admitted they made a mistake in not informing the deans about the search, either before or after it took place. The university, however, insisted that it had not actually opened any emails or searched their contents. Instead, IT administrators only conducted an automated subject line search of each dean's administrative email accounts to see if they could identify the source of the leak. The university also stressed that the subject-line search only involved administrative email accounts, not a separate Harvard email account that each dean maintains for personal use.

Originally published on Computerworld |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question