Skidmore College Policy on Electronic Mail
Electronic mail is subject to all of the privacy protections afforded to traditional "paper" mail. Skidmore College believes that electronic mail is privileged communication between the parties involved. It is the policy of the College that electronic mail cannot be opened or read without the express permission of the recipient, except as required by law or by this policy statement.
The following list summarizes serious violations of Skidmore e-mail policy.
- Just as it is possible for someone to forge a signature on paper mail, there exist ways to forge electronic mail to make it appear as though it originated from a different person. The College views such practices as a violation of this policy statement.
- Sending electronic mail that is abusive or threatens an individual's safety is a serious violation of this policy statement. The use of electronic mail for sexual, ethnic, religious, or minority harassment is a violation of this policy statement.
- The use of electronic mail to harass an individual is a serious violation of this policy statement. Such action includes:
- sending or forwarding chain letters, that is e-mail which uses a pyramid scheme to distribute communications to an exponentially growing collection of recipients.
- deliberately flooding a user's mailbox with automatically generated mail,
- sending mail that is deliberately designed to interfere with proper mail delivery or access,
- or other acts forbidden by Federal or State Law.
- Any attempt, successful or unsuccessful, by a user to gain access to another person's e-mail files is a violation of this policy statement.
Response to Claimed Violations
When the Director of Enterprise Systems receives a report of suspected mail violation, he or she will confer with the person making the accusation and take appropriate action under the circumstances.
The suspected privacy violation will be reported to the appropriate authority for investigation and adjudication as follows:
|For faculty:||The Dean of the Faculty|
|For administration and staff:||The immediate office director and supervisor|
|For students:||The Academic Integrity Board (if the violation is related to a Skidmore course).|
|For students:||The Social Integrity Board (if the violation is related to action not connected to a Skidmore course).|
|For union personnel:||Human Resources Director.|
|All members of the College:||Any member of the College who believes that improper use of e-mail has violated their academic freedom may present their case to the Committee on Academic Freedoms and Rights|
Complaints of menacing that involve sexual, ethnic, religious, or minority harassment will also be reported to the College Diversity and Affirmative Action Officer.
Violations that include a serious threat to personal safety will be reported to Campus Safety.
If the Director of Enterprise Systems concludes that a user of College e-mail presents a serious threat to the College computing systems, the Director, after consultation with appropriate College authority, will disable that user's e-mail account. Restoration of that account will depend upon the outcome of an investigation that explores the alleged violations of College policy governing use of electronic mail.
As part of its investigation, the appropriate College authority may examine mail logs, and any other appropriate documents or testimony. It may call upon IT for expert testimony or opinion.
SOME OPERATING PRACTICES TO IMPLEMENT MAIL PRIVACY USER CONSULTATION
From time to time, IT receives complaints, requests or user questions relating to mail delivery. Its response to such communication will be guided by the following principles:
- A user's mail file will be accessed only with the prior knowledge and permission of the user involved.
- Messages contained within that file will be read only to the extent needed to assist the user involved. The content of those messages will not be retained, nor will this content be discussed or shared with others.
- IT will not access the mail files of a third party in order to confirm successful mail delivery without the prior permission of the third party.
Our computer systems automatically forward all undeliverable mail to the designated "postmaster". This is a standard feature of mail systems in order to provide the equivalent of the "dead letter" office. Typically, the postmaster checks the address and, where appropriate, mails the message again to the correct address. In general, incorrectly addressed outgoing mail is ignored, while incoming mail is redirected to its intended recipient.
The postmaster shall always be a member of the IT professional staff. The postmaster will read the mail only to the extent necessary to assist in proper mail delivery. Copies of the messages will not be retained after successful redirection, nor shall the postmaster discuss the contents of the messages with other individuals.
RETRIEVING DELIVERED MAIL
IT occasionally receives requests wherein a user asks if IT can retrieve a message sent by that user to a third party. Such requests will not be honored since it requires reading the mail of the third party -- a clear violation of the third party's personal privacy.
IT personnel are not permitted to read users' mail without the prior permission of that user.
ACCIDENTAL DISCOVERY OF ILLEGAL ACTIVITY
If IT personnel come upon messages whose content is clearly illegal, they have a responsibility to report these messages to the appropriate campus committee or to Campus Safety. Examples include messages containing illegally-obtained credit card numbers, telephone authorization codes, grade reports, criminal conspiracy, or similar items. Such items might be discovered as part of user consultation, dead-letter processing, or other tasks. Random mail browsing is never authorized.
DISCLOSURE OF PERSONAL MAIL MESSAGES
No disclosure of the contents of any e-mail message will be made by IT staff except when such disclosure is required by law.
As part of system management, certain College programs may gather statistics on mail usage. These statistics may include the address of the sender, the recipient, length of the message, and date. Under no circumstances may it include the full text of the mail message.
Whenever IT reports statistics on mail or on other system usage, IT will preserve personal privacy as fully as possible. IT will not report mail usage statistics in a form that is traceable to individual users.
Except as required by law or the employment contract, IT considers it inappropriate for a supervisor to request copies of all mail messages sent or received by his or her staff. Such requests will be honored only with full prior knowledge and authorization from both the supervisor and the staff member(s) being monitored.
Mail files are copied as a routine aspect of Skidmore system backups. This is an automatic process that does not involve any human reading of the files copied. Some backups are archived for long-term storage. Such practices are not considered a violation of the privacy rules.
A person's username and e-mail address are considered public information that can be given out to other individuals. IT will not knowingly permit its release for the purpose of advertising, mass mailings, or other commercial uses.
Adopted by Information Resources Council 2/16/99
Reviewed by the College attorney 1/25/99
Endorsed by All College Council 4/12/99