UPDATED: Feb. 27, 2014, at 12:20 a.m.
A task force convened last April by University President Drew G. Faust to formulate a new policy governing searches of electronic communications on the Harvard network has recommended a single, University-wide protocol that would require formal administrative approval, careful record keeping, and ultimately faculty oversight.
In six parts, the Electronic Communications Policy Task Force’s proposal lays out a wide range of potential reasons for access, rules governing authorization and notification, the scope of access when authorization is granted, a record-keeping procedure, and details about the potential oversight committee.
The proposed policy makes way, for the first time, for a single permanent electronic communications policy governing the entire University and would replace the interim set of standards Faust installed in August 2013. Prior to that interim policy, a patchwork of overlapping and contradictory policies governed distinct parts of the University and its faculties.
In addition to sewing together those discrete policies, the proposal appears to target issues that were at the forefront of the controversial email searches last academic year, including questions of notification and authorization.
The first round of searches, though appropriately authorized, did not include the notification of a resident dean suspected of sharing internal documents related to the Government 1310 cheating case. Administrators argued at the time that resident deans’ dual appointments as administrators and non-ladder faculty members created a procedural gray area where their administrative email accounts were not protected.
The second round of searches, authorized by Hammonds and the OGC but not by Smith, lacked both the required approval and notification, while also extending to the personal email account of the resident dean in question, explicitly violating the policy in place.
The task force’s proposed policy, presented Wednesday, aims to clarify the ambiguity presented by the first round of searches, stipulating that a query of any user with an academic appointment, even one who may act in an additional administrative role, must be authorized by the dean of the appropriate faculty.
The policy would also alter the chain of command surrounding electronic searches. Mandating that “a legitimate institutional purpose” be served by any search, the policy would concentrate authorization power in a single designated position. For faculty members, that authority figure would be the dean of the relevant faculty, and for staff employees, a human resources officer or administrator. For student accounts, the dean of the appropriate school would have to give approval for access.
In certain emergency situations, the OGC may authorize searches, but in the authorization process of most searches, the office would no longer be directly involved.
While the proposed policy would require the authority figure overseeing a search to notify the user when his or her account is accessed or “as soon thereafter as reasonably possible,” it leaves the University room to withhold notification in certain cases, including internal investigations, where notification may be judged impractical.
The report and proposal also lay the groundwork for novel record keeping and independent oversight, for which community members argued for last spring.
Specifically, the task force’s recommendation calls on authority figures overseeing inquiries to make “reasonable records and logs of the steps taken to access the information,” which are to be shared with the University Chief Information Officer and kept on record.
Those records would be made available to a University oversight committee composed of faculty members and senior administrators. The committee would not only make recommendations of policy and amendments to Faust, but also publicly report on the policy’s implementation.
The exact composition of the oversight committee has yet to be determined, Barron said, but he called faculty representation “key” and an independent set of eyes outside of the chain of authorization “critical.”
Barron also said that he expects searches of electronic communications to continue to be rare. In the last five years, there have been fewer than 15 cases of academic misconduct requiring electronic inquiries and fewer than ten cases of staff misconduct requiring such inquiries, according to the report. Still, Barron cautioned that these numbers may be incomplete due to a lack of consistent record-keeping.
According to the report, the task force met with roughly 500 members of the Harvard community, including leaders from the Undergraduate and Graduate councils, individual faculty members, staff, and administrators, and the Council of Deans. The task force also consulted the the Board of Overseers and the Harvard Corporation, the University’s highest governing bodies. A few dozen people attended two open forums led by Barron last fall.
In a statement, Faust thanked Barron and the members of the Task Force for their effort.
“While many of the changes we face are complex and have yet to emerge fully, I believe that we now have a much clearer understanding of how we might navigate the road ahead,” she said in a statement.
Smith declined to speak with reporters about the proposal or the report. Smith has refused to answer questions about any topic related the searches since May 2013, when he last met with The Crimson in a sit-down interview.
The policy draft will be available to the Harvard community for comments on an online discussion board for the next two weeks.
—Staff writer Matthew Q. Clarida can be reached at firstname.lastname@example.org. Follow him on Twitter @mattclarida.
—Staff writer Dev A. Patel can be reached at email@example.com. Follow him on Twitter @dev_a_patel.
—Staff writer Amna H. Hashmi can be reached at firstname.lastname@example.org. Follow her on Twitter @amna_hashmi.