A Year After Scandal, Task Force Recommends University-wide Privacy Policy for Electronic Information

Proposal Calls for Detailed Record Keeping, Creation of Independent Oversight Body

UPDATED: Feb. 27, 2014, at 12:20 a.m.

A task force convened last April by University President Drew G. Faust to formulate a new policy governing searches of electronic communications on the Harvard network has recommended a single, University-wide protocol that would require formal administrative approval, careful record keeping, and ultimately faculty oversight.

In six parts, the Electronic Communications Policy Task Force’s proposal lays out a wide range of potential reasons for access, rules governing authorization and notification, the scope of access when authorization is granted, a record-keeping procedure, and details about the potential oversight committee.

The proposal and accompanying report comes more than 10 months after Faust first commissioned the task force, which is made up of 16 professors and administrators from across the University and chaired by Law School professor David. J. Barron ’89, a former Crimson president. The group was conceived amid a scandal within the Faculty of Arts and Sciences last spring, when then-Dean of the College Evelynn M. Hammonds and FAS Dean Michael D. Smith broke Faculty privacy policy by authorizing secret searches of resident dean email accounts.


The proposed policy makes way, for the first time, for a single permanent electronic communications policy governing the entire University and would replace the interim set of standards Faust installed in August 2013. Prior to that interim policy, a patchwork of overlapping and contradictory policies governed distinct parts of the University and its faculties.

An Empty Lecture Hall
Harvard Law School professor David J. Barron ’89, chair of the electronic communications policy task force, discusses challenges surrounding Harvard's current electronic communications policy at an open forum in the Science Center on Wednesday.

In addition to sewing together those discrete policies, the proposal appears to target issues that were at the forefront of the controversial email searches last academic year, including questions of notification and authorization.

Under the FAS faculty email privacy policy in place when the searches occurred, any search had to be approved by Smith and the Office of General Counsel and had to include a timely notification of the user involved.

The first round of searches, though appropriately authorized, did not include the notification of a resident dean suspected of sharing internal documents related to the Government 1310 cheating case. Administrators argued at the time that resident deans’ dual appointments as administrators and non-ladder faculty members created a procedural gray area where their administrative email accounts were not protected.

The second round of searches, authorized by Hammonds and the OGC but not by Smith, lacked both the required approval and notification, while also extending to the personal email account of the resident dean in question, explicitly violating the policy in place.

The task force’s proposed policy, presented Wednesday, aims to clarify the ambiguity presented by the first round of searches, stipulating that a query of any user with an academic appointment, even one who may act in an additional administrative role, must be authorized by the dean of the appropriate faculty.

The policy would also alter the chain of command surrounding electronic searches. Mandating that “a legitimate institutional purpose” be served by any search, the policy would concentrate authorization power in a single designated position. For faculty members, that authority figure would be the dean of the relevant faculty, and for staff employees, a human resources officer or administrator. For student accounts, the dean of the appropriate school would have to give approval for access.

In certain emergency situations, the OGC may authorize searches, but in the authorization process of most searches, the office would no longer be directly involved.


Recommended Articles