Educause Security Discussion mailing list archives

Privacy policy question

From: "David R. Millar" <millar () MIT EDU>
Date: Fri, 1 Jun 2012 14:03:53 +0000

I was just reading EFF's chart about how different companies handle
requests for users' data

https://www.eff.org/pages/who-has-your-back#promising-to-inform

and I got to wondering:

Does any educational institution commit in their Privacy Policy to notify
users of legal demands for their data (unless required otherwise by law)?

I mean Policy with a capital "P".  I know some institutions take that
approach in practice, but I'm actually wondering if anyone has formalized
that practice in written Policy.

Thanks,
Dave
--
David Millar
Consultant
Massachusetts Institute of Technology
IS&T | Operations & Infrastructure | IT Security
 
twitter.com/@SecurityTrot
www.linkedin.com/in/mitdavidmillar

Current thread:

Privacy policy question David R. Millar (Jun 01)
- Re: Privacy policy question John K. Lerchey (Jun 01)
  - Re: Privacy policy question David R. Millar (Jun 01)
  - Re: Privacy policy question Valdis Kletnieks (Jun 01)
    - Re: Privacy policy question Shamblin, Quinn (Jun 01)
    - Re: Privacy policy question David R. Millar (Jun 01)
    - Re: Privacy policy question Guy Almes (Jun 01)
    - Re: Privacy policy question Jeffrey Schiller (Jun 01)
    - Re: Privacy policy question Guy Almes (Jun 01)
    - Re: Privacy policy question Lisa Ho (Jun 04)
    - Re: Privacy policy question Shamblin, Quinn (Jun 01)