Educause Security Discussion mailing list archives
Re: Privacy policy question
From: "John K. Lerchey" <lerchey () ANDREW CMU EDU>
Date: Fri, 1 Jun 2012 10:50:21 -0400
Hi, Ours does, and has for quite some time.I've pasted in the wording from each section as we have separate details for faculty, staff and students.
"Whenever possible and legally permissible, notification must be given to the faculty member whose data are subject to subpoena, search warrant, or order of court prior to compliance therewith, and, whenever possible and legally permissible, sufficient time must be allowed, before intrusion, to allow the faculty member to file a motion to quash. "
"Whenever possible and legally permissible, notification must be given to the staff member whose data are subject to subpoena, search warrant, or order of court prior to compliance therewith. "
"Whenever possible and legally permissible, notification must be given to the student whose data are subject to subpoena, search warrant, or order of court prior to compliance therewith."
John On 6/1/2012 10:03 AM, David R. Millar wrote:
I was just reading EFF's chart about how different companies handle requests for users' data https://www.eff.org/pages/who-has-your-back#promising-to-inform and I got to wondering: Does any educational institution commit in their Privacy Policy to notify users of legal demands for their data (unless required otherwise by law)? I mean Policy with a capital "P". I know some institutions take that approach in practice, but I'm actually wondering if anyone has formalized that practice in written Policy. Thanks, Dave -- David Millar Consultant Massachusetts Institute of Technology IS&T | Operations& Infrastructure | IT Security twitter.com/@SecurityTrot www.linkedin.com/in/mitdavidmillar
-- John K. Lerchey Incident Response Coordinator Information Security Office Carnegie Mellon University
Current thread:
- Privacy policy question David R. Millar (Jun 01)
- Re: Privacy policy question John K. Lerchey (Jun 01)
- Re: Privacy policy question David R. Millar (Jun 01)
- Re: Privacy policy question Valdis Kletnieks (Jun 01)
- Re: Privacy policy question Shamblin, Quinn (Jun 01)
- Re: Privacy policy question David R. Millar (Jun 01)
- Re: Privacy policy question Guy Almes (Jun 01)
- Re: Privacy policy question Jeffrey Schiller (Jun 01)
- Re: Privacy policy question Guy Almes (Jun 01)
- Re: Privacy policy question Lisa Ho (Jun 04)
- Re: Privacy policy question Shamblin, Quinn (Jun 01)
- Re: Privacy policy question John K. Lerchey (Jun 01)