From helen@eff.org Fri Sep 6 18:58:00 1991
Received: from c.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA10702; Fri, 6 Sep 91 18:57:57 -0500
Received: from eff.org by c.cs.uiuc.edu with SMTP id AA12248
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Fri, 6 Sep 91 18:56:37 -0500
Received: by eff.org id AA23679
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Fri, 6 Sep 1991 19:54:58 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Date: Fri, 6 Sep 1991 19:54:40 -0400
Sender: "Helen C. O'Boyle"
Message-Id: <199109062354.AA23666@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: RO
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Mon, 2 Sep 91 Volume 1 : Issue 3
Today's Topics:
"What is Censorship?" (3 msgs)
Computing Services Policy at Central Michigan University (2 msgs)
Theft of Information (was Re: What is e-mail privacy?) (3 msgs)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
Date: 1 Sep 91 02:12:17 GMT
Sender: szabo@techbook.com (Nick Szabo)
Message-ID: <1991Sep1.021217.5169@techbook.com>
References: <1991Aug31.022024.24738@eff.org>
Subject: "What is Censorship?"
>...[long list of actions librarians consider related to censorship]
>Censorship -- The removal of material from open access by government
>authority.
>
>In this books, the word "censorship" is used in its colloquial sense,
>encompassing all of these definitions.
A query as to the rationale for including a certain item in
a collection is considered, in colliquial usage, to be "censorship"? Wow.
Websters' defines "censorship" as the act of officials or a single
authority figure exercising control over the public morals.
Public boycotts, protests, etc., in no way qualify as "censorship"
under Websters' definition.
None of the actions listed, except the last, constitute either
the Webster definition or the colliqual usage of censorship.
Instead, they seem to be defining any sort of public criticism
or feedback as censorship. They are simply demonstrating their
attitude problem -- they know what is correct regarding choices
for public expenditure on the contents of libraries, etc., they
have the ultimate choice, and nobody else has a right to a say in the matter
or even a right to criticize the choices. In other words, they are
setting themselves up as the censors! This is a reprehensible attitude
for any person encharged with public money (and would quickly lead
to bankruptcy for any private organization).
--
szabo@techbook.COM ...!{tektronix!nosun,uunet}techbook!szabo
Public Access UNIX at (503) 644-8135 (1200/2400) Voice: +1 503 646-8257
Public Access User --- Not affiliated with TECHbooks
------------------------------
Date: Mon, 2 Sep 1991 02:44:06 GMT
From: kadie@eff.org (Carl M. Kadie)
Message-ID: <1991Sep2.024406.10126@eff.org>
References: <1991Aug31.022024.24738@eff.org> <1991Sep1.021217.5169@techbook.com>
Subject: "What is Censorship?"
szabo@techbook.com (Nick Szabo) writes:
>>...[long list of actions librarians consider related to censorship]
>>Censorship -- The removal of material from open access by government
>>authority.
>>
>>In this books, the word "censorship" is used in its colloquial sense,
>>encompassing all of these definitions.
Let me clarify.
First, the phrase "In this books" should be "In this book".
Second, only the definitions of "inquiry", "expression of concern",
"complaint", "attack", and "censorship" were from the American
Library Association.
The first paragraph and the last were the comments of Dave Marsh, the
author of the book I was quoting. The book is _50 Ways to Fight
Censorship_. He was speaking as the author of the book about the use
of the word "censorship" in the book. He is not a spokesperson for the
ALA and the book is not an ALA publication.
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
Date: 1 SEP 91 21:35:46
From: graham@venus.iucf.indiana.edu (JIM GRAHAM)
Message-ID: <1991Sep2.023957.6880@bronze.ucs.indiana.edu>
References: <1991Aug31.022024.24738@eff.org> <1991Sep1.021217.5169@techbook.com>
Subject: "What is Censorship?"
In article <1991Sep1.021217.5169@techbook.com>, szabo@techbook.com (Nick Szabo) writes...
>
>Websters' defines "censorship" as the act of officials or a single
>authority figure exercising control over the public morals.
>Public boycotts, protests, etc., in no way qualify as "censorship"
>under Websters' definition.
One can play with words and dictionaries 'till hell freezes over.
It's the _principle_ that is significant here.
It doesn't matter whether it's "officials", "a single authority", or
a special interest group. The _principle_ is exactly the same....
The removal from public and individual access of an item considered
morally or politically offensive to _some_ but not _all_.
>
>None of the actions listed, except the last, constitute either
>the Webster definition or the colliqual usage of censorship.
Again, mere words.
>szabo@techbook.COM ...!{tektronix!nosun,uunet}techbook!szabo
Jim Graham
-> ->Disclaimer: I do not speak for my company. <- <-
Neither do they speak for me.
______________________________________________________________________
| Internet: graham@venus.iucf.indiana.edu |
| UUCP: dolmen!graham@iuvax.cs.indiana.edu |
| BBS: The PORTAL DOLMEN BBS/ParaNet ALPHA-GAMMA (sm) (9:1012/13) |
| (812) 334-0418, 24hrs. |
|______________________________________________________________________|
------------------------------
Date: Mon, 2 Sep 1991 16:15:15 GMT
From: kadie@eff.org (Carl M. Kadie)
Message-ID: <1991Sep2.161515.24831@eff.org>
Subject: Computing Services Policy at Central Michigan University
Excerpts from "Everything You Ever Wanted To Know About Computing
Services At Central Michigan University (And Were Afraid To Ask)",
Computer Services Document No. CSVD0092. It is given to new users.
---- begin quote ---
_The contents of all storage media owned or stored on Computer
Services computing facilities are the property of Central Michigan
University unless a written contract signed by suitable contracting
authority exists to the contrary._ [The _..._ marks underlining in the
original document. - Carl]
An individual using Computer Services facilities must do so in the
knowledge that he/she is using University resources in support of
his/her work. The University owns everything stored in its facilities
unless it has agreed otherwise. Further, the University has the right
of access to the contents at any time for any purpose for which it has
a legitimate "need to know". The University will make all reasonable
efforts to maintain the confidentiality of the storage contents and to
safeguard the contents from loss, but cannot be held liable for the
inadvertent or unavoidable loss or disclosure of the contents.
Normally, the only "need to know" access to storage media contents
will be conducted by the Director of Computer Services, the Associate
Director of Computer Services (operations), or the Systems
Programmers.
...
_The facilities are provided without charge for purposes of academic
advancement and administrative data processing for faculty, staff, and
students of Central Michigan University. Use by others or for other
purposes is strictly prohibited unless specifically authorized in
writing by the Director of Computer Services._
Computer Services computing facilities are provided in support of
teaching and academic advancement and administrative data processing
at Central Michigan University. Any faculty member, staff member,
emeritus faculty/staff, or student having a current bona fide
connection with Central Michigan University is permitted, upon proper
validation by Computer Services, to use the instructional/research
portion of these facilities without charge regardless of whether or
not they are in a "computer-intensive" class or are teaching such a
class. The facilities available to the individual will be determined
by Computer Services based on intended use of the facilities by the
individual and the resources available at the time of validation.
Facilities are not provided for the use of spouses, parents, children,
or friends of validated users.
...
...Detection of illegal usage or practices designed to operate to the
detriment of the user community will result in the withdrawal of
services to the individual determined to be at fault. Computer
Services will be the sole arbiter of this decision and services to the
individual will only be restored to the individual upon successful
appeal to the Director of Computer Services or his designes.
...
_Special information regarding audit records on the IBM 3090 computer._
Any individual using Computer Services facilities must realize that
all mainframe computer systems maintain audit trail logs or log files
within the mainframe computer. Such information as the user
identification, date and time of the session, the software used, the
files used, the computer time, and storage used, the user account, and
other run-related information is normally available for diagnostic,
accounting, and load analysis purposes.
In the case of the IBM 3090, Computer Services normally retains the
information contained in these files for up to one year. Under certain
circumstances, this information is reviewed by the Computer Services
personnel outlined above, either at the request of an academic
department, or in situations where it is necessary to determine what
has occurred to cause a particular system problem at a particular
time. For example, analysis of audit files may indicate why a
particular data file is being erased, when it was erased, and what
user identification has erased it. Inspection of audit records may be
used to dispel or confirm a professor's suspicions of academic
dishonesty.
...
Access to audit records on the IBM 3090 will only be performed by the
Computer Services personnel designated above. The review of audit
information will only be performed when there is a legitimate "need to
know" based on a request from an academic department, an Executive
Officer of Central Michigan University, or the Director of Computer
Services, or when such a review is deemed necessary in order to
maintain a satisfactory computing environment for the University
Community. In such cases, a written record will be maintained of the
occasion, containing the name of the person accessing the audit
records, the date and time of access, whose records were accessed, the
extent (date and time range) of the information retrieved, and the
circumstances occasioning the access. This record will be kept in the
Computer Services administrative manual files under the the
designation "IBM 3090 audit record accesses".
--- end quote ---
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
Date: Mon, 2 Sep 1991 19:22:41 GMT
From: kadie@eff.org (Carl M. Kadie)
Message-ID: <1991Sep2.192241.1731@eff.org>
References: <1991Sep2.161515.24831@eff.org>
Subject: Computing Services Policy at Central Michigan University
Summary: Central Michigan University Steals User Files
This is a critique of the Computing Services Policy at Central
Michigan University. The policy as written gives Central Michigan
authority to steal user file. It also denies users their due process
rights. The policy should be replaced by a policy created with
participation of users.
>Excerpts from "Everything You Ever Wanted To Know About Computing
>Services At Central Michigan University (And Were Afraid To Ask)",
>Computer Services Document No. CSVD0092. It is given to new users.
>---- begin quote ---
>_The contents of all storage media owned or stored on Computer
>Services computing facilities are the property of Central Michigan
>University unless a written contract signed by suitable contracting
>authority exists to the contrary._ [The _..._ marks underlining in the
>original document. - Carl]
According to this paragraph, if a faculty member writes a journal
article on a Computer Services computer, it becomes the property of
Central Michigan. This is theft by Computer Services of property
that rightfully belongs to the faculty member.
As a practical matter, this paragraph is ridiculous. Is Computer
Services claiming to own the copyright on user-created documents? If
so, a faculty member who read this paragraph could not legally give a
journal permission to publish the paper he or she wrote. If the
faculty member did try to give a permission-to-copy, he or she would
be guilty of fraud.
The paragraph contradicts policy and law with regard to privacy. The
contents of personal file cabinets, even if owned by the State, remain
the property of their assigned user. Unreasonable searches are
prohibited by the Constitution. The University of Illinois, for
example, requires a warrant before a search of university-owned
personal file cabinet.
Principle: Personal files on university's computers (for example,
files in a user's home directory) should have the same privacy
protection as personal files in university-assigned space in an office
or dormitory space (for example, files in a graduate student's desk).
[Aside: I suggest than writers to CAF-talk mark proposed principles as
I have done above. Start with the word "Principle:" as the first item
on a line. Mark the end of the proposal with a blank line. This will
make it easy to extract proposed principles later. - Carl]
The Joint Statement on Rights and Freedoms of Students
(ftp.eff.org:pub/academic/student.rights) suggests these guidelines
(which Central Michigan's policy violates.)
"1. Except under extreme emergency circumstances, premises occupied
by students and the personal possessions of students should not be
searched unless appropriate authorization has been obtained. For
premises such as residence halls controlled by the institution, an
appropriate and responsible authority should be designated to whom
application should be made before a search is conducted. The
application should specify the reasons for he search and the objects
or information sought. The student should be present, if possible,
during the search. For premises not controlled by the institution,
the ordinary requirements for lawful search should be followed."
>An individual using Computer Services facilities must do so in the
>knowledge that he/she is using University resources in support of
>his/her work. The University owns everything stored in its facilities
>unless it has agreed otherwise. Further, the University has the right
>of access to the contents at any time for any purpose for which it has
>a legitimate "need to know". The University will make all reasonable
>efforts to maintain the confidentiality of the storage contents and to
>safeguard the contents from loss, but cannot be held liable for the
>inadvertent or unavoidable loss or disclosure of the contents.
>Normally, the only "need to know" access to storage media contents
>will be conducted by the Director of Computer Services, the Associate
>Director of Computer Services (operations), or the Systems
>Programmers.
If University really owns the contents of the everything on the
computer, then there is no confidentiality to maintain. The computer
files may, however, now be covered by the Family Educational Rights
and Privacy Act. (I doubt if Computer Services really indented that.)
This search policy could be improved by replacing the "need to know"
language with the more mature language of the University's general
search policy.
>...
>_The facilities are provided without charge for purposes of academic
>advancement and administrative data processing for faculty, staff, and
>students of Central Michigan University. Use by others or for other
>purposes is strictly prohibited unless specifically authorized in
>writing by the Director of Computer Services._
It sounds like Sys Programmer can decide for his or herself to search
a faculty-created file, but that a faculty member must get written
permission from the Directory of Computer Services before sending
email to a friend.
>Computer Services computing facilities are provided in support of
>teaching and academic advancement and administrative data processing
>at Central Michigan University. Any faculty member, staff member,
>emeritus faculty/staff, or student having a current bona fide
>connection with Central Michigan University is permitted, upon proper
>validation by Computer Services, to use the instructional/research
>portion of these facilities without charge regardless of whether or
>not they are in a "computer-intensive" class or are teaching such a
>class. The facilities available to the individual will be determined
>by Computer Services based on intended use of the facilities by the
>individual and the resources available at the time of validation.
>Facilities are not provided for the use of spouses, parents, children,
>or friends of validated users.
>...
Good.
>...Detection of illegal usage or practices designed to operate to the
>detriment of the user community will result in the withdrawal of
>services to the individual determined to be at fault. Computer
>Services will be the sole arbiter of this decision and services to the
>individual will only be restored to the individual upon successful
>appeal to the Director of Computer Services or his designees.
>...
I would suggest Computer Services policymakers look at Central
Michigan's general disciplinary policy. Also, they should read the
Joint Statement on Rights and Freedoms of Students section on
"Procedural Standards in Disciplinary".
The phrase "practices designed to operate to the detriment of the user
community" is too vague.
Principle: A reasonable user should be able to determine if his or her
behavior will violate policy.
This paragraph suggests that the only penalty for "practices designed
to operate to the detriment of the user community" is permanent
expulsion from the computer. This is too harsh.
"[P]rocedural fair play requires that the student be informed of the
nature of the charges against him, that he be given a fair opportunity
to refute them" [Joint Statement]. The policy does not respect these
rights.
Also, due process requires that "[w]hen the misconduct may result in
serious penalties and if the student questions the fairness of
disciplinary action taken against him, he should be granted, on
request, the privilege of a hearing before a regularly constituted
hearing committee.
...
No member of the hearing committee who is otherwise interested in the
particular case should sit in judgment during the proceeding." [Joint
Statement]
In other words, Computer Services asserts that it is the prosecutor
and final judge. But, no department on campus has this authority; it
is a violation of user due-process rights.
Principle: Suspension or expulsion from a computer is a serious
penalty. Users facing these penalties should be given due process
protection similar to that given to those facing other serious
penalties such as a formal disciplinary warning, a failing grade for
cheating, or suspension from class.
>_Special information regarding audit records on the IBM 3090 computer._
>Any individual using Computer Services facilities must realize that
>all mainframe computer systems maintain audit trail logs or log files
>within the mainframe computer. Such information as the user
>identification, date and time of the session, the software used, the
>files used, the computer time, and storage used, the user account, and
>other run-related information is normally available for diagnostic,
>accounting, and load analysis purposes.
>In the case of the IBM 3090, Computer Services normally retains the
>information contained in these files for up to one year. Under certain
>circumstances, this information is reviewed by the Computer Services
>personnel outlined above, either at the request of an academic
>department, or in situations where it is necessary to determine what
>has occurred to cause a particular system problem at a particular
>time. For example, analysis of audit files may indicate why a
>particular data file is being erased, when it was erased, and what
>user identification has erased it. Inspection of audit records may be
>used to dispel or confirm a professor's suspicions of academic
>dishonesty.
>...
>Access to audit records on the IBM 3090 will only be performed by the
>Computer Services personnel designated above. The review of audit
>information will only be performed when there is a legitimate "need to
>know" based on a request from an academic department, an Executive
>Officer of Central Michigan University, or the Director of Computer
>Services, or when such a review is deemed necessary in order to
>maintain a satisfactory computing environment for the University
>Community. In such cases, a written record will be maintained of the
>occasion, containing the name of the person accessing the audit
>records, the date and time of access, whose records were accessed, the
>extent (date and time range) of the information retrieved, and the
>circumstances occasioning the access. This record will be kept in the
>Computer Services administrative manual files under the the
>designation "IBM 3090 audit record accesses".
>--- end quote ---
The Family Educational Rights and Privacy Act regulates university
records. It does not sound as if the log and the "audit record
accesses" comply with the law.
Also, the phrase "or when a review is deemed necessary in order to
maintain a satisfactory computer environment" is a vague catch-all that
would seem to permit review at any time. It does not even say who
authorized to do the "deeming".
Finally,
Principle: "[P]olicies and procedures should be developed at each
institution within the framework of general standards and with the
broadest possible participation of the members of the academic
community." [Joint Statement]
Following this principle, the Central Michigan policy should be
replaced by a policy created with the participation of users.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
Date: Mon, 2 Sep 1991 16:23:48 GMT
From: kadie@eff.org (Carl M. Kadie)
Message-ID: <1991Sep2.162348.24952@eff.org>
References: <530BDB8DB880B52F@ccmail.sunysb.edu>
Subject: Theft of Information (was Re: What is e-mail privacy?)
SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
[...]
>There is no generic theft of information crime but it may be covered under
>various other categories from theft of trade secrets to theft of state
>secrets.
[...]
I don't know of any general "theft of trade secrets" or "theft of
state secrets" laws (at least not in the U.S.).
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
Date: 2 Sep 91 16:47:00 GMT
Sender: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Message-ID:
Subject: Theft of Information (was Re: What is e-mail privacy?)
>
>I don't know of any general "theft of trade secrets" or "theft of
>state secrets" laws (at least not in the U.S.).
>
>Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
>I do not represent EFF; this is just me.
They do exist. They may be called Industrial Espionage and Military
Espionage.
What would you call someone who steals a classified document and sells it to
an enemy government?
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
Date: Mon, 2 Sep 1991 17:15:24 GMT
Sender: kadie@eff.org (Carl M. Kadie)
Message-ID: <1991Sep2.171524.390@eff.org>
References:
Subject: Theft of Information (was Re: What is e-mail privacy?)
SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
[...]
>What would you call someone who steals a classified document and sells it to
>an enemy government?
[...]
What would you call someone who copies the classifed Pentagon Papers
and gives them to the New York Times?
I'm not suggesting that selling to an enemy government is legal, only
that the applicable laws are very specific.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Fri Sep 6 18:58:16 1991
Received: from c.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA10712; Fri, 6 Sep 91 18:58:13 -0500
Received: from eff.org by c.cs.uiuc.edu with SMTP id AA12255
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Fri, 6 Sep 91 18:56:42 -0500
Received: by eff.org id AA23688
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Fri, 6 Sep 1991 19:55:05 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Date: Fri, 6 Sep 1991 19:54:47 -0400
Sender: "Helen C. O'Boyle"
Message-Id: <199109062354.AA23669@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: RO
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Mon, 2 Sep 91 Volume 1 : Issue 4
Today's Topics:
What is e-mail privacy? (was Re: Taxonomy of forums) (6 msgs)
What is privacy?
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: rickert@cs.niu.edu (Neil Rickert)
Date: 2 Sep 91 01:23:31 GMT
Message-ID: <1991Sep2.012331.29200@mp.cs.niu.edu>
References: <41E7F6E41880B081@ccmail.sunysb.edu>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
In article <1991Sep1.211734.22816@mp.cs.niu.edu> tk0jut1@mp.cs.niu.edu (Jim Thomas) writes:
>>courts will get involved. As a practical matter, however, any prohibition
>>of such access is completely unenforceable unless we are willing to have
>>a KGB agent (or equivalent) constantly monitoring everyhting the sysop
>>does. And personally, I am opposed to unenforceable laws.
>Because comm privacy laws are new and untested does not mean that they are
>unenforceable. I suspect the wording of most will be rapidly revised as
It is unenforceable if it is undetectable.
>the ambiguities and problems become more obvious. Perhaps, like
>window-peeking, we cannot easily discover the lurking sysop, but when
>lurking becomes obvious it is enforceable. If, for example, a sysad
>reported to the police that I smoke marijuana on the basis of a private note
>perused from my files, I would have a cause of action that, if successful,
>is quite enforceable. .
But that is a different matter. Then the sysop didn't merely peruse your
files -- he disclosed their contents. This is a different matter entirely
under ECPA. Provided ECPA is applicable, disclosure is clearly forbidden.
>behavior. I repeat: Because you have the means to access the internal
>contents of my files (as opposed to manipulating the disk space which
>contains my file) does not mean that you are *allowed* to, and all
>some of us are saying is that "inviolable" is a value imperative not a
>technological ability. . m
On a unix system, a directory is usually considered a file. I can assure
you that on this system I run a nightly program which peruses the contents
of your directories. Also if I find a file of yours named 'core' or with
a name beginning with ',' or '#' which is more than a few days old, I
unceremoneously remove it (this is pretty standard Unix procedure).
I also from time to time scan your directories for files which are 'suid'
and might give you a way of breaking security (part of the 'cops' package),
and do other similar intrusive things in your directories.
Now I doubt that any of these routine procedures disturb you very much,
but they do point out the difficulty you would have in trying to
proscribe administrative access to the contents of your files.
>But, if you're saying that you have employees who routinely snoop in my
>files, and I'm ignorant because I'm not aware of this, then you've got me:
>I wasn't aware of this, and it's this latter issue that is at stake.
I am as opposed to routine snooping as you -- provided you don't consider
the items I mentioned above as snooping.
Perhaps I should warn you, though, that I do try to keep this system
relatively open. Anybody can find out how often you login with the 'last'
command. Anybody can find out which commands you execute with the
'ps' and 'lastcomm' commands. Anybody can find out how much email you send
and receive, and the addresses of senders and recipients, for I keep all of
my log records - with two exceptions - publically readable. The exceptions
are the file which logs unsuccessful login attempts, and the file which logs
anonymous ftp logins, since confused users will sometimes type in passwords
when user identifiers are required, and the passwords would then be logged.
This means that quite a bit of intrusion is possible with public information.
Of course this is a computer intended primarily for research and teaching
in the Computer Science program. If the computer were primarily intended
for email and for maintaining private records, a less open policy might
be appropriate.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 2 Sep 91 03:24:00 GMT
Message-ID: <3B8FE5F818806A38@ccmail.sunysb.edu>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
This discussion started with my proposal limiting the rights of systems
administrators to accessing files only when a real problem exists.
Somehow, I do not know how, Jim got the idea that I was advocating snooping by
systems administrators.
>
>No, Sanjay, I am not joking. If you think I am, I would challenge you to
>access the contents of my files and make it public. If you are saying
>that you have the authority to do this, or that you have the right and/or
>authority to access and read my private e-mail, you have not understood
>the ECPA, proving that citing does not lead to understanding. Please
>try to understand this: I will say it slowly and carefully: We are not
>talking about the technological ability to access my files, nor are we
>talking about routine maintenance required to run a system. We are
>talking about the constraining the behavior of indivduals. You seem to
>be saying that it's your right to peruse my private files (email, data,
>whatever). You do not have this right, and no interpretation of the
>ECPA will give it to you.
>
Just exactly what do you think routine maintenance is?
>These are not examples of intentionally and purposively accessing the
>contents of my private files. Under what conditions can you access, peruse,
>copy, or distribute info from the contents of an individual file?
>The ECPA hardly prohibits general routine functions. It does, however,
>prohibit *you* as operator of a system, from mucking about in my
>data sets. Try to understand, Sanjay: The issue is one of determining
>what protections to give us from others, including sysads, and what
>responses are appropriate when abuses occur.
That is your opinion.
> Are you saying that addressing
>disk corruption and mail loops necessitate reading the contents of my
>individual files without my permission?
YES.
>
>
>I'd be happy to, but this is not the place for a mega-line article.
>If you're sincere, you can start by re-reading the ECPA. You might also
>find "Privacy Rights in State Courts: Models for Illinois?" in
>U. Ill Law Rev. (1989), pp 215-296 helpful. One of the better overviews
>of the ECPA appeared in BMUG (in spring '91) and was reprinted in
>Cu Digest. To better understand the ECPA, the House Judicial Committee
>Hearings on HR 3378 (which later became the ECPA) is useful.
>
I am not asking for the whole law, just relevant portions.
>You continual citing of the ECPA is laudable but non sequitor You seem
>to be saying that it gives you the right to invade my privacy, a rather
>odd interpretation. It clearly intends the opposite, and it is hardly
>restricted to law enforcement. University officials and administrators
>are considered a subset of state functionaries (in public institutions).
>Nothing you cited appears to give you the right to muck about in my
>files or mail. If you want to quibble over what "mucking about" means,
>fine, but you seem unwilling to accept the limitations on sysad behavior
>and claim carte blanche to invade my privacy by appealing to your
>authority as administrator. Nothing you've cited gives you such latitude.
>
Law Enforecement, University officials etc. are restricted but not the systems
administrator. Read the following one more time:
_ 2511. Interception and disclosure of wire, oral, or electronic
communications prohibited
(2) (a) (i) It shall not be unlawful under this chapter for an
operator of a switchboard, or an officer, employee, or
agent of a provider of wire or electronic communication
service, whose facilities are used in the transmission
of a wire communication, to intercept, disclose, or use
that communication in the normal course of his
employment while engaged in any activity which is a
necessary incident to the rendition of his service or
to the protection of the rights or property of the
provider of that service, except that a provider of
wire communication service to the public shall not
utilize service observing or random monitoring except
for mechanical or service quality control checks.
What is your interpretation of
1) normal course of his employment while engaged in any activity which is a
necessary incident to rendition of his service?
It even goes as far as to protect the rights and property of the service
provider. This can mean almost anything.
>Perhaps you should explain what you mean by sysad immunity, because it's
>hardly clear from your rationale or your cite of the ECPA.
Read my cited paragraph above one more time.
> But the
>issue is somewhat different: You have no right to *INTENTIONALLY SNOOP!*
>Period!
I never claimed (or disclaimed) any right to intentionally snoop. I am just
saying that an unethical system administrator may be able to claim such a
right because the current law has a big loophole in it.
> If you are claiming this right, since a) you do not seem to be
>denying it, and b) you spend considerable energy resisting others'
>concerns about it, then say so,
I will not give you the satisfaction of either claiming that right or
disclaiming it.
> and also announce publicly that you
>claim the right to intentionally and purposively invade users' files,
>read them as you wish, copy the contents of individual files for your
>personal use, and distribute them.
Use of files for personal use is theft of information. Distribution may be a
similar crime besides being illegal under the ECPA.
> This, Sanjay, is the issue.
>A system is *not* the personal fiefdom of a sysad or sysop.
>
Depends on the system. Depends on the system administrator. My PC at home is
definitely my personal fiefdom.
>I don't mind a bit of name calling, Sanjay, but your continual assertions
>are wearisome.
I don't mind a bit of name calling, Jim, but your continual assertions
are wearisome.
> My comment about the mode of communication may be glib and
>broad, but you surely know that there are discrepancies in law between
>(for example) cellular and cordless phones among others.
>
yes.
>Please understand the point rather than distorting it for your own
>myopic ends: I claim that the ECPA is hardly ideal and that there are
>both legal and conceptual issues regarding privacy issues.
I agree.
>You call this
>ignorant? My god, you must be brilliant!
Thank you for the compliment :-).
> You may be the only person in the
>country who has a firm grip on such issues and on the language of the ECPA.
I am not that brilliant.
>The ECPA is an arcane, poorly worded document, and in the 5 years since
>enacted technology has already outstipped the even-then ambiguous and
>tortured language and created new situations that raise questions.
>It is *not* limited solely to computer systems, but to COMMUNICATIONS
>systems, and the increased sophistication of integrative technology
>creates new problems to address. Sorry if you see recognition of these
>problems as "ignorant."
Finally you seem to agree that it is extremely difficult to write laws
covering this field. How can one write policy then?
> You seem to be a minority of one.
I did always believe in minority rights :-)
>
>I oppose criminalization of "victimless crimes" in general, and fully agree
>that intrusion should be a civil, not criminal matter. The definition of
>"privacy" is dodgy, but you seem to take the extreme position that there
>can be none.
My position is that absolute privacy is an illusion and can not exist.
Limited privacy is possible and the goal should be to increase the amount of
privacy.
>I take the position that, whatever the technological capacity
>for intrusion might be, a minimal definition is that people be constrained
>from using it to purposively and intentionally access the contents of
>others private communication.
>
And how do you propose to do that?
Correct me if I am wrong but you seem to be saying:
I do not want anyone to monitor my stuff so I will assume no one does.
Whereas I am tring to say:
Beware someone may monitor your stuff and you may be helpless when that
happens. Prepare for it by encrypting your stuff, hiring ethical
people etc. Do not trust all systems administrators to be totally
honest.
>>2) It is not unlawful to routinely/randomly monitor stuff when the purpose is
>> to do quality checks.
>
>There is no quality check that requires you to read my private file without
>my permission. You are confusing legitimate random system monitoring with
>purposive snooping. Please try to understand what people are saying before
>creating a straw icon to attack.
There are a lot of things that a system administrator does that you seem to be
ignorant about.
>
>>3) Yes, you do lack privacy protection once you are on the network.
>
>What does this mean? Are you saying that, since you are on the nets, I
>am entitled to invade the privacy of your system? I repeat: try to
>understand what's being said! The threat to privacy does not mean that
>the means of addressing the threat should be ignored. Is there a
>point to this point #3?
>
Yes there is a point, the point is not that the system administrator will
snoop but some systems or network administrator on the network might be
snooping. I do not like this snooping myself and do not do it but if you
do not know that this snooping occurs, you are deluding yourself.
>>4) For the purposes of the law, classroom accounts enjoy the exact same
>> protection as research accounts.
>
>Not necessarily. It depends on the class structure (and you seem to
>contradict your point #1 here). I am not advocating less rights for
>students than for others. I am simply saying that *some* student accounts
>may be collective, others personal. A personal account should be
>inviolable. A collective account has fewer restrictions on access.
I was referring not to a collective account but an individual account
to do class work.
You are saying that
A personal account should be inviolable.
I agree. I most certainly should be inviolable.
Unfortunately, I do not know of any multi user system, anywhere in the world
where personal accounts are in fact inviolable. If there are such cases, I
would like to hear about them. Their operation may be good models for all of
us.
>The ECPA
>wording is often decipherably broad, and it is not clear how far the
>scope extents, but it would appear to extent to private BBSs where an
>expectation of privacy exists, and to systems such as compuserve or GEnie.
BBSs are public service providers, ECPA applies, Universities are not.
>
>>6) ECPA covers mainly communications and is more or less silent on what is
>> already stored on the computer as files.
>
>As you have said, "please read the ECPA." Chpt 121 / 2701 addresses this,
>abeit not clearly,
That is what I am saying.
>The intent, however, is clear:
>You do not, as you claim, have the authority to snoop in my files even
>if they are on your system.
I disagree. I am not talk about snooping but accessing files to solve a
problem.
> Some have even expanded this to mean that
>a sysop cannot divulge the contents of a private conference even if
>many people participate in it.
I am not talking about divulging information either.
>
>Sanjay, please try to understand also that many defintions are imported and
>and refined from other statutes from case law. The ECPA also raises issues
>and metaphors raised in other social and legal realms (theft, copyright,
>trespass). The intent of the ECPA is to erect a barrier to illicit
>intrusion, and you seem unwilling to accept this.
I am just trying to define what is licit and what is illicit. Your position
is that all access is "illicit intrusion". My postion is that there are
legitimate circumstances where a system administrator may need to access a
file.
>
>There have been few (I don't believe any) cases brought to *trial* under
>the ECPA or related statutes, so there is no set of established precedents
>that would clarify some of the horrendous language.
>It is an imperfect law in need of substantial revision, but it is well
>meaning in its own obtuse way. If you are saying that it cannot prevent
>meddlers from meddling, that's a truism so obvious as to be irrelevant.
>If you are saying that it cannot be applied to snoops, you are in
>perilous error.
It can be applied to government snoops, but the exemption granted to system
administrators is too broad to be enforceable.
>
>
>Sorry to disappoint you Sanjay, but I have read the ECPA and related
>statutes and cases. The current ECPA may be a failure because of the
>vague and outdated language, but that hardly means that it gives you
>that right to snoop.
NO LAW CAN KEEP UP WITH CHANGING COMPUTER TECHNOLOGY.
I am not advocating a right to snoop, just a right to access files to do my
job and solve a real problem when it crops up and also to keep the system up
and running.
>
>I repeat, and please, once again, try to understand: Because one has the
>technological ability to snoop does not give them the right, and because
>I oppose a given behavior, that of *invading* my private files, does not
>mean I am ignorant or fail to have read the ECPA.
As you said you are a criminologist and know much more about these things than
the average Joe user. I am not worried about warning you about the facts of
life. I do not understand why you want the average Joe user to remain
uninformed.
>If you were able to
>muster some coherent argument, a "debate" might be easier. You cannot
>assert that you have the right to snoop because you may have to deal with
>disk corruption.
I am not claiming (or disclaiming) a right to snoop. Just the right to do my
job which may require access to files to solve a problem.
>That's an offensive nonsequitor. If you are saying that
>people should be made aware that snoops exist, fine.
THAT IS MY POINT. PEOPLE DO NOT KNOW THIS.
>If you are saying
>that technology cannot guarantee privacy, big deal...we've all conceded
>this.
OK. But that should not mean that we should not try to improve technology so
that it does guarantee more privacy.
>If you are saying that we should socialize new computer users into
>the ethics of privacy, well, of course!
OK.
>However, you resist and attack
>my point, which is this: My files are normatively inviolable even if
>they technologically are not. Neither you, as sysad, nor anybody else
>has the right to willfully access their *contents* without my permission.
>Try the analogy of a suitcase.....an airport porter can carry it, send it
>from place to place, clean it, spit on it, or whatever, but s/he cannot
>open it to snoop, photograph the inside, or distribute the stuff to
>others without violating law, most company policies, and ethical standards.
You have inadvertantly given me the perfect example.
An airport porter may not, but then again a system administrator is not an
airport porter. The airport porter is the computer.
What happens when it is x-rayed and there is a bomb?
What happens when the suitcase splits open?
What happens when the tag is lost and the airline has to find the correct
owner?
The law on opening packages entrusted to private carriers is most interesting.
All private carriers reserve the right (albeit in fine print, and sometimes
not in writing) to open the package.
>You can cavil by pointing to inadvertant exceptions, many of which I would
>perhaps agree with, but you seem unwilling to even acknowledge, contrary
>to demonstrable evidence, that snooping in that suitcase is illegal.
>
Is it?
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Mon, 2 Sep 1991 04:12:17 GMT
Message-ID: <1991Sep2.041217.11415@eff.org>
References: <3B8FE5F818806A38@ccmail.sunysb.edu>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
[This is an aside and should not effect the main thrust of the discussion.]
SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
[...]
>Use of files for personal use is theft of information. Distribution may be a
>similar crime besides being illegal under the ECPA.
[...]
I've never heard of a generic "theft of information" crime.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: TK0JUT1@NIU.BITNET
Date: 2 Sep 91 05:27:00 GMT
Message-ID: <199109020527.AA12138@eff.org>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
Sanjay writes:
>This discussion started with my proposal limiting the rights of systems
>administrators to accessing files only when a real problem exists.
>
>Somehow, I do not know how, Jim got the idea that I was advocating
>snooping by systems administrators.
Perhaps it's because you don't seem able to follow a straight line and
just when it appears you do, you veer off again in apparent preferance
for the incisive irrelevancy and and zapping non sequitor. Or, perhaps
it's because you create positions for others to which you respond that
merely give the appearance resistance when all you are in fact doing
is engaging in argument rather than discussion.
>Correct me if I am wrong but you seem to be saying: I do not want anyone
> to monitor my stuff so I will assume no one does. Whereas I am
> tring to say: Beware someone may monitor your stuff and you may be
> helpless when that happens. Prepare for it by encrypting your
> stuff, hiring ethical people etc. Do not trust all systems
> administrators to be totally honest.
Yes, you are wrong. **NEVER** did I say or imply any such thing, and it
is this straw icon that you created that set this thing going, and
despite repeated disclaimers you keep attributing this absurd position
to me, then responding to it as if you were addressing the key issue:
Part of preparation for intrusion means recognizing how existing laws
and policies can be written to offer at least minimal protections. Got
that? **MINIMAL*! They are simply part of a wider set of mechanisms
that can be employed.
Just as you insist on making others aware that their private files may
not be secure, I am trying to make you aware that there are existing
laws that offer protection against what you claim is your right. It's
because we don't trust all sysads that we have laws to provide some
recourse if we can demonstrate a violation. I'll say this one more
time, Sanjay, and try to get it straight: I AM NOT DELUDING MYSELF IN
BELIEVING THAT SNOOPING DOES NOT OCCUR. I have no idea how or why you
came up with this, but I neither said it nor implied it, and you keep
repeating it. It is precisely because of the possibility (and
occasional reality) of such snooping that I advocate a national standard
for communication privacy. The ECPA is too poorly worded to provide such
a standard, although the principles are, in the main, sound. As written,
it could be interpreted to prohibit caller ID as well as sanction
unauthorized file snooping. I have explicitly acknowledged the
difficulty of appropriate privacy legislation and alluded to the
problems of the ECPA, yet you raise these problems as if they were never
mentioned in previous posts. Then you wonder why disputes arise.
>Unfortunately, I do not know of any multi user system, anywhere in the
>world where personal accounts are in fact inviolable. If there are such
>cases, I would like to hear about them. Their operation may be good
Something that invokes a sanction when profaned is deemed an
"inviolable" entity. If my private files are profaned, then you have
violated through unauthorized access, even as sysad, then you are
subject to possible sanctions. Name a system? Mine at NIU, and
probably yours. Not to mention most others. Your claim that BBSs
somehow face stricter requirements than university systems is
incorrect. BBS and related systems operators have far more latitude in
setting restrictive policies than do public institutions' sysops, who
are constrained by university norms and policies, and more state and
federal laws than are those in the private sector.
>I do not understand why you want the average Joe user to remain uninformed.
One reason we're at odds is that you continue to fabricate issues and
impute them to others. This is nothing I said, implied, or discussed.
Finally, a suitcase is *not* like the computer, Sanjay--a
suitcase, like a file, holds contents. It does not run the airline or
give the porter instructions. We are all agreed that there are grey areas
of legitimate need. Scanning of suitcases is done with prior assumptive
knowledge of the owner, they are generally not searched without warrants
or in presence of the owner, and whatever other very rare exceptions may
exist, one does not snoop through them without permission without
commiting a violation. You on one hand claim to oppose snooping while on
the other denying either the legitimacy or the efficacy of policies that
attempt to set the limits. You can't have it both ways.
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 2 Sep 91 06:13:00 GMT
Message-ID: <530BDB8DB880B52F@ccmail.sunysb.edu>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
>SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
>[...]
>>Use of files for personal use is theft of information. Distribution may be a
>>similar crime besides being illegal under the ECPA.
>[...]
>
>I've never heard of a generic "theft of information" crime.
>
>Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
>I do not represent EFF; this is just me.
There is no generic theft of information crime but it may be covered under
various other categories from theft of trade secrets to theft of state
secrets.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 2 Sep 91 06:39:00 GMT
Message-ID: <56B5C12D5880B52F@ccmail.sunysb.edu>
Subject: What is e-mail privacy? (was Re: Taxonomy of forums)
Jim writes:
>Part of preparation for intrusion means recognizing how existing laws
>and policies can be written to offer at least minimal protections. Got
>that? **MINIMAL*! They are simply part of a wider set of mechanisms
>that can be employed.
>
I agree.
>Just as you insist on making others aware that their private files may
>not be secure, I am trying to make you aware that there are existing
>laws that offer protection against what you claim is your right. It's
>because we don't trust all sysads that we have laws to provide some
>recourse if we can demonstrate a violation. I'll say this one more
>time, Sanjay, and try to get it straight: I AM NOT DELUDING MYSELF IN
>BELIEVING THAT SNOOPING DOES NOT OCCUR. I have no idea how or why you
>came up with this, but I neither said it nor implied it, and you keep
>repeating it. It is precisely because of the possibility (and
>occasional reality) of such snooping that I advocate a national standard
>for communication privacy. The ECPA is too poorly worded to provide such
>a standard, although the principles are, in the main, sound. As written,
>it could be interpreted to prohibit caller ID as well as sanction
>unauthorized file snooping. I have explicitly acknowledged the
>difficulty of appropriate privacy legislation and alluded to the
>problems of the ECPA,
I agree.
>Something that invokes a sanction when profaned is deemed an
>"inviolable" entity. If my private files are profaned, then you have
>violated through unauthorized access, even as sysad, then you are
>subject to possible sanctions. Name a system? Mine at NIU, and
>probably yours.
You may want to talk to your systems folk before making that statement.
> Not to mention most others. Your claim that BBSs
>somehow face stricter requirements than university systems is
>incorrect. BBS and related systems operators have far more latitude in
>setting restrictive policies than do public institutions' sysops, who
>are constrained by university norms and policies, and more state and
>federal laws than are those in the private sector.
>
For fee BBSs are providers of service to the public and are under stricter
regulation. Free BBSs may not be so limited. Your expectation of privacy
will be high if you pay for mail service.
>Finally, a suitcase is *not* like the computer, Sanjay--a
>suitcase, like a file, holds contents.
You brought up the suitcase analogy, not me. I was just trying to demonstrate
that it was actually appropriate. I agree that a porter is to a suitcase as
a computer network is to a file.
>You on one hand claim to oppose snooping while on
>the other denying either the legitimacy or the efficacy of policies that
>attempt to set the limits. You can't have it both ways.
>
Yes, I can have it both ways. I oppose snooping and claim that current law
and policies are ineffective. I want reasonable and enforceable laws
and policies that will put real limits. You want to set absolute policies
which will never be enforceable or legitimate because they are too broad.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: G.Joly@cs.ucl.ac.uk (Gordon Joly)
Date: 2 Sep 91 11:23:14 GMT
Message-ID: <199109020924.AA21515@eff.org>
References: <530BDB8DB880B52F@ccmail.sunysb.edu>
Subject: What is privacy?
I once had a boss/system admin who put in a false shell and keep a
record of my every key stroke, completely without my prior knowledge.
But then he was a psychiatrist.
____
Gordon Joly +44 71 387 7050 ext 3716
Internet: G.Joly@cs.ucl.ac.uk UUCP: ...!{uunet,ukc}!ucl-cs!G.Joly
Computer Science, University College London, Gower Street, LONDON WC1E 6BT
Order is paramount in anarchy.
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Fri Sep 6 18:57:53 1991
Received: from c.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA10696; Fri, 6 Sep 91 18:57:50 -0500
Received: from eff.org by c.cs.uiuc.edu with SMTP id AA12251
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Fri, 6 Sep 91 18:56:38 -0500
Received: by eff.org id AA23696
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Fri, 6 Sep 1991 19:55:32 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Date: Fri, 6 Sep 1991 19:55:19 -0400
From: "Helen C. O'Boyle"
Message-Id: <199109062355.AA23691@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: RO
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Tue, 3 Sep 91 Volume 1 : Issue 5
Today's Topics:
Computing Services Policy at Central Michigan University (6 msgs)
librarians vs. computer center staff
Taxonomy of forums (was Re: Toward a taxonomy ... of alt.sex)
Why does alt.sex exist? (2 msgs)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 3 Sep 91 06:41:00 GMT
Message-ID: <202C75A18080B52F@ccmail.sunysb.edu>
Subject: Computing Services Policy at Central Michigan University
>From: kadie@eff.org (Carl M. Kadie)
>
>Summary: Central Michigan University Steals User Files
>
>This is a critique of the Computing Services Policy at Central
>Michigan University. The policy as written gives Central Michigan
>authority to steal user file. It also denies users their due process
>rights. The policy should be replaced by a policy created with
>participation of users.
>
I agree that policy should be made with the participation of users and I also
agree with most (though not all) of your critique of the policy.
I just have one major point:
Users at most schools don't give a damn about the computer policy. They
are simply not interested in spending the time it would take to come up
with a reasonable policy. The problem at most places is apathy.
If the above were not so, how has the Central Michigan policy survived?
I would ask susbcribers to this newsgroup to conduct a highly unscientific and
random poll of the users of computers at their site and ask users the
following type of questions. Please do not bias the sample group of users.
You will bias the sample by educating them about what the policy is or what
it should be before asking these questions:
1) Do they know that there is a computer policy?
2) Do they know what it says?
3) Will they be willing to spend a few hours a week developing or improving
such a policy?
4) Do they know who all can read their files? Even protected files? Do they
care?
5) Do they protect their account by not sharing passwords?
6) Do they know that there is a group of people who do systems work?
7) Do they know what the systems staff does with the system?
8) Are they dissatisfied with the way the systems staff does its work?
I have talked with several hundred users over the past few years about these
topics and I have come across only two persons who answered all the questions
above positively. (maybe they were afraid of admitting to 8) above to me, but
do you want someone, who is afraid of the systems staff, to make policy?)
Those two individuals who were initially interested in helping design a policy
purchased their own Personal Computers and lost all interest in developing a
policy also. Maybe there are users who are interested in this at my campus,
I just have not been lucky enough in locating them.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: sean@ms.uky.edu (Sean Casey)
Date: 3 Sep 91 18:01:21 GMT
Message-ID: <1991Sep3.180121.14384@ms.uky.edu>
References: <1991Sep2.161515.24831@eff.org> <1991Sep2.192241.1731@eff.org>
Subject: Computing Services Policy at Central Michigan University
That bit about the University owning everything on its computer just
doesn't fly. If I take a copyrighted work, and move it to the
computer, and the University claims it, they could be held liable for
theft and copyright violation.
A couple of examples:
I work for the University. I buy a personal copy of Norton
Utilities at the store, and put it on my workstation's hard disk
at work. They claim it is theirs, and move the workstation to
somewhere inaccessable by me. I tell them to destroy their copy,
and in the meantime install the program on my home machine. They
don't destroy the copy in their posession
I write a novelette at home and successfully get it published in a
magazine. I put it on the mainframe at school so my friends can
read it. The University claims it is now theirs because I
developed it on their machine.
Universities better be reeeeal careful about what they claim is
theirs. A safer policy would be to assume that anything the staff
does not put on the machine is *not* theirs.
Sean
--
** Sean Casey
** "The way your head works is God's own private mystery." - Nicholas Cage
------------------------------
From: edguer@alpha.ces.cwru.edu (Aydin Edguer)
Date: 3 Sep 91 18:35:09 GMT
Message-ID: <9109031835.AA02906@charlie.CES.CWRU.Edu>
References: <1991Sep3.180121.14384@ms.uky.edu>
Subject: Computing Services Policy at Central Michigan University
> Universities better be reeeeal careful about what they claim is
> theirs. A safer policy would be to assume that anything the staff
> does not put on the machine is *not* theirs.
No. You had better be "reeeeal careful" about what you put on their
system or [as their policy states] you better work out a separate
agreement with them. If you put information on their computer
without a separate contract, you are agreeing to abide by their rules.
Not vice-versa.
If you don't want to relinquish copyright, don't put it on THEIR computer.
It is reeeeal simple.
Aydin Edguer
------------------------------
From: TK0JUT1@NIU.BITNET
Date: 3 Sep 91 19:56:00 GMT
Message-ID: <199109031957.AA26886@eff.org>
Subject: Computing Services Policy at Central Michigan University
Aydin Edguer writes:
>No. You had better be "reeeeal careful" about what you put on their
>system or [as their policy states] you better work out a separate
>agreement with them. If you put information on their computer
>without a separate contract, you are agreeing to abide by their rules.
>Not vice-versa.
>
>If you don't want to relinquish copyright, don't put it on THEIR computer.
>It is reeeeal simple.
>
>Aydin Edguer
The CMU policy appears to the case of a well-intended, but poorly worded
policy rather than an attempt to regain the perqs of feudal lords. The
above post to the contrary: Regardless of a computer policy, a university
cannot, except under explicit and pre-specified conditions, claim
copyright for the work of faculty. This issue has previously arisen in
too many newsgroups, including this one, to warrant lenghty response, but
the rule of thumb is that faculty own their own words, and no policy that
contravenes existing copyright laws and practices can change it. Sorry,
Aydin, but property rights cannot be so easily taken away. If I use the
resources of others without authorization for my own personal ends, it
raises a number of other issues for which I may or may not be held
responsible, but giving up claims to property by storing that property on
a computer is not one of them. It's reaaalll simple.
And, if for some bizarre reason, the CMU policy was intended to mean
exactly what it says, it is just as unenforceable as a policy that gives
the university "ownership" of anything I place in my office desk.
Jim Thomas
------------------------------
From: edguer@alpha.ces.cwru.edu (Aydin Edguer)
Date: 3 Sep 91 20:10:05 GMT
Message-ID: <9109032010.AA02969@charlie.CES.CWRU.Edu>
References: <199109031957.AA26886@eff.org>
Subject: Computing Services Policy at Central Michigan University
> The CMU policy appears to the case of a well-intended, but poorly worded
> policy rather than an attempt to regain the perqs of feudal lords.
> The above post to the contrary: Regardless of a computer policy, a university
> cannot, except under explicit and pre-specified conditions, claim
> copyright for the work of faculty. This issue has previously arisen in
> too many newsgroups, including this one, to warrant lenghty response, but
> the rule of thumb is that faculty own their own words, and no policy that
> contravenes existing copyright laws and practices can change it.
Wrong. The rule of thumb is that faculty own whatever their contract with
the University states. This is similar to the agreements that most engineers
sign when they go to work in industry. Some companies (and perhaps schools)
do state that employees give the company full rights for any work developed
on the company's equipment.
The rule of thumb is, if you can't live with the policies of a computer site,
don't use the site. The cost of a personal computer for faculty to do word
processing is minimal. And this way, there is no doubts about who owns what.
> Sorry, Aydin, but property rights cannot be so easily taken away.
> If I use the resources of others without authorization for my own
> personal ends, it raises a number of other issues for which I may
> or may not be held responsible, but giving up claims to property
> by storing that property on a computer is not one of them.
Wrong. Check with a good attorney.
Aydin Edguer
------------------------------
From: fwp1@Jester.CC.MsState.Edu (Frank Peters)
Date: 3 Sep 91 22:01:38 GMT
Message-ID: <1563@ra.MsState.Edu>
References: <1991Sep2.161515.24831@eff.org> <1991Sep2.192241.1731@eff.org>
Subject: Computing Services Policy at Central Michigan University
In article <1991Sep2.192241.1731@eff.org> kadie@eff.org (Carl M. Kadie) writes:
>Summary: Central Michigan University Steals User Files
>>---- begin quote ---
>
>>_The contents of all storage media owned or stored on Computer
>>Services computing facilities are the property of Central Michigan
>>University unless a written contract signed by suitable contracting
>>authority exists to the contrary._ [The _..._ marks underlining in the
>>original document. - Carl]
>
>According to this paragraph, if a faculty member writes a journal
>article on a Computer Services computer, it becomes the property of
>Central Michigan. This is theft by Computer Services of property
>that rightfully belongs to the faculty member.
>
>As a practical matter, this paragraph is ridiculous. Is Computer
>Services claiming to own the copyright on user-created documents? If
>so, a faculty member who read this paragraph could not legally give a
>journal permission to publish the paper he or she wrote. If the
>faculty member did try to give a permission-to-copy, he or she would
>be guilty of fraud.
God, I love home lawyers. People, before you get worked up and start
calling for a boycott, read the following two sentences a few times
to grasp the nuances:
Copyright is not ownership. Ownership is not copyright.
If I buy a book I OWN the book but that doesn't mean I own the copyright
on that book. Similarly, the author (or some designate) owns the copyright
on that book but has no claim of ownership on the particular copy of the
book that I own. I can pretty much do as I will with that copy of the
book.
Copyright is a legal concept completely separate from right of ownership
of specific physical instances of a work.
Central Michigan University claims ownership of a particular copy of a
work stored on their media. They claim that they can read it or move
it or remove it or modify it as necessary. That is, they can do as
they wish with that particular copy of the work.
While there are definite problems with this policy it is a far Far FAR
cry from claiming copyright priviledges on such works.
Didn't anyone feel this red herring as it slapped them in the face?
Frank Peters
Mississippi State University.
------------------------------
From: ecsvax!kotlas@uncecs.edu (Carolyn M. Kotlas)
Date: 3 Sep 91 15:09:22 GMT
Message-ID: <9109031509.AA21419@ecsvax.uncecs.edu>
Subject: librarians vs. computer center staff
Sanjay Kapur
in Message-Id: <2F0D768BFC00965B@ccmail.sunysb.edu>
Subject: Re: Free Forum vs. Class-Work Only machine
writes:
> Also Systems staff (people like me) should get the same privileges as
> Librarians do (e.g. most Universities give Librarians Faculty status
> and a 9 month academic year work schedule)
Is this becoming the norm? From my experience with the University of
North Carolina, librarians put in a 12 month work year since their
libraries are serving students year-round.
Also from my personal experience, systems staff would be well advised to
check out the salary differences before they lobby to receive *all* the same
privileges as university librarians. Librarians' annual salaries here can
average $5000 (or more) *less* than computer center personnel. And
educational requirements vary quite a bit too. To get that lower
salary, librarians *must* have a master's degree while the degree
requirements for computer center staff may be less stringent.
(Although the job market here does make advanced degrees highly desirable
for computer center job applicants.)
-c-
--
Carolyn M. Kotlas
Information Resources
UNC Chapel Hill Institute for Academic Technology
kotlas@uncecs.edu -- kotlas@ecsvax.bitnet
------------------------------
From: russotto@eng.umd.edu (Matthew T. Russotto)
Date: 3 Sep 91 03:44:57 GMT
Message-ID: <1991Sep03.034457.26873@eng.umd.edu>
References: <41E7F6E41880B081@ccmail.sunysb.edu>
Subject: Taxonomy of forums (was Re: Toward a taxonomy ... of alt.sex)
In article <41E7F6E41880B081@ccmail.sunysb.edu> Sanjay Kapur writes:
>>Expert witnesses generally come during the trial. In many of last year's
>>computer raids, the "experts" providing guidance to justify reasonable
>>grounds for obtaining the search warrant were from the teleco company
>>who initiated the investigation, which was something less than "expert"
>>and hardly detached. Privacy should be a policy, not a decision made at
>>the discretion of experts in any field.
>
>The telephone company should be convinced then to get experts in the area of
>privacy.
The telephone company HAD experts doing EXACTLY what they wanted-- they had
experts who rationalized intrusions pushed by the telco. The problem was
that the courts swallowed it.
>
>My problem is this:
> What if the system administrator declares that you are a "systemic
> problem"?
Had to do this often? You sure know all the tricks-- I wonder why?
>Your sysads may be generally on the forefront of protecting rights,
>
>But did they inform you that anything going out over usenet as e-mail (as
>opposed to Netnews) is not private.
For the purposes of the ECPA, it is private-- doesn't stop the sysadmin from
'rummaging', but it does make it illegal for him to disclose what he finds
by doing so-- even to law enforcement.
News, of course, is not private.
>Do they provide encryption facilities?
If you have an untrustworthy sysadmin, are you really going to use the
encryption facilities provided by them?
--
Matthew T. Russotto russotto@eng.umd.edu russotto@wam.umd.edu
.sig under construction, like the rest of this campus.
Just say NO to police searches and seizures. Make them use force.
(not responsible for bodily harm resulting from following above advice)
------------------------------
From: bond@eniac.seas.upenn.edu (Robert S.)
Date: 3 Sep 91 18:10:24 GMT
Message-ID: <49681@netnews.upenn.edu>
References: <4BE653D6E840CB70@ccmail.sunysb.edu>
Subject: Why does alt.sex exist?
Here, here. Agreement on alt.sex decreasing morals. Stupid perverts.
------------------------------
From: G.Joly@cs.ucl.ac.uk (Gordon Joly)
Date: 3 Sep 91 21:44:27 GMT
Message-ID: <199109031945.AA26502@eff.org>
References: <49681@netnews.upenn.edu>
Subject: Why does alt.sex exist?
>> From: bond@edu.upenn.seas.eniac (Robert S.)
>> Here, here. Agreement on alt.sex decreasing morals. Stupid perverts.
A cogent argument from Robert S. Bond. Still at least he dropped the
signature:-)
>> "Nice girl, but about as sharp as a sack of wet mice."
>> - Foghorn Leghorn
>> ------------------------------------------------------------------------------
Yes, I mean that one.
Gordon.
____
Gordon Joly +44 71 387 7050 ext 3716
Internet: G.Joly@cs.ucl.ac.uk UUCP: ...!{uunet,ukc}!ucl-cs!G.Joly
Computer Science, University College London, Gower Street, LONDON WC1E 6BT
Order is paramount in anarchy.
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Tue Sep 10 07:28:11 1991
Received: from a.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA20724; Tue, 10 Sep 91 07:28:08 -0500
Received: from eff.org by a.cs.uiuc.edu with SMTP id AA10809
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Tue, 10 Sep 91 07:27:23 -0500
Received: by eff.org id AA19170
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 10 Sep 1991 08:26:30 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Errors-To: comp-academic-freedom-talk-request@eff.org
Date: Tue, 10 Sep 1991 08:26:26 -0400
X-Digest-From: "Helen C. O'Boyle"
Message-Id: <199109101226.AA19165@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: R
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Wed, 4 Sep 91 Volume 1 : Issue 6
Today's Topics:
"What is Censorship?"
Computer Policy in the Student Handbook (2 msgs)
Computing Services Policy at Central Michigan University (9 msgs)
Toward a taxonomy of arguments for censorship of alt.sex
Why Policy *Really* Gets Made (was Re: Computing Services Policy ...)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: amanda@visix.com (Amanda Walker)
Date: Wed, 4 Sep 91 01:29:25 GMT
Message-ID: <1991Sep4.012925.6603@visix.com>
References: <1991Sep2.023957.6880@bronze.ucs.indiana.edu>
Subject: "What is Censorship?"
graham@venus.iucf.indiana.edu (JIM GRAHAM) writes:
> One can play with words and dictionaries 'till hell freezes over.
Indeed. Hence, we have Usenet :).
> It's the _principle_ that is significant here.
I agree, but I differ with you in one respect:
> It doesn't matter whether it's "officials", "a single authority", or
> a special interest group. The _principle_ is exactly the same....
No, it is not. An official or authority has the backing of state power,
and hence can involve the legal application of force, either as part of
the censorship or in punishing resistance to it. A private special
interest group, however annoying and difficult it may be, cannot actually
*force* the removal of an item without suffering consequences (since the
act by them would constitute theft, vandalism, or other kind of damage).
The difference is legal authority.
> Again, mere words.
There's nothing "mere" about words. This very argument is a wonderful
piece of evidence to that effect, in fact...
Amanda Walker
--
"Furious activity is no substitute for understanding." --H. H. Williams
------------------------------
From: otto@fsu1.cc.fsu.edu (John Otto)
Date: 4 Sep 91 17:45:22 GMT
Message-ID: <1991Sep4.173836.5678@mailer.cc.fsu.edu>
References: <1991Aug23.145258.12240@eff.org> <1991Aug31.162538.22121@mp.cs.niu.edu>
Subject: Computer Policy in the Student Handbook
In article <1991Aug31.162538.22121@mp.cs.niu.edu>, rickert@cs.niu.edu (Neil Rickert) writes...
>In article <1991Aug30.221014.20654@eff.org> kadie@eff.ORG (Carl Kadie) writes:
>>How about a compromise? Maybe a user (student, faculty, etc) could be
>>given 24 or 48 hours after being contacted to make an appointment for
>>a meeting. After that their account would be suspended until they made
>>an appointment. (This is kind of like not being able to register for
>>classes if you owe the University money.)
> I have no problem with this provided:
> (a) There is provision for immediate suspension where needed to protect
> the system - I would expect use of this to be very rare.
> (b) The 48 hours notice can be given by email. If the user doesn't bother
> to read his email, too bad. That is his problem. This is somewhat
> comparable to the idea that certain types of legal notices can be
> published in appropriate newspapers/journals, and that publication is
> deemed adequate notification.
I have a problem with it. It's still the same old "presumed guilty and
must beg for mercy" garbage that brought up the whole discussion of
policies on this in the first place. By all means, if you've caught
someone red-handed getting into someone else's account(s), cut them off
immediately, and report it to the neutral third party agreed upon to deal
with disputes. If, however, it's just a matter of a customer coming up
hard against a limitation of the system which causes it to be unavailable
for others, (1) fix the system (2) explain to the person what is happening
and offer your services to figure out a way for him to get his work done
without such problems.
>>> If, on the other hand, an instructor fails a student in a class,
>>> this will likely have very serious long term consequences for the
>>> student, yet you accept that this is something the instructor can
>>> do in the normal course of events, subject only to some appeal procedure.
>> I can't think of any better alternative than to have faculty assign
>> grades. Note that even faculty can't punish a student for cheating
>> without at least an informal hearing.
> The faculty member can assign a grade of FAIL for cheating. Unless the
> students appeals, there will be no hearing.
Right. You've hit upon another failure of the common policies with this
regard. It should REQUIRE a hearing.
>>> When you don't have the experience to understand the consequences
>>> you need to grant a great deal of flexibility to those who make the
>>> decisions,
>> Can you give examples of situations in which a sys admin needs a great
>> deal of flexibility? Perhaps we can propose some rules that are clear
>> enough to satisfy me and flexible enough to satisfy you.
> I see a student has 50 processes running wild (our current per-user limit),
> and I see a faculty member has 3 processes very carefully "nice"d.
> I need the flexibility to decide that the student problem is
> inconsequential, probably caused by a shell script named "test"
> which does an "if test ...", and I need the flexibility to kill
> two of the professor's processes because, in spite of the "nice",
> they are memory hogs and are thrashing so severely as to cause
> severe interference with other users.
[other examples of sys admin's "need for flexibility"]
You've demonstrated that you have that flexibility. So, let's get back to
trying to come up with some reasonable policies. Such policies may
recognize that, you can, e.g. kill the professor's 2 processes, but
you can be called on the carpet to justify the decision. Such policies
may say that you may not deprive a customer of access to the system
because his job(s) happens to have caused a system overload.
I see the sys admin as a fairly menial servant of the customers - the
people using the systems. He's there to make back-up copies of files
on some schedule, and he's there to issue logins to new customers, or
to existing customers who want to divide up their work (on some systems).
Why would he need to be involved in the micro-management - the process
scheduling, prioritizing and contentions that you (and many others)
mention? ...jgo
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 4 Sep 91 23:31:00 GMT
Message-ID: <76635DF29080BD52@ccmail.sunysb.edu>
Subject: Computer Policy in the Student Handbook
>I see the sys admin as a fairly menial servant of the customers - the
>people using the systems. He's there to make back-up copies of files
>on some schedule, and he's there to issue logins to new customers, or
>to existing customers who want to divide up their work (on some systems).
>Why would he need to be involved in the micro-management - the process
>scheduling, prioritizing and contentions that you (and many others)
>mention? ...jgo
By your paragraph above you have demonstrated a total lack of knowledge of a
system administrator's job.
The job description above is that of a computer operator, not a system
administrator. I am on the systems staff here and the systems staff here
does none of the work you attribute to being the job of the system
administrator. The operators do the backup and an accounts clerk gives out
accounts. (The systems staff installs and customizes the software to do
the backup and give out accounts.)
On smaller systems, the job of a computer operator and a system administrator
are normally combined in one person. At a large multi user site, like a
University Computing Center, they are almost always separate and distinct
jobs requiring different skills and with different responsibilities.
What you call micro-management is called performance tuning by people who know
what they are talking about. Performance tuning is one of the
responsibilities of the systems staff.
People like you scare me because you want to set policy on a subject you know
almost nothing about.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Wed, 4 Sep 1991 00:30:30 GMT
Message-ID: <1991Sep4.003030.2331@eff.org>
References: <1991Sep2.161515.24831@eff.org> <1991Sep2.192241.1731@eff.org> <1563@ra.MsState.Edu>
Subject: Computing Services Policy at Central Michigan University
In article <1991Sep2.192241.1731@eff.org> kadie@eff.org (Carl M. Kadie) writes:
>>According to this paragraph, if a faculty member writes a journal
>>article on a Computer Services computer, it becomes the property of
>>Central Michigan. This is theft by Computer Services of property
>>that rightfully belongs to the faculty member.
>>As a practical matter, this paragraph is ridiculous. Is Computer
>>Services claiming to own the copyright on user-created documents? If
>>so, a faculty member who read this paragraph could not legally give a
>>journal permission to publish the paper he or she wrote. If the
>>faculty member did try to give a permission-to-copy, he or she would
>>be guilty of fraud.
fwp1@Jester.CC.MsState.Edu (Frank Peters) writes:
[...]
> Copyright is not ownership. Ownership is not copyright.
[...]
>Central Michigan University claims ownership of a particular copy of a
>work stored on their media. They claim that they can read it or move
>it or remove it or modify it as necessary. That is, they can do as
>they wish with that particular copy of the work.
I'm sorry for the mistake. I usually do know the difference between
owning a copy and owning a copyright.
Basic property rights include:
The right to sell (lease, etc)
The right to use (and to forbid the use of others)
Are they really claiming the right to sell "their" copy of files
created by users?
Are they really claiming an unlimited right to edit user files and to
forbid users from accessing "their own" files. Must a user ask
permission before deleting a "university" file?
I think that instead of claiming ownership, they would be wiser to get
a license to do necessary system administration tasks. On most systems
this license is implicit.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: fwp1@Jester.CC.MsState.Edu (Frank Peters)
Date: 4 Sep 91 02:44:22 GMT
Message-ID: <1567@ra.MsState.Edu>
References: <1991Sep2.192241.1731@eff.org> <1563@ra.MsState.Edu> <1991Sep4.003030.2331@eff.org>
Subject: Computing Services Policy at Central Michigan University
In article <1991Sep4.003030.2331@eff.org> kadie@eff.org (Carl M. Kadie) writes:
>fwp1@Jester.CC.MsState.Edu (Frank Peters) writes:
>>Central Michigan University claims ownership of a particular copy of a
>>work stored on their media. They claim that they can read it or move
>>it or remove it or modify it as necessary. That is, they can do as
>>they wish with that particular copy of the work.
>
>I'm sorry for the mistake. I usually do know the difference between
>owning a copy and owning a copyright.
I fully understand. And I guess I probably over reacted. I just see
such bogus extension of ownership to copyright claims so often that it
wears me down. Sorry :-)
>Basic property rights include:
> The right to sell (lease, etc)
> The right to use (and to forbid the use of others)
>
>Are they really claiming the right to sell "their" copy of files
>created by users?
Well, technically yes they pretty much are claiming that right. I'd
guess that they really didn't intend to claim it and simply didn't bother
to explicitly give up that implied ability.
That, as I see it, is the core of the flaw with this document. It is
obviously calculated to make damn sure that the university and administrators
are protected with no effort at all do balance it with protections for the
user.
Let me clarify (since at least one emailer misunderstood) that I dislike
this document as much as Carl. It has entirely to much of a flavor of
cover-my-ass-at-any-cost to suit me. It has almost no balance of user
rights.
My sole objection was to the 'stealing copyright' thread. That is a
totally false fear. The document has enough flaws without making up
new ones.
>Are they really claiming an unlimited right to edit user files and to
>forbid users from accessing "their own" files. Must a user ask
>permission before deleting a "university" file?
Yes they are claiming the right to edit files. My guess is they wanted
to make damn sure they retained the right to delete 'improper' files
(dirty pictures, games, whatever they don't like).
And yes they can forbid users from acessing files. This has two
benefits for the heavy handed system administrator. First, it makes it
a lot easier to just cut a user off willy nilly without given them a
chance to get at their stuff. Second, it makes it easier to snag
copies of files (or to freeze them in place by removing user
ownership/write permissions)...nice for keeping 'evidence' of one thing
or another.
>I think that instead of claiming ownership, they would be wiser to get
>a license to do necessary system administration tasks. On most systems
>this license is implicit.
Agreed. Rights should start with the assumption that files are absolutely
private and then build up necessary exceptions rather than throwing
privacy out the window at the get.
Frank
------------------------------
From: tk0jut1@mp.cs.niu.edu (jim thomas)
Date: 4 Sep 91 03:20:42 GMT
Message-ID: <1991Sep4.032042.16316@mp.cs.niu.edu>
References: <199109031957.AA26886@eff.org>
Subject: Computing Services Policy at Central Michigan University
Aydin Edguer writes:
>Wrong. The rule of thumb is that faculty own whatever their contract with
>the University states. This is similar to the agreements that most engineers
>sign when they go to work in industry. Some companies (and perhaps schools)
>do state that employees give the company full rights for any work developed
>on the company's equipment.
>
>The rule of thumb is, if you can't live with the policies of a computer site,
>don't use the site. The cost of a personal computer for faculty to do word
>processing is minimal. And this way, there is no doubts about who owns what.
??? Please pay attention. The original concern raised by Carl's post
was whether routine storage of personal files on a university computer
(specifically at CMU) transferred property rights to the university.
I know of no public institution where, under "normal" circumstances, the
university can claim ownership of intellectual (or other) property
simply because it has been created on, or (in what is at issue here)
resides on or within a university computer, desk, paper, or file cabinet.
We are not talking about the private sector, we are talking about
a specific policy at a specific university. Using Aydin's logic, if we
are given a PC by the university, and we then upload products from that PC
to the system to which the policy applies, by the act of file transfer we
also transfer property rights. Further, the text that Carl posted did not
refer to contractual agreements between a university and faculty, but
to instead of the relationship between system policies and a user.
Aydin misses the point: No subset of rules can supercede superior rules,
and with the exception of unusual and/or explicitly pre-defined circumstances,
scholars retain the rights to their intellectual property. If Aydin knows of
a school where different practices exist, perhaps he could identify those
schools.
We can easily delineate circumstances in which one's creative products
are the property of the sponsor. However, CMU's policy seems explicit:
Mere storage of "property" results in transfer of ownership. This is
clearly absurd. One doesn't create ownership rights by fiat!!
If I write a book on my home computer and store it on the U mainframe, it
remains *my* property, regardless of *any* department or university policy.
Perhaps the U policy referred only to the disk space on which a files
resides or other technological quibbles, but that isn't what the policy
seems to state.
Either the wording of the policy is simply shoddy (which was my original
contention) and needs only revision, or the policy is attempt to
establish a fundamentally new doctrine of law (which is what AE seems to
want to say). If the former, no big deal. If the latter, we should be
concerned. Contrary to Aydin's (quite erroneous) belief, no subset of
rules supercedes superior rules or policies, and the fact that a
departmental or sysad policy makes a claim does not necessarily mean
that the claim is legitimate. The CMU policy is one that should be
addressed and (hopefully) revised.
>Wrong. Check with a good attorney.
>
For both intellectual and "real world" reasons I have discussed these issues
with attys on numerous occasions. You obviously haven't done the same.
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 4 Sep 91 04:38:00 GMT
Message-ID:
Subject: Computing Services Policy at Central Michigan University
>From: fwp1@Jester.CC.MsState.Edu (Frank Peters)
>>I think that instead of claiming ownership, they would be wiser to get
>>a license to do necessary system administration tasks. On most systems
>>this license is implicit.
>
>Agreed. Rights should start with the assumption that files are absolutely
>private and then build up necessary exceptions rather than throwing
>privacy out the window at the get.
>
>Frank
Would it be possible for someone to come up with reasons that a University
administrator can understand as to why the "the assumption that files are
absolutely private" should be so?
We can dream up any policy we like, unless the University administrators likes
it, it is not going to become real policy. There should be some incentive in
a new policy for the University administrators.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: TK0JUT1@NIU.BITNET
Date: 4 Sep 91 05:10:00 GMT
Message-ID: <199109040532.AA06854@eff.org>
Subject: Computing Services Policy at Central Michigan University
There are already several grounds for such policies.
1) The general privacy metaphors that already shape policy regarding
snooping in our office desks or file cabinets
2) The spirit of the ECPA and other laws or policies that recognize that
one's *personal* files are entitled to be free from intrusion
3) The spirit and logic of laws and policies that sanction system
intrusions exist in large part to protect the private files of the
community of users on that system.
4) The general sense from the nets is that many, perhaps most,
universities already have such policies in place. Perhaps the problem,
judging from the comments of some in this group, is encouraging some
sysads to read those policies.
Using only anecdotal evidence, it seems there are surprisingly few
problems involving extreme cases of the kinds of abuse about which we are
concerned. This, I suspect, is largely because most sysads are honorable
and competent. In some ways, the discussion is proactive, because none of
us have (as of yet) identified a serious problem resulting from file
instrusion, ownership rights, or other problems that might emerge when
rules don't match the behaviors they address. Of the university policies
posted in the EFF and CuD archives, most seem well-intended (despite some
occassionaly awkward wording). Perhaps, as somebody suggested, there is
some red-herring dragging occuring here, because it seems that--for
better or ill-the policies of most schools are an attempt to recognize
and address potential problems. One value of this discussion is to make
us more aware of the policies and (potential) limitations at our own
institutions and share our insights with others.
Jim Thomas
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 4 Sep 91 06:14:00 GMT
Message-ID:
Subject: Computing Services Policy at Central Michigan University
>There are already several grounds for such policies.
>
>1) The general privacy metaphors that already shape policy regarding
> snooping in our office desks or file cabinets
>
>2) The spirit of the ECPA and other laws or policies that recognize that
> one's *personal* files are entitled to be free from intrusion
>
>3) The spirit and logic of laws and policies that sanction system
> intrusions exist in large part to protect the private files of the
> community of users on that system.
>
>4) The general sense from the nets is that many, perhaps most,
> universities already have such policies in place. Perhaps the problem,
> judging from the comments of some in this group, is encouraging some
> sysads to read those policies.
All the above are good grounds. I just want some more reasons that
the University administrators will like. (I am not talking of systems
administrators but people who actually set policy.) As I said, the reasons
given above are good, but I have a suspicion that they are not sufficient
enough to convince University Administrations to change policy. The reasons
above are all of the "stick" variety rather than the "carrot" variety. Would
the Public Relations advantage of proclaiming a privacy policy be a good
reason?
>
>Using only anecdotal evidence, it seems there are surprisingly few
>problems involving extreme cases of the kinds of abuse about which we are
>concerned. This, I suspect, is largely because most sysads are honorable
>and competent.
I agree. All the people I work with are ceratinly in the honorable and
competent category. I want reasonable policies because I do not want the very
few dishonorable and incompetent systems administrators, that the laws of
probability dictate exist, to destroy the good work of all the honorable and
competent systems staff.
>In some ways, the discussion is proactive, because none of
>us have (as of yet) identified a serious problem resulting from file
>instrusion, ownership rights, or other problems that might emerge when
>rules don't match the behaviors they address.
I agree that most of this is proactive. The advantage of being proactive is
that most of the problems that are likely to occur have already been thought
out and do not have to be solved in the heat of the moment. The disadvantage
of being proactive is that although the policy may sound good in theory, it
has not evolved in response to real problems and is likely to have serious
flaws when put into practice.
>Of the university policies
>posted in the EFF and CuD archives, most seem well-intended (despite some
>occassionaly awkward wording). Perhaps, as somebody suggested, there is
>some red-herring dragging occuring here, because it seems that--for
>better or ill-the policies of most schools are an attempt to recognize
>and address potential problems. One value of this discussion is to make
>us more aware of the policies and (potential) limitations at our own
>institutions and share our insights with others.
>
I agree.
Also, there is nothing wrong in a little red-herring dragging as long as
everyone recognizes that it is a red-herring being dragged.
>Jim Thomas
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: sean@ms.uky.edu (Sean Casey)
Date: 4 Sep 91 14:33:00 GMT
Message-ID: <1991Sep4.143300.18355@ms.uky.edu>
References: <199109031957.AA26886@eff.org> <1991Sep4.032042.16316@mp.cs.niu.edu>
Subject: Computing Services Policy at Central Michigan University
I referred to two cases: One where the University claimed ownership of
a copy, and another where the University claimed intellectual property
rights. In both cases, without a signed contract, the University would
be in error in claiming either.
Sean
--
** Sean Casey
** "The way your head works is God's own private mystery." - Nicholas Cage
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Wed, 4 Sep 1991 16:13:33 GMT
Message-ID: <1991Sep4.161333.24994@eff.org>
References:
Subject: Computing Services Policy at Central Michigan University
SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
[...]
>Would it be possible for someone to come up with reasons that a University
>administrator can understand as to why the "the assumption that files are
>absolutely private" should be so?
[...]
Here is a possible stick. At public universities unreasonable searches
of (university-owned) desks (and maybe disks) are illegal.
[From the ACLU handbook on the rights of teachers]
"An anonymous cartoon had appeared in a local newspaper ridiculing the
financial and personnel policies of the Fair Lawn, New Jersey, Board of
Education by depicting the board members a poker players, apparently
gambling away emplyees' salaries and jobs. Suspecting the guidance
counselor as the offending cartoonist, a board member entered the
guidance counselor's school at night, found a janitor with a pass key,
directed him to unlook the door to the guidance counselor's suite, and
observing a slightly opened drawer in the guidance counselor's disk,
pulled it completely open, revealing copies of the cartoon. The court
ruled that this action violated the guidance counselor's Fourth
Amendment rights." [This case is very similar to the incident which
apparently motivated the NCSA's policy.]
Another stick would be to amend the University Code explicitly recognize
disk-space privacy. Here is how my schools Code might look
after *amendment*:
"IV. Privacy
A. Members of the University community have the same rights of privacy
as other citizens and surrender none of those rights by becoming
members of the academic community. These rights of privacy extend to
residence hall living. Nothing in University regulations or contracts
shall give University officials authority to consent to a search by
police or other government officials of offices *or computer disk
space* assigned or living quarters leased to individuals except in
response to a properly executed search warrant or search incident to
an arrest.
B. When the University seeks access to an office *or computer disk
space* assigned or living quarters leased to an individual to
determine compliance with provisions of applicable multiple-dwelling
unit laws *(if any)*, ordinances, and regulations, or for improvement
or repairs, the occupant shall be notified of such action not less
that twenty-four hours in advance. There may be entry without notice
in emergencies where imminent danger to life, safety, health, or
property is reasonably feared and for custodial service.
C. The University may not conduct or permit a search of an office *or
computer disk space* assigned or living quarters leased to an
individual except in response to a properly executed search warrant or
search incident to an arrest."
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 4 Sep 91 17:00:00 GMT
Message-ID: <3FCB27CA9080B52F@ccmail.sunysb.edu>
Subject: Computing Services Policy at Central Michigan University
Date sent: 4-SEP-1991 12:59:18
>From: kadie@eff.org (Carl M. Kadie)
>
>SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
>[...]
>>Would it be possible for someone to come up with reasons that a University
>>administrator can understand as to why the "the assumption that files are
>>absolutely private" should be so?
>[...]
>
>Here is a possible stick. At public universities unreasonable searches
>of (university-owned) desks (and maybe disks) are illegal.
>
I agree that those are good sticks, how about a few carrots now?
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: amanda@visix.com (Amanda Walker)
Date: Wed, 4 Sep 91 01:38:43 GMT
Message-ID: <1991Sep4.013843.6670@visix.com>
References: <1991Aug31.075308.1@vaxb.acs.unt.edu>
Subject: Toward a taxonomy of arguments for censorship of alt.sex
cirby@vaxb.acs.unt.edu writes:
> It's *our* government. It's *our* university. If they tell you otherwise,
> they're lying. And it's that whole attitude of the government as an
> independent creature that feeds many of the problems we have today.
True, but we own it as a body of people, not as individuals. I can't go
to public parkland and build a house, any more than I can go to a public
university and demand admittance. To take another example, my taxes may
pay President Bush's salary, but this does not mean that he's my employee.
I can't tell him what to do--All I can do is vote against him, or otherwise
apply indirect pressure.
The government should be the servant of the people, but even at best it
cannot be the servant of any particular individual.
This is a concept that many people fail to grasp (hence the tiresome
popularity of the "I pay your salary" argument).
Amanda Walker
--
"Furious activity is no substitute for understanding." --H. H. Williams
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Wed, 4 Sep 1991 16:59:00 GMT
Message-ID: <1991Sep4.165900.26631@eff.org>
References: <199109040532.AA06854@eff.org>
Subject: Why Policy *Really* Gets Made (was Re: Computing Services Policy ...)
TK0JUT1@NIU.BITNET writes:
[...]
>Using only anecdotal evidence, it seems there are surprisingly few
>problems involving extreme cases of the kinds of abuse about which we are
>concerned. This, I suspect, is largely because most sysads are honorable
>and competent. In some ways, the discussion is proactive, because none of
>us have (as of yet) identified a serious problem resulting from file
>instrusion, ownership rights, or other problems that might emerge when
>rules don't match the behaviors they address.
[...]
My impression is that the way that all policy gets created is:
Person A does very annoying action B.
Authority C tries to find a policy that prohibits action B, but can't.
Authority C, using procedure D, punishes A with sanction E.
Person A complains that action B violated no policy.
Authority B creates policy D that prohibits action B and allows
sanction E to be applied if procedure D is followed.
Others F see the policy D and criticize it on the grounds that
Action B should not be considered very annoying and/or
Punishment E is too harsh for action B and/or
Procedure D is unfair.
[I'm very unclear on this next part.]
Others F and authority B (and bigger authority G') create a new policy
D' that prohibits action B' and allows sanction E' to be
applied if procedure D' is followed.
In this model, all policy making is reactive. That is a danger because
"bad cases make bad law". This discussion group is important because
it brings together the experience of many cases. Some of the cases are
presented explictly. Others are presented implicitly via extant
policies such as the Joint Statement, the law on limited public
forums, the Freedom-to-Read Statement, etc.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Tue Sep 10 07:28:07 1991
Received: from a.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA20719; Tue, 10 Sep 91 07:28:04 -0500
Received: from eff.org by a.cs.uiuc.edu with SMTP id AA10807
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Tue, 10 Sep 91 07:27:22 -0500
Received: by eff.org id AA19182
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 10 Sep 1991 08:26:41 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Errors-To: comp-academic-freedom-talk-request@eff.org
From: "Helen C. O'Boyle"
Date: Tue, 10 Sep 1991 08:26:32 -0400
Message-Id: <199109101226.AA19176@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: R
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Thu, 5 Sep 91 Volume 1 : Issue 7
Today's Topics:
Computer Policy in the Student Handbook (4 msgs)
Computing Services Policy at Central Michigan University
Readership statistics
unsubscribe
Why does alt.sex exist?
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: morgan@ms.uky.edu (Wes Morgan)
Date: 5 Sep 91 13:03:56 GMT
Message-ID: <1991Sep5.130356.22761@ms.uky.edu>
References: <1991Aug23.145258.12240@eff.org> <1991Aug31.162538.22121@mp.cs.niu.edu> <1991Sep4.173836.5678@mailer.cc.fsu.edu>
Subject: Computer Policy in the Student Handbook
otto@fsu1.cc.fsu.edu writes:
>
>> The faculty member can assign a grade of FAIL for cheating. Unless the
>> students appeals, there will be no hearing.
>
>Right. You've hit upon another failure of the common policies with this
>regard. It should REQUIRE a hearing.
>
If a hearing is available on request, why make it automatic? If a hearing
is REQUIRED, some professors will let the cheaters slide instead of taking
the time for a hearing. We place a great deal of confidence in professors;
we entrust them with the education of the students. By requiring a hearing
BEFORE the administration of "disciplinary grading", we're telling the pro-
fessors that we don't trust their ability to detect cheating. If a student
feels that this was done in error, they may certainly appeal. I might point
out that I have known several students who received failing grades for chea-
ting; none of them appealed, since they knew they were guilty and admitted
it freely.
Requiring a preliminary hearing will not accomplish anything more than the
overloading of an already bureaucratic educational system. Leave the hearings
for the appeals.
>I see the sys admin as a fairly menial servant of the customers - the
>people using the systems. He's there to make back-up copies of files
>on some schedule, and he's there to issue logins to new customers, or
>to existing customers who want to divide up their work (on some systems).
>Why would he need to be involved in the micro-management - the process
>scheduling, prioritizing and contentions that you (and many others)
>mention? ...jgo
"A fairly menial servant"? I think you have confused "system administrator"
with "system operator".
Let me give you a description of our shop as an example. We have
5 staff members who serve over 1800 users. I am the Unix Systems Admini-
strator. I configure all new machines, tune the kernels, determine disk
partitioning, manage the user base, assign quotas, write system code, manage
my chunk of Ethernet, and act as a general "user consultant"; this is just
a small sample of my responsibilities.
We do not have a "system operator". We do not have a "Systems Programmer",
a "Systems Analyst", or any of those wonderful buzzworded titles. I'm sure
that there are many computing shops which are as undermanned as we are; there
are probably many administrators like me. We are placed in a position
where we are effectively REQUIRED to micromanage; it's necessary to
squeeze every bit of productivity from our nearly obsolescent equip-
ment.
In many cases, micromanagement is a fact of life for system administrators.
--
morgan@ms.uky.edu |Wes Morgan, not speaking for| ....!ukma!ukecc!morgan
morgan@engr.uky.edu |the University of Kentucky's| morgan%engr.uky.edu@UKCC
morgan@ie.pa.uky.edu |Engineering Computing Center| morgan@wuarchive.wustl.edu
------------------------------
From: ara@zurich.ai.mit.edu (Allan Adler)
Date: 5 Sep 91 15:55:56 GMT
Message-ID:
References: <1991Aug23.145258.12240@eff.org> <1991Aug31.162538.22121@mp.cs.niu.edu>
Subject: Computer Policy in the Student Handbook
At Brandeis University, faculty were urged by the administration
not to flunk students for cheating or to take other
retaliatory action. Instead, they were advised to
submit their evidence to the administration, which would worry about
disciplinary action.
There were many things I disagreed wtih at Brandeis, but this policy
seemed to be particularly sensible since it clearly separated the
functions of the faculty (teaching, research) from those of the
administration. In particular, it emphasized that the faculty were not
hired to be disciplinarians. That is fine with me.
Allan Adler
ara@altdorf.ai.mit.edu
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Thu, 5 Sep 1991 18:10:39 GMT
Message-ID: <1991Sep5.181039.22607@eff.org>
References: <1991Aug23.145258.12240@eff.org> <1991Aug31.162538.22121@mp.cs.niu.edu>
Subject: Computer Policy in the Student Handbook
I wrote:
>>Can you give examples of situations in which a sys admin needs a great
>>deal of flexibility? Perhaps we can propose some rules that are clear
>>enough to satisfy me and flexible enough to satisfy you.
rickert@cs.niu.edu (Neil Rickert) writes:
[...]
> I see a student has 50 processes running wild (our current per-user
> limit),
> and I see a faculty member has 3 processes very carefully 'nice'd.
> I need the flexibility to decide that the student problem is
> inconsequential, probably caused by a shell script named 'test' which does
> an 'if test ...', and I need the flexibility to kill two of the
> professor's
> processes because, in spite of the 'nice', they are memory hogs and are
> thrashing so severely as to cause severe interference with other users.
(These are great examples. Sorry, I've taken so long to respond.)
I agree that a Sys Admin should be able to make these decisions. Your
purpose in killing the professor's jobs was to stop the system from
thrashing. It was not to punish the professor. You did not act
capriously.
(You should of course tell the professor what you did. Otherwise
the professor will likely just start the jobs up again.)
Hopefully, a discussion with the professor will lead to some
solution that will allow her to run her jobs without impacting
the system so much (one job at a time, an account on a other machine,
running at night, etc.)
> --
> I see student A has started a daemon which watches for new logins, and
> does 'write's to them. I see student B has started a daemon which watches
> for new processes and attempts to 'kill' them.
> I need the flexibility to determine that student A has done something
> abusive and anti-social, while student B has merely seen a neat looking
> program named 'init', tried it to see what it does, then attempted to kill
> it after realizing his mistake. (Naturally I removed the world execute
> permissions of 'init' after this happened).
First, what rules might be broken?
There might be a rule against harassment. Where "harassment" is
knowingly sending unwanted personal communications on the computer.
Person A would know his or her communications was unwanted if he or
she had received notice (say, via email, or by being told). Personal
communications on the computer would include talk requests, email, and
programs that wrote to the user's terminal.
There might also be a rule against unauthorized changes to the status
of computer jobs. User C and the system staff would be authorized to
change User C's jobs. (User C might also authorize others.)
If anyone (even you, the sys admin) complains that Person A is
harassing. You could investigate. If A is off the system and you have
reason to believe that A's deamon is causing the problem, you could
kill or suspend it.
(You should, of course, tell A what you did, otherwise A will likely
just start the jobs up again.)
You should send email to A asking for an explanation (or a meeting).
Person A probably deserves an informal warning. If, after warnings, A
continues to harass, A may deserve a formal warning or a short
suspension from the computer.
With person B, you can of course kill the 'init' process. Email or a
meeting with the person will probably convince you that person B did
not intent to break the rule.
> --
> I need the flexibility to decide that a student who is 'telnet'ing to port
> 2000 as some place halfway across the country is violating our rules
> against playing games in the middle of the day. I need the flexibility to
> decide that another student who is running a program called 'hangman' is
> just working on an assignment in his programming class.
I'm not fond of restrictions on what kind of program can be run. I'd
much rather have limits on the effects of those programs (e.g. how
much CPU time programs can use, etc.) Kind-of-program restrictions are
as hard to enforce as topic restrictions on email.
Most game playing can be detected accurately by the name of the
process. Email and/or a meeting should take care of the problem.
Some game playing is bound to go undected.
But what about the other cases. I don't know the answer.
What is worse, running a program of the wrong kind or official
snooping to make sure that your program is not the wrong kind?
Is there middle ground? At the U. of Illinois if they think that too
many people are living in a dorm room, they give 24 hours notice that
there will be an inspection.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: rickert@cs.niu.edu (Neil Rickert)
Date: 5 Sep 91 20:57:47 GMT
Message-ID: <1991Sep5.205747.17426@mp.cs.niu.edu>
References: <1991Aug23.145258.12240@eff.org>
Subject: Computer Policy in the Student Handbook
In article <1991Sep5.181039.22607@eff.org> kadie@eff.org (Karl Kadie) writes:
>I wrote:
>
>>>Can you give examples of situations in which a sys admin needs a great
>>>deal of flexibility? Perhaps we can propose some rules that are clear
>>>enough to satisfy me and flexible enough to satisfy you.
>
>rickert@cs.niu.edu (Neil Rickert) writes:
>
>[...]
>> I see a student has 50 processes running wild (our current per-user
>> limit),
>> and I see a faculty member has 3 processes very carefully 'nice'd.
>> I need the flexibility to decide that the student problem is
>> inconsequential, probably caused by a shell script named 'test' which does
>> an 'if test ...', and I need the flexibility to kill two of the
>> professor's
>> processes because, in spite of the 'nice', they are memory hogs and are
>> thrashing so severely as to cause severe interference with other users.
>
>(These are great examples. Sorry, I've taken so long to respond.)
>
>I agree that a Sys Admin should be able to make these decisions. Your
>purpose in killing the professor's jobs was to stop the system from
>thrashing. It was not to punish the professor. You did not act
>capriously.
>
>(You should of course tell the professor what you did. Otherwise
>the professor will likely just start the jobs up again.)
Naturally I informed him.
>Hopefully, a discussion with the professor will lead to some
>solution that will allow her to run her jobs without impacting
>the system so much (one job at a time, an account on a other machine,
>running at night, etc.)
In this case the professor had discussed it with me before starting the
jobs, but it was difficult to estimate the impact which was more serious than
at originally anticipated.
>> I see student A has started a daemon which watches for new logins, and
>> does 'write's to them. I see student B has started a daemon which watches
>> for new processes and attempts to 'kill' them.
>
>> I need the flexibility to determine that student A has done something
>> abusive and anti-social, while student B has merely seen a neat looking
>> program named 'init', tried it to see what it does, then attempted to kill
>> it after realizing his mistake. (Naturally I removed the world execute
>> permissions of 'init' after this happened).
>
>First, what rules might be broken?
>
>There might be a rule against harassment. Where "harassment" is
>knowingly sending unwanted personal communications on the computer.
>Person A would know his or her communications was unwanted if he or
>she had received notice (say, via email, or by being told). Personal
>communications on the computer would include talk requests, email, and
>programs that wrote to the user's terminal.
In the particular case I have in mind, I found out about this from a
complaint by another user. The complainer had great difficulty logging
in because the messages were interrupting prompts for terminal type, etc.
I certainly considered that harrassment. My action was to kill the job and
send the offender a warning.
>(You should, of course, tell A what you did, otherwise A will likely
>just start the jobs up again.)
I would not normally kill a user's job without informing that user,
most commonly by email.
>With person B, you can of course kill the 'init' process. Email or a
>meeting with the person will probably convince you that person B did
>not intent to break the rule.
In this case "person B" brought the matter to my attention, since his
action prevented further use of the system by him. But in this case I
could joke with the student about him doing something dumb, instead of
having to reprimand him.
>> I need the flexibility to decide that a student who is 'telnet'ing to port
>> 2000 as some place halfway across the country is violating our rules
>> against playing games in the middle of the day. I need the flexibility to
>> decide that another student who is running a program called 'hangman' is
>> just working on an assignment in his programming class.
>
>I'm not fond of restrictions on what kind of program can be run. I'd
>much rather have limits on the effects of those programs (e.g. how
>much CPU time programs can use, etc.) Kind-of-program restrictions are
>as hard to enforce as topic restrictions on email.
You might not be fond of restriction. But when a large proportion of our
terminal ports are tied up by game players, and legitimate users with
homework assignments due are thereby prevented from accessing the system,
I must act. Email warnings are always given first, and further action is
only taken if the warnings are ignored.
>What is worse, running a program of the wrong kind or official
>snooping to make sure that your program is not the wrong kind?
Most system admins don't have the time or the patience to be "snooping"
on what people are doing. But they do have to monitor the system, look
at process queues, mail queues, etc. In the process of routine system
monitoring they may observe abuse. I don't consider that "snooping".
>Is there middle ground? At the U. of Illinois if they think that too
>many people are living in a dorm room, they give 24 hours notice that
>there will be an inspection.
Note that in the (real) examples I gave, the only cases that I acted
immediately were when there was an immediate impact on the system which
interfered with other users. Under any other circumstances giving notice
should be standard procedure. I presume that at U. of Illinois if they
noticed smoke billowing from a dorm room, or if the sound level from
a stereo was so high as to be intolerable to neighbors, they would not
give 24 hours notice but would take some immediate action.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Thu, 5 Sep 1991 16:12:30 GMT
Message-ID: <1991Sep5.161230.19723@eff.org>
References: <3FCB27CA9080B52F@ccmail.sunysb.edu>
Subject: Computing Services Policy at Central Michigan University
>>SKAPUR@ccmail.sunysb.edu (Sanjay Kapur) writes:
>>[...]
>>>Would it be possible for someone to come up with reasons that a University
>>>administrator can understand as to why the "the assumption that files are
>>>absolutely private" should be so?
>>[...]
Here are possible carrots.
(This is speculation; I don't have enough experience to know if the
world really works like this.)
1. Idealism -- Many Sys Admin see computers as ways of making the
world better. Because they feal that computer files ideally should be
private, sys admins may support policy that offers some measure of
protection. (They may also work to make the ideal closer to reality by
supporting technical work in encryption and the like.)
2. Better Relations -- Users have a better feeling about the computer
if they know that privacy is the default.
3. Professionalism -- If sys admins aspire to professionalism (like
librarians and college teachers), they will likely develop a code of
ethics that sometimes requires them to defend users against pressure
from above. (A high school librarian would fight a request from the
Principal to pull a book. A college teacher would fight a request from
a Dean to change a student's grad.)
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: warnold@eff.org (William W. Arnold)
Date: Thu, 5 Sep 1991 19:55:17 GMT
Message-ID: <1991Sep5.195517.25011@eff.org>
Subject: Readership statistics
For all those interested in the current readership statistics. Here
they are.
on the three mailing lists-
comp-academic-freedom-talk has 72 subscribers.
comp-academic-freedom-batch has 57 subscribers.
comp-academic-freedom-news has 173 subscribers.
on usenet-
+-- Estimated total number of people who read the group, worldwide.
| +-- Actual number of readers in sampled population
| | +-- Propagation: how many sites receive this group at all
| | | +-- Recent traffic (messages per month)
| | | | +-- Recent traffic (kilobytes per month)
| | | | | +-- Crossposting percentage
| | | | | | +-- Cost ratio: $US/month/reader
| | | | | | | +-- Share: % of newsrders
| | | | | | | | who read this group.
V V V V V V V V
1 210000 4777 72% 1500 3700.3 8% 0.02 13.9% alt.sex
712 8500 192 47% 207 579.1 7% 0.06 0.6% alt.comp.acad-freedom.talk
--
| William W. Arnold | warnold@eff.org | has8wwa@cabell.vcu.edu |
| Co-moderator: Computers and Academic Freedom Mailing list |
| I speak for myself, not {him, her, it, eff}. |
------------------------------
From: jjc@mayo.EDU (Jon Camp)
Date: 5 Sep 91 16:39:22 GMT
Message-ID: <9109051639.AA07496@bru.mayo.EDU>
Subject: unsubscribe
Please unsubscribe jjc@mayo.edu
Thanks
------------------------------
From: bagchi@eecs.umich.edu (Ranjan Bagchi)
Date: Thu, 5 Sep 1991 00:45:33 GMT
Message-ID:
References: <4BE653D6E840CB70@ccmail.sunysb.edu> <49681@netnews.upenn.edu>
Subject: Why does alt.sex exist?
In article <49681@netnews.upenn.edu> bond@eniac.seas.upenn.edu (Robert S.) writes:
>Here, here. Agreement on alt.sex decreasing morals. Stupid perverts.
>
You'd think that keeping up with alt.sex would take up
enough time to preempt any action, immoral or otherwise. Maybe
not.
-rj
--
Ranjan Bagchi | All I need to know I learned in the Marines:
bagchi@eecs.umich.edu | Eat all your vegetables; Make your bed
------------------------+ every day; warm moist footware leads to
severe problems with fungus; When someone tells you to, run full
speed at another person and stab them with a bayonet. (stolen quote)
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Tue Sep 10 08:15:10 1991
Received: from a.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA20791; Tue, 10 Sep 91 08:15:06 -0500
Received: from eff.org by a.cs.uiuc.edu with SMTP id AA10969
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Tue, 10 Sep 91 08:14:24 -0500
Received: by eff.org id AA20305
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 10 Sep 1991 09:13:28 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Errors-To: comp-academic-freedom-talk-request@eff.org
From: "Helen C. O'Boyle"
Date: Tue, 10 Sep 1991 09:13:19 -0400
Message-Id: <199109101313.AA20293@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: R
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Fri, 6 Sep 91 Volume 1 : Issue 8
Today's Topics:
Academic privacy question (2 msgs)
A correction of fact
Fwd: Academic Privacy (2 msgs)
Newsgroup selection (was Academic Privacy Question)
Selection Policy for Computer Conferences? (4 msgs)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: kadie@herodotus.cs.uiuc.edu (Carl M. Kadie)
Date: Fri, 6 Sep 1991 18:29:15 GMT
Message-ID:
References: <1991Aug30.184845.24462@ulowell.ulowell.edu>
Subject: Academic privacy question
[News.misc readers:
Recent discussions in the alt.comp.acad-freedom.talk and
alt.comp.acad-freedom.news newsgroups have talked about adopting good
library policy to Netnews. Most of these discussion have concerned
newsgroup selection policy.- Carl]
Librarians have looked at very similar questions. Here is the American
Library Association's "Policy on Confidentiality of Library Records":
----- start statement----
The Council of the American Library Association strongly recommends
that the responsible officers of each library in the United States:
1. Formally adopt a policy which specifically recognizes its
circulation records and other records identifying the names of library
users to be confidential in nature.*
2. Advise all librarians and library employees that such records shall
not be made available to any agency of state, federal, or local
government except pursuant to such process, order, subpoena as may be
authorized under the authority of, and pursuant to, federal, state, or
local law relating to civil, criminal, or administrative discovery
procedures or legislative investigative power.
3. Resist the issuance or enforcement of any such process, order, or
subpoena until such time as a proper showing of good cause has been
made in a court of competent jurisdiction.**
*Note: _See also_ ALA Policy Manual 54.15, Code of Ethics, point 3:
"Librarians must protect each user's right to privacy with respect to
information sought or received, and materials consulted, borrowed, or
acquired."
**Note: Point 3, above, means that upon receipt of such process,
order, or subpoena, the library's officers will consult with their
legal counsel to determine if such process, order, or subpoena is in
proper form and if there is a showing of good cause for its issuance;
if the process, order, or subpoena is not in proper form of if good
cause has not been shown, they will insist that such defects be cured.
Adopted January 20, 1971; revised July 4, 1975, by the ALA Council.
--------end statement---
>From _Intellectual Freedom Manual_ Third Edition, published by the
American Library Association.
- Carl
--
Carl Kadie -- kadie@cs.uiuc.edu -- University of Illinois at Urbana-Champaign
------------------------------
From: nbc2134@dsacg2.dsac.dla.mil (Robert F Solon)
Date: 6 Sep 91 12:34:40 GMT
Message-ID: <9109062034.AA01590@dsacg2.dsac.dla.mil>
Subject: Academic Privacy Question
In reply to the mail from ...
-------------------------------------------------------------------------------
>
>Librarians have looked at very similar questions. Here is the American
>Library Association's "Policy on Confidentiality of Library Records":
>
>----- start statement----
>The Council of the American Library Association strongly recommends
>that the responsible officers of each library in the United States:
>
>1. Formally adopt a policy which specifically recognizes its
>circulation records and other records identifying the names of library
>users to be confidential in nature.*
>
>2. Advise all librarians and library employees that such records shall
>not be made available to any agency of state, federal, or local
>government except pursuant to such process, order, subpoena as may be
>authorized under the authority of, and pursuant to, federal, state, or
>local law relating to civil, criminal, or administrative discovery
>procedures or legislative investigative power.
>
>3. Resist the issuance or enforcement of any such process, order, or
>subpoena until such time as a proper showing of good cause has been
>made in a court of competent jurisdiction.**
>
>*Note: _See also_ ALA Policy Manual 54.15, Code of Ethics, point 3:
>"Librarians must protect each user's right to privacy with respect to
>information sought or received, and materials consulted, borrowed, or
>acquired."
>
>**Note: Point 3, above, means that upon receipt of such process,
>order, or subpoena, the library's officers will consult with their
>legal counsel to determine if such process, order, or subpoena is in
>proper form and if there is a showing of good cause for its issuance;
>if the process, order, or subpoena is not in proper form of if good
>cause has not been shown, they will insist that such defects be cured.
>
>Adopted January 20, 1971; revised July 4, 1975, by the ALA Council.
>
>--------end statement---
>
>American Library Association.
>
>- Carl
Oh, this is good! Carl, you would have made an _excellent_ debator!!
Carl argues that the same policies that libraries use in protecting the
confidentiality of readers' selections should be applied to Usenet users.
I agree. However, I will not agree that the policies of libraries vis-a-vis
selection of materiels should be applied to Usenet newsgroup selection. There
is an essential difference here, one that renders the library analogy totally
inappropriate. The one situation applies to essentially private activity,
i.e., that which is under the user's control. The other situation (selection
of newsgroups) is _not_ the domain of the user, but rather that of the owner
or administrator. Therefore, the library analogy, IMHO, applies only to the
first situation, and not to the second.
As a matter of fact, I have a feeling that the reason libraries have adopted the
very liberal and correct policies they have in terms of materiel selection is
due to their primary status as a repository of knowledge. The primary purpose
of Usenet is not that of education. Based on Usenet readership and arbitron
statistics, the most polular newsgroups are in the rec.* and alt* hierarchies,
indicating a purpose not essentially educational in nature.
Bob
Bob Solon, rsolon@dsac.dla.mil
Administrative Information Branch -- "We Code, You Explode!!"
Directorate of Resource Management Systems (APCAPS)
DLA Systems Automation Center, DSAC-BCC (614) 238-8256 AV 850-8256
------------------------------
From: U15289@UICVM.uic.edu
Date: 6 Sep 91 20:24:58 GMT
Message-ID: <199109062030.AA18390@eff.org>
Subject: A correction of fact
Dan Lester writes:
>>The difference between a newsgroup and a mailing list is distribution.
>>Unix machines, but is not generally available on, for example, IBM
>>mainframes.
> In fact, as far as I know, it is ONLY on **ix boxes.
Something is apparently missing from the message distributed on this list,
but for the record, the NETNEWS newsgroup system is indeed available on IBM
mainframes. NETNEWS on IBM, I am informed, is known as USENET on Unix.
Mitch Pravatiner
BITNET U15289 at UICVM
INTERNET U15289 at UICVM.UIC.EDU
------------------------------
From: nbc2134@dsacg2.dsac.dla.mil (Robert F Solon)
Date: 6 Sep 91 09:38:08 GMT
Message-ID: <9109061738.AA24468@dsacg2.dsac.dla.mil>
Subject: Fwd: Academic Privacy
Enclosed is an article that I saw today on Usenet. Since it's directly
related to what we've recently been talking about, I thought it would be a
good idea to forward to the comp-academic freedom lists. My original reply
is also appended; please feel free to comment on both the original article
as well as my reply.
Bob
Bob Solon, DSAC-BCC
Administrative Information Branch -- APCAPS
"We Code, You Explode!!"
Attached File Follows Below The Next Line...
-------------------------------------------------------------------------------
>From vn Fri Sep 6 12:55:52 1991
Subject: Re: Academic privacy question
~Newsgroups: news.misc
References: <1991Aug30.184845.24462@ulowell.ulowell.edu>
>From article <1991Aug30.184845.24462@ulowell.ulowell.edu>, by wex@cs.ULowell.EDU (Paul Wexelblat):
> Would it be possible for an individual/organization to determine
> who (organizations or individuals) who subscribe_to/read any given
> group. [Other than those who post to a group -- although there is
> some evidence that many posters do not read the groups; and, some
> posters may do so anonymously.]
>
> Also, I would entertain a motion to move this thread to alt.privacy
> or somesuch, but this seemed like the right place to pose the question,
> and some folks don't have access to the alt hierarchy.
I'm not sure that this a good idea. Previous respondents have suggested various
technical methods to determine what is being read and what isn't. I'm not sure
why a sysadmin or anyone else would want to. I think there is some degree of
privacy that is expected here; again, other respondents have pointed out that
readers might not want others to know they they read soc.whatever, for
example. And although there is less of an expectation of privacy than one's
postings to Usenet (since they are more-or-less freely distributed and avail-
able), still, I believe there ought to be the same degree of protection as
there is for e-mail.
Short of arbitron stats, why would anyone want to check what's being read?
Could Wex describe the motivation for asking the original question? There may
be some totally legitimate reason that I'm totally overlooking.
Thanks!!
Bob
>From vn Fri Sep 6 13:09:34 1991
Subject: Re: The Recession is Not over
~Newsgroups: sci.econ
References: <1991Sep2.095641.29924@StarConn.com>
>From article <1991Sep2.095641.29924@StarConn.com>, by rburns@StarConn.com (Randall J. Burns):
> What it really seems like to me, is that if Reagan could have resisted
> his temptation to raise military spending as a percentage of GNP and
> kept his social spending cuts, we could have avoided massive deficits
> and fiscal collapse.
>
Some would argue that the Reagan military build-up was a direct cause of the
collapse of the Soviet block. I'm not an expert, so I can't say for sure. In
either case, Reagan and Congress certainly primed the pump - and when they did
so, of course we had growth. But at what price? Economic growth is not
_always_ good; sometimes (perhaps often) it has negative as well as positive
effects. What we as a nation need to do now, I believe, is use the Soviet
collapse to good advantage. We should encourage a market economy in the
USSR (or whatever it will become) and should actively pursue investment there.
The former Soviet citizens have lots of rubles and little to buy. Who could
ask for a more captive market? We can then use the Reagan buildup's effects
to good advantage. After all, we still need to pay for all those tanks and
planes and guns and ships. If we're successful, the Reagan buildup will
become a kind of capital investment, instead of simply a huge-scale consumer
spending binge.
Of course, the above opinion is my own and does not constitute official policy
of the United States, the U.S. DoD, the Defense Logistics Agency, or any
subpart thereof.
Bob Solon
------------------------------
From: nbc2134@dsacg2.dsac.dla.mil (Robert F Solon)
Date: 6 Sep 91 10:21:00 GMT
Message-ID: <9109061821.AA26567@dsacg2.dsac.dla.mil>
Subject: Fwd: Academic Privacy
Whoops!! Sorry about the sci.econ attachment. My file attach software is
apparently not working correctly. My apologies for wasted bandwidth.
Bob
Bob Solon, rsolon@dsac.dla.mil
Administrative Information Branch -- "We Code, You Explode!!"
Directorate of Resource Management Systems (APCAPS)
DLA Systems Automation Center, DSAC-BCC (614) 238-8256 AV 850-8256
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Fri, 6 Sep 1991 21:40:44 GMT
Message-ID: <1991Sep6.214044.20786@eff.org>
References: <9109062034.AA01590@dsacg2.dsac.dla.mil>
Subject: Newsgroup selection (was Academic Privacy Question)
nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
>Oh, this is good! Carl, you would have made an _excellent_ debator!!
Thanks :-)
>Carl argues that the same policies that libraries use in protecting the
>confidentiality of readers' selections should be applied to Usenet users.
>I agree. However, I will not agree that the policies of libraries vis-a-vis
>selection of materiels should be applied to Usenet newsgroup selection. There
>is an essential difference here, one that renders the library analogy totally
>inappropriate. The one situation applies to essentially private activity,
>i.e., that which is under the user's control. The other situation (selection
>of newsgroups) is _not_ the domain of the user, but rather that of the owner
>or administrator. Therefore, the library analogy, IMHO, applies only to the
>first situation, and not to the second.
In a library, the selection of magazines "is _not_ the domain of the
user, but rather that of the owner or administrator" (i.e. librarian).
Therefore, the library analogy, IMHO, applies to this situation.
>As a matter of fact, I have a feeling that the reason libraries have
>adopted the
>very liberal and correct policies they have in terms of materiel selection is
>due to their primary status as a repository of knowledge. The primary purpose
>of Usenet is not that of education. Based on Usenet readership and arbitron
>statistics, the most polular newsgroups are in the rec.* and alt* hierarchies,
>indicating a purpose not essentially educational in nature.
[...]
According to the student code, my university's library (at the U. of
Illinois) "exists primarily to circulate material to the faculty and
student body of the University."
American Library Association's Library Bill of Rights says that "all
libraries are forums for information and ideas" and that "[b]ooks and
other library resources should be provided for the interest,
information, and enlightenment of all people of the community the
library serves." [ftp.eff.org:pub/academic/library.us]
I think Netnews on a university computer can exist for the same
reasons.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: ALILESTE@idbsu.idbsu.edu
Date: 5 Sep 91 21:41:21 GMT
Message-ID: <199109061901.AA15465@eff.org>
Subject: Selection Policy for Computer Conferences?
Below the sig block are some comments on this memo. dan
************************************************************************
* Dan Lester Bitnet: alileste@idbsu
* Associate University Librarian Internet: alileste@idbsu.idbsu.edu
* Boise State University
* Boise, Idaho 83725 You can be sure these ideas are my
* 208-385-1234 own; no one else would have them.
************************************************************************
----------------------------Original message----------------------------
>rom: kadie@eff.org (Carl M. Kadie)
>Subject: Wanted selection policy for NetNews
>We need advice from librarians to stop censorship of a new computer
>medium.
Oh, boy....and I am an Ultimate First Amendment supporter, for
politics, for porn, for anything else.
I am a librarian, and have been for 23 years. Have the "sacred"
MLS and have taught in several library schools.
But here we are back to the traditional censorship vs. selection
issues.
>Netnews (aka Usenet, aka newsgroups) is a computer medium for group
>discussions over networks. It's content is about the same as that of
Know them well....read a number of them regularly, some less regularly,
including some of the "dirty ones" like rec.arts.erotica alt.sex, and
so on. So Iknow what we are talking about.
>The difference between a newsgroup and a mailing list is distribution.
>Unix machines, but is not generally available on, for example, IBM
>mainframes.
In fact, as far as I know, it is ONLY on **ix boxes.
>The main advantage of Netnews is cost. Because everyone on a given
>computer shares the same copy of a Netnews article storage and
>transmission costs are very low. This means that sites can afford to
This issue doesn't pertain here. Listserv does the same thing.
Sends one copy of msg to each site. Three of us here at bsu got same
msg as this one. It was exploded into three copies in our individual
reader lists, and we may have added it into our own storage allocations
if we saved/kept it, but only ONE copy was sent. As owner of three
lists I am sure of this.
Yes, being able to browse in areas you aren't subbed to is a plus. But
it is also part of the cost. We have hundreds of people on email here.
There are some 2300 bitnet listserv lists. But at least half of them
are not subbed to by ANYONE of the 16,000 students and staff on campus.
That is not censorship. That is selection.
>Selection. If a computer site cannot afford to subscribe to all the
>Netnews newsgroups (there are thousands of newsgroups and each
>requires some amount of disk space), how should it select which
>newsgroups to get?
And some require a LOT of disk space, even if only kept a few days.
Particularly the case of graphics stuff like alt.sex.pictures.
Ideally, they would subscribe to every group anyone wanted, just like
I can do for listserv lists. But adding them is not something the user
can do for himself, so changing them all the time would be a major admini-
strative hassle, just as it would be if the library changed a third of
its subscriptions every year.
Also, if someone "upstream" of the site in question has to get the
newsgroups to pass them on. So if you have a commercial site upstream
that won't carry certain items you have to get them from somewhere
different, somewhere more expensive. This is much like the issue of new
echoes being added to the Fidonet backbone, and how people get them
to their local BBS before they are on the backbone. I live with this
Fidonet problem daily, importing the echoes I want from Nashville, where
they are all available.
>Last week a computer administer at the University of Kentucky stated
>that his machine would be avoiding a popular newsgroups dealing with
>sex because he feared it was too controversial. In Canada, the
Well, I disagree with him/her, but....
>published once a year in book form. Ironically, the University of
>Waterloo's library collects the books.).
Inconsistencies like this abound in all areas of selection or
censorship, in libraries or otherwise.
>I think a computer with Netnews *is* (in part) a library and should
>follow proper library selection (and deselection) policy. (Stanford
>fought a ban of the humor newsgroup by making this their official
>policy.) As a computer scientist, however, I don't have a good
>understanding of the details of selection.
This is an interesting concept and not one I have run into before.
I agree that all "information management" should operate under similar
or identical policies, but I imagine many of the "turf managers" involved
would disagree. Although libraries and computer centers seem to be
gradually "merging" on campuses, many on both sides are either protective
of their empires or don't want to "mess with" the other side.
>These are the formative years for computer media policy. It
>is very important that we formulate a good policy.
No question about that, but such policies in libraries vary widely,
depending on local politics, local personalities, whether the institution
is public, private, or church supported (and what church, for that matter),
and so forth. National guidelines or principles could be useful, just as
libraries have them for book/journal selection, but the local practices
will vary considerably.
dan
------------------------------
From: nbc2134@dsacg2.dsac.dla.mil (Robert F Solon)
Date: 6 Sep 91 11:47:35 GMT
Message-ID: <9109061947.AA00162@dsacg2.dsac.dla.mil>
Subject: Selection Policy for Computer Conferences?
In reply to the mail from ...
>Date: Thu, 5 Sep 1991 16:41:21 CDT
>Subject: Selection Policy for Computer Conferences?
>
>Below the sig block are some comments on this memo. dan
>
>************************************************************************
>* Dan Lester Bitnet: alileste@idbsu
>* Associate University Librarian Internet: alileste@idbsu.idbsu.edu
>* Boise State University
>* Boise, Idaho 83725 You can be sure these ideas are my
>* 208-385-1234 own; no one else would have them.
>************************************************************************
>
>----------------------------Original message----------------------------
>>rom: kadie@eff.org (Carl M. Kadie)
>>Subject: Wanted selection policy for NetNews
>
>
>>Last week a computer administer at the University of Kentucky stated
>>that his machine would be avoiding a popular newsgroups dealing with
>>sex because he feared it was too controversial. In Canada, the
> Well, I disagree with him/her, but....
Apparently Carl wasn't persuaded by those (myself included) who argued that
"owners have rights, too." He said he did in this newsgroup, (or at least he
conceded the point), but actions do speak louder than words. The action in
question was the decision not to carry alt.sex. The prevailing argument was
that as the owner or owner's representative, the sysadmin had the right to
determine what newsgroups were carried. The users of the system have the
right to enjoy unrestricted speech in e-mail and in the newsgroups carried by
the system, but the owner/sysadmin has no obligation to carry any particular
newsgroups or any of them. the analogy used was that of an airline: an
airline must offer the same services to all its passengers and may not deny
services to anyone for any reason, but it is not required to carry Passenger A
to point B if the airline has no routes to Point B. Similarly, owners should
respect the rights of those participating in the groups carried by that site,
but the owners are under no obligation to carry any particular newsgroups.
This is _not_ censorship!!
In all fairness, however, I would like to see the entirety of the original
email, before making further comment.
>
>>published once a year in book form. Ironically, the University of
>>Waterloo's library collects the books.).
> Inconsistencies like this abound in all areas of selection or
>censorship, in libraries or otherwise.
>
>
>>I think a computer with Netnews *is* (in part) a library and should
>>follow proper library selection (and deselection) policy. (Stanford
>>fought a ban of the humor newsgroup by making this their official
>>policy.) As a computer scientist, however, I don't have a good
>>understanding of the details of selection.
> This is an interesting concept and not one I have run into before.
>I agree that all "information management" should operate under similar
>or identical policies, but I imagine many of the "turf managers" involved
>would disagree. Although libraries and computer centers seem to be
>gradually "merging" on campuses, many on both sides are either protective
>of their empires or don't want to "mess with" the other side.
>
What about a private library, i.e., owned by private individuals who offer it
for public use? (It may be a rare-document library, for example). Is it
"censorship" for the owner not to carry rare documents from Ancient Fubar
because they contain material deemed pornographic? It may be poor
scholarship, but I hardly think it qualifies as "censorship."
>>These are the formative years for computer media policy. It
>>is very important that we formulate a good policy.
> No question about that, but such policies in libraries vary widely,
>depending on local politics, local personalities, whether the institution
>is public, private, or church supported (and what church, for that matter),
>and so forth. National guidelines or principles could be useful, just as
>libraries have them for book/journal selection, but the local practices
>will vary considerably.
Of course good policy is needed. I quite agree. I'm quite unconvinced,
however, that allowing owners of systems their First Amendment _as well as_
property rights to select the newsgroups they will carry is in any way
"censorship."
Bob
Bob Solon, rsolon@dsac.dla.mil
Administrative Information Branch -- "We Code, You Explode!!"
Directorate of Resource Management Systems (APCAPS)
DLA Systems Automation Center, DSAC-BCC (614) 238-8256 AV 850-8256
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Fri, 6 Sep 1991 21:20:05 GMT
Message-ID: <1991Sep6.212005.20119@eff.org>
References: <9109061947.AA00162@dsacg2.dsac.dla.mil>
Subject: Selection Policy for Computer Conferences?
nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
[...]
>Apparently Carl wasn't persuaded by those (myself included) who argued that
>"owners have rights, too." He said he did in this newsgroup, (or at least he
>conceded the point), but actions do speak louder than words. The action in
>question was the decision not to carry alt.sex.
[...]
I concede that public universities *can* legally create a limited
public forum (Netnews) that is restricted to a set of topics (only
some newsgroups are carried).
So, how *should* newsgroups be selected? In my opinion, universities
should select (and deselect) newsgroups topics the way that a
librarian selects (and deselects) books, magazines, movies, cd-rom.
etc.
(I think newsgroup selection by a sys admin is more like magazine
selection by a librarian than like route selection by an airline.)
[...]
>Of course good policy is needed. I quite agree. I'm quite unconvinced,
>however, that allowing owners of systems their First Amendment _as well as_
>property rights to select the newsgroups they will carry is in any way
>"censorship."
[...]
But what if a university first selects rec.humor.funny and later bans
(or deselects) it because some people find some of the jokes
offensive? I would call that censorship.
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Fri, 6 Sep 1991 21:55:31 GMT
Message-ID: <1991Sep6.215531.21421@eff.org>
References: <199109061901.AA15465@eff.org>
Subject: Selection Policy for Computer Conferences?
I wrote:
>>I think a computer with Netnews *is* (in part) a library and should
>>follow proper library selection (and deselection) policy. (Stanford
>>fought a ban of the humor newsgroup by making this their official
>>policy.) As a computer scientist, however, I don't have a good
>>understanding of the details of selection.
ALILESTE@idbsu.idbsu.edu writes:
[...]
> This is an interesting concept and not one I have run into before.
>I agree that all "information management" should operate under similar
>or identical policies, but I imagine many of the "turf managers" involved
>would disagree. Although libraries and computer centers seem to be
>gradually "merging" on campuses, many on both sides are either protective
>of their empires or don't want to "mess with" the other side.
[...]
I imagine that most universities will keep the administration of
computer centers and libraries separate (for the foreseeable future).
I hope that each group will learn from the other. I hope that
library-run computers will follow good computer policy (backups,
security, etc). I hope that computer-center-run libraries such as
Netnews will follow good library policy (selection, confidentiality,
etc.)
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Tue Sep 10 08:15:08 1991
Received: from a.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA20789; Tue, 10 Sep 91 08:15:04 -0500
Received: from eff.org by a.cs.uiuc.edu with SMTP id AA10968
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Tue, 10 Sep 91 08:14:23 -0500
Received: by eff.org id AA20315
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 10 Sep 1991 09:13:34 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Errors-To: comp-academic-freedom-talk-request@eff.org
Date: Tue, 10 Sep 1991 09:13:26 -0400
From: "Helen C. O'Boyle"
Message-Id: <199109101313.AA20301@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: R
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Sat, 7 Sep 91 Volume 1 : Issue 9
Today's Topics:
Academic Privacy Question (4 msgs)
Computing Services Policy at Central Michigan University
Free Forum vs. Class-Work Only machines
Newsgroup selection (was Academic Privacy Question)
Schools with academic freedom
Selection Policy for Computer Conferences?
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: 1k1mgm@kuhub.cc.ukans.edu
Date: 7 Sep 91 09:27:41 CDT
Message-ID: <1991Sep7.092741.33334@kuhub.cc.ukans.edu>
References: <9109062034.AA01590@dsacg2.dsac.dla.mil>
Subject: Academic Privacy Question
In article <9109062034.AA01590@dsacg2.dsac.dla.mil>, nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
> In reply to the mail from ...
> The primary purpose
> of Usenet is not that of education. Based on Usenet readership and arbitron
> statistics, the most polular newsgroups are in the rec.* and alt* hierarchies,
> indicating a purpose not essentially educational in nature.
This is a Borkism and if adopted as policy would lead to censorship
_per se_. What sort of content-based imprimatur is necessary for
something to qualify as 'education'? Don't people reading
rec.handball [or whatever...] learn something about handball?
Christopher Gunn Molecular Graphics and Modeling Lab
SPAN--KUPHSX::GUNN Department of Medicinal Chemistry, Malott Hall
913-864-4428 or -4495 University of Kansas, Lawrence, KS 66045
------------------------------
From: ALILESTE@idbsu.idbsu.edu (Dan Lester)
Date: 7 Sep 91 18:35:04 GMT
Message-ID: <199109071738.AA03957@eff.org>
References: <1k1mgm@kuhub.cc.ukans.edu>
Subject: Academic Privacy Question
On 7 Sep 91 09:27:41 CDT <1k1mgm@kuhub.cc.ukans.edu> said:
>> of Usenet is not that of education. Based on Usenet readership and arbitron
>> statistics, the most polular newsgroups are in the rec.* and alt*
"arbitron statistics"....oh???? Can anyone cite REAL Usenet reader
statistics beyond those that may relate to a particular site? Has anyone
compiled them on a multi-site or netwide basis?
>hierarchies,
>> indicating a purpose not essentially educational in nature.
>
>This is a Borkism and if adopted as policy would lead to censorship
>_per se_. What sort of content-based imprimatur is necessary for
>something to qualify as 'education'? Don't people reading
>rec.handball [or whatever...] learn something about handball?
Agreed. In addition, the placement of particular groups in rec.* and
alt.* is arbitrary and capricious at best. And for those who think that
all in comp.* is "serious" or "educational" or "professional", I simply
invite them to browse some of the multitude on comp.* groups that
are frivolous at best. (That is not a suugestion that they are not
valuable or important, or shouldn't exist....I consider that the integration
of work and play is vital to our survival in many areas, not just
computers.)
************************************************************************
* Dan Lester Bitnet: alileste@idbsu
* Associate University Librarian Internet: alileste@idbsu.idbsu.edu
* Boise State University
* Boise, Idaho 83725 You can be sure these ideas are my
* 208-385-1234 own; no one else would have them.
************************************************************************
------------------------------
From: TK0JUT1@NIU.BITNET
Date: 7 Sep 91 21:07:00 GMT
Message-ID: <199109072228.AA00367@eff.org>
Subject: Academic Privacy Question
Dan Lester writes:
> On 7 Sep 91 09:27:41 CDT <1k1mgm@kuhub.cc.ukans.edu> said:
>> of Usenet is not that of education. Based on Usenet readership and arbitron
>> statistics, the most polular newsgroups are in the rec.* and alt*
> "arbitron statistics"....oh???? Can anyone cite REAL Usenet reader
> statistics beyond those that may relate to a particular site? Has anyone
> compiled them on a multi-site or netwide basis?
Yes. The message you respond to is citing "REAL" usenet stats, which are
put out monthly, and such groups as alt.sex, alt.humor, etc are always
among the top grabbers of "share." The monthly stats can be obtained by
joining usenet's news.lists
The method for sampling and calculation is specified in each survey.
------------------------------
From: schweige@taurus.cs.nps.navy.mil (Jeffrey M. Schweiger)
Date: 7 Sep 91 21:15:18 GMT
Message-ID: <2783@aldebaran.cs.nps.navy.mil>
References: <9109062034.AA01590@dsacg2.dsac.dla.mil> <1991Sep7.092741.33334@kuhub.cc.ukans.edu>
Subject: Academic Privacy Question
In article <1991Sep7.092741.33334@kuhub.cc.ukans.edu> 1k1mgm@kuhub.cc.ukans.edu writes:
>In article <9109062034.AA01590@dsacg2.dsac.dla.mil>, nbc2134@dsacg2.dsac.dla.mil (Robert F Solon) writes:
>> In reply to the mail from ...
>> The primary purpose
>> of Usenet is not that of education. Based on Usenet readership and arbitron
>> statistics, the most polular newsgroups are in the rec.* and alt* hierarchies,
>> indicating a purpose not essentially educational in nature.
>
>This is a Borkism and if adopted as policy would lead to censorship
>_per se_. What sort of content-based imprimatur is necessary for
>something to qualify as 'education'? Don't people reading
>rec.handball [or whatever...] learn something about handball?
This depends on how narrow or broad your usage of the work 'education' is
in this context. You would appear to be using a very broad definition of
the word, which would apply to all learning, while Bob Solon would appear to
be using a narrower definition, which applies more to formal courses of
study.
>Christopher Gunn Molecular Graphics and Modeling Lab
>SPAN--KUPHSX::GUNN Department of Medicinal Chemistry, Malott Hall
>913-864-4428 or -4495 University of Kansas, Lawrence, KS 66045
Here's the general breakdown of the newsgroup categories that comprise the
normal understanding of Usenet (the "alt" hierarchy is not included, as it's
rules, or lack thereof are different). The information is taken from one
of Gene Spafford's postings on news.announce.newusers (out of curiosity, are
the participants in this newsgroup familiar with the news.announce.newuser
postings? The availability of this information should be made known to
everyone before they start participating on Usenet, IMHO).
The Usenet "groups distributed worldwide are divided
into seven broad classifications: "news", "soc", "talk", "misc",
"sci", "comp" and "rec". Each of these classifications is organized
into groups and subgroups according to topic.
"comp" Topics of interest to both computer professionals and
hobbyists, including topics in computer science, software
source, and information on hardware and software systems.
"sci" Discussions marked by special and usually practical knowledge,
relating to research in or application of the established
sciences.
"misc" Groups addressing themes not easily classified under any of the
other headings or which incorporate themes from multiple
categories.
"soc" Groups primarily addressing social issues and socializing.
"talk" Groups largely debate-oriented and tending to feature long
discussions without resolution and without appreciable amounts
of generally useful information.
"news" Groups concerned with the news network and software themselves.
"rec" Groups oriented towards hobbies and recreational activities.
These "world" newsgroups are (usually) circulated around the entire
USENET -- this implies world-wide distribution. Not all groups
actually enjoy such wide distribution, however. The European Usenet
and Eunet sites take only a selected subset of the more "technical"
groups, and controversial "noise" groups are often not carried by many
sites in the US and Canada (these groups are often under the "talk"
and "soc" classifications). Many sites do not carry some or all of
the comp.binaries groups."
--
*******************************************************************************
Jeff Schweiger Standard Disclaimer CompuServe: 74236,1645
Internet (Milnet): schweige@taurus.cs.nps.navy.mil
*******************************************************************************
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 7 Sep 91 16:40:00 GMT
Message-ID: <9887CB4D20812467@ccmail.sunysb.edu>
Subject: Computing Services Policy at Central Michigan University
>From: sean@ms.uky.edu (Sean Casey)
>
>I referred to two cases: One where the University claimed ownership of
>a copy, and another where the University claimed intellectual property
>rights. In both cases, without a signed contract, the University would
>be in error in claiming either.
I agree that a signed contract would clarify the situation.
At some Universities there are Faculty and staff unions and
collective bargaining agreements that go over these points.
Work done by a student is normally the student's property UNLESS
the University provides resources when there is a gray area.
An example: Who should own the art mural that is painted on a University
building by an art student who is paid by the University as a
work study student?
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: nstar!bluemoon!sbrack@iuvax.cs.indiana.edu (Steven S. Brack)
Date: 7 Sep 91 19:51:18 GMT
Message-ID: <8B7w81w164w@bluemoon.uucp>
References: <1991Aug14.165350.16513@magnus.acs.ohio-state.edu>
Subject: Free Forum vs. Class-Work Only machines
nstar!iuvax!magnus.acs.ohio-state.edu!dysart (Mitchell D Dysart) writes:
> As for me (personally, *not* representing my employer The Ohio State
> University), I think the only required conditions are:
>
> 1. System(s) is(are) expressly provided to support whatever
> project or projects are specified, be these class use,
> research use, administrative use, or whatever.
>
> and
>
> 2. Fairness is maintained and misuse governed by appropriate
> University-wide guidelines.
>
> Now, isn't misuse of a computer that exists for instructional purposes
> the same logical thing as performing unauthorized experiments in the
> undergraduate general chemistry laboratory? In the latter case, nobody
> would yell too loudly if the student were thrown out of the lab and
> were therefore unable to complete his assignments and thus failed the class.
But, computers like MAGNUS & HPUXA @ Ohio State are not class-use
machines. They are intended to facilitate e-mail & netnews access for
university students, but have never been limited in the scope of their
operations, until recently, whaen guidelines were finally published. Hoew
can a computer system such as that be "misused" by posting to NetNews?
--- Steve Brack
_________________________________________________________________________
|Steven S. Brack | sbrack%bluemoon@nstar.rn.com |
|Jacob E. Taylor Honors Tower | sbrack@bluemoon.uucp |
|The Ohio State University | sbrack@nyx.cs.du.edu |
|50 Curl Drive | sbrack@isis.cs.du.edu |
|Columbus, Ohio 43210-1112 USA | brack@ewf.eng.ohio-state.edu |
|+1 614 293 7383 or 419 474 1010 | Steven.S.Brack@osu.edu |
-------------------------------------------------------------------------
------------------------------
From: rickert@cs.niu.edu (Neil Rickert)
Date: 7 Sep 91 03:34:52 GMT
Message-ID: <1991Sep7.033452.31913@mp.cs.niu.edu>
References: <9109062034.AA01590@dsacg2.dsac.dla.mil>
Subject: Newsgroup selection (was Academic Privacy Question)
In article <1991Sep6.214044.20786@eff.org> comp-academic-freedom-talk@eff.org writes:
>
>According to the student code, my university's library (at the U. of
>Illinois) "exists primarily to circulate material to the faculty and
>student body of the University."
What a pity. For if buying books is not also one of their function, they
will sooner or later run out of things to circulate :-).
>American Library Association's Library Bill of Rights says that "all
>libraries are forums for information and ideas" and that "[b]ooks and
>other library resources should be provided for the interest,
>information, and enlightenment of all people of the community the
>library serves." [ftp.eff.org:pub/academic/library.us]
And with unlimited resources, all books should be bought. But in the real
world resources are limited, so a selection must be made. Making a
selection of which books to acquire is not censorship. Censorship occurs
when somebody not responsible for acquisition forces an undesired restiction
on which books are acquired.
>I think Netnews on a university computer can exist for the same
>reasons.
And the same reasoning applies to what is censorship.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
------------------------------
From: zane@infopls.chi.il.us (Sameer Parekh)
Date: 7 Sep 91 13:51:07 GMT
Message-ID:
Subject: Schools with academic freedom
I am now nearing that stage of life where I must choose a
college. I am VERY interested in whether the college I select is free
in many of its practices...
If you'd like to tell me a story of your college, good or bad,
mail me, and I can make a summary if you like.
(Actually, it would be best if you mail zane@ddsw1.MCS.COM--it
will make it easier for me to make the summary.)
Sameer Parekh zane@ddsw1.MCS.COM zane@infopls.chi.il.us
Ask me about the Mail Your Congressperson Through the Net Project!
Apple IIGS Forever! Ask me about the GNO multitasking project!
------------------------------
From: rickert@cs.niu.edu (Neil Rickert)
Date: 7 Sep 91 03:28:54 GMT
Message-ID: <1991Sep7.032854.30979@mp.cs.niu.edu>
References: <9109061947.AA00162@dsacg2.dsac.dla.mil>
Subject: Selection Policy for Computer Conferences?
In article <1991Sep6.212005.20119@eff.org> comp-academic-freedom-talk@eff.org writes:
>
>But what if a university first selects rec.humor.funny and later bans
>(or deselects) it because some people find some of the jokes
>offensive? I would call that censorship.
You can even call it apple cream pie if you feel inclined. But that doesn't
make it apple cream pie.
If you want to buy a book entitled "rec.humor.funny" and I prevent you,
thats censorship. If you decide youself not to buy that book it's not
censorship - it's buyer's choice. Some people might argue whether its
a wise choice or not, but it is still not censorship.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
------------------------------
End of caf-talk Digest
******************************
From helen@eff.org Tue Sep 10 08:15:14 1991
Received: from a.cs.uiuc.edu by herodotus.cs.uiuc.edu with SMTP
(5.62+/IDA-1.2.8) id AA20800; Tue, 10 Sep 91 08:15:11 -0500
Received: from eff.org by a.cs.uiuc.edu with SMTP id AA10971
(5.64+/IDA-1.3.4 for kadie@herodotus.cs.uiuc.edu); Tue, 10 Sep 91 08:14:32 -0500
Received: by eff.org id AA20324
(5.65c/IDA-1.4.4 for cafb-list@eff.org); Tue, 10 Sep 1991 09:13:39 -0400
Reply-To: comp-academic-freedom-talk@eff.org
From: comp-academic-freedom-talk@eff.org
Precedence: bulk
To: comp-academic-freedom-talk@eff.org
Errors-To: comp-academic-freedom-talk-request@eff.org
Date: Tue, 10 Sep 1991 09:13:30 -0400
From: "Helen C. O'Boyle"
Message-Id: <199109101313.AA20310@eff.org>
Subject: Computers and Academic Freedom mailing list (batch edition)
Status: R
Computers and Academic Freedom mailing list (batch edition)
caf-talk Digest Sun, 8 Sep 91 Volume 1 : Issue 10
Today's Topics:
(none)
Got them (was Re: Looking for CAF-talk for Aug. 26 through Aug. 29)
Looking for CAF-talk for Aug. 26 through Aug. 29 (2 msgs)
Re: Academic Privacy Question (2 msgs)
Restricting access to newsgroups (was: Re: Academic Privacy
Restricting access to newsgroups (was: Re: Academic Privacy Question)
The addresses for the list are now:
comp-academic-freedom-talk@eff.org - for contributions to the list
or caf-talk@eff.org
listserv@eff.org - for automated additions/deletions
(send email with the line "help" for details.)
caf-talk-request@eff.org - for administrivia
----------------------------------------------------------------------
From: kadie@cs.uiuc.edu (Carl M. Kadie)
Date: 8 Sep 91 10:23:04 GMT
Message-ID: <9109082023.AA00851@herodotus.cs.uiuc.edu>
Subject: (none)
From: Laurence I. Press
Date: Fri 6 Sep 91 11:46:51-PDT
To: lincoln%iris@rand.org
Copyright, Larry Press, August 26, 1991, do not reproduce or quote without
permission. This file may be forwarded around the net as long as this note is
attached.
A Computer Network for Democracy and Development
Larry Press
"Oh, do not say. I've seen the tanks with my own eyes. I
hope we'll be able to communicate during the next few days.
Communists cannot rape the Mother Russia once again!"
This message was sent from Moscow at 5:01 AM on August 19. It was written by
26 year-old Vadim Antonov, a senior programmer at the Demos Cooperative in the
Soviet Union. Demos operates a computer-based communication network which
spans the Soviet Union, and within a few hours, Vadim's message had been
relayed to computers in 70 Soviet cities from Leningrad in the West to
Vladivostok in the East.
The message had also been sent to a computer in Helsinki Finland, which is
connected to the non-Soviet computer networks. From Finland, the message was
relayed to networks such as The Internet, serving millions of users on all
continents. Seconds after it reached Finland, I could read it at my computer
in Los Angeles, California. The message was particularly important to me
because the week before the coup attempt I had been in Moscow and spent several
days with Vadim and his colleagues at Demos. We met professionally and as
friends.
Demos' RELCOM (RELiable COMmunication) network celebrated the first birthday of
its link to Finland on August 22. During that first year, RELCOM spread to 70
Soviet cities, and over 400 organizations were using it -- universities,
research institutes, stock and commodity exchanges, news services, high
schools, politicians, and government agencies. As is typical with computer
networks, noone knows how many users RELCOM actually reaches.
During the Coup
During the days of the coup, RELCOM was pressed into service in support of the
constitutional government. The junta moved quickly to control mass media.
When I learned of the coup, I immediately sent a worried message to Vadim's
wife Polina Antonova, who also works at Demos. I did not receive her answer
until August 20 at 12:17 AM Moscow time:
"Dear Larry,
Don't worry, we're OK, though frightened and angry. Moscow is
full of tanks and military machines -- I hate them. They try
to close all mass media, they stopped CNN an hour ago, and
Soviet TV transmits opera and old movies. But, thank Heaven,
they don't consider RELCOM mass media or they simply forgot
about it. Now we transmit information enough to put us in
prison for the rest of our life.
Greetings from Natasha.
Cheers,
Polina."
The Demos staff had learned of the coup around 6 AM on the 19th, and
immediately began sending political information to the Soviet Union and the
outside world. By 12:30 PM, Moscow time, I was reading news releases from the
independent Soviet news agency Interfax. Although outlawed by the junta, news
from Interfax, the Radio Moscow World Service, the Russian Information Agency,
Northwest Information Agency (Leningrad), and Baltfax was disseminated by
RELCOM throughout the coup attempt.
RELCOM also distributed news from official sources opposed to the coup. For
example, a copy of the letter Boris Yeltsin read from a tank turret in front of
the Russian Parliament building was brought to Demos headquarters (a short
trip), entered into a computer, and forwarded across the network. By early
evening, several people in the United States had also translated it, and an
English-language version was broadcast to the non-Soviet networks.
There were also many eye-witness reports. Pay phones were working in Moscow,
and people in the streets could phone news in. At one point, Polina told me
she was leaving for the Russian Parliament Building with a portable computer so
she could report from there. Later I learned that she had not gone because the
phone service to the building was unreliable.
Of course all the news did not come from Moscow. The network was buzzing with
reports and official notices from Leningrad, Kiev, the Baltic capitals, and
many other Soviet cities.
News also came in from the West. I wrote regular summaries of the news as
broadcast on radio and television in the United States. Jonathan Grudin, a
colleague in Denmark, did the same for BBC news. Regular reports were also
posted from Finland, giving both Finnish and Baltic news summaries. These were
translated into Russian by Polina and others, and transmitted throughout the
Soviet Union.
Western news was welcome, but the link to Finland became a bottleneck. Before
the coup, 6,000 messages were passed between Finland and RELCOM on a typical
day. After the coup began, traffic increased substantially, prompting Vadim to
broadcast this message at 6:44 PM on the 19th:
"Please stop flooding the only narrow channel with bogus messages
with silly questions. Note that it's neither a toy nor a means to
reach your relatives or friends. We need the bandwidth to help
organize the resistance. Please, do not (even unintentionally)
help these fascists!"
This plea notwithstanding, traffic rose to a high of 13,159 messages on the
21st.
While news of tank movements, demonstrations, and official political statements
was of practical value, it also provided emotional support. When the coup was
finished, and there was time to rest, I received a message from Polina that
said in part "You can't even imagine how grateful we are for your help and
support in this terrible time! The best thing is to know that we aren't
alone." That message paid me 1,000 times for the hours spent at my computer
keyboard.
Danger
At the beginning of the coup, memories of the Hungarian revolt, Kruschev's
ouster, the Prague Spring, and Tiananmen Square did not give one much hope.
Had the coup succeeded, the Demos staff and people using their network would
have been in great danger. As Vadim noted in a message to Doug Jones, a
professor at the University of Iowa:
"If these dogs win, for certain they'll throw us in prison --
we distributed the proclamation from Yeltsin and the Moscow
and Leningrad Soviets throughout the entire Soviet Union,
together with the forbidden communiques from Interfax ...
Greetings from the underground."
Demos headquarters is in a small building near the Kremlin. The KGB knew of
RELCOM, and had they decided to, they could have easily shut the network off
early in the coup. When a friend asked why they didn't, Polina replied "Thank
Heaven, these cretins don't consider us mass media!" After the coup, she and
others speculated that the KGB was generally passive because they were not
confident the coup would succeed.
Sensing danger, the Demos staff arranged for backup computers to substitute for
the vulnerable headquarters machine if necessary. On the 20th at 8:30 PM
Moscow time, Vadim sent this message to Doug Jones:
"Yes, we already prepared to shift to underground; you know --
reserve nodes, backup channel, hidden locations. They'll have
a hard time catching us! Anyway, our main communication line
is still open and it makes us more optomistic."
They not only hid the computers, many people left Demos headquarters and
communicated from their homes and other locations. Polina told me:
"Don't worry; the only danger for us is if they catch and
arrest us, as we are sitting at home (valera is at Demos) and
distributing all the information we have."
When the coup was finally defeated, George Tereshko, broadcast the following
thanks for the risk taken by the Demos staff:
"When the dark night fell upon Moscow, RELCOM was one source of
light for us. Thanks to these brave people we could get
information and hope."
Of course, for now, the story appears to have had a happy ending. At 3:07 PM
on the 21st, I received this from Polina:
"Really good news. Right now we're listening to Radio Russia
(without any jamming!); they told that the eight left Moscow,
noone knows where ... Hard to believe ... Maybe, they've
really run away?"
And on the 22nd at 1:31 PM she wrote:
"Now Vadim and I have to do our usual work (that's so nice!)
and Valera and Mike Korotaev went to sleep. They were on duty
the whole night. Now there is celebration in Moscow. We just
watched president Gorbachev on TV."
RELCOM in Peace Time
In the past, a network like RELCOM would have been prohibited in the Soviet
Union. Like any communication media, it is incompatible with repressive
dictatorship. Gorbachev's Glasnost made RELCOM possible, and in one year, it
became a significant segment of the Soviet communication infrastructure.
Part of the reason for RELCOM's success is the fact that postal and telephone
service in the Soviet Union are poor, making electronic mail very attractive.
Another element of their success is that they use low-cost, appropriate
technology. The primary technology used by RELCOM is the voice phone system,
low cost modems, and standard personal computers. The final element in their
success is the people at Demos. They are very skillful as technicians and as
entrepreneurs (Demos is 100% free enterprise), yet they are different than
their counterparts in the United States. They are more idealistic and less
competitive. If they were in the US, my guess is they would either be graduate
students in computer science or they would be driving BMWs and sipping Perrier.
As such, RELCOM may be a good model for other countries with poor
telephone and postal systems, little capital, and well educated,
motivated young professionals. Networks like RELCOM, probably
using satellite technology, may change the face of the earth in
peace time as well as helping to keep the peace.
[Larry Press is Professor of Computer Information Systems at California State
University at Dominguez Hills. He has visited Chile several times, most
recently as an organizer of the EIES held last July. The week before the
coup, Press co-chaired a conference on human-computer interaction in Moscow.
While there, he spent several days visiting the Demos Cooperative, which
operates RELCOM, an important Soviet computer network. During the coup, he
relayed news to his friends at Demos.]
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Sun, 8 Sep 1991 18:53:23 GMT
Message-ID: <1991Sep8.185323.27904@eff.org>
References: <1991Sep8.035443.12049@eff.org> <9109081747.AA04923@charlie.CES.CWRU.Edu>
Subject: Got them (was Re: Looking for CAF-talk for Aug. 26 through Aug. 29)
Aydin Edguer is senting me the missing notes. So the
gap will be filled.
(Thanks Aydin!)
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Sun, 8 Sep 1991 03:54:43 GMT
Message-ID: <1991Sep8.035443.12049@eff.org>
Subject: Looking for CAF-talk for Aug. 26 through Aug. 29
The CAF-talk archive (ftp.eff.org:pub/academic/batchin) has a gap. I'm
missing articles from Aug 26 to Aug 29. Does anyone have a copy of
these articles?
There were some important notes the gap, and I can't do the CAF-news
for the week ending Sept 1 until the gap is filled.
If you've got some of the missing articles please email them
to kadie@eff.org.
Thanks,
- Carl, CAF archivist
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
From: edguer@alpha.ces.cwru.edu (Aydin Edguer)
Date: 8 Sep 91 17:47:48 GMT
Message-ID: <9109081747.AA04923@charlie.CES.CWRU.Edu>
References: <1991Sep8.035443.12049@eff.org>
Subject: Looking for CAF-talk for Aug. 26 through Aug. 29
> The CAF-talk archive (ftp.eff.org:pub/academic/batchin) has a gap. I'm
> missing articles from Aug 26 to Aug 29. Does anyone have a copy of
> these articles?
Yes.
> If you've got some of the missing articles please email them
> to kadie@eff.org.
How about we just send you the Message-ID and Date and you can check which
ones your need? That will help reduce traffic to your mailbox and accross
the net.
Aydin
------------------------------
From: ccjon@pollux.ucdavis.edu (Jon Gorrono)
Date: 7 Sep 91 14:12:52 GMT
Message-ID: <9109080412.AA13058@pollux.ucdavis.edu>
Subject: Re: Academic Privacy Question
> In reply to the mail from ...
> -------------------------------------------------------------------------------
> >
> >Librarians have looked at very similar questions. Here is the American
> >Library Association's "Policy on Confidentiality of Library Records":
> >
> >----- start statement----
[ALA policy deleted]
> >--------end statement---
> >
> >American Library Association.
> >
> >- Carl
>
> Oh, this is good! Carl, you would have made an _excellent_ debator!!
>
> Carl argues that the same policies that libraries use in protecting the
> confidentiality of readers' selections should be applied to Usenet users.
> I agree. However, I will not agree that the policies of libraries vis-a-vis
> selection of materiels should be applied to Usenet newsgroup selection. There
> is an essential difference here, one that renders the library analogy totally
> inappropriate. The one situation applies to essentially private activity,
> i.e., that which is under the user's control. The other situation (selection
> of newsgroups) is _not_ the domain of the user, but rather that of the owner
> or administrator. Therefore, the library analogy, IMHO, applies only to the
> first situation, and not to the second.
>
> As a matter of fact, I have a feeling that the reason libraries have adopted the
> very liberal and correct policies they have in terms of materiel selection is
> due to their primary status as a repository of knowledge. The primary purpose
> of Usenet is not that of education. Based on Usenet readership and arbitron
> statistics, the most polular newsgroups are in the rec.* and alt* hierarchies,
> indicating a purpose not essentially educational in nature.
>
> Bob
>
>
I am new to this discussion and comp-academic-freedom-talk and if you'll
excuse me, I'll forego the introductions and just jump right in... :-)
I disagree that the library analogy that Carl used does not have some
validity here. I don't perceive a significant difference between the roles
of the "owner or administrator" of the newsgroups and library administrators,
particularly in a public educatonal institution. If an individual asks for
access to alt.sex.pictures, on the one hand, and Playboy on the second,
I believe both "administrators" have an obligation to supply some means of
granting that access. There is a cost associated in both cases, and this cost
is absorbed by each administration. I don't see the ownership difference.
The cost to "up stream" nodes to "forward" the newsgroup info. is a
different matter; aren't "down stream" nodes charged marginally higher?
If so, is that marginal cost transfered to the upstream node? Too optimistic?
I chose these examples because here, at UC Davis, both of the subscriptions,
alt.sex.pictures and Playboy, are only accessible through specific request to
a network adnministrator in the former case, and a library clerk in the second.
I agree that the nature of the alt.* and rec.* groups are _essentially_
non-educational. However, a glance at a list of theses at any university
would reveal extensive academic interest in areas that can be considered
non-educational.
I sense a series of flames about how ridiculous a claim it is that
alt.sex.pictures might have educational value; so, let me concede that
it is a little silly...I disagree that Usenet is not an educational medium,
however.
Jon Gorrono
Senior Microcomputer Consultant
Computing Services
University of California, Davis
(916)752-5950
--------------------------------------------------------------------------------
Internet jpgorrono@ucdavis.edu or ccjon@pollux.ucdavis.edu
BITNET jpgorrono@ucdavis
UUCP ucdavis!jpgorrono or
ucdavis!pollux!ccjon
--------------------------------------------------------------------------------
------------------------------
From: ccjon@pollux.ucdavis.edu (Jon Gorrono)
Date: 7 Sep 91 14:30:54 GMT
Message-ID: <9109080430.AA13305@pollux.ucdavis.edu>
Subject: Re: Academic Privacy Question
> On 7 Sep 91 09:27:41 CDT <1k1mgm@kuhub.cc.ukans.edu> said:
> >> of Usenet is not that of education. Based on Usenet readership and arbitron
> >> statistics, the most polular newsgroups are in the rec.* and alt*
> "arbitron statistics"....oh???? Can anyone cite REAL Usenet reader
> statistics beyond those that may relate to a particular site? Has anyone
> compiled them on a multi-site or netwide basis?
>
> >hierarchies,
> >> indicating a purpose not essentially educational in nature.
> >
> >This is a Borkism and if adopted as policy would lead to censorship
> >_per se_. What sort of content-based imprimatur is necessary for
> >something to qualify as 'education'? Don't people reading
> >rec.handball [or whatever...] learn something about handball?
> Agreed. In addition, the placement of particular groups in rec.* and
> alt.* is arbitrary and capricious at best. And for those who think that
> all in comp.* is "serious" or "educational" or "professional", I simply
> invite them to browse some of the multitude on comp.* groups that
> are frivolous at best. (That is not a suugestion that they are not
> valuable or important, or shouldn't exist....I consider that the integration
> of work and play is vital to our survival in many areas, not just
> computers.)
>
> ************************************************************************
> * Dan Lester Bitnet: alileste@idbsu
> * Associate University Librarian Internet: alileste@idbsu.idbsu.edu
> * Boise State University
> * Boise, Idaho 83725 You can be sure these ideas are my
> * 208-385-1234 own; no one else would have them.
> ************************************************************************
>
Your judgement of what is frivolous is just that: your judgement. Not all
readers of these groups are computer professionals or libarians. There
may be a very direct application of such groups to the work of, say,
sociologists or others. Why should we be the judge of what constitutes
play and what constitutes work for others?
[By the way, I have lots of family in Emmett; say "hi" for me, OK? - ;-)]
Jon Gorrono
Senior Microcomputer Consultant
Computing Services
University of California, Davis
(916)752-5950
--------------------------------------------------------------------------------
Internet jpgorrono@ucdavis.edu or ccjon@pollux.ucdavis.edu
BITNET jpgorrono@ucdavis
UUCP ucdavis!jpgorrono or
ucdavis!pollux!ccjon
--------------------------------------------------------------------------------
------------------------------
From: SKAPUR@ccmail.sunysb.edu (Sanjay Kapur)
Date: 8 Sep 91 15:58:00 GMT
Message-ID: <5BCA15E24E81324C@ccmail.sunysb.edu>
Subject: Restricting access to newsgroups (was: Re: Academic Privacy
>From: kadie@eff.org (Carl M. Kadie)
>(Most) libraries restrict access to Playboy, not because it contains
>pictures of nude women, but because experience has shown that it is
>likely to get stolen.
Do you really believe that?
My opinion of the reason cited by you for restricting access to Playboy is:
Hogwash. Librarians, like all other human beings lie when asked difficult
questions. That does not mean you have to believe their lies.
The replacement cost of Playboy is low comapared to some scientific journals,
copies of which get stolen on a regular basis. These journals are NOT
kept behind the counter. Why can't the library have get two subscriptions to
Playboy? one to keep behind the counter and one to keep on the shelf if
interest in this magazine is high enough for it get stolen. Libraries often
get more than one copy of an item in which interest is high.
Sanjay Kapur |Internet: Sanjay.Kapur@sunysb.edu
Systems Staff, Computing Services, |Bitnet: SKAPUR@USB
State University of New York, |SPAN/HEPnet: 44132::SKAPUR
Stony Brook, NY 11794-2400 |Phone:(516)632-8029, FAX:(516)632-8046
------------------------------
From: kadie@eff.org (Carl M. Kadie)
Date: Sun, 8 Sep 1991 14:08:43 GMT
Message-ID: <1991Sep8.140843.24627@eff.org>
References: <9109080412.AA13058@pollux.ucdavis.edu>
Subject: Restricting access to newsgroups (was: Re: Academic Privacy Question)
ccjon@pollux.ucdavis.edu (Jon Gorrono) writes:
[...]
>I chose these examples because here, at UC Davis, both of the subscriptions,
>alt.sex.pictures and Playboy, are only accessible through specific request to
>a network adnministrator in the former case, and a library clerk in
>the second.
[...]
(Most) libraries restrict access to Playboy, not because it contains
pictures of nude women, but because experience has shown that it is
likely to get stolen. Why does UC Davis restrict access to
alt.sex.pictures?
(P.S. I don't believe that a library is under obligation to acquire
all material that folks ask for, but after they have aquired something
they should make it as available as practical.)
- Carl
--
Carl Kadie -- kadie@eff.org or kadie@cs.uiuc.edu
I do not represent EFF; this is just me.
------------------------------
End of caf-talk Digest
******************************
