Investigating leaks, Harvard secretly searched deans' email accounts

The Boston Globe today broke the news that administrators at Harvard University secretly searched the e-mail accounts of 16 resident deans last fall, in an attempt to determine the source of "a leak to the media about the school’s sprawling cheating case." [The Boston Globe]


  1. Disgusting. But they probably have a legal right. Silly to think any emails in a corporate environment are private.

    1. It probably is legal, but it’s still horrifying. Because between Harvard doing this & M.I.T. and the whole Aaron Swartz fiasco it seems that high-priced institutions of higher learning in the U.S. are really… Just… Scummy.

      I can’t imagine paying for an education at that level & then having to deal with B.S. like this.

      1. Giving people power causes a kind of brain damage.  It makes them stop worrying about anything but keeping themselves in power.

      2. Horrifying? I’ve literally never worked anywhere where it wasn’t made clear that your emails and Internet activity are open to scrutiny in the corporate environment.

        This is pretty standard practice everywhere these days.

        1. I’d second that. I would hope anybody that legit earned there way into Harvard and didn’t have daddy buy a building would know to use a private account.

        2. This is pretty standard practice everywhere these days.

          As moral defenses go, that’s one of the limpest ones that I’ve ever seen. What does it matter if it’s standard practice if it’s wrong?

          1. If it were wrong, I would agree. But these are official email accounts which bear the school’s name and are literally a part of the school and its mission. From a related, non-pay walled, article: “Dean’s administrative accounts were searched but not their personal accounts”

          2. Fair point. It’s not something I personally see as a big deal, it’s not ‘personal’ and therefore I don’t find it invasive. It’s their email account, not mine.

          3. You’re also British, and the UK does have a rather strong rules-based culture. Whereas the US has more of a fuckyougetoutofmyway culture.

      3. You mean Harvard is really just a $70b+ hedge fund where the less than handful of people that run it make several multiples more than all the professors combined?

    2. You know that universities are generally believed to have different behavioral standards than other businesses? And the professors are generally treated with more respect than workers in other industries? Because university professors aren’t just the workers; they’re also the product.

      1. Hm. You could say the same about many industries though couldn’t you?

        I don’t think we need to treat academics like the precious flowers they think they are.

        1. I don’t think we need to treat academics like the precious flowers they think they are.

          Then maybe we should think about elevating everyone to a status deserving of respect for privacy instead of dragging everyone down to the level of cogs in the machine.

          1. Which is normally the case isn’t it? It is in my neck of the woods anyway. CEO or cleaner, your Internet use at work isn’t private nor is your email account.

            It would be like kicking up a stink that the company you work for has access to your filing cabinet.

          2. Citing precedent is irrelevant to ethics. Why is it that way? Does that culture provide value to society?

          3. Because I don’t see why it should need to benefit society – that’s a bit of a non sequitur isn’t it? Its purpose is obvious within a corporate environment – paper trail.

            Wake me up when employers have access to personal email and i’ll fetch my pitchfork.

      2. True. They are different than “corporate America.” Most universities/colleges have a computing policy that usually includes something like one’s “reasonable expectation of email privacy.”  Or something along those lines.  I don’t know about Harvard’s or MIT’s exact policies, but these kinds of dragnets are shocking because they totally subvert that reasonable expectation of personal space, which is supposed to be one of the upsides to working in academia.  The big downsides being the ridiculous pecking-order, next-to-impossible upward mobility, passive-aggressive bullshit and low pay.

  2. A great example of how even people in positions of authority & privilege should rationally take up arms for civil causes.  Once “rights” become “privileges” it threatens everyone, even those who assume they’d benefit from hegemony & privilege.

    1. What “right” are you referring to, exactly? There is no legal “right” to privacy of your employer-provided email account.

      1. Setting aside the fact that you’ve made a legal claim without any supporting evidence, their contracts may have privacy provisions that you wouldn’t find in other businesses.

        1. Their contracts may also require them to dress as munchkins and sing ‘Follow the yellow brick road’ before breakfast. Or it may not.

      2.  Not only that, the employer-provided computer itself, might be subject to examination, spyware, etc.

      3. …& what I’m saying is perhaps there should be a right to a reasonable expectation of privacy? That is…like, I guess my point. I thought that is what I said.

      4. You are missing the point. This case isn’t about rights, it is about ethics. You need to ask yourself, “is it ethical to disregard the resident deans’ privacy to try to track down and punish a person who leaked information to the press about wrongdoing that the university wants to keep a lid on?” Should they do this? I don’t care if they can, I care if they should. And even if you consider this ethical (which I don’t), should the resident deans who had no part in this have their privacy violated so that the university could conduct a witchhunt?

      5.  In the ‘States, there might be no legal right to privacy, but in other, civilized, countries, that right does exist.

  3. Employer-supplied e-mail account. I fail to see the outrage.  But fabricated scandal is par for the course for Boston’s second-rate media reporting.

    I am more annoyed by the Globe than by Harvard’s behavior.

    1. Employer-supplied e-mail account.

      So? Your employer supplies the toilets, as well. Do you want a camera aimed at you when you’re in there shitting?

      1. Depends. Would that be shitting false equivalences, business communications or just plain shit?

          1. In my experience people rarely shit into a toilet in a way that can be construed as a professional communication. Then again, I don’t live in California.

          2. It’s not a false equivalence if you believe that there should still be a reasonable expectation of privacy even for an employee-provided email account, professional communication or not.

  4. The very first thing I see when I boot my employer-provided computer is a splash screen that says that I have no right to or reasonable expectation of privacy when using that computer. When I want to send something private and outside the (potential) gaze of my employer, I use my cell phone. It’s pretty simple.

    Then it’s just Google, my cell phone provider, and the NSA that are scanning my email.

    1. The very first thing I see when I boot my employer-provided computer is a splash screen that says that I have no right to or reasonable expectation of privacy when using that computer.

      Just because something is published on a website, doesn’t make it all right.

      1. Just because something is published on a website, doesn’t make it all right.

        Well, that’s axiomatically true.

        I believe that if my employer is paying for the computer, the power, the Internet access, the room, the heat, the lights, and my salary–and they tell me in advance that they may one day look at something I produced while they were paying me to produce it–all while using their stuff–I’m perfectly okay with that.

        If they assign somebody to watch me real-time while I’m producing it (either on the computer, or via camera, or over my shoulder) I would not be okay with that, and I would find another job.

        1. I believe that a job that offered me greater privacy would be more attractive.  I would like my bosses better, and I would do a better job.  I don’t believe that anything of value is gained by treating any employees like naughty three-year olds.

  5. I’ve worked in higher education for over 20 years, and these violations of privacy and generally underhanded dealings are common.

    I play poker with a guy who did the research for his PhD in a part of the Amazon basin where there are a lot of dangerous snakes.  He claims he felt safer there than within the literally ivy-covered walls of our institution.

    It all changes when you’re sitting in an endowed chair, of course.  But even then you better shake out your boots before you put them on.

  6. According to the NYT:

    The handling of the search — if not the search, itself — may have contradicted the Faculty of Arts and Sciences policy on electronic privacy, and faculty members interviewed said they expected a backlash. The privacy policy states that the administration can search faculty members’ electronic records “in extraordinary circumstances such as legal proceedings and internal Harvard investigations.”But it also says that a faculty member must be notified in advance of such a search, “unless circumstances make prior notification impossible, in which case the faculty member will be notified at the earliest possible opportunity.”

  7. Since resident deans are also instructors, policies for them may deviate from the standard employee policies (the news stories suggest they do) but here’s the section of the Staff Personnel Manual that says “management” may search their email. Perhaps not coincidentally, that section is followed by the section on confidentiality; the press leak they were investigating may have been a violation of this section.

    C. Privacy/Management’s Right to Access Information
    Employees must have no expectation or right of privacy in anything they create, store, send, or receive on Harvard’s computers, networks or telecommunications systems. Although many employees have individual computers or computer accounts, and while employees may make incidental personal use of University technology information systems, ultimately Harvard University has ownership over, and the right to obtain access to, the systems and contents. Incidental personal use is permitted so long as it does not interfere with job performance, consume significant time or resources, interfere with the activities of other employees or otherwise violate this policy, the rules of an employee’s local unit, or other University policies. Electronic files, e-mail, data files, images, software and voice mail may be accessed at any time by management or by other authorized personnel for any business purpose. Access may be requested and arranged through the system(s) user, however, this is not required.

    D. University Confidentiality
    University records or information that employees create, maintain, access or store in the course of performing their jobs may include confidential and/or proprietary content. Given the sensitivity of such information, care, judgment and respect must be exercised to preserve individual privacy and to protect the University’s interests. Each employee is accountable for organizing and controlling access to information and data created or maintained by their office. Information may be shared or accessed on a limited, need-to-know basis, with consideration and ethical regard for others. In addition to these University requirements to keep information private there are a number of government laws and regulations that require specific types of data be kept confidential.

    1. Good point about confidentiality. The leak could very well be a violation of the Family Educational Rights and Privacy Act (FERPA). I work at a university and our administration takes FERPA very seriously. For instance, we’re told that we have to return graded homework papers to the student in a sealed envelope.

      1. Based on the reporting about and of the email, I’m confident that FERPA is not relevant. It was an email about the investigation without reference to any specific students. 

        The email may have contained information that the sender, or in a vaguer sense the institution, wished to keep confidential. It probably didn’t include an explicit reference to keeping it in confidence but assumed the recipients would exercise good judgement. I haven’t read the Boston Globe article but having read the NYT and Crimson, it sounds like the email was in part about how to advise students who were enrolled in the course and rather than put the advice in their own words, a resident dean forwarded the email to a student. I’m not sure whether that was poor judgement or not.

        1. Yeah, I’m just trying to think about a plausible explanation for what the university might have been thinking about besides not thinking about it and just doing the search.

  8. I’m a bit confused. The link in the main article is broken, and does not work.

    I know a reasonable person would never respond without reading the article. Any comm enter doing otherwise would be acting like a complete idiot, right?

    So I guess the link is only broken for me?

Comments are closed.