Track 8 Session on University Information Policies: A Model For
Implementation by Marilu Goodyear, University of Kansas,
goodyear@ukans.edu

This was an extraordinary fact-packed presentation.  Marilu has
reviewed a number of information policies, picking out common points
and unusual extras.

This may be thought of as the framework for developing a policy, or
some of the questions you might want to make sure your policy covers.

Outline of Policy Provisions

1.  Access
	Philosophy of Access (purpose provided, is it a right or a
		privilege?)
	Access is provided to what types of information/systems?
	Access for what individuals and from where?

2.  Openness
	Freedom of expression for each individual
	Promotion of tolerance and respect for others
	Possible limits on free speech
		commercial use, fund raising, harassment, threats,
		hate speech, libel/slander, political speech,
		obscenity, religious, personal use, sexually explicit,
		offensive language
	Structure environment conducive to free expression
	Who can speak for the university?
	Ensure participation on policy development

3.  Privacy
	Communication should be kept private to the extent possible:
		Open records, administrative review, computer system
		admin, audits
	Collection, storage, and use of personal information
		limit on collection--only when relevant and necessary
		collected from individual/individual notified
		use only for purpose collected (or similar purpose)
		information keepers ahve an affirmative responsibility
			to ensure accuracy, completeness and timeliness
		individuals have the right to see and correct
			information
	Will allow anonymous communication or not?
	Circumstances under which the University will monitor

4.  Intellectual Property
	Respect for Intellectual Property
		copyright, patent, licenses, software
	copying for backup
	When is fair use?
	Preserving the integrity and completeness of original work
	Use of university name/logo

5.  Usefulness
	Education of users about:
		use of system, content/evaluating info, ethical/legal
		considerations
	Systems easy to use:
		interconnectivity, seamless, organized through
		indexing

6.  Cost/Benefit
	Scarce resources are allocated according to mission
	System performance--resources shared by all, use consistent
		with common good
	Excessive personal use prohibitions?
	Communicating in correct place?

7.  Security
	Protection of systems:
		subversion of system security, unauthorized access,
		altering configurations
	Protection of information:
		use of another's account, altering other's data,
		forged mail, protection of passwords

(added in the discussion)

8.  Discipline - how to report, comply, etc.  What is the escalation
process?
	Limit/take access away
	Fire (loss of employment)
	Expulse
	Report to legal authorities

One of the interesting parts she presented was numbers from problem
reports:

Access		  4
Openness	160
Obscene		 18
Content		 86
Privacy		  2
Property	 24
Usefulness	  3
Cost/Benefit	118
Security	 37
Misc		105 (91 unsolicited mail; 14 huh?)