UMass Boston's Cyber-bullies
A new draconian (un)acceptable use policy gives UMass Boston's IT unlimited power over our universe, life and everything.
As part of UMass Boston’s grand plan to control every aspect of our lives in and out of work, the Chief Information Officer (CIO)’s office issued a new “technology acceptable use policy” which is anything but acceptable. It starts out with the generic and legitimate blurb about protecting against exposing confidential information, malicious software and the like, but soon dives head-on into making Big Brother look like a sweet kindergartener. It states the following (emphasis original):
The University thus reserves the right to examine material stored on or transmitted through its resources (i.e., networks, Clouds, storage media, etc.) for any purpose, including, without limitation, where there is a cause to believe that the standards for acceptable and ethical use are violated by a member of its community or an unauthorized user of its systems or networks. The University reserves the right at any time, with or without prior notice or permission from the user or users of a computer or other University-owned computing device, to monitor, seize such device, and copy or has copied and wiped any information from the data storage mechanisms of such device as Information may be required at the sole discretion of the University.
This alone raises a couple of questions: Is Big Brother going to barge into our offices and forcibly grab our computers whenever we use it to buy stuffed toys for the cat on Amazon? Can they install back doors on university issued computers to explore our hard drives? Can they just stop and frisk us at will? What recourse do we have if we disagree with the university’s “sole discretion”?
If you thought this was bad, wait. It gets worse (emphasis ours).
In addition to the preceding, privately owned devices connected to the University network or used for University business are also subject to inspection and monitoring by authorized University personnel.
Mmmm… interesting. Can the university, or any employer for that matter, legally inspect, seize and monitor our personal devices? We asked google, but google is not sure. On one hand, employers can monitor work related activities on personal devices. On the other hand, from the text above it does not look like our UMass Boston Cyber-bullies restrict themselves to work related activities. They seem to reserve the right to inspect everything that’s going on on your personally owned device. We’re also not sure that your employer is allowed to confiscate your personal device against your will and without a warrant from a judge, but we will leave the legalese to the Faculty Council or the UMass general counsel.
Even our own union scooped us and reflected our feelings on the matter just as we were preparing this post. They even stole our title. Earlier this month they sent an angry memo to our Supreme Leaders, but knowing our Leaders, they will probably ignore it, as they always do.
What can we do, then? Other than the obvious “don’t connect your phone to the university network”?
The answer, in a true Flickering Beacon spirit, is - maliciously comply. There are so many possibilities!
Never conduct any work from your cell phone. Remove your email app, your UMass Boston app, your OneDrive, work related Google docs and everything else work-related from any personal device. Never again will you have to answer an e-mail from your phone on the train or the shuttle.
Refuse to work from home in the evenings or on weekends unless you are provided with a fully equipped university PC or laptop on the house, with built-in two factor authentication and 24/7 IT support. Your chair, dean, students and research deadlines will have to wait.
The guidelines say:
[P]ersonal devices should not be used for official University business unless a department head provides prior written approval to the Information Security Office and the equipment meets specific University security requirements.
Whenever you want to use your personal devices for anything whatsoever, e-mail your department head for written approval. We hate to put our poor department heads through this. They are probably in the same boat, but we have to be absolutely sure that we are using the university network acceptably. We don’t want to break any of the rules, do we? For example: “Can I order a plushy on Amazon from my university computer?”. “Can I send an e-mail from my UMass Boston account to my department with a joke about the new (un)acceptable use policy?”, “is calling my child’s school from my cell phone when it’s connected to the university network considered acceptable use?”.
Don’t be shy! Comply, lest you want to be stopped and frisked.