Information Technology Division

Email Procedures and Guidelines

ELECTRONIC MAIL (E-MAIL) PROCEDURES AND GUIDELINES

>> Printer-friendly version

A supplement to the MTSU Electronic Mail Acceptable Use Policy March 28, 1999

I. PURPOSE
II. MTSU E-MAIL POLICY SCOPE
III. INTRODUCTION
IV. ETHICAL USE OF E-MAIL ON THE MTSU SYSTEM
V. E-MAIL AND RECORDS MANAGEMENT
VI. RESPONSIBILITIES AND AGREEMENT
VII. USER RESPONSIBILITIES
VIII. PRINCIPLES OF ACCEPTABLE USE
IX. ACCEPTABLE ACTIVITIES
X. UNACCEPTABLE ACTIVITIES
XI. PRIVACY CONSIDERATIONS
XII. SANCTIONS
XIII. VIRUS PROTECTION
XIV. COMPUTER ABUSE OR HARASSMENT
XV. OWNERSHIP
XVI. MASS MAILINGS AND LISTSERVS

I. PURPOSE

The purpose of this "Procedures and Guidelines" is to support the MTSU Electronic Mail Acceptable Use Policy by establishing guidelines and minimum requirements governing the acceptable use of University-provided electronic mail (e-mail) services. By establishing and maintaining compliance with this policy, risks and costs can be mitigated while the valuable potential of this communication tool is realized. The objectives of the MTSU Electronic Mail Acceptable Use Policy are to assure that:

  • The use of University-provided e-mail services is related to, or for the benefit of, Middle Tennessee State University and the State of Tennessee;
  • Users understand that e-mail messages and documents may be subject to the same laws, regulations, policies, and other requirements
    as information communicated in other written forms and formats;
  • Disruptions to University activities from inappropriate use of University-provided e-mail services are avoided; and
  • Users are provided guidelines describing their personal responsibilities regarding confidentiality, privacy, and acceptable use of university-
    provided e-mail services as defined by this policy.

II. MTSU E-MAIL POLICY SCOPE

The MTSU Electronic Mail Acceptable Use Policy applies to all University employees, students, retirees, and holders of specially-granted accounts (hereinafter referred to as "users") whose access to or use of e-mail services is funded by the University and the State of Tennessee or is available through equipment owned or leased by the University.

Back to Top


III. INTRODUCTION

The University provides e-mail resources to support its work of teaching, scholarly research, and public service. The MTSU Electronic Mail Acceptable Use Policy sets forth the University's policy with regard to use of, access to, and disclosure of e-mail to assist in ensuring that the University's resources serve those purposes.

Access to MTSU e-mail accounts is a privilege granted by the University. It should be subject to all of the same general protections afforded to traditional "paper" mail or telephone conversations. When a user sends e-mail, the user account identification is included in each mail message. The user is responsible for all e-mail originating from the user's account.

All users must be aware that e-mail and messages sent through computer networks, including the Internet, may not remain confidential while in transit or on the destination computer system.

E-mail refers to the electronic transfer of information typically in the form of electronic messages, memoranda, and attached documents from a sending party to one or more receiving parties via an intermediate network or telecommunications system. Stated differently, e-mail is a means of sending messages between computers using a computer network or over a modem connected to a telephone line. E-mail services, as defined in this policy, consist not only of the use of University-provided e-mail systems but also the acts of sending and receiving e-mail across the Internet.

E-mail is an efficient and timely communication tool that can be used to accomplish University functions and conduct University business. E-mail can help the University improve the way it operates by providing a quick and cost-effective means to create, transmit, and respond to messages and documents electronically. Well-designed and properly managed e-mail systems expedite communication, reduce paperwork, and automate routine office tasks thereby increasing productivity and reducing costs. Daily tasks are accomplished more rapidly as individuals use e-mail services for sending and receiving text as well as avoiding "telephone tag".

A number of characteristics distinguish e-mail from other means of communication, such as paper records, telephones, and information stored on electronic media such as diskettes. Awareness of these characteristics should guide individual and University use of e-mail services.

E-Mail Backups. E-mail systems and the systems involved in the transmission and storage of e-mail messages are usually "backed up" by systems administration on a routine basis. This process results in copying data, such as the content of an e-mail message, onto storage media that may be retained for periods of time and in locations unknown to the sender or recipient of a message. The frequency and retention of backup copies vary from system to system and relevant disk to disk. While it may be difficult and time consuming, it should be assumed that backup copies of e-mail messages may exist and can be retrieved, even though the sender or recipient has discarded his/her copy of a message.
Passwording E-mail Accounts. While password protecting an individual's e-mail account may be considered beyond usual measures taken to protect access to paper records and telephones, it does not confer a special status on e-mail records with respect to applicability of laws, policies, and practices. A password helps to prevent modification of e-mail documents by others.
Network and Systems Management . In the course of their work, system administrators or their designees may access the network or e-mail system. Therefore, the content of e-mail messages may be seen by these authorized individuals during the performance of their duties.
E-Mail Forgery . No system of communication is completely secure, including e-mail. Just as with paper communications, an e-mail message can be forged, and it can be distributed beyond the address list originally defined by its author.
Virus Threat . E-mail is the most frequently used method for transmitting computer viruses. Executable files (e.g., *.exe, *.com) and documents containing viruses can be transmitted via e-mail. These files and documents which may be attached to e-mail messages must always be checked for viruses before they are accessed, executed, or distributed to other users.
Legal Implications . E-mail and other electronic files may be accessed through public record requests or through the discovery process in the event of litigation.

Back to Top

IV. ETHICAL USE OF E-MAIL ON THE MTSU SYSTEM

All users must refrain from the following:

  • Using e-mail to violate any university policy or regulation, or federal, state or local law; in accordance with the MTSU Electronic Mail Acceptable Use Policy.
  • Entering, without authorization, into any e-mail account to use, read, transfer, or change the contents in any way.
  • Impersonating or misrepresenting another individual's e-mail account or e-mail username.
  • Using e-mail to send obscene, abusive, threatening, defamatory, or harassing messages; as defined by the MTSU Electronic Mail Acceptable Use Policy.
  • Using e-mail to interfere with the normal operation of university computing systems and connected networks including, but not limited to, introducing viruses, sending chain letters, or unfairly monopolizing resources that results in the exclusion of others.
  • Using university e-mail for profit or commercial purposes, except for the use of authorized sites.


Users of e-mail should adhere to the follow practices:

  • Conclude each e-mail message with a signature file and contact information.
  • Determine if replies are appropriate for all or only a portion of the recipients when responding to e-mail sent to multiple recipients.
  • Include the original message when replying only if necessary.
  • Verify the status of the e-mail being sent to prevent duplicate e-mail transmissions.
  • Keep distribution lists clean and updated.
  • Use clear, meaningful subject headers.
  • Use good judgment when sending potentially sensitive material to multiple recipients.
  • Do not open e-mail attachments unless you trust the source.
  • Send attachments only when the message cannot be included as plain text.

Back to Top

V. E-MAIL AND RECORDS MANAGEMENT

E-mail that is created in the normal course of University activity and retained as evidence of official policies, actions, decisions, or transactions are public records. These records are subject to records management requirements under T.C.A. 10-7-301 through 10-7-308, and the rules of the Public Records Commission. A public record is defined as follows:

"Public record(s)" or "state record(s)" means all documents, papers, letters, maps, books, photographs, microfilms, electronic
data processing files and output, films, sound recordings or other material, regardless of physical form or characteristics made
or received pursuant to law or ordinance or in connection with the transaction of official business by any governmental agency.
(TCA 10-7-301, Paragraph 6)

Records transmitted using e-mail need to be identified, managed, protected, and retained as long as they are needed to meet historical, administrative, fiscal, or legal requirements of the University in keeping with its mission. Records needed to support University, College and Departmental functions must be retained, managed, and accessible in record-keeping or filing systems in accordance with established records disposition authorizations approved by the Public Records Commission.

Middle Tennessee State University, in accordance with this statute, is required to designate records officers who are responsible for coordinating records management programs for the various Executive, Administrative, and Academic divisions of the University. (TCA 10-7-304)

Retention and disposition of public records is determined per statute by the Public Records Commission based on an analysis conducted by a qualified Records Analyst to determine the administrative, fiscal, legal and historical value of the record.

Electronic records are generally defined as records stored in a form that only a computer can process. In accordance with established statutes, electronic records are to be managed and maintained in accordance with their administrative, fiscal, legal and historical values. In addition, these records are to be made available for public inspection upon request unless designated confidential by statute.

Communications of University personnel that are sent by electronic mail may constitute "correspondence" and, therefore, may be considered public records subject to public inspection under Tennessee's Public Records Act.

The individual to whom the message is addressed becomes the legal "custodian" once the message is received and is the person responsible for ensuring compliance with the Public Records Act. Although the University periodically backs up information residing on system hard drives, this is not done for archival purposes to meet the requirements of the Public Records Act, but as a safety measure in case of system failure or unlawful tampering ("hacking"). The system administrator is not the legal custodian of messages which may be included in such back up files.

E-Mail messages generally fall into two categories.

  1. First, some e-mail is of limited or transitory value. For example, a message seeking dates for a proposed meeting has little or no value after the meeting date has been set. Retention of such messages in the computer system serves no purpose and takes up space. Such messages may be deleted as soon as they no longer serve an administrative purpose.
  2. Second, e-mail is sometimes used to transmit records having lasting value. For example, e-mail about interpretations of University policies or regulations may be the only record of that subject matter. Such records should not be maintained in e-mail format, but should be transferred to another medium and appropriately filed, thus permitting e-mail records to be purged at regular intervals.

While the methods for reviewing, storing or deleting e-mail vary, compliance with the retention requirements of the Public Records Act may be accomplished by doing one of the following:

  1. Print the e-mail and store the hard copy in the relevant subject matter file as would be done with any other hard-copy communication. Printing the e-mail permits maintenance of all the information on a particular subject matter in one central location, enhancing its historical and archival value.
  2. Electronically store the e-mail in a file, a disk, or a server, so that it may be maintained and stored according to its content definition under the division's records retention policy.

Back to Top

VI. RESPONSIBILITIES AND AGREEMENT

Middle Tennessee State University has the responsibility to ensure that state-provided e-mail services are used for internal and external communications which serve legitimate educational functions and purposes consistent with the University's Mission. The University is responsible for the e-mail activities of its users and must familiarize each user with what is considered appropriate use of state-provided e-mail services. Managerial authority over e-mail services must be defined, and user training programs provided which address e-mail usage and policies. The University Information Technology Division (ITD) hosts several of these programs each semester.

A University "Use Agreement" for e-mail services which stipulates compliance to the MTSU Electronic Mail Acceptable Use Policy must be agreed to by each user if they are to retain or be provided e-mail services.
Any significant problems encountered in using e-mail communications should be brought to the attention of the the University Information Technology Division (ITD) Help Desk or call 898-5345.

Back to Top

VII. USER RESPONSIBILITIES

The MTSU Electronic Mail Acceptable Use Policy is intended to be illustrative of the range of acceptable and unacceptable uses of the University's e-mail facilities and is not necessarily exhaustive. Questions about specific uses related to security or privacy issues not enumerated in this policy statement should be directed to the University Information Technology Division. Reports of specific unacceptable uses should be directed to abuse@mtsu.edu. Other questions about appropriate use should be directed to the user's supervisor, department chair or dean.

Users should be aware of potential e-mail security problems before transmitting private or confidential messages. E-mail is not private communication. All information transmitted via the University's Internet/e-mail system is the property of the State and is subject to review at any time. E-mail correspondence may best be regarded as a postcard rather than as a sealed letter. Disclosure may occur intentionally or inadvertently when an unauthorized user gains access to electronic messages. Likewise, disclosure may also occur when e-mail messages are forwarded to unauthorized users, directed to the wrong recipient, or printed in a common area where others can read them.

Therefore:

  • As an e-mail participant, each user must comply with the MTSU Electronic Mail Acceptable Use Policy and the University's "Use Agreement" for e-mail services.
  • Users must be aware of the classification of any information contained in data files or correspondence which they are transporting using e-mail communications and to not exchange information in un-encrypted form which is confidential. Under no circumstances should data ever be transported, which if intercepted, would place the University in violation of any law.
  • The content of anything exchanged (sent or received) via e-mail communications (regardless of its state of encryption) must be appropriate and consistent with University and State policy, subject to the same restrictions as any other correspondence.
  • All University users, including those employed by the University, who are granted access to e-mail services need to use that access in a way which is consistent with their job function even when the access is off-hours.
  • E-mail communications, if allowed to accumulate on a server, can quickly consume the server's disk space and may cause system problems. Although deletion of unnecessary e-mail is encouraged, users should consult the University's record retention guidelines for proper instruction regarding disposal or archival of e-mail correspondence.

Back to Top

VIII. PRINCIPLES OF ACCEPTABLE USE

As with any state-provided resource, the use of e-mail services should be dedicated to legitimate University activities and is governed by rules of conduct similar to those applicable to the use of other information technology resources. The use of e-mail services is a privilege which imposes certain responsibilities and obligations on State users and is subject to State policies and local, State, and Federal laws. Acceptable use must be legal, ethical, reflect honesty, and show restraint in the consumption of shared resources. It demonstrates respect for intellectual property, ownership of information, system security mechanisms, and the individual's rights to privacy and freedom from intimidation, harassment, and unwarranted annoyance.
All e-mail users should:

  • Comply with state and agency policies, procedures, and standards;
  • Be courteous and follow accepted standards of etiquette;
  • Protect others' privacy and confidentiality;
  • Be responsible for the use of their e-mail accounts; and
  • Use information technology resources efficiently and productively.

Back to Top

IX. ACCEPTABLE ACTIVITIES

Acceptable e-mail activities are those that conform to the purpose, goals, and mission of the university and to each user's job duties and/or responsibilities. The following list, although not inclusive, provides some examples of acceptable uses:

  • Communications, including information exchange, for professional development or to maintain job knowledge or skills;
  • Use in applying for or administering grants or contracts for University research programs or work-related applications;
  • Communications with other University agencies and research partners of university agencies providing document delivery or transferring working documents/drafts for comment;
  • Announcements of University regulations, procedures, policies, services, or activities;
  • Use involving research and information gathering in support of advisory, standards, analysis, and professional development activities related to the user's University duties; and
  • Communication and information exchange relating directly to the mission, charter, and work tasks of the University including e-mail in direct support of work-related functions or collaborative projects.

NOTE: Users may be subject to limitations on their use of e-mail as determined by the appropriate supervising authority. Users are advised to remove themselves from e-mail lists not dealing with work-related topics.

The use of any University resources for e-mail must be related to University business, including academic pursuits. Incidental and occasional personal use of e-mail may occur when such use does not generate costs to the University. Any such incidental and occasional use of University e-mail resources for personal purposes is subject to the provisions of this policy.

Back to Top

X. UNACCEPTABLE ACTIVITIES

Unacceptable use can be defined generally as activities that do not conform to the purpose, goals, and mission of the University and to each user's job duties and responsibilities. Any e-mail usage in which acceptable use is questionable should be avoided. In other words, when in doubt seek policy clarification prior to pursuing the activity. The following list, although not all-inclusive, provides some examples of unacceptable uses:

  • Private or personal for-profit activities. This includes use of e-mail services for private purposes such as marketing or business transactions, private advertising of products or services, and any activity meant to foster personal gain;
  • Personal use that creates a direct cost to the University;
  • Unauthorized not-for-profit business activities. This includes the conducting of any non-University-related fund raising or public relations activities such as solicitation for religious and political causes;
  • Transmission of incendiary statements which might incite violence or describe or promote the use of weapons or devices associated with terrorist activities;
  • Use for, or in support of, unlawful/prohibited activities as defined by federal, state, and local laws or regulations. Illegal activities relating to e-mail and network access include, but are not limited to:
  • Transmission of threatening, offensive or harassing information (messages or images) which contains defamatory, abusive, obscene, pornographic, profane, sexually oriented, threatening, racially offensive, or otherwise biased, discriminatory, or illegal material;
  • Violation of Federal and State laws dealing with copyrighted materials (including articles and software) or materials protected by a trade secret;
  • Intentionally seeking information about; obtaining copies of; or modifying contents of files, other data, or passwords belonging to other users, unless explicitly authorized to do so by those users;
  • Transmission of any information which encourages the use of controlled substances or uses the system for the purpose of criminal intent;
  • Violation of University, State, and Federal regulations prohibiting sexual harassment;
  • Violating the privacy of individual users by reading their e-mail communications unless specifically authorized to do so;
  • Attempts to subvert network security, to impair functionality of the network, or to bypass restrictions set by the network administrators. Assisting others in violating these rules by sharing information or passwords is also unacceptable behavior;
  • Attempts at forgery of e-mail messages is prohibited as is the construction of e-mail communication so that it appears to be from someone else, also known as "spoofing,";
  • Deliberate interference or disruption of another user's work or system. The user must avoid any actions that cause interference to the network or cause interference with the work of others on the network by "flooding" via the use of various automated e-mail generation systems;
  • Users are prohibited from performing any activity that will cause the loss or corruption of data, the abnormal use of computing resources (degradation of system/network performance), or the introduction of computer worms or viruses by any means (use of programs with the potential of damaging or destroying programs and data);
  • Distribution of "junk" mail, such as chain letters, advertisements, or unauthorized solicitations; and unauthorized distribution of University data and information.

Back to Top

XI. PRIVACY CONSIDERATIONS

In an operational sense, files in users accounts and data on the network are regarded as personal: that is, employees of the University do not routinely monitor this information. However, the University reserves the right to view or scan any file or software stored on University systems or transmitted over University networks, and may do so periodically to verify that software and hardware are working correctly, to look for particular kinds of data or software (such as computer viruses), or to audit the use of University resources. Violations of policy that come to the University's attention during these and other activities will be acted upon.

The University will make reasonable efforts to maintain the integrity and effective operation of its e-mail systems, but users are advised that those systems should in no way be regarded as a secure medium for the communication of sensitive or confidential information. Because of the nature and technology of electronic communication, the University can assure neither the privacy of an individual user's use of the University's e-mail resources nor the confidentiality of particular messages that may be created, transmitted, received, or stored thereby.

Data on University computing systems may be copied to backup drives or tapes periodically. The University makes reasonable efforts to maintain confidentiality, but if users wish to ensure confidentiality, they are advised to encrypt their data. Although users may use encryption software, they are responsible for remembering their encryption keys; once data is encrypted, the University will be unable to help to recover it should the key used to encrypt the data be forgotten or lost . Additionally, any user of the University's e-mail resources who makes use of an encryption device to restrict or inhibit access to his or her e-mail must provide access to such encrypted communications when requested to do so under appropriate University authority.

When sources outside the University request an inspection and/or examination of any University owned or operated communications system, computing resource, and/or files or information contained therein, the University will treat information as confidential unless any one or more of the following conditions exist:

  • When approved by the appropriate University official(s) or the head of the Department to which the request is directed
  • When authorized by the owner(s) of the information
  • When required by Federal, State, or local law
  • When required by a valid subpoena or court order
  • Note: When notice is required by law, court order, or subpoena, computer users will receive notice of such disclosures (viewing information in the course of normal system maintenance does not constitute disclosure).

The Family Educational Rights and Privacy Act, or FERPA, requires the University to protect the confidentiality of student educational records. These include academic records, financial records, disciplinary records, medical records and placement office records. To be in compliance with FERPA, the University must receive the written consent of a student or a court order before disclosing information. The rights of a student user to see his or her records does not extend to parents or guardians.

Additionally, the University may not release directories, rosters, lists or address labels of students to parties not affiliated with the University when a student has requested that this information be withheld. And, the University may not post grades and test scores publicly using any personally identifiable information, without the written consent of the students involved.

Users can expect that e-mail messages exchanged within the University and on the network are only somewhat confidential because the University itself does not monitor student's or employee's use of e-mail. All users should be aware, however, that e-mail messages are written records that could be subject to review with just cause and may be subject to Freedom of Information Act requests.

Back to Top

XII. SANCTIONS

Violations of the MTSU Electronic Mail Acceptable Use Policy may result in the immediate suspension of the User's account, followed by timely review of the charges by the appropriate person or persons.

Violations of the MTSU Electronic Mail Acceptable Use Policy may subject users to the regular disciplinary processes and procedures of the University for students, staff, administrators, and faculty and may result in loss of their computing privileges.

Illegal acts involving University computing resources may also subject violators to prosecution by local, state, and/or federal authorities. Suspected law violations may be referred to police agencies.

If a user is found to have violated the MTSU Electronic Mail Acceptable Use Policy, the user's computing privileges at MTSU may be permanently and totally removed. There will be no refund of any technology access fees.

Student users in violation of the MTSU Electronic Mail Acceptable Use Policy may be recommended for suspension or dismissal from MTSU. Employees in violation of the Policy may be recommended for termination from MTSU employment.

Disclaimer: As part of the services available through the University's campus network, access is provided to a large number of conferences, lists, bulletin boards, and Internet information sources. These materials are not affiliated with, endorsed by, edited by, or reviewed by the University, and the University takes no responsibility for the truth or accuracy of the content found within these information sources. Moreover, some of these sources may contain material that is offensive or objectionable to some users.

Monitoring and Enforcement:

In general, the following procedures should be used in monitoring and enforcing e-mail etiquette and policy:

  1. Responsibility: All University community users are responsible for monitoring e-mail to ensure that etiquette is observed and that e-mail use is in accord with University, State, and Federal policy, law, and regulation.
  2. Issues of Etiquette: Concerns over issues of e-mail etiquette by faculty, staff, and administration should first be discussed with the offender. If the etiquette issue continues, the offended user should alert their supervisor who may discuss it with the offender's supervisor. Violations of etiquette by students should be discussed with the offender.
  3. Violations of Policy: Violations of the Middle Tennessee State University Electronic Mail Acceptable Use Policy should be discussed with the offender. If such behavior continues, the offended user should alert their supervisor to discuss the violation with the offender's supervisor. Complaints involving policy violations by students should be discussed with the Assistant Dean in the Office of Judicial Affairs and Mediation Services, Division of Student Affairs. If the policy violation persists, the e-mail account may be restricted or removed. Complaints and offending e-mail may also be forwarded to abuse@mtsu.edu.
  4. Violations of Law: When violations of law are alleged, the offended user should inform their supervisor, the alleged offender's supervisor, the Director of the Information Technology Division, and the appropriate Vice President. Together, these parties will decide whether the alleged offender should be disciplined within University guidelines for similar offenses and/or turned over to University attorneys for legal action. Complaints involving violations of law by students should be discussed with the Assistant Dean in the Office of Judicial Affairs and Mediation Services, Division of Student Affairs. Complaints and offending e-mail may also be forwarded to abuse@mtsu.edu.

Back to Top

XIII. VIRUS PROTECTION

Computer viruses infect computer systems by physical contact. Computer viruses are really segments of program code that interfere with the smooth running of the programs and data on a personal computer. The virus code resides on a diskette or on another computer system on a network. When the virus code is copied from the diskette or from another computer system over the network, it infects the system it is copied onto.

Boot sector viruses spread when a user places an infected diskette in the floppy drive of a personal computer and restarts it, or boots it. Program viruses spread when a program is run in which the code is embedded.

Viruses are designed and may be propagated by malicious users. Virus code may be surreptitiously inserted into files with the intent of damaging other users computer systems. Quite often viruses are made available under false pretenses. Eventually, someone uses the infected file. The physical contact is made, and the virus starts to spread.

Many other viruses, however, destroy data and render computer systems inoperable. The Michelangelo virus overwrites the hard disk. The Jerusalem virus deletes executable files. Some viruses -- called "rabbits" -- just reproduce, eventually taking up all processor capacity, memory and disk, denying the user access to system resources.

  • Be suspicious of freeware and shareware.
  • Be wary of downloading files from electronic bulletin boards or news groups.
  • Make, store and routinely check backup copies of all files and programs. Keep the backups for as long as six months to a year.
  • Use anti-virus software.

Back to Top

XIV. COMPUTER ABUSE OR HARASSMENT

Unfortunately computer abuse, harassment, malicious behavior, and unauthorized account access do happen. Should any of these things happen to a University user, it should be reported to the user's immediate supervisor, the Information Technology Division system administrator, or other appropriate University authorities. Computing resource abuse should be reported to the e-mail address abuse@mtsu.edu. This will alert University staff to the situation. Users should be aware that investigating authorities will want the offended user to retain harassing e-mail messages, dates and times of unauthorized access, etc., for investigative purposes. Cases are handled individually and confidentiality.

Threatening e-mail must be viewed as anti-social behavior and is a violation of University policy, State and Federal law. Respectful users of the Internet abide by the same principles of fairness, decency and respect used everywhere else. If a University user receives threatening e-mail, contact abuse@mtsu.edu.

Back to Top

XV. OWNERSHIP

The State of Tennessee and the University owns the central computers, computer labs, the microcomputing sites, the computers it places on its employees' desks and all the software it has installed on them. The University determines who may use these resources and how they may use them.

The State of Tennessee and the University owns the University network - all the wires, cables and routers that connect the central computers, computer labs, microcomputer sites and the campus connections that allow the networkability of personal computers to each other and to the Internet. The University determines who is authorized to use its network.

The University will determine basic user disk space allocations and will alert users when this maximum allotment has been reached. Users must expediently remove or transfer files from their allocated disk area when prompted to do so by University computer system administrators.

University policy on e-mail establishes that the messages users receive and transmit may not remain private due to the open structure of network transmissions [1], [2], [3]. However, users can expect that their accounts will not be monitored by the University or the State on a regular basis. Additionally, users must be aware that in case of system problems, through hardware or software failure or through attacks by malicious users, the staff who maintain the central computers and disk stores are authorized to look at any information or any files necessary to correct network system problems and to protect the various computing systems and the information they contain. Such situations are rare.

The University respects user's privacy to all reasonable limits. However, it can not be assumed that messages and files remain private in all cases. In addition to the authorized actions of system administrators working on problems, user's e-mail could end up in the hands of computing staff if it was so badly misaddressed that it can't be delivered, and it is possible to make mistakes in addressing e-mail that places private messages in the mailbox of someone other than the intended recipient. Courts have also ruled that e-mail records and information in electronic form on central computers can be subpoenaed in some cases. Under present circumstances, the privacy of user's e-mail can't be guaranteed.

Above all else, users must not permit anyone else to use their MTSU computing ID and password to gain access to their files.

Back to Top

XVI. MASS MAILINGS AND LISTSERVS

Authority to Send Large-scale Messages:

System-wide electronic messages by e-mail should be reserved for rare and truly urgent emergency notices. The frequency, content, and other characteristics of most messages are inappropriate for such wholesale delivery. Authority to use the entire University master list of user addresses rests with the University President, Vice Presidents, the Director of the Information Technology Division, or their designees.
Other college deans and heads of major departments, or their designees, may approve the creation and use of large subsets of that list within their areas, on either a standing or ad hoc basis, in accord with this policy.


Use Of the "News" Item At Log On:

Occasionally, due to system maintenance or other scheduled interruptions in the use of computing services, the Information Technology Division may place information in the News item which is brought up with user log-in. In rare circumstances it may also be necessary to alert all users logging on to other campus events. It is the responsibility of the President, Vice Presidents, and/or the Information Technology Division system administrator to determine when this is necessary. The News item should not be considered to be a campus-wide bulletin board.


Responsibility of Segmented E-mail List "Owners":

The University respects and encourages the dissemination of ideas and communication regarding specific academic disciplines. Faculty users may wish to initiate and moderate Listservs which allow the rapid electronic communication of many list members on topics related to the creation of the list. These Listservs may grow in popularity and stature based upon the worldwide number of those who subscribe to the list and whose interests are similar.
Listserv management may support the ability of new or old subscribers to sort through previous postings to the Listserv. The University ITD has established the position of Listserv Administrator to aid those on campus with the creation of Listserv Archives. However, as noted in Section XIV, the State of Tennessee and the University own all disk space in University computing systems. Provisions will be made for Listserv archive space provided that maintenance of the Listserv is in keeping with the mission of the University. In most cases, the archive of postings to a Listserv will extend to one year's time. It will be the responsibility of the Listserv moderator to store postings more than one year old. If a Listserv moderator would like to make postings more than a year old available on-line, it will be necessary for the moderator to petition the appropriate supervisory Vice President for funds for additional disk space.
Owners of standing e-mail lists and identified moderators of Listservs, whether involuntary or voluntary, are expected to develop and monitor compliance with written operating procedures for the use of their lists. All list owners are encouraged to consider the benefits of moderating or otherwise controlling access to large lists. This applies whether a list has been created for one-time use or is maintained as a standing list, whether compiled manually or from the central database, and whether involuntary or by subscription.

All electronic communications are expected to comply with relevant federal and state laws, as well as University regulations and policies, including those governing public computing resources, security considerations, and ethics in computing. The texts of these policies and handbooks outlining responsible computer usage at the University are available on-line at http://www.mtsu.edu/itd/policies_home_itd.shtml Revocation of one's network access is among the possible sanctions for violating the terms of these policies.