UC IRVINE ADMINISTRATIVE POLICIES AND PROCEDURES
Sec. 800-15: UCI Guidelines for the UC Electronic Communications Policy
Responsible Office: Assistant Vice Chancellor - Information Technology
Revised: September 2011
References / Resources
- Federal Electronic Communication and Privacy Act of 1986
- Federal Family Educational Rights and Privacy Act of 1974
- California Public Records Act
- Digital Millennium Copyright Act
- University of California
- UCI Administrative Policies & Procedures
Contact: Assistant Vice Chancellor - Information Technology at (949) 824-5173 or firstname.lastname@example.org
A. University Policy
The University of California Electronic Communications Policy (UC ECP) clarifies the applicability of law and of other University policies to electronic communications. The UC ECP also defines policy and procedures where existing policies do not specifically address issues particular to the use of electronic communications.
Operators of campus electronic communications resources will coordinate with those responsible for campus implementation of the Americans with Disabilities Act to ensure that persons with disabilities have access to campus electronic resources.
B. UCI Guidelines
The UCI Electronic Communication Guidelines govern electronic communications at UCI and conform to the UC ECP. They build on other existing UC and UCI policies and guidelines whenever possible, but do not attempt to repeat or elaborate upon all contents of the UC ECP. No single set of guidelines can address all issues arising out of the use of electronic communication services. As a general guide, electronic forms of communication are subject to the same local (academic department or administrative unit) standards of practice and expectations that exist for paper correspondence. Users should consult the UC ECP for more information.
- Authorizing Administrator - the head of a teaching, research, administrative, or other organizational unit. The Director, Office of Student Conduct, is the authorizing administrator for student accounts (see E.1.a.).
- Authorizing Official - a designated official who can permit access and forwarding for purposes of non-consensual access (see G.4.).
- System administrator - a department or administrative unit designee who has physical or logical control over electronic communications resources (see G.3.a.).
D. Covered Services and Resources
- UCI email addresses (@uci.edu and @[subdomain].uci.edu) provided to employees, students, and authorized guests are considered public records under the California Public Records Act and may be published unless access is restricted under applicable law (e.g. Federal Family Educational Rights and Privacy Act of 1974). Student information that may and may not be released is clarified in Section 720-12, Student and Student Applicant Records - Guidelines.
- Generic business email addresses (not based on an individual's name) should be used for activities that anticipate a high volume of messages regarding the business of a unit. This prevents disruption of an activity should departmental personnel change. Examples: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org.
UCI provides access to Web resources for the conduct of University business as stated in Section 800-16, World Wide Web Publishing Policy.
In compliance with federal law, the University does not allow audio or video telephone conversations to be recorded or monitored without advising the participants, unless a court has explicitly approved such monitoring or recording and University Policy is followed in the conduct of the monitoring or recording. Emergency services will record 911-type emergency calls in accordance with federal and state laws and regulations.
Users of telecommunications radio frequency transmitters and receivers will operate in compliance with regulations of the Federal Communications Commission, University Policy and Section 800-11, Campus Radio Systems Guidelines. The use of radio frequency emissions on the UCI campus is coordinated by Office of Information Technology (OIT).
E. Allowed Users
Electronic communication resources may be provided to UCI employees and others for the purpose of conducting the University's business and such other purposes that conform to UC and UCI allowable uses. All allowed users of UCI electronic communication resources and services must adhere to campus policies and practices concerning electronic communication, including Section 714-18, Computer and Network Use Policy.
- University Users
- Access to electronic communications resources by UCI students, staff, academic appointees, retirees, and emeriti is provided at the discretion of an authorizing administrator for purposes that support the teaching, research, public service, and patient care mission of the University, including the administrative functions that support that mission. Authorizing administrators consider educational requirements, job demands, departmental needs, and cost and efficiency factors when granting access.
- Other individuals who are affiliated with the University, including those in program, contract, or license relationships may be granted access for the term of the affiliation, when such access supports the mission of the University and is not in competition with commercial providers. In such cases, a sponsored UCInetID form must be completed.
- Public Users
Individuals and organizations that are not University users may use University electronic communications resources only when approved by the authorizing administrator of a sponsored University program and when the purpose of public access is in accordance with allowable use. Members of the general public using the Libraries' resources is one such allowable use. Other individuals may be allowed access at the discretion of the Assistant Vice Chancellor, Information Technology.
F. Incidental Personal Use
- Personal Purposes
- University users may use electronic communications resources for incidental personal purposes provided that such use does not directly or indirectly:
- Interfere with the University's operation of an electronic communications resource
- Interfere with the user's employment or other obligations to the University
- Burden the University with noticeable incremental costs
- Involve sending regular or voluminous personal messages via lengthy email lists
- Create a hostile working environment (including sexual or other forms of harassment)
- Violate any University policy or law, including obscenity laws.
- When noticeable incremental costs for personal use are incurred (e.g., telephone long distance charges), users must reimburse the University.
- University users may use electronic communications resources for incidental personal purposes provided that such use does not directly or indirectly:
- On Behalf of Organizations Outside the University
Incidental personal use on behalf of an outside organization is permitted only under approved circumstances, usually by the Chancellor or designee. Users should confirm with their supervisors that any proposed use complies with UC and UCI policies.
- A UCI electronic communications resource, such as an email address, should not be used as the point of contact for activities which are not University-approved activities.
- UCI electronic communications resources may be used for charitable activities only when they have been approved by the Chancellor (e.g., the United Way campaign).
- UCI electronic communications resources may be used on behalf of outside professional or public service organizations only when the University is a member of the organization and the user is the University's representative, or when the user is a member of an organization in support of the University's mission.
- UCI electronic communications resources may be used on behalf of national, state, and local committees or task forces only when associated with an approved University activity.
G. Privacy of and Access to Email Content
The University respects the privacy of electronic communications users. Managers of computing systems providing electronic communication services will not inspect, monitor, or disclose the content of electronic mail without the holder's consent except under specific circumstances.
- Access by the Public
The California Public Records Act requires the University to disclose specified public records. In response to requests for such disclosure, it may be necessary to access electronic communications records that users consider to be personal to determine whether they are public records that are subject to disclosure. Records of electronic communications pertaining to the business of the University are subject to disclosure under the California Public Records Act. Managers of email systems receiving requests from off-campus for disclosure of information related to email should forward such requests to the Public Records Office.
- Sharing Contents of Messages
Some electronic communications records are not covered under the California Public Records Act. Such records are no longer considered private if either the sender or recipient voluntarily shares the content with a campus official or manager of the computing system providing electronic communication services. This may occur if an individual is the recipient of messages the individual considers unwanted or harassing, or encounters a technical problem sending or receiving email. In such cases, campus staff will exercise discretion and professional judgment in sharing the content of the message(s). Possible viewers include the manager of the computer system on which the message originated or is stored, the sender's or recipient's manager or academic dean, and other appropriate university officials. Appropriate officials may include, but are not limited to, Human Resources Consultants and/or the Manager of Consulting and Labor Relations, the Academic Personnel Director, the Ombudsman, the Assistant Executive Vice Chancellor, Equal Opportunity /Diversity, and the UCI Police.
- Maintenance Needs
- System Monitoring
- 1) Information in email headers such as sender, recipient, date, and subject may be examined by technical staff in response to normal operational concerns (e.g. problems with the delivery of email, excessive copies of messages, or excessive length of messages). Certain technical tools used in the management of computer systems may display the entire contents of electronic communications. In such cases, staff must exercise professional judgment when viewing the content of a file.
- 2) In the performance of their duties, system administrators regularly monitor transmissions for the purpose of ensuring the proper functioning, reliability, and security of University electronic communications resources and services. During this process, they may observe certain transactional information and the contents of electronic communications. Except as required by University policy or law, system administrators are not permitted to seek out the contents or transactional information, disclose, or otherwise use what they have observed. System monitoring should be restricted to the least amount of perusal possible.
- 3) If, in the course of their duties, system administrators inadvertently discover or suspect improper activity in violation of law or policy, such incidents should be reported.
- Backup Copies of Email
Backup copies of email messages made during the normal course of system maintenance are subject to the same guidelines as the original messages. They are normally made only for the purpose of maintaining the reliability of computer systems and not for the purpose of archiving messages. Managers of electronic communications systems will provide information on backup procedures when requested by users.
- System Monitoring
- Non-consensual Access
For purposes of non-consensual access, only authorizing officials may permit access and forwarding of electronic communication records. An alternative, higher-level permission will be obtained for individuals with a direct reporting relationship to an authorizing official. The electronic access authorizing officials for UCI are:
- Faculty and Librarian records - Executive Vice Chancellor
- Staff records - Vice Chancellor-Administrative & Business Services
- Student records - Vice Chancellor-Student Affairs
- Medical Center records - Chief Executive Officer, UCI Medical Center
When the inspection, monitoring, forwarding, or disclosure of email held by faculty is requested, the Executive Vice Chancellor shall solicit, in advance and in writing, advice from the Chair of the Irvine Division of the Academic Senate. The Irvine Division shall respond within a time period consistent with the situation motivating the request.
When necessary to sustain the routine operation of the University or in cases of disability or death, upon direction by any electronic access authorizing official, managers of computing systems will forward email to another without the consent of the original recipient of the University (for investigatory purposes, the following section, 5. Investigations and Terminations of Service, applies). Individuals whose email is forwarded to another will be informed of this action (if possible). Reasonable attempts will be made to identify alternatives to the redirection of email messages. Such alternatives include an automatic reply message advising senders that the recipient is not available and suggesting an alternate recipient.
Individuals who have been granted access to electronic communications records:
- Must not use the grant of access to obtain records other than those required to continue University business in the holder's absence.
- Must limit their inspection of records to the least perusal of contents and the least action necessary to obtain the needed records.
- Must not seek out, use, or disclose personal information contained in the records except for University business purposes.
- Must not violate the UCI Computer and Network Use Policy regarding use of false identity.
- Must take all necessary steps to protect the access and/or account from unauthorized use.
- Investigations and Terminations of Service
An electronic access authorizing official may direct managers of computing systems to provide copies of messages as part of campus investigations of harassment or other forms of misconduct and, further, may require that access to email services be discontinued for an individual or individuals. Such requests will be in writing and will be made only (a) when required by and consistent with law, (b) when there is substantiated reason to believe that violations of policy or law have taken place, or (c) when required to meet time-dependent, critical operational needs.
- Compliance by Employees
All University employees will comply with written requests from an electronic access authorizing official for the disclosure of the content of email messages when such requests are consistent with the circumstances stated above.
Within a week of any non-consensual access to electronic communications, a report of the access will be sent to the Assistant Vice Chancellor - Information Technology. The report will be included in the annual summary sent by the Executive Vice Chancellor's office to the Office of Information Resources and Communications at Office of the President, as required by University policy.
H. Extension, Transfer or Termination of Email Service
All UCI email and domain name addresses (that is, those ending in "uci.edu") are the property of the University. A user's access to electronic communication services terminates when a user's affiliation with the UCI community ends.
- Extending Email Service
Normally, OIT maintains UCInetIDs and central email access for approximately 90 days after an employee leaves the University. Staff and students using departmental email accounts are subject to local policy. Authorizing administrators may choose to cancel or extend a terminated user's email service for a "reasonable period of time," if the situation warrants. The definition of a reasonable period of time is determined by the management of the computer system providing the electronic communication service.
- Transferring an Address
When an employee transfers from one UCI department to another, the UCInetID and UCInetID@uci.edu email address transfers with the employee. For this reason UCI managers are encouraged to utilize generic business email addresses for critical business functions.
Transferring employees must coordinate with management in the department they are leaving to ensure continuity of business operations. If an agreement cannot be reached, the department may request that OIT issue the individual a new UCInetID and, by following the non-consensual access provisions, may gain access to the individuals previous account.
- Redirecting Messages
Written approval to access email records (message content) should be obtained prior to an employee's departure. If written approval to access email is not obtained, managers may not read the email records, but may use automatic reply tools to notify those who send messages to the business email address to direct future messages to a new address for the business purpose. Senders of personal messages for transferred employees should be advised of the employee's new email address. For employees leaving UCI, managers may refer senders to a private email address if one has been provided by the departing employee.
- Temporary Absences and Separations
If access to email records of absent employees (e.g., vacation, leave of absence, termination) is required to sustain the routine operation of the University, and the employee did not give permission that would be reasonably expected to access the files, guidelines for non-consensual access must be followed. If the appropriate permission was not obtained, this exceptional procedure should be followed only when necessary to sustain the routine operation of the University.
I. Restriction of Service
Restrictions of service shall be consistent with the UC Electronic Communications Policy and the written computer use policies of the organizational unit providing the electronic mail service (see Section 714-18).
J. Violations of Copyright Law
The University reserves the right to suspend or terminate access to University electronic communications systems and services by any user who violates copyright law. Investigations of electronic copyright law violations are coordinated by the Office of Information Technology, in accordance with the provisions of the Digital Millennium Copyright Act. Issues should be reported to email@example.com.
Users who do not comply with these Guidelines, other University policies, or any federal or State law or regulation may be subject to:
- Restriction of service
- Corrective action under applicable University policies and collective bargaining agreements (in extreme cases, such action may include dismissal)
- Civil lawsuit or criminal prosecution
L. Resolution of Complaints
Any complaints regarding the application of the UC Electronic Communications Policy, regarding service restrictions; consent and compliance with appropriate inspection, monitoring, or disclosure of University email records in the holder's possession; access without consent; or policy violations shall be filed under existing University grievance or complaint resolution procedures, if available. When existing procedures are not available, complaints shall be reviewed through an appeal procedure approved by the Executive Vice Chancellor for complaints involving academic employees and authorized users, the Vice Chancellor - Administrative and Business Services for non-academic employees, or the Dean of Students for students.