[Systems] Data Request / Privacy Policy query Was Fwd: [IAEP] Preparing for the 2017 SLOB Election

Chris Leonard cjlhomeaddress at gmail.com
Thu Aug 18 10:19:08 EDT 2016


On Thu, Aug 18, 2016 at 9:59 AM, Samuel Cantero <scanterog at gmail.com> wrote:

>
> Thanks Chris. I appreciate this concern. Have you ever had a situation like
> this previously?

Nothing comes to mind, offhand.  I saw how our policies read and
thought I should consult with this list.

> IMHO, getting root/sysadmin privilege at SL at some moment is a matter of
> trust and proven work. This gained trust can be used to take decisions in
> cases like this. I consider wise the steps taken by Chris.
>
> Dave is the person who has worked really hard in the last months to boost
> the SL community. If I have the authority to approve this access, I'll
> definitively do it.

Me too, but I hesitate to do it unilaterally, thus my e-mail to this list.

Below is a note I shared with Dave privately in response to his signed
USENIX SAGE sysadmin pledge.:

Mine was signed some time ago.  In the present instance, I hope you
can see that my post to systems was prompted, in particular, by the
following sections

Privacy

I will access private information on computer systems only when it is
necessary in the course of my technical duties. I will maintain and
protect the confidentiality of any information to which I may have
access, regardless of the method by which I came into knowledge of it.

Laws and Policies

I will educate myself and others on relevant laws, regulations, and
policies regarding the performance of my duties.

Communication

I will communicate with management, users, and colleagues about
computer matters of mutual interest. I will strive to listen to and
understand the needs of all parties.


Knowing that you have formally committed yourself to uphold these
standards (and the rest of the SAGE sysadmin pledge) before
transferring sensitive data is simple stewardship.

I hope you realize now that I was not claiming greater privilege, but
rather describing the burden of the privacy standards I'm committed to
upholding.  IMHO, there is nothing improper about sharing this data
(confidentially) for the purpose of expanding membership opportunity
and building community, it just needs to be done with a eye to the
letter and more importantly spirit of our own policies.


cjl


More information about the Systems mailing list