Date: Fri, 28 Sep 2001 15:50:27 BST
To: All UCL Staff and Students
In accordance with current legislation* I would like to draw your attention
to UCL's policy and practice regarding the monitoring of communications
made using its computer and telecommunication systems. Routine monitoring,
carried out with the purpose of ensuring that our systems are performing
properly, normally involves only aggregate anonymous data and does not
identify individuals or the contents of their communications. Keeping
count of the number of e-mail messages passing through College servers is
an example of this type of activity. However, there are circumstances
where UCL may collect information which can be associated with an
individual's communications. This may be done, for instance, to prevent or
detect crime; to investigate or detect unauthorised use, including the use
of systems outside UCL; or if it is necessary to ensure the effective
operation of our systems.
It is important to be aware that communications on or through University
College London's computer and telecommunication systems may be monitored or
recorded to secure effective system operation and for other lawful purposes.
Such monitoring or record keeping must be properly authorised (by head of
department, by the head of UCL's computer security team, or by the
appropriate UCL officer) and comply with other relevant legislation -
notably the Data Protection Act 1998 and the Human Rights Act 1998. In the
absence of proper authorisation, monitoring may itself give rise to
criminal or civil liability on the part of the person carrying it out.
A very clear document containing examples of how the legislation applies in
practice has been produced by the Joint Information Systems Committee,
which promotes the use of information systems and information technology in
Higher and Further education across the UK. It can be downloaded from
http://www.jisc.ac.uk/pub01/smbp14.pdf
For further information please contact me at the address below.
Robert Hart
---
Computer Security Team
Email: r.hart@ucl.ac.uk
Communications on or through University College London's computer systems
may be monitored or recorded to secure effective system operation and for
other lawful purposes.
Unless otherwise agreed expressly in writing by an officer of University
College London, this communication is to be treated as confidential and the
information in it may not be used or disclosed except for the purpose for
which it has been sent. If you have reason to believe that you are not the
intended recipient of this communication, please contact the sender
immediately. No employee or agent is authorised to conclude any binding
agreement on behalf of UCL with another party by e-mail without express
written confirmation by an officer of the College.
Employees of University College London are required not to make any
defamatory statements and not to infringe or authorise any infringement of
copyright or any other legal right by e-mail communications. Any such
communication is contrary to organisational policy and outside the scope of
the employment of the individual concerned. UCL will not accept any
liability in respect of such a communication, and the employee responsible
will be personally liable for any damages or other liability arising.
From: Robert Hart
Subject: Monitoring the use of computer and telecommunication systems
Robert Hart
Education & Information Support Division
University College London
London WC1E 6BT
Phone: +44 (0)20 7679 7338
PGP public key from http://www.ucl.ac.uk/cert