CIS Unix Privacy Policy

This document describes the privacy policy for CIS Unix users. It describes access policies for:

  • Information about you: your name, your username, your University System ID number, etc.

  • Information controlled by you residing on the CIS Unix system disks: primarily your mail, but also your personal web pages, your data files, etc.

We describe under what conditions this information might be available to:

  • other people at non-UNH locations;

  • other CIS Unix users;

  • CIS personnel;

  • other UNH personnel and legal authorities.

Non-UNH People

You should assume that people at non-UNH locations have direct access to whatever information the University has chosen to make available via its published directories, both printed and online. This will often include your real name and UNH e-mail address, along with non-computer-related information. A good place to start looking to see what's online is the UNHINFO Directory Page.

Generally, each directory has its own rules about the control individuals exert over the information supplied. For example, if you appear in the pubpages web directory, you can ask that your entry be deleted via e-mail to .

Outside-UNH people can (of course) view your personal “pubpages” web page if you set one up. If you decide to do that, it's your responsibility to not put information there you don't want the Whole Wide World to see.

It's theoretically possible for an outside party to obtain information about you from one of your fellow CIS Unix users. There are thousands of CIS Unix users, and it's probably not safe to assume each and every one of them will be concerned about your privacy. So people really concerned about what non-UNH people can find out should read on into the next section.

CIS Unix Users

Any CIS Unix user can (theoretically) log into his or her shell account and use the full power of the Unix system. And among the things you can do on the Unix system is find out stuff about your fellow users; more importantly, they can find out stuff about you. Examples:

  • Other Unix users can search the user-account list (“password file”) to determine your name, username, command shell, and home directory location.

  • Unix users can tell the last time you modified your home directory.

  • Unix users can tell your group membership. For students this will often reveal the college in which you're currently enrolled. In addition, certain courses have groups associated with them; if you're a member of this group, other people can deduce you're registered for that course. For faculty/staff, group membership will reveal your employing department.

  • Unix users can determine whether you're currently logged in on the same system. They can tell how long you've been logged in, the system you're connecting from, and how long you've been “idle”--sitting there without typing something.

  • With the last command, Unix users can view your login record on a given system system for the current day. In theory, Unix users can determine the last time you logged into any of the systems. (In practice, this would be relatively difficult, however.)

  • Unix users can tell what processes (commands) you're currently running with the ps command. But they can't see what you're typing to the command. (For example, they can tell you're running Pine, but they can't see the contents of the messages you're composing or reading, or the senders or recipients.)

  • A semi-competent programmer can discover your disk quota and current disk usage.

  • Unix users can not look at the files and directories inside your account unless you give the Unix permission-adjusting commands to allow them to do that. If you do do that, it's your responsibility to make sure that your sensitive information is protected.

CIS Personnel

Some CIS staff members have additional system privileges that allow them access to additional information about you.

A relatively small group of CIS personnel who work with users for account setup and maintenance have read-only access to various databases containing information about you. Depending on your affiliation with UNH this may include: your USID (which, most probably, is your Social Security Number); your birthday; your class; your major; your employing department; and the courses for which you're currently registered. CIS personnel are instructed in the sensitivity of this information and only provide it to other parties in accordance with UNH guidelines. (For example. we disclose student e-mail addresses to the people who do student billing.)

A very small group of CIS personnel are “system administrators.” They have access to all system files residing on the system disks, including yours. Except as described below, system administrators will not view or alter the names or contents of your files, or read your incoming or outgoing mail.

  • If your account's configuration files have been damaged in such a way to prevent normal use of the account, system administrators can fix them. (Generally the damaged versions are only renamed, not deleted.)

  • If your account has a mail-forwarding .forward file that is causing mail sent to you to bounce, system administrators can rename it, undoing the forwarding; alternatively, they can “fix” it, if the fix is obvious.

  • Misaddressed or otherwise undeliverable mail (either sent by you or sent to you) can be bounced to the “postmaster” account on the system. This is only read to determine the problem involved in delivery. Contents are not read.

  • If there is reasonable cause to suspect that your account has been broken into, system administrators can check your files for further evidence. This is generally limited to looking for programs the intruder has installed on your account.

  • Tape backups of user files are performed nightly. A full backup of all files is performed once a week. Other evenings, files changed within the last day or two are backed up (an “incremental” backup). Most backup tapes are saved for eight weeks and then expired and reused for other purposes. Backup tapes are stored in the Leavitt Data Center and an offsite vault; access is limited to operators and system administrators. System administrators will generally only restore files from tape at your request, and only for your own use. Backup tapes are bulk-erased before they leave the University's control.

  • Malicious software programs (“computer viruses”, “worms”, etc.) pose an ongoing serious threat to our users' computers and the UNH network environment. For that reason, automated tools filter incoming and outgoing e-mail passing through the mail gateway machines, “disinfecting” any messages containing known viruses and potentially dangerous attachments. Automated tools also scan and disinfect user files residing on system disks for the same unsafe software. In neither case will a human being be “reading” your mail or files. More information on mail scanning is on the Virus Filtering Service for CIS Unix Mail page. More information on file scanning is on the File Scanning Service for CIS Unix page.

Other UNH Personnel and Legal Authorities

CIS maintains mailing lists for various campus entities; in accordance with University policy, you may be added to such mailing lists without your knowledge or consent. (For example, you may be added to a list for sophomore physics majors, if the Physics department decides they want such a list, and you're a sophomore physics major.)

The CIS Unix systems are technological resources governed by an overriding USNH policy, which you should read. It states that an administrator at the Vice-Presidential level can authorize access to your files. The VP is responsible for carrying out the steps outlined in that document; specifically he or she is responsible for informing you of the decision.

We are, of course, also bound by local, state, and federal law; if we are served with a subpoena for your files, we will comply. However this will also go through the VP-process described above.

Page Maintenance:
Paul A. Sand <pas@unh.edu>
Last modified: 2013-09-18 12:44 PM EDT
[W3C Validator]