We Do Not
With the latest rounds of phishing, various information disclosures, etc., a lot of people have again started questioning if we read employee e-mail. We are legally allowed to, so this isn’t a question of “can or can not”, it’s a question of “do or do not”, so let me put this clearly:
We Do Not.
If individuals are experiencing e-mail problems, we will ask their permission if we can take a look, in order to do our job and provide them better service.
If an individual’s account appears to be compromised (eg. sending hundreds of messages a minute, to thousands of recipients each, because they gave their password to bad Nigerians) we may try to weed out the bad messages using various patterns (an e-mail to 1000 people looks distinctly different than a normal one).
If an individual is suspected of violating policy, local, state or federal law, all of their files are subject to access.
If we receive a FOIL request, or other legally-sound mandate, we will honor it.
That’s it. That’s the way it has always been for the *choke* 11 years I’ve been involved with e-mail here. That’s the way it’ll stay as long as I have any influence.
