Mission Statement

We began the project with the following mission statement in mind:

Other Stanford students, faculty and staff can have access to personal student information via Stanford’s Leland network (e.g. student system administrators can access student grades).  Some students may find such access privileges undesirable, which raises some serious privacy issues and concerns.  Accordingly, we will conduct a pilot study that will investigate and isolate these privacy issues and concerns.  Our goal is to make recommendations regarding what Stanford can do to provide more privacy protection if necessary, offer suggestions to improve Stanford's privacy policy, and recommend future studies.  This will be accomplished by:

1.         Surveying the Stanford student body to consider their expectations and perceptions of student privacy rights on the Stanford network, focusing solely on Leland.  We hope to survey a broad spectrum of student Leland users:   males/females, undergraduates at all levels (first-, second-, third-, and fourth- years), graduate students and technical/non-technical majors. 

2.         Investigating how other students (at various university positions, e.g. teaching assistants, system administrators, etc.), faculty and staff can access a student’s Leland account (e.g. files), email, and personal information (grades, mailing address, etc.).  Determining whether undesired accessibility is a property of UNIX/multi-user systems or whether Stanford should do something to tighten security and afford students more privacy protection. 

3.         Discussing Stanford’s privacy and computer/network usage policy, specifically addressing network privacy protections guaranteed to Stanford students. 

4.         Performing costs/benefits analysis:  would students prefer to have their privacy absolutely protected at the cost of the convenience of say easily finding the physical location of another student (e.g. zlocate).  Also, can more privacy protection be accomplished without compromising security?

While we have undertaken tasks 1-3 – specifically, we have expanded task 3 to also include various laws and policies that serve to afford students adequate privacy protection – we tabled task 4 as a future study without sacrificing the goals defined above.  In task 4’s place, we considered the question of where Stanford is headed in its protection of students' privacy.  We also considered other universities’ privacy policies to both scrutinize our own and consider the broader question of university student privacy.