Oversight Committee for the Access to User Electronic Information Policy

This Policy is an institutional policy which sets forth certain circumstances in which WPI may access someone’s electronic information stored in, or transmitted through its systems, networks and devices.  The policy was originally approved by President Leshin in September 2020, upon the recommendation of the Administrative Policy Group and in consultation with the Committee on Information Technology Policy (CITP).  This policy is a “best practice” for colleges and universities.

Per the Policy, “the Oversight Committee shall make recommendations to the Administrative Policy Group as to the implementation of this policy and possible amendments.  The Oversight Committee shall also make periodic public reports on the implementation of this policy.”

One of the main underlying principles of this Policy is transparency, and the Policy mandates “periodic public reports.”  To fulfill this mandate, the Oversight Committee has recommended that WPI periodically report the number of requests for access that have been received, along with the “legitimate institutional purpose” for the requests (as defined in the policy).  Below is a table that sets forth this data, which WPI considers confidential and may not be shared outside the WPI community.

*As the Policy states: “due to the volume of the protection, maintenance and management that occur in the background (e.g., reviewing critical security threats, phishing investigations, malware investigations), all such access of User Electronic Information does not require prior authorization for access, and will not be tracked.”