Rutgers has a mobile device privacy violation strategy

Rutgers decided to switch everyone over to an Office 365 system for email. All “official Rutgers business” has to be conducted through our new email accounts. If you try to sync mail to your phone, you are prompted to install a Microsoft app which will manage your account. According to the Rutgers Mobile Device Management Policy we “will be prompted by a notice that states administrators will be allowed to make a number of changes to your device but the University will not utilize those features as they are beyond policy.”

I Am Not A Lawyer, but it seems a little bad to sign a contract with someone who says “oh don’t worry about those clauses, we will never use them.” So what are we agreeing to let IT admins do?

What IT cannot see:

  • Call and web history
  • Location
  • Email and text messages
  • Contacts
  • Passwords
  • Calendar
  • Camera roll

What IT can see:

  • Model
  • Serial number
  • Operating system
  • App names
  • Owner
  • Device name

So apparently what apps you have is something that your boss should know about. I suppose you can construct a reason for that, but I don’t really know why it’s anyone’s business. I can see it as being rather dangerous — who are they sharing this information with? Also, Rutgers wants to:

  • Reset your device back to manufacturer’s default settings if the device is lost or stolen.
  • Require you to have a password or PIN on the device.
  • Require you to accept terms and conditions.

Hmmm, abstract “terms and conditions.” Ok then… the features they say are out of scope (for now) are:

  • Remove all installed company-related data and business apps. Your personal data and settings aren’t removed.
  • Enable or disable the camera on your device to prevent you from taking pictures of sensitive company data.
  • Enable or disable web browsing on your device.
  • Enable or disable backup to iCloud.
  • Enable or disable document sync to iCloud.
  • Enable or disable Photo Stream to iCloud.
  • Enable or disable data roaming on your device. If data roaming is allowed, you might incur roaming charges.
  • Enable or disable voice roaming on your device. If voice roaming is allowed, you might incur roaming charges.
  • Enable or disable automatic file synchronization while in roaming mode on your device. If automatic file synchronization is allowed, you might incur roaming charges.

Seems like a lot for the dubious value of checking my work email on my phone. I guess I have some startup funds that need spending. Perhaps I can get a “just for work” device that Rutgers can snoop on as much as they like.

Advertisements