Request Information, Abuse, U.Va.

Mailing Address:

PO Box 400217
Charlottesville, VA
22904-4217 USA

Physical Address:

108 Cresap Road
Charlottesville, VA 22903

434-924-4165
434-924-3579
Email Us
See Map

Request Information

Introduction
Information that can be requested
How to request information
Law Enforcement, Government Officials, and Others Outside the University Community
Honor Committee and Judiciary Committee Members, Sexual Assault Case Investigators, and Faculty Conducting Individual Student-Academic-issue Investigations
University of Virginia Administrators in Faculty or Staff Disciplinary Investigations

Approved by ITC Policy Director January 17, 2001

Revised: February 27, 2002

Introduction

Incidents that involve the University's on-line environment sometimes lead to investigations, which include the gathering of technical evidence. Those investigations may be managed by law enforcement officers, authorized government officials, or others outside of the University community; by the University's student Honor Committee or Judiciary Committee, by Sexual Assault Case Investigators, or by faculty conducting individual student-academic-issue investigations; or by University administrators in faculty or staff disciplinary investigations, depending on the nature of the incident and the role (i.e., faculty, staff or student) of the persons suspected of improper behavior. In such investigations, investigating officials may call on the abuse team to provide technical information that may become evidence from computers owned and managed by ITC. We have no ability to provide such information from departmental systems.

Each member of the abuse team recognizes the often sensitive nature of both reports received and what is found during the course of an investigation. All members of the team will hold both reports and findings confidential consistent with both the letter and the spirit of the procedure described in this document and the rules of the disciplinary bodies involved.

We recommend the adoption of guidelines similar to these by System Administrators of other U.Va. departmental computing systems. Departmental system administrators may request that the University abuse team assume the lead role in the technical inquiry for any incident that may involve systems owned and maintained by ITC, and they may ask to be included in the inquiry as ad hoc abuse team members. The abuse team may designate such system administrators as ad hoc abuse team members if they agree as a condition of the designation to strictly abide by this procedure in the release of any information related to the inquiry. Otherwise, departmental system administrators will be treated as external to the abuse team and should follow the appropriate processes described below in requesting information.

Information that can be requested

Evidence in these investigations may involve computer usage information about individuals that is maintained on centrally-managed computers. Computer usage information about individuals includes two major types

log information (generally referring to when a user's account was used in various contexts)
content information (generally referring to content of materials stored in storage space tied to the account as well as "live" content generated or received by a person currently using the account).

After investigative officials have completed appropriate processes to authorize their requests, we may be able to provide pertinent log information. Such records may show the connection of individual accounts to our host computers (called a connection log), and they may show delivery of a message from one individual's account to another (called a send mail log) or other similar usage information. These logs usually are available for approximately 6 [six] months.

Providing content information such as the contents of a mailbox, a file or a copy of a specific message within a mailbox raises more complex policy issues of privacy and academic freedom. From a technical perspective, it is also important for investigating officials to know that:

we keep backup copies of Inbox mailboxes for a maximum of 1 week - while some individuals keep copies of all messages received on our central machines, others keep some messages there, and still others store no messages on the central machines after they have been delivered to a local machine. In any case, if a message was received by the recipient more than 1 week before the request, we may not be able to find a copy of it.
a message must reside in a mailbox or a file on one of our systems overnight for it to be available on a backup tape - if someone routinely reads and deletes messages from the server or keeps a file on the system for only a short period of time, it is possible that we have no record of the contents of that message/file.
a message stored in a folder/mailbox other than Inbox is stored for a maximum of one year.

Also understand that data we can provide from central computing systems in almost all cases will not establish with certainty the physical location of any person at any time. What it may establish is when an account was used and from what location.

How to request information

The procedures below reflect the sequence of steps necessary for investigating officials seeking computer usage information about individuals. All requests for access to the specific subtype of computer usage information that involves "content" will require additional review by the office of the University's General Counsel.

Law Enforcement, Government Officials, and Others Outside the University Community

Law enforcement, government officials and others outside the University community usually will need to provide legal orders (normally search warrants) to obtain computer usage information. These documents should be delivered to: General Counsel
University of Virginia
Madison Hall
P.O. Box 400225
Charlottesville, Virginia 22904-4225
(434-924-3586)
Recent federal anti-terrorist legislation (the USA-Patriot Act) provides for different processes in specific circumstances, but our procedure remains the same -- any requests received under the act also must go to the General Counsel for review. To ensure that the abuse team preserves information that may be needed, you may wish to notify abuse@Virginia.edu in advance about your intent to request information.
Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more, assuming that your request is made within a time when we still have these records.
The abuse team will release computing usage information to law enforcement, government officials, or others outside the University community only after it has been advised by the University's General Counsel's Office that the investigating officials have completed the appropriate processes.
Unless otherwise instructed by the University's General Counsel's Office, the abuse team will release computing usage information or content information to the General Counsel who will provide it to the requesting law enforcement, government officials, or others outside the University community.
Unless otherwise instructed in the legal order, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity.

Honor Committee and Judiciary Committee Members, Sexual Assault Case Investigators, and Faculty Conducting Individual Student-Academic-issue Investigations

Members of the University's Honor Committee or Judiciary Committee, investigators acting under the University's Procedures for Cases of Sexual Assault, or faculty conducting individual student-academic-issue investigations will file any request for computer usage information through the University's Vice President for Student Affairs, who will review it and instruct us about responding. To ensure that the abuse team preserves information that may be needed, you may notify abuse@Virginia.edu in advance about your intent to request information. Should you contact a member of the abuse@Virginia.edu team with a request, we will forward it to the University's Vice President for Student Affairs.
Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more.
The abuse team will not provide computer usage information to members of the Honor Committee or Judiciary Committee or Sexual Assault Case investigators or faculty conducting individual student-academic-issue investigations until we are notified by the University's Vice President for Student Affairs that the investigating officials have completed the appropriate processes. Requests for content information require additional review by the University's General Counsel.
Unless otherwise instructed by the University's Vice President for Student Affairs (or the University's General Counsel's Office), the abuse team will release computing usage information to the Vice President for Student Affairs who will provide it to the requesting members of the University's Honor Committee or Judiciary Committee or Sexual Assault Case investigators or the faculty conducting individual student-academic-issue investigation.
Unless otherwise instructed in the request we receive from the University's Vice President for Student Affairs, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity.

University of Virginia Administrators in Faculty or Staff Disciplinary Investigations

University administrators investigating incidents as part of faculty or staff disciplinary processes will need to obtain appropriate authorization. For log information, appropriate authorization often will take the form of approval by the appropriate Vice President and Provost for teaching or research faculty or by the relevant vice president, dean or director for administrative or professional faculty or staff. To ensure that the abuse team preserves information that may be needed, notify the abuse@Virginia.edu of your intent to request information as soon as you know you need it.
Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more.
The abuse team will not provide log information to University administrators investigating incidents as part of faculty or staff disciplinary processes until we have received appropriate approval to do so. Requests for content information require additional review by the University's General Counsel.
Unless otherwise instructed by the authority who approves the release of information, the abuse team will release computing usage information to the authorizing agent who will provide it to the person requesting the information.
Unless otherwise instructed in the request we receive, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity.




Report A Problem Information About Spam Email Request Information Ways To Prevent Abuse Frequently Asked Questions Home Mailing Address: PO Box 400217 Charlottesville, VA 22904-4217 USA Physical Address: 108 Cresap Road Charlottesville, VA 22903 434-924-4165 434-924-3579 Email Us See Map		Request Information Introduction Information that can be requested How to request information Law Enforcement, Government Officials, and Others Outside the University Community Honor Committee and Judiciary Committee Members, Sexual Assault Case Investigators, and Faculty Conducting Individual Student-Academic-issue Investigations University of Virginia Administrators in Faculty or Staff Disciplinary Investigations Approved by ITC Policy Director January 17, 2001 Revised: February 27, 2002 Introduction Incidents that involve the University's on-line environment sometimes lead to investigations, which include the gathering of technical evidence. Those investigations may be managed by law enforcement officers, authorized government officials, or others outside of the University community; by the University's student Honor Committee or Judiciary Committee, by Sexual Assault Case Investigators, or by faculty conducting individual student-academic-issue investigations; or by University administrators in faculty or staff disciplinary investigations, depending on the nature of the incident and the role (i.e., faculty, staff or student) of the persons suspected of improper behavior. In such investigations, investigating officials may call on the abuse team to provide technical information that may become evidence from computers owned and managed by ITC. We have no ability to provide such information from departmental systems. Each member of the abuse team recognizes the often sensitive nature of both reports received and what is found during the course of an investigation. All members of the team will hold both reports and findings confidential consistent with both the letter and the spirit of the procedure described in this document and the rules of the disciplinary bodies involved. We recommend the adoption of guidelines similar to these by System Administrators of other U.Va. departmental computing systems. Departmental system administrators may request that the University abuse team assume the lead role in the technical inquiry for any incident that may involve systems owned and maintained by ITC, and they may ask to be included in the inquiry as ad hoc abuse team members. The abuse team may designate such system administrators as ad hoc abuse team members if they agree as a condition of the designation to strictly abide by this procedure in the release of any information related to the inquiry. Otherwise, departmental system administrators will be treated as external to the abuse team and should follow the appropriate processes described below in requesting information. Information that can be requested Evidence in these investigations may involve computer usage information about individuals that is maintained on centrally-managed computers. Computer usage information about individuals includes two major types log information (generally referring to when a user's account was used in various contexts) and content information (generally referring to content of materials stored in storage space tied to the account as well as "live" content generated or received by a person currently using the account). After investigative officials have completed appropriate processes to authorize their requests, we may be able to provide pertinent log information. Such records may show the connection of individual accounts to our host computers (called a connection log), and they may show delivery of a message from one individual's account to another (called a send mail log) or other similar usage information. These logs usually are available for approximately 6 [six] months. Providing content information such as the contents of a mailbox, a file or a copy of a specific message within a mailbox raises more complex policy issues of privacy and academic freedom. From a technical perspective, it is also important for investigating officials to know that: we keep backup copies of Inbox mailboxes for a maximum of 1 week - while some individuals keep copies of all messages received on our central machines, others keep some messages there, and still others store no messages on the central machines after they have been delivered to a local machine. In any case, if a message was received by the recipient more than 1 week before the request, we may not be able to find a copy of it. a message must reside in a mailbox or a file on one of our systems overnight for it to be available on a backup tape - if someone routinely reads and deletes messages from the server or keeps a file on the system for only a short period of time, it is possible that we have no record of the contents of that message/file. a message stored in a folder/mailbox other than Inbox is stored for a maximum of one year. Also understand that data we can provide from central computing systems in almost all cases will not establish with certainty the physical location of any person at any time. What it may establish is when an account was used and from what location. How to request information The procedures below reflect the sequence of steps necessary for investigating officials seeking computer usage information about individuals. All requests for access to the specific subtype of computer usage information that involves "content" will require additional review by the office of the University's General Counsel. Law Enforcement, Government Officials, and Others Outside the University Community Law enforcement, government officials and others outside the University community usually will need to provide legal orders (normally search warrants) to obtain computer usage information. These documents should be delivered to: General Counsel University of Virginia Madison Hall P.O. Box 400225 Charlottesville, Virginia 22904-4225 (434-924-3586) Recent federal anti-terrorist legislation (the USA-Patriot Act) provides for different processes in specific circumstances, but our procedure remains the same -- any requests received under the act also must go to the General Counsel for review. To ensure that the abuse team preserves information that may be needed, you may wish to notify abuse@Virginia.edu in advance about your intent to request information. Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more, assuming that your request is made within a time when we still have these records. The abuse team will release computing usage information to law enforcement, government officials, or others outside the University community only after it has been advised by the University's General Counsel's Office that the investigating officials have completed the appropriate processes. Unless otherwise instructed by the University's General Counsel's Office, the abuse team will release computing usage information or content information to the General Counsel who will provide it to the requesting law enforcement, government officials, or others outside the University community. Unless otherwise instructed in the legal order, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity. Honor Committee and Judiciary Committee Members, Sexual Assault Case Investigators, and Faculty Conducting Individual Student-Academic-issue Investigations Members of the University's Honor Committee or Judiciary Committee, investigators acting under the University's Procedures for Cases of Sexual Assault, or faculty conducting individual student-academic-issue investigations will file any request for computer usage information through the University's Vice President for Student Affairs, who will review it and instruct us about responding. To ensure that the abuse team preserves information that may be needed, you may notify abuse@Virginia.edu in advance about your intent to request information. Should you contact a member of the abuse@Virginia.edu team with a request, we will forward it to the University's Vice President for Student Affairs. Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more. The abuse team will not provide computer usage information to members of the Honor Committee or Judiciary Committee or Sexual Assault Case investigators or faculty conducting individual student-academic-issue investigations until we are notified by the University's Vice President for Student Affairs that the investigating officials have completed the appropriate processes. Requests for content information require additional review by the University's General Counsel. Unless otherwise instructed by the University's Vice President for Student Affairs (or the University's General Counsel's Office), the abuse team will release computing usage information to the Vice President for Student Affairs who will provide it to the requesting members of the University's Honor Committee or Judiciary Committee or Sexual Assault Case investigators or the faculty conducting individual student-academic-issue investigation. Unless otherwise instructed in the request we receive from the University's Vice President for Student Affairs, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity. University of Virginia Administrators in Faculty or Staff Disciplinary Investigations University administrators investigating incidents as part of faculty or staff disciplinary processes will need to obtain appropriate authorization. For log information, appropriate authorization often will take the form of approval by the appropriate Vice President and Provost for teaching or research faculty or by the relevant vice president, dean or director for administrative or professional faculty or staff. To ensure that the abuse team preserves information that may be needed, notify the abuse@Virginia.edu of your intent to request information as soon as you know you need it. Be specific about what you request. A specific request will speed delivery of information to you and will provide you with information that is pertinent to your needs. Should you request information that covers a large time period, it will take us longer to gather the information and the volume of the information may preclude its being useful to you. Hence, a request for connections logs for the account of hypothetical individual mst3k between midnight on 7/1/2000 and noon on 7/2/2000 can be provided more quickly than a similar request that covers a week or more. The abuse team will not provide log information to University administrators investigating incidents as part of faculty or staff disciplinary processes until we have received appropriate approval to do so. Requests for content information require additional review by the University's General Counsel. Unless otherwise instructed by the authority who approves the release of information, the abuse team will release computing usage information to the authorizing agent who will provide it to the person requesting the information. Unless otherwise instructed in the request we receive, we will inform the persons whose accounts were associated with the requested information that the information was requested and provided, and we will report to them the name of the investigating entity.