The University of California Electronic Communications Policy (ECP)(link is external) affirms that the University does not examine or disclose electronic communications records without the holder's1 consent —except under very limited circumstances as described in ECP § IV.B, "Access Without Consent".
Consent of the record holder is normally required.
Former Employees
While ECP provisions do not cover former employees, campus practice extends similar courtesies of consent or notice and least degree of invasiveness to former employees when possible. Instructions for Accessing Former Employee Email or Files are different from those described below.
Access WITH consent
An electronic communication holder's consent shall be obtained by the University prior to any access for the purpose of examination or disclosure of the contents of University electronic communications records in the holder's possession (see ECP section IV. Privacy and Confidentiality) — except under very limited circumstances.
Access WITHOUT consent
When the contents of electronic communications must be examined, monitored, or disclosed without the holder's consent, such actions must be authorized as described in ECP § IV.B.: Access Without Consent. (See that Policy for detailed information: Electronic Communications Policy(link is external)).
Circumstances which may permit access without consent:
Per the UC Electronic Communications Policy(link is external), the University shall permit the examination or disclosure of electronic communications records without the consent of the holder of such records only:
- when required by and consistent with law;
- when there is substantiated reason (Reliable evidence, as distinguished from rumor, gossip, or other unreliable evidence) to believe that violations of law or of University policies listed in Appendix C, Policies Relating to Access Without Consent, have taken place;
- when there are compelling circumstances (Circumstances in which failure to act might result in significant bodily harm, significant property loss or damage, loss of significant evidence of one or more violations of law or of University policies listed in Appendix C, Policies Relating to Access Without Consent, or significant liability to the University or to members of the University community); or
- under time-dependent, critical operational circumstances (Circumstances in which failure to act could seriously hamper the ability of the University to function administratively or to meet its teaching obligations, but excluding circumstances pertaining to personal or professional activities, or to faculty research or matters of shared governance).
Situations requiring advice of legal Counsel:
Advice of an appropriate UC Attorney(link is external) must be sought in advance, even under "emergency circumstances", before gaining access without the holder's consent to any University electronic communications when:
- requested by means of a search warrant or subpoena;
- stored on equipment not owned or housed by the University;
- the content is protected under the federal Family Educational Rights and Privacy Act (FERPA — which pertains to student records); or
- medical records are involved.
Requesting access without consent
The Berkeley Campus authorizing official for access without consent to electronic communications depends on the record holder's campus affiliation:
- For Student Record Holders: Vice Chancellor of Student Affairs
- For Faculty Record Holders: Executive Vice Chancellor and Provost
- For Staff and Other Affiliate Record Holders: Vice Chancellor of Business and Administration
- OR For any Record Holders: Chancellor or EVCP
|
Deleting emails without consent
Requests to delete harmful emails that have been previously sent and received will only be considered under the following circumstances:
-
Communications that are harmful to the reliability or security of the service.
-
These will be handled by the Information Security Office.
-
-
Communications whose content may violate privacy principles, laws, or regulations, including data exposure, offensive or threatening content.
-
These will be handled by the Privacy Office.
-
Providing Notice:
Notice to the recipient is not required for email deletions necessary to prevent harm to the reliability or the security of the service. However, for all other deletion requests, notice must be provided to affected individuals.
For more information regarding requests to delete previously sent emails, contact the Privacy Office.
General coordination and assistance
The Campus Privacy Officer, Office of Ethics, Risk and Compliance Services is responsible for coordinating any requests under the ECP for access to electronic communication records without the consent of the holder. Questions about these procedures or about other ECP provisions may be directed to: privacyoffice@berkeley.edu(link sends e-mail), ph: (510) 664-7775. See also: Campus Privacy & Confidentiality Resource Contacts
1 Systems administrators and other operators of University electronic communications services are not considered “electronic communication holders” with regard to electronic communications not specifically created by or addressed to them.