Earlier this week, many University students who forward their Princeton e-mails to a Gmail account received a surprising e-mail from Dan Li ’11 describing how members of the public, unaffiliated with the University, may access students’ personal information online. While it may be unlikely that any substantial harm has come from the availability of this information so far, the Editorial Board believes that Li’s discovery raises important concerns about the University’s handling of private data. The University should be less cavalier about the private information that students entrust to it, and it must make clear to students when information they share will be revealed to the public.
The current issue centers on the LDAP server that the University employs to store personal information about Princeton-affiliated individuals. At the moment, any individual with an Internet connection can contact the server and download the information it contains. In the past, the OIT website contained instructions for accessing the server. While OIT has announced its intention to remove those instructions, the potential for anybody to obtain the information on the server remains.
It is obviously necessary for the University to have access to certain personal information about students, such as our dorm rooms, our ID numbers and whether we are enrolled or taking a year off. Since we have to provide the University with this information, though, the University has an obligation to carefully restrict the further dissemination of that information. In certain circumstances, it may be appropriate to share some facts — for example, it is perfectly fine to publish students’ room numbers on The Princeton Facebook. It is not appropriate, however, for all this information to be easily accessible to the public. The University must do a better job of making sure that private information remains private.
Our peer schools have adopted a variety of strategies for restricting the amount of personal information made available through their LDAP servers. Harvard, Yale and Stanford do maintain publicly accessible directories but publish much less information. New York University has the most stringent policy, publishing students’ information only if they choose to opt in. The University should follow the lead of these other schools and take issues of student privacy more seriously.
More broadly, though, this episode suggests that in the future the University must do a better job of maintaining transparency in its policies regarding students’ personal information. If the University must make certain information available to individuals outside of the University community, students should know from the outset; we should not have to find out through an e-mail from a fellow student. We commend Li for bringing this issue to the attention of both the University and the campus community — though perhaps he should have done so in a more formal fashion. The public accessibility of information on the LDAP server represents a failure of the University’s guardianship of students’ information; In the future, the University must both take more care in protecting that information and be clearer about where that information is going.