Friday, November 15, 2002

Princeton's new president sent a letter to all alumni bragging about she fired an admissions director for improperly accessing the Yale admissions web site. Here are alumni letters on the subject. I agree with the John F. McNiff ' 64 letter and some of the others critical of the Princeton president's decision. If anyone was at fault, it was the Yale admissions office for not having reasonable privacy safeguards for their applicants. All the Princeton men did was to do a harmless test and notify Yale of its website insecurity. McNiff says:
Practical and legal considerations have made it clear that the primary responsibility for keeping private things private lies with the owner/operator of the database. In the nonacademic world, databases are tested relentlessly by site sponsors themselves, by competitors of site sponsors, by competitor software makers, by independent consultants, by official "watch-dogs," and, yes, by hackers. The operators/sponsors of Internet sites usually welcome security break-ins that are "benign" as to intent, that do no harm, and that are voluntarily reported to them. ... Princeton's idea of a solution — blame the messenger — is truly unhelpful.

The new Princeton president probably thought that this was a test of her ability to handle a crisis, and she wanted to show that she was taking the high moral road. I think she failed miserably.

No comments: