This is not the kind of news Harvard University would like: First, an allegation of widespread cheating, then an internal hunt for an email leak at the university, and now, a partial apology by the administration for searching the correspondence of resident deans.
The story begins in 2012, a dark time for Harvard University.
More than 100 students had been accused of cheating on a take-home exam for an introductory-level class on Congress -- a humiliating scandal for the institution, whose graduates so often become the elected officials their undergraduates study.
To make an ugly matter worse, while the school was deciding what to do with the offenders, someone was apparently leaking emails on Harvard's internal administrative board deliberations to the press.
Now the university finds itself in more trouble because of the news that administrators embarked on an internal mole hunt by secretly searching resident deans' emails to find the leak, which turns out to have been apparently accidental.
In recent days, Harvard faculty members have attacked the university's internal investigation for its perceived invasion of privacy -- a protest notable not just for the Ivy League setting, but for employees attacking the widely held norm that an employer can read an employee's mail.
"It seems to me that we have taken another step away from the old feeling that the university was a family, benevolently disposed towards its members and even lovingly indulgent," Harvard computer science professor Harry Lewis wrote on a personal blog. "It [Harvard] has taken a step toward becoming instead a bristling corporation, with adversaries within who must be spied upon using all available tools, or perhaps an authoritarian government."
Michael Mitzenmacher, another Harvard computer-science professor, was also critical.
"The idea that nobody had the common sense to say, 'Whoa! Isn't it bad precedent to go looking through people's e-mail without going through other options or letting them know?' is the kind of thing that make faculty think they need to push back or even rein in the administrative side of the university," Mitzenmacher wrote.
Richard Bradley, a journalist who wrote a 2005 book about the university's leadership, added in his own post: "This is, I think, one of the lowest points in Harvard’s recent history—maybe Harvard’s history, period. It’s an invasion of privacy, a betrayal of trust, and a violation of the academic values for which the university should be advocating."
Email use has a veneer of privacy, but the reality is complicated: Although users need a password to log in and they can choose to whom they send a message, there's little to prevent an email from being forwarded to the wrong person, and corporations have widely held that they own their employees' emails just as much as the offices they work in.
"People just don’t have privacy if they’re using work-related email," William P. Smith, a professor of management at Towson University, told the Los Angeles Times. "There’s no legal expectation of privacy, but there is, in each organization, a cultural expectation of privacy, and I think that’s what’s at issue here."
Smith added: "This is Harvard – if this were to happen anywhere else, Hewlett Packard, Bank of America, no one would bat an eye about this."
Goldman Sachs, for instance, recently embarked on a massive "muppet hunt" to find out whether its employees were referring to clients as "muppets" in internal emails, as was alleged by a former employee. The search reportedly turned up 4,000 email references to muppets, mostly regarding "The Muppets" movie.
Harvard's policy for faculty email, by contrast, deems faculty email "confidential" except in "extraordinary circumstances" -- and even then, searches are supposed to be conducted with prior written notice. (Harvard's staff falls under a different policy that expresses "no expectation or right of privacy" in university mail.)
Harvard Deans Michael D. Smith and Evelynn M. Hammonds, in a statement, said that their search was narrow, limited to a subject-line search for the offending email in 16 resident deans' professional email accounts.
"To be clear: No one's emails were opened and the contents of no one’s emails were searched by human or machine," the statement said. The offending resident dean was tracked down, confronted with forwarding two different emails with two students -- and then officials determined "it was an inadvertent error and not an intentional breach."
Addressing why the resident deans weren't told their emails would be searched, Smith and Hammonds said they were "operating without any clear precedent for the conflicting privacy concerns," referring to a need to protect the privacy of the student disciplinary process.
Pauline T. Kim, a law professor at Washington University in St. Louis, said that the decision to commence an email search might have been a bit overblown, but she compared Harvard's search favorably to those commonly conducted by corporations.
"Oftentimes in a corporate setting, when a corporation decides it needs to investigate something, they tend to do it in a blanket way," Kim said. "I would actually think that if employers wanted to be careful, they could follow Harvard's example. To the extent that it was justified, they were very narrow in the search. ... That kind of approach is far more sensitive to privacy concerns than what you normally see in the corporate setting."