Brent Kobes, USSU vice-president operations and finance, presented the policy to the University Students’ Council on Nov. 8. Kobes started working on the policy in late July and consulted with Rayelle Johnston, the U of S access and privacy officer, and Capilano University.
The policy aims to formally codify the USSU’s mission to protect personal information. The document states that the USSU shall apply appropriate security measures, work to prevent unauthorized access and keep private information only as long as is required by the organization’s business and legal needs.
For Kobes, collecting such private information is typical for an organization like the USSU, as it is both the governing body for all U of S undergraduates and as an employer on campus.
“Any effective programming that is done requires a lot of personal information to be processed — in order to have an effective organization — and you need to make sure there is no fraudulent activity,” Kobes said. “As a large organization, we do collect private information… I receive lots [of] student numbers and complaints from students regarding different student groups.”
Kobes says that his access to the personal information of undergraduate students as a USSU executive is quite limited, as he only has access to what students provide him with and he only deals with private information in the purview of his position. Additionally, the other USSU executives each have access to such personal information as it pertains to their respective positions.
Kobes says that specific mechanisms to protect personal information will differ for each of the union’s departments.
“It will depend on the department, as every department deals with their information in their own way… I receive [the] NSIDs and student numbers of all these individuals, and I protect this information by shredding it and [deleting] the document from my computer,” Kobes said. “Depending on how each department is dealing with [information], they will have to follow similar mechanisms. It all just depends on individual circumstances and what procedure they think is best.”
Although this policy would outline the USSU’s aim to protect private information, it does little in its current state to specifically dictate exactly how the organization will go about it. Kobes says that there is currently no rule that dictates how the USSU executives manage any digital information that they have within their email accounts.
“It is up to the purview of the executive that leaves office to what extent they want to clear up their email box or clean up any documentation before they leave on April 30,” Kobes said. “There’s advice that is given by senior managers [at] the end of the term about how to go about erasing that digital footprint, but there is nothing that has been codified around that [at] this point in time.”
However, Kobes adds that, after he became interim president following the departure of former president Coden Nikbakht this August, he took it upon himself to clear out Nikbakht’s inbox as he deemed it inappropriate to have access to such information.
Tanner Bayne / News Editor
Photo: Riley Deacon / Photo Editor