The ONYEN, or "Only Name You'll Ever Need," is the login name given to all people affiliated with UNC that permits access to a variety of resources and services at the University. Anyone who is issued a person identification number, or PID #, at the University is eligible for an ONYEN (and only one ONYEN) while they are associated with UNC, including visiting scholars and contract and temporary employees as well as faculty, staff, and students.
The access to University resources which is permitted by the ONYEN comes with certain stipulations. Some of these stipulations relate to general ethical conduct such as prohibitions on harassment via e-mail using a UNC account whereas others are geared toward security concerns such as prohibiting access to unauthorized resources or legal concerns such as copyright laws. Another purpose served by restrictions on the use of the ONYEN is ensuring that only certain people have access to certain University resources which is useful to the University in terms of licensing agreements. Companies frequently require assurances that only a certain population of users will have access to their products such as software or databases. The use of the ONYEN permits the University to restrict access to such products.
Requiring use of the ONYEN to access certain services and resources gives ATN the ability to trace the activities of individuals. In accepting the privileges that come with an ONYEN, the user also must accept the possibility that the University can access your data and information about your network activity if it feels there is cause to do so. The policy makes it clear that there are certain costs to being allowed to use the University's considerable resources. For example, you are not free to use University computing resources to look at pornography websites or start your own business.
One aspect of the policy which makes me uneasy is the open-ended nature of the statement on the privacy of the user's data and network activity, shown below.
"An individual's personal data and use of the network are considered private, but personal data and network activity may be reviewed by ATN staff under certain circumstances. Such circumstances include, but are not limited to, the specific request of the owner of data for staff to examine content; the administration of a system or the network requiring special intervention; and suspicion of ethical or legal violations that staff members with proper security authorization are compelled to investigate."1
It is understandable that ATN could not foresee all possible circumstances under which there might be a need to review a user's data and network activity. However, from the point of view of a user, I would like to see a statement on the ethical obligations and decision-making process of ATN staff in terms of deciding what those "certain circumstances" when ATN might be "compelled to investigate" might be. The lack of such a statement causes me to worry that there is no protection for someone who may be doing unpopular work.
The strengths of the policy lie in its emphasis on ensuring security for the University's computing resources and its users. The purpose of each person having one way of gaining access to a variety of resources is to help protect the integrity of those resources. The emphasis on carefully choosing a password serves a similar function. This benefits users as well as the University.
Overall, I am satisfied with UNC's ONYEN policy. Its strengths outweigh its weaknesses. The security precautions benefit users on a daily basis whereas worries about protecting intellectual freedom, while I can't dismiss them, come up far more rarely.
1 http://www.unc.edu/policy/onyenpol.html
Return to my portfolio.
E-mail questions to Meghan Lafferty at
melaffer@email.unc.edu
Last updated October 3, 2002.