Now I am not a Mac user, so I am going to assume some things here. I assume that the password can not be changed by the user. But I do have 25 years experience as a manager. All I can say is document, document and of course there is document. The printing and taking home the emails that will incriminate this manager is a good idea and should be followed up by everyone involved. Buy a little black book, and every time you this manager does something that is questionable, log it, time it was done, what was done, and why you feel it was important enough to log.

People who has no ethics, thinks they are untouchable are the ones that makes the most mistakes. Make sure that more than one person is involved in this logging. More people involved, the better as it will eliminate the “this one is a trouble maker” excuse. You want to make sure all of your goals are the same. It is doubtful that this superintendent will get fired over these infractions. But if enough people get together, you can get him barred from touching the computers. Be aware and be prepared that there will be hell to pay when you take all of your concerns to at least two members of the School board.

Yes you heard me right, School Board. Every one has a boss. Your superintendent has a boss also. The buck stops at the school board. If there is a person just above him, you should try him first, but I have got a feeling that some of that has already been done. Make sure you got a list of at least 10 things, with either logged or printed sheets to prove what is being done. School Board members are elected, and they are very sensitive to situations in the school system. I would recommend going to the Union representative, but I have found Union representatives as corrupt as management.

Good Luck!

If I send e-mail, from my work computer, that could, even remotely, be considered delicate, contentious, or whatever, I BCC my Home account, so I get a personal copy, immediately. Could the teachers set a rule to forward copies to their home machines, or include a BCC to a mailbox, outside of school?

What the superintendent is doing is not only unethical it is illegal. Any monitoring (reading) of user e-mail by state and federal public officials is strictly controlled. It is limited to security and safety requirements and use of the information gather is to be monitored and documented. That is why your employer requires such high level/painful approval before you access peoles e-mail. A competent lawyer would love this case. The case would involve the superintendent, the school and the county (read deep pockets). Just the mention of this with a lawyers name might get the school board to solve your problem.

I’m not a lawyer, and I live in Canada, but I would approach this issue from a harassment angle in addition to privacy. The interference the Superintendant has shown in reading and deleting other people’s personal email (and maintaining his access to it) is harassment. It’s unwanted, intrusive, and has no relation to the Superintendant’s job description.

Here in Ontario, Canada, all teachers belong to a union. If that’s the case where your wife works, I would take it up with the union first as a harassment issue. But the privacy angle is a valid one too, I think. Harassment avoids the technology side of things and is something most administrators would understand more easily.

Depending on the legislation in your state and what is included in the Teacher’s contract you may have a case. I have worked for IT at school corporations in Indiana. You can find remote control programs for macs, and depending on where the files are stored (network based vs. Local) there might not be a need for a remote control program. Since this is a public school system ALL communications (except those covered under HIPPA) are public. What this means is that any tax payer can request this information. The superintendent is acting unethical, but there might not be any legal means to nail him on. In Indiana the superintendent is hired by the School Board that is elected by taxpayers. If this is the same there then the issue should be taken to the board. Also as Mike said above Document everything!

I don’t know anything about school law in Iowa, but I do in Texas. In Texas, anything that is done on a computer purchased by the school is subject to open records requests. There is no “private” data on school computers. Any e-mails, documents, pictures, etc. on a school computer may be examined at any time. You should, however, have some reasonable cause to suspect the the individual using the computer has done something inappropriate on the machine. This superintendent is however overstepping the line between looking for inappropriate use of school resources and covering his own tracks by selectively deleting e-mails etc. If the school board doesn’t know what is going on, they need to. The superintendent, by his actions, is exposing the district to litigation.

TH, on the union thing, you beat me to it. You can bet their lawyers will want a couple of specific pieces of this guy regardless of the obvious network and security issues involved.

Where are the district computer and network people in all this?? This guys answers to someone, and a lawsuit, union action, or impending threat of either, especially in this hair-trigger, litigious-prone climate will definitely cause someone to hold his superiors’ ‘feet to the fire.’ Sic ‘em, I say!

The software he might be using is Apple Remote Desktop  http://www.apple.com/remotedesktop/) or some other type of VNC software.

It is very powerful software and relies on the server having administrative rights on the client which is probably why he chooses the passwords. It can also be used to see the users desktop in realtime which might explain some of his mischief.

The ethics of the situation are rather blatantly covered in that he is acting in his own best interests, rather than the interests of his employing organization.

As to the legality, while it is certainly true that the public nature of the venue has certain requirements of openness, those requirements still follow a due process methodology. The network administrator NEVER has a blanket right to snoop or otherwise tamper with what is, for all practical purposes, physical evidence on the network. His actions are illegal in the fact that he is destroying that evidence, should any investigation ever come about.

Additionally, while the information may be considered public, there is a reasonable expectation of privacy under the premise that the individual is supposed to be suspected of committing some wrong doing prior to selective monitoring. This is not to be confused with automated monitoring for things like illegal web browsing habits. Again, specific monitoring requirements will be established by someone above the network security personnel. That individual might bring to the attention of his superiors that the automatic monitors have caught attempted activities, but they should NEVER initiate specific monitoring on their own authority.

Further, his maintanence of all network passwords destroys any possibility of personal accountability on the network. It is, apparently, well known that he has everyone’s passwords, therefore, noone can be held directly responsible for any activities that occur under their ID.