The University of Michigan recognizes and values the importance of privacy of the university community members and its guests, and strives to be the leaders and best in the ways in which we manage your personal information.
This value is best reflected in Regent’s Bylaw Sec. 14.07. Privacy and Access to Information, which states in part:
“In collecting, utilizing, and releasing information about individuals associated with the university, the university will strive to protect individual privacy, to use information only for the purpose for which it was collected, and to inform individuals of the personal information about them that is being collected, used, or released. The university will not release sensitive information without the consent of the individual involved unless required to do so by law.”
This scope of this statement applies to location information collected by ITS through use of its WiFi services, and outlines:
- Our accountability
- What information is collected
- Why we collect this information
- How this information is used
- With whom will this information be shared
- What choices you can make about this information
- How is the information secured
- Policy Changes
- Who to contact with questions or concerns
We pledge to manage, secure, and keep your WiFi location data information confidential. ITS staff members with access to location data receive privacy and security training to reinforce this pledge.
What type of location information do we collect when you use U-M WiFi Services?
We collect the following information about WiFi use on campus:
- Your uniqname and device identifier(s) (e.g., MAC Address, IP Address)
- Building, floor, and room where the access point to which you are connecting is located (data contained in access point name)
- Date and timestamp for when you connect to the access point
- Date and timestamp for when you disconnect from the access point
Why do we collect this information?
The University of Michigan provides wireless network services to the university community in order to broadly support the U-M research, teaching, and clinical missions, as well as allow guests of the university to access the internet. The information listed above is collected automatically to provide the service (i.e. allowing users to authenticate and connect to the network, roam between access points). For example, ITS uses information on where clients connect, in aggregate, to improve and optimize the WiFi network.
How is your WiFi location information used?
Identifiable WiFi Location Data
We primarily use personally identifiable WiFi location data to assist individuals who are experiencing WiFi connectivity problems on campus.
Legal/Health/Safety: In rare cases, data is requested by the Department of Public Safety and Security to address health, safety, legal cases, or ongoing theft investigations. All requests of this nature are considered and approved by the Information and Infrastructure Assurance User Advocate group in consultation with the Office of the General Counsel.
Research: The U-M community has expressed increasing interest in how location data might be used by individuals, in research, or by the university to advance its mission. In response to this increasing interest, we have developed an application that allows individuals to run a report, view and download their personal WiFi location data. You should protect this data as you would any other personally identifiable information.
Aggregate or anonymized WiFi Location Data
Other Institutional Uses: The university may use aggregated and anonymized WiFi data over time to improve the WiFi service, to provide information on space utilization, and to enhance teaching and learning outcomes. Aggregated and anonymized data based on access point location, session time, and count of devices may be useful in space management, transportation planning, or wayfinding.
When and with whom will your WiFi location information may be shared?
Aggregated and anonymized: we access and provide aggregated and anonymized location data to the community without your consent.
Personally Identifiable: we will not use or share your personally identifiable location data without your explicit consent, except in matters of health, safety, where legally required, and in accordance with SPG 601.11 - Privacy and the Need to Monitor and Access Records.
What choices can you make about how your WiFi location information is used and shared?
Aggregate: If you use U-M wireless services, we will use and share your anonymized and aggregated location data for business purposes, as well as to support the research, teaching, and clinical mission of the university.
Personally Identifiable: We will only use personally identifiable location data for the specific business need for its collection, except in matters of health, safety or where legally required. You must opt in or consent to any other usage or data sharing.
Faculty have indicated an interest in using campus WiFi location data for research purposes today and in the future. To protect user privacy and give users choices about how their data is used, those who wish to share their personal information with faculty members for research projects need to download their own data and forward it to the faculty member. In the future, we may add a feature to the WiFi location data reporting application which gives university community members the ability to authorize others to access their location data directly.
How is your WiFi location information secured?
Securing your information is a priority. We use reasonable security measures, including physical, administrative, and technical safeguards to protect the privacy and confidentiality of the location information that we collect and store.
How will I know if this statement changes?
We will provide public notice of significant updates. We will post the date our Statement was last updated at the top of the Privacy Statement.
Who do I contact with questions or concerns?
Contact the Network Service Owner, Eric Boyd.
You may also contact the University Privacy Officer at firstname.lastname@example.org.