Request a clarification on usage of non-church owned websites

Some discussions just don't fit into a well defined box. Use this forum to discuss general topics and issues revolving around the Church and the technology offerings we use and share.
Post Reply
RossEvans
Senior Member
Posts: 1345
Joined: Wed Jun 11, 2008 9:52 pm
Location: Austin TX
Contact:

#41

Post by RossEvans »

tortdog wrote:Anytime we use an e-mail account on a server other than our own (SBC, Sprint, Google, AOL, etc.) this will be an issue, correct? Often times we send information on meetings, etc., via e-mail, and a copy of that information then sits on that e-mail server unless our e-mail client is set to download and delete from the server (sometimes the case).

I have not been aware of any such draconian policy restrictions applied to email. There is apparently some common sense applied. Some of the most sensistive files I would not advise sending by email without encryption, but bishoprics exchange private information by email all the time.

I think it does make a difference whose email server is being used. The big vendors tend to have published privacy policies and terms and conditions that offer protection. So do ISPs. But your employer may extend no such protection to its domain if you use your work email for personal (church) use. Typically employer computer systems and their contents are deemed to be the property of that employer. And if, for example, you work for any level of government, the chances are that a court would not recognize a "reasonable expectation of privacy" for Fourth Amendment purposes over your personal data on that system. So for many good reasons, including employer policy, I try to avoid personal emails to/from my work address.

And if your email is hosted on a hand-me-down server in someone's spare room (@scriptkiddies.net) all bets are off.
russellhltn
Community Administrator
Posts: 34422
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#42

Post by russellhltn »

I would also not advise sending sensitive information by email unless you've been assured by the recipient that it is OK to do so. Other members of the family may have access to the computer and possibly the downloaded unencrypted email.
pbhanney
Member
Posts: 51
Joined: Sun May 22, 2011 7:07 pm
Location: Lehi, Utah, USA

#43

Post by pbhanney »

kgthunder wrote:I don't have much time to formulate a response, nor do I think it would add much. But I would like to say that I don't think that these issues will be resolved until the Church provides authorized use of modern, functional web tools and apps currently available by third-parties, or internally creates authorized applications that provide enough functionality to be accepted by the masses.

LUWS, MLS, and other Church-provided apps and tools are unfortunately not keeping pace with the ingenuity and innovation of well-meaning members and others developing unapproved and third-party tools being used. Business factors of bureaucracy, time, and budgets within the Church are most likely all contributing to the seeming lack of progress in approved tools. Revelation most of us are not privy to may also contribute. Meanwhile many International areas have no approved tools or only some that those of us in the US/Canada may have.

I believe both the Church and the tech/developer community need to work together through this forum and other means to hasten the work of providing functional, modern, and meaningful apps to further the work and ease the administrative load of local units. Perhaps partnerships such as FamilySearch are pursuing in relation to tools could be arranged through licensing or other means until the Church can develop their own equivalent tools.

Enough rambling, I hope we can continue a meaningful and productive discussion regarding tools that assist all of us in our administrative Church work.
I would have to totally agree. I have thought for years that it would be great if the Church would do something like this on their web site. What I can't understand is if the Church has a system on CDOL for Stake Clerks to add in Temple Recommends, then why can't they produce a way to enter information like on ymyw.org and returnandreport.org?

I also seems that there are a lot of people out there putting these sites together and could be "contracted" by the Church to produce the technology for the web site and then host them on an "authorized" church web site. Maybe this is too simplistic of a view on my part.
User avatar
WelchTC
Senior Member
Posts: 2085
Joined: Wed Sep 06, 2006 8:51 am
Location: Kaysville, UT, USA
Contact:

#44

Post by WelchTC »

tortdog wrote: I'm not really asking for a policy. I am asking more what the unofficial sensitivity of the Church is to information being stored on password protected/encrypted servers such as Google Notes and such. It would be really hard to not be able to store any information online - even in a password/encrypted public server (though I could see that being a hard line).
Email is an accepted tool that has become increasingly important in Church work. Common sense should be used when communicating via Email or other electronic mediums. Meeting times, details about activities, coordination, etc. would not be considered confidential. Welfare issues, on the other hand, would be. Treat all confidential or sensitive information like you would your bank account.

Tom
RossEvans
Senior Member
Posts: 1345
Joined: Wed Jun 11, 2008 9:52 pm
Location: Austin TX
Contact:

#45

Post by RossEvans »

tomw wrote:Email is an accepted tool that has become increasingly important in Church work. Common sense should be used when communicating via Email or other electronic mediums. Meeting times, details about activities, coordination, etc. would not be considered confidential. Welfare issues, on the other hand, would be. Treat all confidential or sensitive information like you would your bank account.

Tom

I doubt that in general bishoprics and other ward leaders apply such a restrictive guideline. It would be quite a bit more restrictive than common practice in business and government.

Just in the case of the particular example you cite, welfare, our bishop routinely sends an email to quorum leaders to help the families signed up for a biweekly bishop's storehouse delivery. These leaders are tasked to help various families get to the delivery location. Other examples, with roughly the same level of sensitivity, are probably common.

If this is the policy guideline for email, then there needs to be a better solution. Perhaps the Church should facilitate use of some common encryption software, such as PGP, or provide a secure email host at CHQ for ward leaders. The latter solution would probably be less complex to implement.
tortdog
Member
Posts: 165
Joined: Mon Jul 28, 2008 8:00 am
Location: Austin, Texas

#46

Post by tortdog »

Alan_Brown wrote:I'm curious what this means.
  • How did you ask (phone, e-mail, letter)?
  • Who made the request (stake president, a clerk, etc.)?
  • What department approved this use?
  • How was the approval given (verbal, letter)?
  • Was the approval in the nature of "We have no problem with any stake using that site" or "We give approval for your stake to use that site" or "Your stake may use that site as long as you follow these guidelines (followed by specific restrictions)"?
The Stake YM President called and spoke with David Pack, the Director of the Church's LDS Relationships with BSA program. He indicated the Church's policy is to let wards that wish to use ymyw.org, or any of the other software like it, as they see fit.

Not very specific - which I like.
tortdog
Member
Posts: 165
Joined: Mon Jul 28, 2008 8:00 am
Location: Austin, Texas

#47

Post by tortdog »

boomerbubba wrote:I doubt that in general bishoprics and other ward leaders apply such a restrictive guideline. It would be quite a bit more restrictive than common practice in business and government.
I completely see the frustration were e-mail to be tightly controlled. But the reality is that e-mail is only as safe as the security on which it is stored or, even, communicated. Even Lexis failed the test, with private data pilfered by people who were not supposed to access the data.

So it does happen. And while the LDS Church is solely responsible for the data it maintains on LDS.org, that data isn't very private (names/addresses/phones). The important data (on MLS) is kept offline (excepting what may be maintained on LDS servers for official Church use in SLC).

When we send communication via e-mail on the worthiness of Br. Smith, or the family needs of Br. Young, that data is not safeguarded by any official LDS security. I'm assuming this is one of the reasons the Church doesn't want LDS sites that contain any such information (or less private data such as names/addresses and phone numbers).

But I'm kind of guessing.
lajackson
Community Moderators
Posts: 11460
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

#48

Post by lajackson »

tortdog wrote:He indicated the Church's policy is to let wards that wish to use ymyw.org, or any of the other software like it, as they see fit.
It is one thing to use software, and quite another to use a website, I would think. I am not sure this answer will fly at our next stake presidency meeting, at least for our stake.
RossEvans
Senior Member
Posts: 1345
Joined: Wed Jun 11, 2008 9:52 pm
Location: Austin TX
Contact:

#49

Post by RossEvans »

tortdog wrote: When we send communication via e-mail on the worthiness of Br. Smith, or the family needs of Br. Young, that data is not safeguarded by any official LDS security. I'm assuming this is one of the reasons the Church doesn't want LDS sites that contain any such information (or less private data such as names/addresses and phone numbers)..

To be clear, I am not contending over where the line ought to be drawn as a matter of policy. Nor am I sitting in judgment of leaders whose own interpretation of where the common-sense line is happens to be different from the interpretation tomw articulated above, however ambiguously.

What I am trying to do is to look at this pragmatically, and to suggest a technical solution that would ameliorate the problem. Since it is apparent that lots of local leaders do have a need for confidential email to conduct ward business efficiently -- wherever the line is drawn -- perhaps the Church should provide them a secure communications channel by one means or another. That's what other large organizations do for especially sensitive data.

Much of this problem would go away, for example, if bishoprics and other ward leaders were issued email addresses like bishop_nnnnnn@lds.org or EQP1_nnnnnn@lds.org, where nnnnnn is the unit number, and CHQ hosted the email server. Other solutions such as encryption are possible, but I think church-hosted email would be easier to implement in the field. All the local leaders would need would be a browser and a password.
lajackson
Community Moderators
Posts: 11460
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

#50

Post by lajackson »

boomerbubba wrote:Much of this problem would go away, for example, if bishoprics and other ward leaders were issued email addresses ...
Bishops and stake presidents have this already, as do mission presidents. I agree, though, that it would be helpful if others had this, as well.

One thing that I see happening in many cases, however, is that a bishop will redirect his mail to a personal address. And this seems to me to defeat the purpose of having the controlled site in the first place.
Post Reply

Return to “General Discussions”