What Climategate means for scientists and their emails
The so-called Climategate scandal in which hacked emails from the University of East Anglia Center for Climate Research were released to the public is a sad day for public confidence in science. (I hesitate to use the term Climategate as the similarity with Watergate is 180 degrees opposite. Whereas the burglars in Watergate were caught and vilified, the data burglars in Climategate remain uncaught and the victims are vilified.)
Regardless of the outcome, this episode should send chills down all the spines of scientists. What can we learn about how we should be communicating?
1) Don’t say anything in email that you wouldn’t want broadcast across the internet. I am sure that none of us would want our (supposedly) private conversations known to everyone, yet that is exactly what happened. Things that were said that were in jest or frustration by scientists reveal that scientists have emotions and frustrations, too. Universities and government laboratories tell us that our emails and our browsing histories are open to scrutiny. Some internet service providers provided the U.S. goverment access to user files. The recent posting of half a million text pager intercepts from 9-11 is yet another example. Little of what you think is private is truly private.
2) Securely erase old files, disc drives, and computers, especially those with sensitive or personal information. The University of East Anglia was not the only institution that was attacked. Andrew Weaver, researcher at the University of Victoria in British Columbia and Chief Editor of the Journal of Climate (a sister journal to Monthly Weather Review, where I serve as Chief Editor), had a dead computer stolen and his office broken into. Perhaps the hackers were after similarly embarrassing emails about his research or journal operations. Thus, any data (even on dead computers) should be securely erased such that data-retrieval software cannot recover the files.
3) Choose a secure password. You’ve heard it before from your system adminstrator. Pay attention!
4) Avoid keeping emails and files on shared servers. Central servers mean your data and files are not entirely within your control. Download emails from the central server to your computer regularly.
5) Back-up and delete material as soon as it is no longer needed on a regular basis. If old data is stored on an external hard disc and locked away in a closet or drawer at the office or taken home, chances are less likely that such data will be targeted and stolen.
6) Log out and turn off your computer when no longer being used at night. Personal computers that are off make it difficult for hackers to access the hard drive.
7) Communicate by phone or in person, instead. Can you say it in person or over the phone? Why risk emails that could get passed around, either inadvertently or advertently?
(Image from www.bbc.co.uk)