Student Voice


April 21, 2024




UWRF directory can be a danger for students' personal information

February 1, 2018

Most students from UW-River Falls have, at some point during their college career, gotten spam mail on their school email accounts. It comes in the form of job offers, false honor society invitations and loan notifications, and anyone who unwittingly clicks on the links stands the risk of inviting viruses onto their personal computers. Many of these emails look very legitimate and it can be very easy to fall into the trap.

Email is not the only way students are harassed by spam, however. Spam phone calls are not uncommon, but some UWRF students have said that they tend to receive the same calls as their classmates. Last fall, there was a particular incident where a caller was posing as the River Falls Police Department, and would attempt to scare the receiver into paying a “fine”. The real RFPD had to send out a warning to the city to be wary of these calls.

The Student Voice thinks that a main factor in the excessive spam emails and calls students get is the fact that all UWRF students are listed under a public directory. The directory is open to anyone – not just UWRF students – who cares to search for it on the university website, and it not only lists students’ first and last names but email addresses and phone numbers as well. The phone number listed is whichever one a student provided to the university. Often, this will be a personal cell phone number.

This lack of information security can be dangerous to students. Spam callers and emails can be annoying, but they can also be a gateway for identity theft. There is also the possibility that the information provided online can make it easy for a student to be stalked or harassed. With personal numbers available for anyone to find, all a potential stalker needs is a first or last name. From there, the directory offers search options that can narrow down a list of people with that first or last name.

The university has been making efforts to address some of the symptoms of this problem. Student employees on campus are sent through an online training program that informs them on how to identify spam emails. This, however, only encompasses student workers and is mostly aimed at protecting the university’s information. We think that one of the first steps in solving this problem is to make this training mandatory for all students on campus.

A bigger step, however, would be to decrease the availability of the student directory. At the very least, it should not be open to the general public. Requiring that students sign in with their “w” numbers would be a good start. Even better would be limiting student access to only their classmates. This ensures that they can get ahold of classmates for projects, but limits the information from being shared with too many other people.

Students should also keep in mind that they should take care to protect their information in places beyond the campus website, particularly social media sites like Facebook and Instagram. Taking individual care to protect yourself, however, does not do any good if the university is not careful with personal information.