12-day delay in notifying police about missing master keys flouts rules


College of William of Mary employees delayed notifying police about the loss of a set of master keys for almost two weeks this summer, according to a copy of the police investigation obtained by The Flat Hat. The delay, which flouted College policy requiring immediate notification, came despite at least 17 members of the facilities management staff being aware of the loss.

The 12-day period in which security precautions were stalled may also have endangered students, raising legal implications, a campus security expert has said.

“If there is a situation where there is an immediate threat — which you would have if the master key is missing — and that information is not shared with the decision-making authorities, then, yes, that has Clery Act implications,” independent campus security consultant Daniel Carter said. The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act requires colleges and universities to establish policies for assessing risk and issuing emergency notifications when an incident occurs.

Director of the National Center for Campus Public Safety Kim Richmond said she could not comment on an individual case, but that in general the report of a missing and potentially stolen master key would warrant an immediate risk assessment.

According to the William and Mary Police Department’s investigation into the missing master key, obtained by The Flat Hat through a Freedom of Information Act request, the master key was noticed missing Aug. 14.

The employee last reported in possession of the key, whose name was withheld, enlisted 16 members of the Facilities Management staff to search for it, but the search turned up nothing. Aug. 25, a supervisor was informed of the missing key and advised the employee to make a report with the police. A day later, WMPD began their investigation.

Aug. 27, 13 days after the key was reported missing, William and Mary Police Chief Deb Cheesebro issued a notification to students.

“You may see some extra security on campus tonight and I wanted to let you know why,” she said in the email.

The following day, Cheesebro sent an update announcing that the investigation had concluded that the keys were believed to be lost and not stolen.

Cheesebro said that the incident did not present an immediate threat to the health or safety of students.

“Though not required to do so by Clery, we did communicate with students about the lost keys and the precautionary security measures undertaken,” Cheesebro said in an email to The Flat Hat Monday. “There was a significant concern about the time lapse in reporting the missing keys. W&M has taken proper actions to prevent this in the future.”

Carter, who has also served as the public policy director for the Clery Center for Security on Campus, said that the scope of the threat posed by a missing master key, whether lost or stolen, requires the immediate notification of the police. Carter left the Clery Center in 2012. The Clery Center’s media policy prohibits speculating about specific cases.

“I typically don’t tend to second-guess institutions without more information, but this is one of those cases where I would be hard-pressed for the facts to not yield an emergency notification,” he said. “It’s not a situation of, ‘Did the institution think a notification was warranted?’ It’s whether the people who can make that decision got the information fast enough.”

The College’s Key Control manual stipulates that College “[p]ersonnel in possession of master keys will immediately report lost or stolen keys to William and Mary Police, the Director of Housing Operations and to the Associate Vice President for Student Affairs/Director of Residence Life.”

In addition, the College’s code of ethics requires employees to “[r]eport any illegal or unethical action that comes to our attention, so the university can investigate and take corrective steps.” (The key control manual has since been updated. Now employees must report missing keys to the campus police and their facilities management supervisor.)

Police report copy

University Spokesperson Suzanne Seurattan said she could not comment on personnel matters regarding whether anyone had been disciplined as a result of the failure to report. She said the risk assessment performed on Aug. 26 determined that there was no immediate danger to the community.

“The lapse that occurred here was not in security but in the implementation of best practices to notify department heads and police,” Seurattan said in an email. “This is a matter we do and have taken seriously.”

Seurattan did not respond to questions about whether any security precautions were taken before the police were informed. After the police were informed, the decision was made to re-core the locks on student residences and purchase new storage boxes, in addition to increasing patrols, she said. The College also updated its policies for reporting missing master keys.

Carter said that a number of security precautions should have been taken to ensure student safety after the key went missing and while the re-coring process was underway, including monitors at the entrances to residential halls and closed-circuit television cameras.

“If you know there’s a gap in security, you should take steps to bridge that gap,” he said.

Carter said that the increased layers of security should have remained in place until the rekeying project was completed. That undertaking, which was delayed after winter break, finished with the re-coring of the Graduate Complex on Feb. 5.

Editor’s Note (2/23/16 at 3:36 p.m.):  An earlier version of this article included Daniel Carter’s position at SurvJustice on first reference. His comments to The Flat Hat were made in his capacity as an independent security consultant, and not as board president of SurvJustice. The article has also been amended to include the Clery Center’s media policy.


  1. “The lapse that occurred here was not in security but in the implementation of best practices to notify department heads and police,” Seurattan said in an email. “This is a matter we do and have taken seriously.”

    If it wasn’t a security lapse, why take it seriously?


Please enter your comment!
Please enter your name here