Gmail at Yale

Overview

In February of 2010, the Yale Daily News broke the story that Yale would be switching its primary email servers to Gmail through Google’s Apps for Education. Shortly thereafter, however, the switch was delayed to get more input from the community, citing concerns over privacy and intellectual property. As of April, an ITS advisory committee has been formed and they will deliver their opinion of the possible switch by the fall semester. Before that decision, however, there are many questions to be answered: What exactly are the privacy and intellectual property concerns in this switch? How much control will the university have over its information? And how will students be affected?

Contract Analysis

The agreement between the University and Google’s Apps for Education is usually set down in the contract made between the two parties. It is here that one ought to go first to determine what kinds of privacy, security, or IP issues there might be. The following are commonly posed questions, along with the relevant response taken from the generic contract that Google provides online. It’s important to note, however, that every agreement has its own unique contract and may be amended from the generic agreement.

Who will own the content on Google’s servers?

“7.1 Intellectual Property Rights. Except as expressly set forth herein, this Agreement does not grant either party any rights, implied or otherwise, to the other’s content or any of the other’s intellectual property. As between the parties, Customer owns all Intellectual Property Rights in Customer Data, and Google owns all Intellectual Property Rights in the Services.”

Google’s FAQ also discusses data ownership: http://www.google.com/support/a/bin/answer.py?hl=en&answer=106876

“To put it simply, Google does not own your data. We do not take a position on whether the data belongs to the institution signing up for Apps, or the individual user (that’s between the two of you), but we know it doesn’t belong to us!”

What kind of security measures will be implemented for my information?

“6.1 Obligations. Each party will: (a) protect the other party’s Confidential Information with the same standard of care it uses to protect its own Confidential Information; and (b) not disclose the Confidential Information, except to affiliates, employees and agents who need to know it and who have agreed in writing to keep it confidential.”

The level of this security, however, is debatable. This will be discussed below.

What kind of privacy does Gmail have?

Google’s privacy likewise is controversial. Their privacy policy includes: http://mail.google.com/mail/help/privacy.html

“When you use Gmail, Google’s servers automatically record certain information about your use of Gmail. Similar to other web services, Google records information such as account activity (including storage usage, number of log-ins), data displayed or clicked on (including UI elements, ads, links); and other log information (including browser type, IP-address, date and time of access, cookie ID, and referrer URL).”

“Google maintains and processes your Gmail account and its contents to provide the Gmail service to you and to improve our services. The Gmail service includes relevant advertising and related links based on the IP address, content of messages and other information related to your use of Gmail.”

“Google’s computers process the information in your messages for various purposes, including formatting and displaying the information to you, delivering advertisements and related links, preventing unsolicited bulk email (spam), backing up your messages, and other purposes relating to offering you Gmail.”

“We provide advertisers only aggregated non-personal information such as the number of times one of their ads was clicked. We do not sell, rent or otherwise share your personal information with any third parties except in the limited circumstances described in the Google Privacy Policy, such as when we believe we are required to do so by law.”

What about advertising?

a. Default Setting. The default setting for the Services is one that does not allow Google to serve Ads. Customer may change this setting in the Admin Console, which constitutes Customer’s authorization for Google to serve Ads. If Customer enables the serving of Ads, it may revert to the default setting at any time and Google will cease serving Ads.

Negotiable Contract Items

When Google makes an agreement to provide Gmail to a university, the contract between that individual university and Google may have different negotiated terms than the contract online. When Yale is determining what terms it might agree to, it would especially be useful to know what other universities have negotiated. Unfortunately, the vast majority of these contracts have been protected by confidentiality agreements. For example, see this statement from Monash University:

“The terms of the agreement between Monash and Google cannot be disclosed due to reciprocal confidentiality requirements. However, it should be noted that substantial amendments have been made to the arrangements between Monash and Google which are significantly more advantageous to both Monash and its students than the standard Google Apps Education Edition terms that are generally available online…. In addition Monash has negotiated changes, the terms of which are confidential” (from http://www.its.monash.edu.au/students/email/google-apps/faq.html).

Sample Contract: University of Minnesota

Fortunately, I was able to obtain the contract from one university which has implemented Gmail, the University of Minnessota. They do have a few small changes to the contract which might guide Yale’s committee is negotiating its own contract, although they do seem minor:

-Customer Administration of the Services.

The line “Customer is responsible for: …. (c) ensuring that all activities that occur in connection with the Admin Account comply with the Agreement” was changed to “(c) take reasonable steps to ensure that all activities that occur in connection with the Admin Account comply with the Agreement”

This change seems minor but does create a somewhat lower standard of ensuring that all of the activities comply with the agreement.

-FERPA & HIPAA

A clause about Ferpa has been added:

6.5: Personally Identifiable Information: Each party acknowledges that, in the course of performance hereunder, they may receive personally identifiable information that may be restricted from disclosure under Health Insurance Portability and Accountability Act (HIPAA) and/or the Family Educational Rights and Privacy Act (FERPA). Notwithstanding any other provision of this Agreement, each party will be responsible for all damages, fines and corrective action arising from disclosure of such information caused by such party’s breach of its data security or confidentiality provisions hereunder.

-Governing Law

Finally, this clause on governing law has been removed from the Minnesota agreement:

14.10 Governing Law. This Agreement is governed by California law, excluding that state’s choice of law rules. FOR ANY DISPUTE RELATING TO THIS AGREEMENT, THE PARTIES CONSENT TO PERSONAL JURISDICTION IN, AND THE EXCLUSIVE VENUE OF, THE COURTS IN SANTA CLARA COUNTY, CALIFORNIA.

Not being a lawyer, I’m not sure what significance this might have, but it is interesting to note nonetheless the Minnesota removed their requirement to be under the jurisdiction of California.

Other Possible Changes

In addition to these negotiable items, there are also hints of changes other universities have made to their contract (even though the contracts are not made public).

Scanning

For example, in this FAQ Pacific Lutheran claims that they have negotiated with Google such that email will not be scanned for marketing purposes:

“I understand Google has a lot of advertising—won’t that be a problem?

We have an option to turn that off, which we will exercise. Alumni accounts, if we implement those, would have advertising—but that’s not part of this proposal. Google will not take our information, scan, it and use it for their marketing. This stipulation is spelled out in the contract with Google.”  (http://www.plu.edu/google-apps/faq/home.php)

Thus, Yale might likewise try to negotiate that Gmail should not scan our email.

Storage Location

Further, there has also been controversy regarding the country where email will actually be stored in. For Yale, ITS has said that “Google was not willing to provide ITS with a list of countries to which the University’s data could be sent, but only a list of about 15 countries to which the data would not be sent.” As a possible point of negotiation then, Yale could ask to have its data stored only in the US or at least in countries that it perceives as more secure. Critics of this approach have argued, though, that limiting one’s data to a single country actually increases security risks rather than decreasing them.

University Backlash

In the most recent turn of events, UC Davis has actually decided not to use Gmail for their faculty and staff, citing privacy and security concerns. In a letter signed by the vice provost and two chairs on information technology, they said that “faculty expressed concern that our campus’ commitment to protecting the privacy of their communications is not demonstrated by Google and that the appropriate safeguards are neither in place at this time nor planned for the near future.”

Further, they cited a letter signed by the privacy commissioners from ten countries (not including the US) citing “Google’s perceived inattention to protecting user privacy,” apparently fueled by the debacle with Google Buzz.

The question of whether Gmail is secure enough and private enough is still up in the air, with many critics disagreeing. However, with UC Davis rejecting Gmail for faculty and staff, and Yale balking in its adoption for the whole university, what is clear is that the adoption of Gmail is not something that should be done without careful attention and consideration.

Further Reading, Yale Daily News Coverage:

Google to run Yale e-mail, February 9, 2010

http://www.yaledailynews.com/news/university-news/2010/02/09/google-run-yale-e-mail/

Gmail move gets praise, February 10, 2010

http://www.yaledailynews.com/news/university-news/2010/02/10/gmail-move-gets-praise/

Csar, Kamdar and Slade: Lux et Veritas et Gmail, February 11. 2010

http://www.yaledailynews.com/opinion/guest-columns/2010/02/11/csar-kamdar-and-slade-lux-et-veritas-et-gmail/

ITS delays switch to Gmail, March 30, 2010

http://www.yaledailynews.com/news/university-news/2010/03/30/its-delays-switch-gmail-community-input/

Committee to review Gmail, April 9, 2010

http://www.yaledailynews.com/news/university-news/2010/04/09/committee-review-gmail/