Search News


Browse Archives

News

A Setback for Google?

May 6, 2010

Share This Story

Related Stories

FREE Daily News Alerts

Advertisement

In what might be a setback for Google’s effort to put to bed persistent privacy and security concerns among existing and potential higher education e-mail customers, the University of California at Davis has announced that it will not be adopting Gmail for its faculty and staff members due to “increased privacy risks that have come to light in recent weeks.”

Outsourcing faculty and staff e-mail to Google might run afoul of the university’s electronic communications policy, said Peter Siegel, the CIO at Davis, and other campus technology officials, in a letter dated April 30. That policy forbids the university from disclosing electronic communications records “without the holder’s consent.” It also proscribes selling or distributing e-communications “that contain personally identifiable information about individuals” to a third party without permission from those individuals.

While it is debatable whether those passages would apply to outsourcing faculty and staff e-mail to Google, the letter said, the concerns that have been raised during the university’s eight-week pilot with Gmail were sufficient to convince officials to rule out a change. Davis, like many other colleges, has already outsourced its student e-mail to Google — and will continue to do so, according to Jeff Keltner, a business developer manager at the company. Most faculty and staff still use the university’s in-house system, called Cyrus, which serves about 12,000 employees.

At a February forum where Siegel discussed the Gmail pilot, the CIO said the university’s in-house e-mail system was fine for the time being, but might require upgrades that the campus would be unwilling to pay for, according to a news item about the event on the Davis Web site. Moving faculty to Google’s service, Siegel reportedly said, would save the campus at least $100,000 per year in licensing, storage and other costs.

Siegel could not be reached Wednesday evening.

Keltner, the Google business developer, said he is not familiar with any other institutions that have rejected Gmail for faculty and staff for privacy reasons after running a pilot, although he said Google would not necessarily have a record if any had. Google takes care to go through contracts carefully with college customers to make sure privacy and security concerns are adequately addressed, he said.

“Most schools we’ve talked to have moved to a place where Google’s security is probably better than theirs,” he said, adding that he did not expect Davis’s decision to start a domino effect among other institutions worried about privacy.

Among the 44 percent of colleges that have outsourced their student e-mail, about 70 percent use Google, according to data collected last year by the Campus Computing Project. Only 8 percent of institutions have outsourced faculty e-mail services, but 21 percent are currently considering it, according to the survey. Among larger universities, the percentage approaches a third. Keltner said Google’s share of that market is about the same — although far fewer institutions have moved their employees on to third-party e-mail clients. (Update, 5/6: This paragraph has been amended to include more relevant data from the 2009 Campus Computing Project survey.)

For the latest technology news from Inside Higher Ed, follow Steve Kolowich on Twitter.

Steve Kolowich
Go to comments (0) »

Get Hired!

Advertisement
Advertisement

Matching Jobs

Systems Analyst (Temporary Assignment) *Repost

Houston Community College
Responsibilities: Confer with personnel of organizational units involved to analyze current operational procedures, identify problems, and learn ...

Systems Administrator & Web Development P/A III

University of California Los Angeles
Desired Qualifications: Skill at managing and configuring the Apache web server on the Linux platform. Knowledge of the W3C standards for HTML and ...

Network Administrator II

Armstrong Atlantic State University
The Network Administrator II will function as a primary resource for all central networking and telecommunications infrastructure. Monitoring network ...

Senior Graphic and Web Designer

Saint Joseph's University (Penn.)
Saint Joseph’s University, located in western Philadelphia, is currently recruiting for a full-time Senior Graphic and Web Designer to be ...

Media Services Technician

Albany State University
Posting Details Posting Number: 0600009 Position Category: IT Technical/Paraprofessional Job Title: Media Services Technician - ...

Computer Technician II

Azusa Pacific University
Examples of Duties • Assist in image creation and maintenance for all APU computer images; • Create and maintain support procedures and ...

Most Popular

More...
Don't Miss a Great Opportunity

Comments on A Setback for Google?

  • More of the same
  • Posted by Sean , Associate Professor at Grand Valley State University on May 6, 2010 at 7:30am EDT

  • my institution shifted students to Gmail and a Google account this past year. we are currently seeking a new solution for faculty/staff email. however, the concerns noted in this article are very similar to the concerns i've previously heard for why faculty/staff will not use Gmail and Gmail is not being considered. i suppose i should just be happy that we're dropping Groupwise . . . but it would have been nice to switch to Gmail since Google Docs and the Calendar are already part of my daily routine. ah well.

  • FERPA Compliance
  • Posted by Kathy , Graduate Programs and Academice Records at Indiana University on May 6, 2010 at 8:30am EDT

  • Our concerns are with FERPA compliance and graduate students who will/may serve as associate instructors.

  • What is exactly at risk here
  • Posted by Art , Director, Academic Advising on May 6, 2010 at 9:00am EDT

  • That is a serious question. I don't understand how institutions can be OK moving students to gmail and not moving faculty and staff. Especially given the fact that most potentially FERPA-compromising information is shared between administrators/educators and students through the students official email address. Most FERPA compliance policies allow sharing of information via the student's official address, observing that anyone who has access to the students account has such at the student's permission. So, if you've allowed students to go to gmail, there's really no point in not moving faculty and staff there as well.

    So, I'll go back to my initial question, what really is at risk here. I'm eager to know as our faculty/staff email program is a bloated pig of a client, the university has adopted gmail for students but will not move Faculty/Staff over. Someone please help me understand the concern?

  • So get consent - what's the big deal?
  • Posted by reader on May 6, 2010 at 9:45am EDT

  • I assume the school already asks all new users to sign off on school email policies when they join the existing system. So why not add a line to the form acknowledging that Google as email provider will receive some private information? Then your only problem will be getting faculty to migrate to the new system.

  • Google & FERPA
  • Posted by VB on May 6, 2010 at 10:00am EDT

  • I don't get FERPA concerns with Google Apps for Edu.

    First, let's assume email constitutes an "education record" under FERPA.

    FERPA's Authorized Disclosure without Prior Written Consent (99.31(a)(1) (i)(A)) section pertains to how contractors, consultants, volunteers, and other third-parties to whom a school has outsourced services or functions handle "personally identifiable information from education records."

    One of the provisions of this section is that these third-parties, like Google, are subject to the requirements of section 99.33(a) which governs use and redisclosure of "personally identifiable information from education records." Section 99.33(a) states:

     

    An educational agency or institution may disclose personally identifiable information from an education record only on the condition that the party to whom the information is disclosed will not disclose the information to any other party without the prior consent of the parent or eligible student.

     

    To address this, Google Apps for Edu contract states (at least a recent version I saw online):

    To the extent that Google has access to “Education Records,” it is deemed a “school official,” as each of these terms are defined under FERPA, under this Agreement and will comply with its obligations under FERPA.

    So, as far as I can tell, Google contractually guarantees FERPA compliance.

  • about what i'fd expect from IT
  • Posted by paul wiener , librarian at stony brook univ on May 6, 2010 at 12:00pm EDT

  • Another example of the idiotic paranoia evidenced by so many university IT departments. They always seem to prefer applying programs that are proprietary, unwieldy, user-unfriendly and complicated. I bet UC-Davis backeds down because of the usual outcries that "Google is taking over the world" and archives everyone's information.

  • Posted by sean on May 6, 2010 at 9:00pm EDT

  • Paul, at my university the decision was made by our lawyers and had nothing to do with fears of Google taking over the world; rather, they just found language that was not going to work with regard to the sensitivity of emails addressing personnel matters, etc. I suspect UC Davis followed a very similar path. Proprietary systems aren't preferred for any reason other than they currently allow the university to control the servers that host the information and therefore the data is secured on site. I would bet that Google was preferred and that's why it was investigated.

Print
© Copyright 2011 Inside Higher Ed