UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

Summary: A major blow to Google; the University of California has ditched its pilot of its outsourced email service citing 'privacy issues' to its 30,000 student and staff users.


Google has been hit with a major blow in regards to privacy by a leading US university, which this week ended their pilot of the outsourced Google Apps email system.

Peter Siegel, the University of California Davis chief information officer, sent a letter with support from senior staff to employees stating that the Gmail pilot to supply 30,000 students and staff would end before a full roll-out across its entire network, due to doubts in keeping the students' email and content secure and private.

According to InformationWeek which broke the story, some excerpts of this letter offer some revealing and interesting justifiable perspectives from the senior university figure:

[Many faculties] "...expressed concerns that our campus’ commitment to protecting the privacy of their communications is not demonstrated by Google and that the appropriate safeguards are neither in place at this time nor planned for in the near future"

[This move by the university] "...by and large, it's not typical of what we're seeing in the market. We're seeing lots of schools move their students and faculty onto Gmail" .

In regards to the concerns over passing on or examining the contents of emails without the students' permission - which Gmail does to provide relevant advertisements.

"Outsourcing e-mail may not be in compliance with the University of California Electronic Communications Policy."

"Though there are different interpretations of these sections, the mere emergence of significant disagreement on these points undermines confidence in whether adopting Google's Gmail service would be consistent with the [aforementioned] policy".

[We continue to search for] ..."a more flexible and effective central e-mail system."

I half-criticised Microsoft a few months back for not embracing a similar social application to rival Google Buzz, which comes as part of the consumer Gmail experience. Yet with hindsight and especially in light of this new story and others, Buzz is a minefield for privacy related issues and this no doubt contributes to the reasons as to why the enterprise would want to avoid such issues.

Buzz was not part of the pilot which the university had rolled out, which Neowin had entirely misreported. The letter sent by the university CIO referenced a separate letter from the privacy commissioners from nearly a dozen countries which criticised Buzz, this was used merely as an example.

I think more than anything, trashy and poor reporting was more a clear outcome to this news story than Buzz being a contributing factor to the university's decision to cease the pilot.

Microsoft's equivalent service, Live@edu, which includes many of the features Hotmail currently has while integrating it as a university email and productivity account, is shooting ahead of Google in the outsourced email race.

While in this case, privacy appears to be a major factor taken into account by the university, as many institutions around the world are considered 'Microsoft campuses' with existing contracts and technologies in place, many are opting for Live@edu instead of Google Apps.

Will this move force other enterprise customers into adopting rival services such as Microsoft's Live@edu?

Topics: Cloud, Browser, Collaboration, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Doubtful...

    While the privacy issue is a real concern for some people and organizations, where it's a big enough concern to pull the plug on considering GMail logic and reason would tell us it's a big enough concern to pull the plug on any hosted solution. Almost everything in IT has risks and rewards that must be evaluated. For hosted email, the reward is lower maintenance costs and hopefully a more robust system ensuring the integrity of data. The risks that come along with that include reduced privacy, lack of full envirnomental control and a more difficult support structure from an end user perspective. These risks and rewards apply to all hosted email environments, not just GMail. In some areas, hosted email simply is a non-starter. I'm sure nobody would like to see law enforcement at any level using hosted email for doing their jobs no matter who the host is...the privacy concern would trump everything else. The same goes for hospitals as HIPAA privacy concerns would also seem to trump everything else. Non-critical government services, schools and most public-sector companies/individuals have their own concerns that need to be weighed individually. As with most things in life, there is no simple answer as to where hosted email services make sense and where they don't.
    • Wow. Thanks for a great post.


      Good read.
    • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

      I don't feel right about the UC Davis report. Google Apps (the education editions) has the option to disable advertising for domain so ads and the resulting scanning for ads can't be the real reason. Postini offers more security and archiving for compliance, but it isn't free like the Google Apps for Edu package.

      As stated in the article, Buzz really has nothing to do with Google Apps so it couldn't be part of the decision, and it's really the only privacy snafu that Google has had.

      It just feels like UC Davis wants to stick with what it has. There may be a mostly Outlook solution right now, and Outlook users are extremely hard to move off that platform. I've read where they are the #1 reason that migrations to Google Apps fail.

      If, on the other hand, everyone is checking e-mail with Mutt, then I don't see why they wouldn't want to move.
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        @daengbo Google Apps Sync is included with Premier and Educational accounts. It includes an Outlook connector much like Exchange or Zimbra uses. So I doubt Outlook would be an excuse either.
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        I think this points out that free isn't a good choice when privacy is concerned. If its free, then its getting subsidized by other means and when its Google that means advertising,which means they spy on your emails,web searching,fav web sites. And i even read an article they wanted to record our voice communications.
        So i think that free in this case has a far to heavy price.
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        Outlook interoperates with Google Apps email as an IMAP source beautifully....
    • Universities are in a unique position regarding privacy

      On the one hand, university environements are supposed to open forums for discussion and sharing of information but, on the other hand, student information is supposed to be fully protected since in many, if not most, states undergraduate college students are considered minors - making protecting their privacy of utmost importance.

      On the other side of the coin, state universities are subject to state and federal "freedom of information" laws which which require instutions to make available (upon demand) any information housed on any institutionally-own systems.

      So, to protect their students private e-mails, they are turning to service providers such a Gmail but any data considered "private" needs to reside on university-owned systems to meet federal and state guidelines.

      Lots of conflicts there.
      M Wagner
      • That's ridiculous

        [i]student information is supposed to be fully protected since in many, if not most, states undergraduate college students are considered minors - making protecting their privacy of utmost importance.[/i]

        Most college students are 18 and above, so that would make them legally adults. That reason doesn't wash.
        ubiquitous one
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        @mwagner@... "undergraduate college students are considered minors - making protecting their privacy of utmost importance."
        Nope. It's the Buckley bill, the main result of which is that students are considered ADULTS, which means schools can't rat kids out to their parents (such as letting them see grades, etc.)
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        FERPA, the Family Educational Rights and Privacy Act of 1974, protects education records in all U.S. educational institutions regardless of public, private, secondary, or post-secondary. It doesn't matter what age the students are. Student email qualifies as education records because it directly relates to the student and is maintained by the institution or an agent of the institution and is not one of the explicit exceptions (law-enforcement, medical treatment, employment, or post-attendance). Some states have more restrictive privacy laws, so FERPA is really a starting point.

        FERPA applies to institutions acting as agents of the educational institution, so Google is subject to FERPA as well. In some minds this is where the issue and doubt lies.

        The Buckley bill (which is another name for FERPA) does not prevent "ratting" out grades from students to parents. FERPA allows legal guardians access to student records, including grades, with or without student consent.
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        @mwagner@... I read your comment and I am very interested in what you said. So if taxpayer money is funding the university e-mail accounts, how does one request access to e-mails of students discussing illegal activity.
    • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

      @jasonp@... The difference is the business model.

      While there is a loss of privacy with any hosted service as you suggest, Google's business model makes it less trustworthy than most others. Google makes all of its money by spying on its users, building a profile, and selling advertising on that basis. And, because of their pervasiveness, it is very hard not to get profiled and stored by Google. Even if you use none of their apps or services, they still link to your IP address from your searches and accumulate those searches to build a profile. On top of that, many sites use other "free" Google services such as google-analytice (this site is amongst those) so they can link your visit to your IP again.

      For those fervent users of Google, they have all your emails, your contacts, your calendar, your docs, your whereabouts, your home location, your chats, any soon your television watching habits.

      Such an accumulation of data about so many people around the world by one company has got to represent one of the major dangers to society that exists. This is not the Google started by Larry and Sergei to help search for information. This is a company that parasites off all the information produced by others and sells advertising so that you can see the parasited info. This is the Google of Eric, and it is not to be trusted.
  • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'



    Another punch to the face for Google! The education for those University of California students is really paying off. They were smart enough not to fall for Google's antics. Now lets see if more universities and other organizations follow this great example. Poor Larry and Sergy must be crying their little eyes out right now. LOL!!
    Loverock Davidson
    • what a $hill!

      @Loverock Davidson
      This is a dark day for software freedom and this university should be shun by the students.
      LlNUX Geek
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        @Linux Guru Advocate

        What would you know about being a student and attending a university?
      • Why should the University be shunned

        @Linux Guru Advocate: when it is evident that Google wasn't concerned about security. I have listened in on several meetings and discussions about Google's lack of interest in complying with security and privacy standards.

        Google is fine for consumers, Heck I even have my on Gmail account that acts as my primary personal account.

        The college campus for which I work is migrating our students over to MSFT's Hosted site, where security and their enterprise customers are their top concern.
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        You _do_ know about Postini, right?
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        You _do_ know about Postini, right?
      • Software freedom, or the freedom to use our data?

        @Linux Guru Advocate, it really is a dark day indeed when people like you feel it is acceptable to give away all of your private info for the price of a few pennies in savings.<br><br>Yes, a Dark Day indeed.
        John Zern
      • RE: UC Davis scraps Gmail pilot: Privacy levels 'unacceptable'

        @Linux Guru Advocate

        How so? These students have freedoms too. Shouldn't they have the freedom to choose what works best for them?? Just wondering!