By Chris Jay Hoofnagle
http://www.dailycal.org/2013/03/19/bmail-berkeley/
Should you care that the university outsourced student and faculty
email service to Google? Perhaps you should not. Vendors can provide
many services to campus efficiently, perhaps even better than our own
employees can.
CalMail appeared to be one of those poorly performing campus services
best handled by a vendor. It had a funky Web interface, it had outages
and it was not well integrated with other applications, such as a
calendar service. And many other schools have outsourced their
information technology services to Google and Microsoft.
But if we think about this more deeply, we might conclude the
opposite: Communications and information services are so critical to
academic freedom that trusting them with an outside vendor can be
problematic.
When one enjoys something as precious as academic freedom and the
research insights we create or owes duties to others, one cannot just
slouch toward the most convenient. I could leave the door to my office
and file cabinets open, because bothering with locks and the like is
inconvenient. I could consult with my colleagues about student issues
over Facebook. But my convenience would impose a cost on others.
Consider how important your email is. UC Berkeley is the premier
public research institution. Our faculty and students perform important
research, some of which is classified, controversial or subject to
spying by companies or nation-state actors. There is a long history of
outside meddling with faculty and student freedoms; now that so much of
our speech is mediated electronically, these freedoms can be disrupted
whenever the confidentiality, availability or integrity of email is
affected. And finally, faculty email routinely contains communications
with students about their progress, foibles and other sensitive
information, including information protected by specific privacy laws,
such as the Family Educational Rights and Privacy Act. We have both
legal and ethical duties to protect this information.
CalMail may have been dowdy, but it did offer real advantages. If law
enforcement wanted access to student or faculty email, it had to make
requests to university counsel. Our lawyers are very good — they could
work almost anywhere they want — but they work here because they care
about this school and protecting students. Similarly, our information
technology professionals care deeply about the university’s privacy
norms and mission.
Cloud service providers such as Google, however, may be far less
likely to be familiar with our specific duties, norms and protocols or
to have in place procedures to implement them. Outsource providers may
be motivated to provide services that they can develop and serve “at
scale” and that do not require special protocols.
We should also think carefully about Google’s incentives to provide
“free” services to universities. The first-order analysis suggests that
Google simply wanted more users. Providing service to campuses was a
way to attract more eyeballs.
But this makes little sense. Our contract with Google is not our
contract with Pepsi — people actually want Google. In fact, one campus
justification for bMail was that so many students were already
forwarding their CalMail accounts to Gmail.
A better explanation is data analysis: Google’s interest in deriving
knowledge from the emails and documents we generate and from the
connections with make with other people.
It is rumored that some campuses understood this risk and negotiated a
“no data-mining clause.” This would guarantee that Google would not
use techniques to infer knowledge about users’ relationships with others
or the content of messages. Despite our special responsibilities to
students to protect their information and our research and other
requirements, we lack this guarantee.
I say “rumored” because we do not know whether other campuses have
this anti-data-mining agreement. Google, that bastion of free speech
values, put a gag clause in its contracts with institutions. This made
it difficult for our IT professionals to learn from other campuses about
the nuances of outsourcing to Google. As a result, much of what we
know about how other campuses protected the privacy of their students
and faculty is rumor that cannot be invoked, as it implicitly violates
the gag clause.
We should also consider the risks inherent in our outsourcing
process. Both companies the campus considered for outsourcing, Google
and Microsoft, are under 20-year consent decrees with the Federal Trade
Commission for engaging in deceptive practices surrounding privacy
and/or security. Google in particular, with its maximum transparency
ideology, does not seem to have a corporate culture that appreciates the
special context of professional secrecy. The company is not only a
fountainhead of privacy gaffes but also benefits from shaping users’
activities toward greater disclosure. Google presents itself as a
positive force, but some of its means and goals are illiberal and
technocratic.
We have to be smarter about the perverse incentives vendors may
have. Google has strong incentives that run counter to the
enlightenment values embedded in the university’s mission because each
quarter, it is advertisers, not users, that write Google a check. Google
makes design decisions to maximize tracking and sharing of data with
advertisers, even where effective, privacy-friendly alternatives exist.
As the expiration date of the systemwide Google contract approaches
in June 2015, we should rethink how we have entrusted our email and
documents to a data-mining company. As an email provider, Google
appears to be free, but we may find that we end up paying for it in
other ways.