This FAQ is a work in progress and is based on questions and comments we have received. If you have a question or comment you would like answered please leave a comment on this page. Please note, comments on this blog are moderated to avoid spam. If you post a comment it may not appear immediately. It takes some time for us to receive a notification of a new comment and to read and release it.
Q1: What exactly are you proposing? Will there be an opt out option?
A: The draft proposal is available on this blog at:
Q2: Why would Ryerson pay Google when we could pay a Canadian company?
A: The suite of services in Google Apps for Education is free to Ryerson for use by our faculty, staff, and students. Canadian hosting companies are capable of hosting similar services using Microsoft’s software but would charge Ryerson millions per year to host accounts for everyone at Ryerson. Google’s Gmail offers 25 GB of storage. If it becomes necessary, Ryerson has the option to purchase additional storage and Email archiving services from Google.
Q3: I don’t trust Google. Why do you believe they will protect my privacy?
A: If we go forward with Google it will only be if we can agree with Google on a contract that binds Google to protect the privacy of the Ryerson community. However we don’t just have to take Google’s written agreement that they protect privacy. Google also submits to third party SAS 70 type 2 audits and must provide Ryerson with the results. Google also has a 20 year agreement with the Federal Trade Commission (FTC) in the United States to have its privacy practices audited. Due to its size, previous privacy mistakes (StreetView Wifi recording and default settings in Google Buzz), and lobbying by its competitors, Google is heavily scrutinized. In order to attract and retain corporations and governments to the commercial version of their services, Google must protect their customer’s data. Google’s Apps for Business is used by over 4 million businesses. Those businesses expect Google to protect their data. It is in Google’s interest to maintain very high security standards and protect the privacy of users in their Google Apps for Education, Google Apps for Business, and Google Apps for Government offerings. Google’s agreement with the FTC is available online: http://www.ftc.gov/os/caselist/1023136/110330googlebuzzagreeorder.pdf
Q4: Can Google guarantee members of the Ryerson community their privacy?
A: No one can completely guarantee privacy within an online system. Some reasons for this are:
- Law enforcement agencies with a warrant or production order can access private data.
- No system has perfect security. Users can be tricked into giving away their passwords, malware may infect a user’s computer and provide access to local and remote systems, previously unknown vulnerabilities may be discovered that allow acces to confidential data before a system can be patched, or physical security may be compromised – for example when hard drives are stolen.
- You may send Email to someone in confidence who forwards it to someone else without your permission. Email traffic between Email servers may not be encrypted.
The Request for Proposal (RFP) that Ryerson issued included questions related to security and privacy. Based on the responses we believe the Google Apps for Education service can be configured so that personal information is well protected by default. People who use the system may then decide when and how to share information.
Q5: Why host outside Canada? Won’t that expose my Email and documents to American law enforcement agencies?
A: We share your concern about making sure that robust privacy and security controls are in place. The very short answer is that Canada’s Anti-Terrorism Act and Mutual Legal Assistance treaty with the United States already represents an exposure of your Ryerson Email to US law enforcement agencies. Three more detailed points here:
First: Moving to the cloud does not take us from a privacy-friendly situtation to a privacy-risky situation. There are very real privacy and security risks currently associated with maintaining the status quo. Keeping things the way they are does not prevent access to your data from foreign or domestic law enforcement authorities. Even if privacy and security were the only considerations, which they are not (we are also looking at functionality, storage, cost), we would be recommending some sort of change as the status quo is not where we want to be. Then, add in to the mix the shifting and evolving legal landscape concerning privacy, lawful access to data, and warrantless searches of data. Shortly after the terrorist attacks in the United States in 2001, both the U.S. and Canada enacted legislation which expanded law enforcement authorities’ abilities to access data within their own jurisdictions and beyond. Treaties between the United States and Canada make it possible for American law enforcement agencies to access your Email and documents stored at Ryerson. For example, if you are “a person of interest” in an FBI terrorism investigation, the FBI can contact the RCMP (or CSIS) to request information about you. The RCMP can apply to a secret Canadian court, created under Canada’s Anti-Terrorism Act, to get access to your Email and documents. American authorities can get information in Canada without a warrant. Given the similarities between laws in the United States and Canada and the large amount of information routinely shared between U.S. and Canadian agencies, there may be no effective impact on safeguarding your data related to lawful access, between hosting in the U.S. and Canada. Regardless of what E-mail system you use, there is some risk of access under these legal schemes. Legal experts and privacy experts are of the view that the amount of risk is very low for the majority of individuals and that the greater privacy risk comes from how users themselves use Email and social media tools to create, share and retain data. For more information please see:
- David Fraser’s presentation here: https://ryecast.ryerson.ca/25/watch/1050.aspx (Use the slider to go to the 01:43:00 mark.) His slides are here: http://blog.privacylawyer.ca/2011/02/ryerson-university-looks-to-cloud.html Information about David Fraser is here: http://www.privacylawyer.ca/contact.html
- Commissioner Cavoukian Says the Patriot Act Is “Nothing” by Dan Michaluk, Hicks Morley: http://www.slaw.ca/2011/02/26/commissioner-cavoukian-says-the-patriot-act-is-nothing/
- Office of the Information and Privacy Commissioner of Ontario: http://www.ipc.on.ca/english/Home-Page/
- Assistant Privacy Commissioner of Canada on the U.S.A. Patriot Act: http://www.michaelgeist.ca/content/view/3308/125/
- Recent Canadian court cases on government surveillence of your data: Kirk Makin, “How far should we let the law follow digital footprings?”, Globe and Mail, Nov. 18, 2011, http://bit.ly/tEpmnN
- U.S. rethinking warrantless searches? Julia Angwin, “Judge Declares Law Governing Warrantless Cellphone Tracking Unconstitutional”, Wall Street Journal, Nov. 16, 2011, http://on.wsj.com/rYWDKV
Second: before posting any data anywhere, think about the consequences; namely, have you considered what would happen should the information in or attached to the Email be shared beyond the intended recipients. Email is a necessary and convenient communication tool but it is not necessarily the best choice for all communications, particularly those containing sensitive and confidential information. You cannot control what a recipient does with the information you have sent to them (how long they keep it, or with whom they share it). A significant number of privacy incidents are user-derived, meaning that they are the result of Emails sent to the wrong addressee or containing information to which others should not have seen. The most significant source of privacy incidents derives from unsecure devices where personal information is stored, specifically laptops, memory sticks and cell phones. Ryerson policies indicate that users storing personal information on these devices are responsible for their security (http://www.ryerson.ca/about/vpadministration/assets/pdf/InformationProtectionandAccessPolicy.pdf). Ryerson has developed a variety of solutions to support these requirements (http://www.ryerson.ca/ccs/itsecurity/confidentialdata/index.html). If these solutions don’t meet your educational, teaching, research or administrative needs, please let us know. We are committed to working with you to finding solutions.
Third: Assessing privacy risks for this project is an ongoing activity. Ryerson is performing a privacy risk assessment of the proposal to outsource Email, calendaring and collaboration tools to a cloud provider. If the current proposal goes to the executive and is approved, we will work toward implementation of a system using the internationally-recognized standard of Privacy by Design (http://privacybydesign.ca/). We have partnered with the Office of the Information and Privacy Commissioner of Ontario to help us meet this standard. This means building in user control over how their personal information is shared, their online profile, and enabling users to assess individual risks, of which Ryerson may not be aware, and make informed decisions about the appropriate places to store data and how to communicate. It means considering the privacy risks for the entire lifecycle of the data, from creation to destruction. It means looking at ways to build privacy into the cloud configuration and user settings that Ryerson is considering. Ryerson expects to provide you with information about options available to you. We expect to be transparent about these risks and want to engage with you in a conversation. The process does not end with announcing that we are proposing to outsource services to Google. In fact, a key part of the privacy risk assessment can happen only after contract negotiations commence, should Ryerson decide to pursue this.
Q6: Why is Google offering all this for free with no Ads and no Data Mining? It costs real money for them to host such features.
A: Google wants our students to use their services in the hope that they will continue using them when they leave Ryerson. If students use the consumer service after they leave, Google will make money on ads. If their employer decides to subscribe to Google’s corporate services, Google will profit from the fees it collects from them. Over 4 million businesses use Google Apps for Business. Google is engaged in a world-wide competition with Microsoft for these sorts of cloud-based consumer, corporate, and government services. They have a long term interest in attracting as many people as possible to their platform. However, according to Google:
Google’s costs are also lower than companies and Universities that run smaller scale machine rooms and data centres. Google provides an overview regarding the efficiency of their data centres here: http://www.google.com/about/datacenters/inside/efficiency/
Q7: Faculty members have raised concerns with Tri-Council regulations and Google data storage as well as other research partners and funders and data storage and data location – how will these be addressed?
A: We are not aware of a Tri-Council regulation that prohibits hosting research data in the United States. However, Article 5.3 in the Tri-Council Policy Statement on Ethical Conduct for Research Involving Humans includes this statement:
“Research data sent over the Internet may require encryption or use of special denominalization software to prevent interception by unauthorized individuals, or other risks to data security. In general, identifiable data obtained through research that is kept on a computer and connected to the Internet should be encrypted.”
Sensitive and confidential research data should never be sent in plain text Emails. Regardless of the Email system being used (Rmail or Gmail) confidential research data should be strongly encrypted if it must be sent via Email. Similarly, confidential research data should be stored in a strongly encrypted format on Internet accessible file servers at Ryerson or if they are stored on Google’s servers. If a research partner or funder prohibits storing data in the United States, Belgium, or Finland, then Google’s services must not be used – just as they are not used today. This does not mean Google docs and other services cannot be used by researchers. We believe Gmail and Google docs are an excellent way to discuss research and write and review research papers that do not include confidential research data. Google makes available a list of its data centres used for its Google Apps services:
Q8: The Committee cannot hand over custody and control to either Ryerson administration or to Google. RFA members have the right to custody and control of all their emails, correspondence, etc. The RFA asserts that right and it cannot be violated by any contract with Google or any other company.
A: Please see item number 8 under the section Security, Privacy, and the Protection of Confidential Records in the Draft Proposal:
It was designed to address concerns that outsourcing would somehow change the control or custody of records at Ryerson. Our goal is to change the default Google contract language from saying data is owned by the University to saying that data is owned by the University and/or its users. We believe this language and the other parts of item 8 removes any implication that the University is the sole owner of all data and means a contract with Google will have no impact on how the custody and control of records are managed at Ryerson. We do not believe a contract with Google is an appropriate place to further refine issues related to custody and control. Our interest is only to make sure a contract with Google will have no impact on issues related to custody and control at Ryerson. Useful background information on this issue is available here:
- Memo from James Turk, Executive Director, Canadian Association of University Teachers on Custody and Control of Academic Staff Records: http://www.caut.ca/uploads/Memo_0941_CCASR.pdf
- Access and Production Requirements and Records Possed by Faculty Members, Dan Michaluk, Hicks Morley: http://www.hicksmorley.com/images/pdf/2009/Records_possessed_by_faculty___06092009.pdf
- FINAL ORDER PO-3009-F: The university is ordered to request that APUO members produce responsive
records in the university’s custody or control to it and to issue an access decision to the
Q9: We should resist any attempts to hand over the emails of our members to third parties without the consent of the member and the RFA
A: Please see items one and two in the section titled: Security, Privacy, and the Protection of Confidential Records:
We believe Ryerson’s students and faculty are capable of making an informed choice regarding using Gmail or opting to use Rmail instead. Consequently, we are proposing giving fair notice and allowing faculty and students to opt to use Rmail instead of Gmail if they want to.
Q10: Who is preparing this proposal?
A: The proposal is being made by ACAC and CCS. ACAC is the Advisory Committee on Academic Computing created by the Provost, that provides a link between CCS and faculty on matters that deal with technology and academia. It strives to establish the appropriate and effective use of educational technology by faculty, student and staff members in the pursuit of excellence in education and research. ACAC has existed and been active at Ryerson since 1983.
More formally, ACAC acts as an independent advisory committee to the Provost & Vice Provost, Academic, and to the Vice President, Administration & Finance on issues pertaining to computing and technology and how they affect faculty, and vice versa. Membership of ACAC is comprised of representatives from across all faculties (elected by their deans), and as such members report on ACAC issues directly to their respective deans.
The committee deals with and is responsible for analyzing, investigating and recommending policies and guidelines on issues such as:
- acceptable use of technology
- network and computing security
- information and privacy security
- wiring and wireless policies
- web policy
In addition the committee deals with high-level issues and initiatives, such as:
- promoting effective communication between faculty members and CCS so that issues of concern may be dealt with effectively and efficiently
- identifying, evaluating and recommending both short-term and long-term technological requirements
The current members of ACAC are:
|Dimitri Androutsos, Chair||FEAS|
|Phil Coppack (sabb)||Arts|
|Jason Nolan||Community Services|
|Ju Ho Park||Chang School of CE|
|Wieslaw Michalak||Grad Studies|
|Chris Evans||Vice Provost Academic|
|Steve Daniels (sabb)||FCAD|
Please see our blog post introducing the consultation process and the Symposium we hosted jointly with Ryerson’s Privacy and Cyber Crime Institute on The Future of Email, Privacy, and Cloud Computing at Ryerson: