discussion. I think the biggest problem regarding privacy is that so few
people really think about it. While I'm confident most people do care about
privacy in the abstract, too few actually give it much thought and even
fewer understand the issues. This is why I think that the more privacy
concerns are voiced, the better.
From a privacy perspective, I think there are solid arguments on both sides
regarding whether or not using Google Apps protects privacy.
On the negative side, by far the biggest concern for me using Google Apps is
that Google has the ability to mine information from the data contained in
our emails. I think this is a legitimate concern regardless of Google's
stated policy and regardless of whether or not their intentions are always
pure. Ars Technica had a good article (
http://arstechnica.com/tech-policy/news/2009/09/your-secrets-live-online-in-databases-of-ruin.ars)
explaining how privacy can be compromised even when those who hold our data
genuinely think they are protecting our privacy by anonymizing our data.
On the positive side, I think the example below is a classic case of the
exception that proves the rule. Google knows that its bottom line depends on
users being able to trust their data with Google, so you can bet they spend
a lot of time making sure users' data is safe. I have much more confidence
in the ability of Google's army of techies to protect the integrity of my
data, then I have in our own technology department to protect the integrity
of a server we host. The simple reason is that unless a school has a very
large IT staff, managing an email server is generally just one small part of
one or two peoples jobs (I was one of them) who are often overworked. If I
wanted to hack into a school's email system, I would much prefer trying to
hack a school-hosted email system than trying to hack into Google. Related
to this is the ability of IT staff to access a user's email undetected.
While most email platforms have ways to protect data from any one
administrator, again the reality with most schools is that our organizations
are just too small to make implementing rigorous checks (e.g. requiring two
administrators to access an email file) practical. I really LIKE the fact
that even as a Google Apps administrator, I cannot view a user's email
without changing their password and thus letting them know that I did so.
Sure, I can look at the Postini archive (Postini is an optional anti-spam
and archiving service for Google Apps) if I have a compelling reason to view
a user's email, but my access to this archive is logged in a way with which
even I can't fiddle.
Which side of this debate you fall on depends on which you think is a
greater threat to privacy. Do you think Google mining your organization's
data is a greater threat, or do you think that privacy breaches originating
from within your organization or from those familiar with your organization
are a greater threat? I think the former is potentially more insidious, but
the latter is far more likely. For this reason, I think our switch to Google
Apps back in Sept of 2008 was a step toward protecting our users' privacy.
Tom Phelan
Director of Technology
Peddie School
www.peddie.org
On Tue, Sep 22, 2009 at 12:47 AM, Bill Fitzgerald <dwfitzgerald@yahoo.com>wrote:
> As published in Read Write Web (and aggregated in the NY Times, which is an
> interesting turn of events in its own right):
>
>
> http://www.readwriteweb.com/archives/whoops_students_going_google_get_to_read_each_others_email.php
>
> http://www.nytimes.com/external/readwriteweb/2009/09/18/18readwriteweb-whoops-students-going-google-get-to-read-ea-12995.html
>
> "A recent bug in Google Apps allowed students at several colleges to read
> each other's email
> messages and some were even able to see another student's entire inbox.
> The issue occurred at a small handful of colleges, admitted Rajen
> Sheth, senior product manager for Google Apps, but he declined to say
> how many other institutions were affected."
>
> Cheers,
>
> Bill
>
[ For info on ISED-L see http://www.gds.org/ISED-L ]
Submissions to ISED-L are released under a creative commons, attribution, non-commercial, share-alike license.
RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
