RMail privacy and security may not be what you expected

This blog post was originally sent via email to Ryerson students, faculty and staff currently using RMail. We encourage you to join the discussion in the comments section below.

When Gmail first became available at Ryerson, approximately 57 per cent of RMail users moved to using a Ryerson-provided Gmail account. Since then, newly arriving faculty and students have overwhelmingly opted to use Ryerson-provided Gmail accounts. The following graph shows the percentage of people who opted to use Gmail every month since 2013:

The spikes above 100 per cent represent people switching from RMail to Gmail in order to maintain an alumni account.

Gmail use steadily climbing

In the last year, without counting alumni accounts, the average monthly opt-in rate for Gmail has been 93 per cent. As a result, the number of Gmail users has steadily increased over the last six years.

As of November 2018, 90 per cent of all active accounts are in Gmail. That’s 83,602 active accounts in Gmail and 9,508 accounts in RMail. (Most RMail accounts are student or old department accounts.) Based on current opt-in rates, we expect the trend to continue until approximately 93 per cent or more of Ryerson’s email accounts are in Gmail.

Gmail is where Ryerson’s work-related email is stored

When an RMail user writes to someone else at Ryerson, they are more than likely writing to someone using Gmail. As such, using RMail does not prevent work-related email from making its way into Gmail.  Even when writing to another person using RMail (or another email system), there is no way to stop that person from copying or forwarding that email to someone else’s Gmail account. What’s more, 19 per cent of instructors using RMail forward all their mail to an email system outside the university. Based on the very high adoption rate of Gmail at Ryerson, it is now the primary place where work-related emails are stored.

For anyone who stayed with RMail because they didn’t want their email to be stored on Google’s servers in the United States, this may be discouraging news. But then again, the advantage of storing data in Canada may never have been quite what people hoped for.

Only in Canada?

When Gmail was introduced at Ryerson, some people were concerned about email being hosted in the U.S. This concern was later reinforced by early reporting of Edward Snowden’s leak of National Security Agency (NSA) files. The first reports (about PRISM) in the summer of 2013 claimed that the NSA had direct access to Microsoft, Google, Apple, Yahoo, and Facebook’s servers. It sounded like the NSA could access anything in their data centres at any time. A week after the initial reports, it turned out that wasn’t the case. See for example the Washington Post article, Here’s everything we know about PRISM to date.

On the other hand, it turned out that a system located in the UK and managed by Britain’s Government Communications Headquarters (GCHQ) in partnership with the NSA was intercepting transatlantic communications between data centres belonging to Yahoo and Google. In response, Google implemented strong encryption for all their data centre communications and now encrypts all data while it’s stored and inactive. Wikipedia has a good summary of the project MUSCULAR surveillance program.

Since 2013, nothing significant has changed regarding the risks of hosting email with Google in the U.S. Given reciprocal law enforcement agreements between the U.S. and Canada, and Canada’s laws which largely mirror the provisions of the Patriot Act, hosting email in the U.S. does not expose that data to significantly greater risk from government access than if it were to reside entirely in Canada. If a U.S. intelligence or law enforcement agency wants Canadian data that they don’t already have, they can ask for it from a Canadian intelligence or law enforcement agency. “Canada has a ‘secret court’ that allows ex parte applications for warrants, including sneak and peek warrants.” Canada also has “warrantless wiretap powers for international communications” like they do in the U.S. For more on this, please read:

I thought Ontario’s Information and Privacy Commissioner summed up this state of affairs well at Ryerson’s 2011 Symposium on Privacy and the Cloud: “Whether you have the Patriot Act or not it doesn’t matter. There will always be law enforcement methods and techniques that will access certain types of information here, there and everywhere.” Read the privacy commissioner’s full quote.

Thinking about risks

While hosting data in the U.S. doesn’t, by itself, significantly increase privacy or security risks, that doesn’t mean we don’t have to look closely at those risks. Privacy and security were important factors in Ryerson’s selection process, as outlined in the Is Ryerson Ready to Go Google? blog post, that led to negotiating an agreement with Google. You can also read about our Email and Collaboration Tools Privacy Impact Assessment.

One reason we selected Google was because of their excellent work on securing their systems and pushing back against law enforcement requests for user information. You can read a little bit about Google’s security in my previous blog post, Comparing the security of RMail and Gmail.

In the end, RMail isn’t offering the protections people hoped it would. It isn’t keeping mail out of the U.S., or from Google’s servers, and it isn’t protecting mail as well as Google does.

How would a transition to Gmail work?

A transition to Gmail would most likely happen in a series of steps:

  1. To begin with, the option to use RMail for new accounts would be removed. All new accounts would be created in Gmail.
  2. A three-month transition period would be provided so RMail users could download and/or delete any mail they don’t want moved to Gmail. During this period, anyone who is ready to move to Gmail can do so by opting-in to Ryerson Gmail.
  3. After three months, all RMail accounts would be moved to Gmail.

While a move to Gmail may be a little disruptive for some RMail users, email client software like Microsoft Outlook and Mozilla Thunderbird can continue to be used.

In the near future, a survey will be shared to understand any concerns you may have about moving to Gmail. We’ve already heard some great feedback. For example, Gmail is blocked in China and some other countries. How will students working at a distance access their Ryerson email account? Some people who have used both systems have found they are more productive using RMail. Some don’t trust Google or have a strong preference that the university locally host its own email system. This is all valuable information for the Advisory Committee on Academic Computing to consider.

Yours truly,


Brian Lesser
Chief Information Officer
Ryerson University

This entry was posted in Uncategorized. Bookmark the permalink.