On December 20, 2011 we reviewed the joint proposal to adopt Google Apps for Education submitted by the Advisory Committee on Academic Computing (ACAC) and Computing and Communications Services (CCS). We are pleased with the work done by the joint ACAC/CCS committee to thoroughly research the needs of the Ryerson community, the options for a new email, calendar and collaboration platform, and the issues related to cloud computing. The consultation process was notable for being both informative and inclusive.

We are delighted to accept the committee’s assessment of Google Apps for Education as the preferred solution for Ryerson. The proposal includes a series of next steps leading to negotiation of a contract with Google, which we also support. We look forward to the outcome of the proposed assessments on privacy, financial risk, integration and security.

If adopted, Google Apps for Education will provide the Ryerson community with a rich collaboration platform that will work consistently across the entire university and will dramatically improve the online environment at Ryerson. We also accept the committee’s recommendation that students and faculty who do not wish to use Gmail for email be able to use the current Rmail system.

For more information on the proposal, visit

http://email.blog.ryerson.ca

We’d like to commend Dimitri Androutsos, Chair, ACAC and Brian Lesser, Director, CCS for their leadership on this significant project. We would also like to recognize the important contribution and hard work of the Email and Collaboration Committee:

Dimitri Androutsos, Electrical and Computer Engineering (Co-chair)
Brian Lesser, Director, Computing and Communications Services (Co-chair)
Mike MacDonald, Arts
Jason Naughton, Electrical and Computer Engineering
Casey Carvalho, Computing and Communications Services
Saira Chhibber, Ryerson Students’ Union
Heather Driscoll, Information and Privacy Coordinator
Dave Mason, Computer Science
Jennifer Parkin, Computing and Communications Services
Ilone Harrison, Records and Information Management

Yours truly,

Alan Shepard, Provost and Vice President Academic

Julia Hanigsberg, Vice-President, Finance and Administration

On December 6 the Advisory Committee on Academic Computing (ACAC) voted unanimously to recommend that Ryerson adopt Google Apps for Education. Here is the final text of the recommendation.

December 6, 2011

Proposal to Adopt Google Apps for Education

Background

The E-mail and Collaboration Committee has consulted with the Ryerson community regarding the options for providing all Ryerson students, faculty, and staff with a new University-wide E-mail, Calendar, and Collaboration Platform. Our consultations have included:

• information provided on this blog that includes comments from the Ryerson Community;
• a symposium Exploring the future of E-mail, Privacy, and Cloud Computing at Ryerson;
• a requirements survey available to anyone at Ryerson;
• a Request for Proposal(RFP) that reflected Ryerson’s requirements and included sections on accessibility, security, privacy, ownership of data, mail opt out options, legal jurisdictions, and the Patriot Act.
• town halls to discuss this proposal;

The committee has also worked with Ryerson’s Privacy Coordinator and consulted with staff from the Office of the Information and Privacy Commissioner of Ontario regarding developing a Privacy Impact Assessment based on Privacy by Design Principles.

Adoption of Google Apps for Education

Google Apps for Education is a full-featured Web and mobile enabled collaboration platform that includes Gmail, Google calendar, Google Docs (including documents, spreadsheets, presentations, forms, drawings, and tables), Google Sites, Google Groups, and Google Talk (instant messaging, audio chats, and video conferences). Other features include Google Reader, Google+, Blogger, Picasa, Google Video for Business, Google Groups for Business, 25GB email storage per person, BlackBerry and Microsoft Outlook access, and integration with MS Office via SharePoint services. Google makes it possible to integrate their services with Learning Management Systems and Student Administration Systems for example Blackboard and RAMSS. Google also makes it possible to add custom widgets to their services and to build custom online services using Google’s App Engine. Google Apps for Education is not the same as Google’s consumer services. No advertising is shown to students, faculty, and staff and there is no data mining. (Alumni do see ads.) Google offers a level of physical and online security unavailable within Ryerson’s current IT infrastructure. Their services are more robust than any service at Ryerson and routinely provide well over 99.9% availability. All these services are available to Ryerson without cost. (Google also offers additional storage and other service enhancements for a fee.) The committee believes Google offers one of the best online services available anywhere in the world and, unlike any comparable service, makes all of it available for faculty, staff, and students for free. Consequently we recommend:

1. Ryerson complete an in depth privacy impact assessment, financial risk assessment, integration and security assessment of adopting Google Apps for Education;
2. Provided a satisfactory outcome to these steps, Ryerson should negotiate an acceptable agreement with Google and a systems integrator for professional services to help planning and implementing the adoption of Google Apps for Education;
3. Provided a satisfactory contract is negotiated, Ryerson will adopt Google Apps for Education as Ryerson’s University-wide E-mail, Calendar, and collaboration platform;
4. After the transition to Google Apps for Education is complete, the GroupWise E-mail and Calendaring system will be decommissioned;
5. We also anticipate that Faculties and Departments that run their own E-mail and/or calendaring systems will also migrate to Google Apps for Education and that they be encouraged to do so in order to provide a universal calendaring and collaboration platform for everyone at Ryerson;

Security, Privacy, and the Protection of Confidential Records

The superior security, ability to control default privacy settings, the expected language in a contract with Google, and ability to integrate with Ryerson’s identity management, authentication, and directory services means that adopting Google Apps for Education will improve Ryerson’s ability to protect the privacy of its users and the confidentiality of records hosted by Google. However, Google is based in the United States and so falls under U.S. laws including anti-terrorism legislation such as the Patriot Act. Naturally this leads to concern that U.S. law enforcement agencies might have access to information that they would not have access to if Ryerson’s data is hosted by Ryerson or another Canadian organization based entirely in Canada. However, Canada has similar anti-terrorism legislation that provides for access to information without a court order and without notification. U.S. and Canadian law enforcement officials have both formal and informal information sharing agreements in place and routinely share large amounts of information. Also mutual legal assistance treaties allow Canadian authorities to get warrants for US authorities, and vice versa. ( http://blog.privacylawyer.ca/2011/10/cloudlaw-law-and-policy-in-cloud.html ) In other words, U.S. law enforcement agencies are capable of accessing information in Canada without a court-issued warrant and without notifying the person to whom the data belongs. It is therefore difficult to judge if there is a significant increase in risk to using Google Apps for Education. However, even if the increase in risk is extremely small for most people, the consequences of access to private information may be significant. Consequently, we recommend that Ryerson provide an opt-out option for faculty and students who judge they have an increased risk if their E-mail is hosted by Google. Because the incremental risk of using a U.S.-based provider is so small, we expect the vast majority of students, faculty, and staff will prefer to use GMail. However, we recommend:

1. Before providing access to Google Apps for Education, users and departments will be informed by Ryerson that data, including emails, stored with Google will reside in foreign jurisdictions and will be subject to the laws of those jurisdictions including the Patriot Act. They can then make an informed decision about what kind of information they will transmit through GMail or store in any of the Google Apps for Education services.
2. Faculty and students may elect to use RMail instead of GMail. (Staff should discuss any concerns with their managers as operational concerns may make opting out unfeasible.) However they must choose between Email systems. They cannot use both. The University will provide a means to change systems at certain times every year.
3. All faculty, staff, and students will be provided with a Google calendar which may contain automatically updated schedule information from RAMSS and information regarding significant dates, events, and deadlines.
4. By default, all faculty, staff, and students have available to them all the features of Google Apps for Education except E-mail for users who opt to use RMail.
5. Authentication will be done by Ryerson with no need to provide your login credentials to Google when only the web interface is in use.
6. Logging in through my.ryerson.ca and accessing resources available through Google will not send your Ryerson password to Google. Some services may require you provide Google with a password. For example to use an E-mail client that supports IMAP and connects directly to Google’s service. Where possible Ryerson and Google will work together to avoid this scenario or provide options such as using a second password only for Google. Otherwise Ryerson will notify the community where passwords will pass through Google’s service.
7. There will be no advertising or data mining for faculty, staff, and student accounts. Google may display ads in Alumni accounts.
8. Google will not own any data. All data is the property of Ryerson and/or its end users and the contract with Google will have no impact on the intellectual property rights, custody, or control of faculty, staff, and student data.
9. Google will make available to Ryerson SAS 70 Type 2 internal controls compliance reports. These reports are conducted by a third party and include information on Google’s controls and processes related to physical security, privacy, logical security, change management, organization and management.
10. All client/service Web traffic will be encrypted in transit by default as will all University/Google traffic.
11. The RMail system is not expected to provide the capacity or quality of service of GMail. After two years Ryerson will re-examine the use of RMail as an opt out option – especially to explore if there are better ways to mitigate any risks of using a provider in a foreign jurisdiction and to review the quality of service offered by RMail.

Summary

Ryerson’s E-mail and Calendaring systems have not remained competitive with online services provided by companies like Google. For example, Ryerson’s systems do not provide Gmail’s features, storage capacity, or availability. Ryerson does not currently offer University-wide calendaring, instant messaging, video chat services, real-time collaborative document editing and review, and other services required to provide a rich online working and collaboration environment.

Adopting Google Apps for Education will provide the Ryerson community with a rich collaboration platform that will work consistently across the entire University. Just as Ryerson’s Master Plan is a bold undertaking designed to revitalize the campus and act as a catalyst for change and renewal, we believe adopting Google Apps for Education will act as a catalyst by dramatically improving the online environment at Ryerson.

References

• November 25th Town Hall video: https://ryecast.ryerson.ca/25/watch/1565.aspx
• Heather Driscoll’s November 25 slides: TOWNHALL_privacy.pdf
• Brian Lesser’s November 25 slides: Is Ryerson Ready to Go Google?
• November 14 Town Hall: https://ryecast.ryerson.ca/46/watch/1550.aspx
• Google Apps for Education: http://www.google.com/apps/intl/en/edu/
• Security and Privacy: http://www.google.com/apps/intl/en/edu/privacy.html
• Google Accessibility Statements: http://www.google.com/accessibility/policy/
• Is Ryerson Ready to Go Google?
• Presentation slides and videos from the Symposium: Exploring the Future of E-mail, Privacy, and Cloud Computing at Ryerson.
• Detailed information on SAS 70 Type 2: http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-00324.pdf
• Google’s description of SAS 70 Type 2: http://www.google.com/support/a/bin/answer.py?answer=138340
• Universities that have gone Google: http://www.google.com/apps/intl/en/edu/customers.html
• Google Apps for Government: http://www.google.com/apps/intl/en/government/
• Google Apps for Business: http://www.google.com/apps/intl/en/business/index.html

Updated Nov. 28, 2011 with small changes to items 6 and 8 to address concerns expressed by faculty regarding single sign on and custody and control.

Brian Lesser
Director, Computing and Communications Services

Dimitrios Androutsos
Chair, Advisory Committee on Academic Computing
Associate Professor, Electrical and Computer Engineering

This FAQ is a work in progress and is based on questions and comments we have received. If you have a question or comment you would like answered please leave a comment on this page. Please note, comments on this blog are moderated to avoid spam. If you post a comment it may not appear immediately. It takes some time for us to receive a notification of a new comment and to read and release it.

Q1: What exactly are you proposing? Will there be an opt out option?

A: The draft proposal is available on this blog at:

http://email.blog.ryerson.ca/2011/11/09/draft-proposal-to-adopt-google-apps-for-education/

Q2: Why would Ryerson pay Google when we could pay a Canadian company?

A: The suite of services in Google Apps for Education is free to Ryerson for use by our faculty, staff, and students. Canadian hosting companies are capable of hosting similar services using Microsoft’s software but would charge Ryerson millions per year to host accounts for everyone at Ryerson. Google’s Gmail offers 25 GB of storage. If it becomes necessary, Ryerson has the option to purchase additional storage and Email archiving services from Google.

Q3: I don’t trust Google. Why do you believe they will protect my privacy?

A: If we go forward with Google it will only be if we can agree with Google on a contract that binds Google to protect the privacy of the Ryerson community. However we don’t just have to take Google’s written agreement that they protect privacy. Google also submits to third party SAS 70 type 2 audits and must provide Ryerson with the results. Google also has a 20 year agreement with the Federal Trade Commission (FTC) in the United States to have its privacy practices audited. Due to its size, previous privacy mistakes (StreetView Wifi recording and default settings in Google Buzz), and lobbying by its competitors, Google is heavily scrutinized. In order to attract and retain corporations and governments to the commercial version of their services, Google must protect their customer’s data. Google’s Apps for Business is used by over 4 million businesses. Those businesses expect Google to protect their data. It is in Google’s interest to maintain very high security standards and protect the privacy of users in their Google Apps for Education, Google Apps for Business, and Google Apps for Government offerings. Google’s agreement with the FTC is available online: http://www.ftc.gov/os/caselist/1023136/110330googlebuzzagreeorder.pdf

Q4: Can Google guarantee members of the Ryerson community their privacy?

A: No one can completely guarantee privacy within an online system. Some reasons for this are:

• Law enforcement agencies with a warrant or production order can access private data.
• No system has perfect security. Users can be tricked into giving away their passwords, malware may infect a user’s computer and provide access to local and remote systems, previously unknown vulnerabilities may be discovered that allow acces to confidential data before a system can be patched, or physical security may be compromised – for example when hard drives are stolen.
• You may send Email to someone in confidence who forwards it to someone else without your permission.  Email traffic between Email servers may not be encrypted.

The Request for Proposal (RFP) that Ryerson issued included questions related to security and privacy. Based on the responses we believe the Google Apps for Education service can be configured so that personal information is well protected by default. People who use the system may then decide when and how to share information.

Q5: Why host outside Canada? Won’t that expose my Email and documents to American law enforcement agencies?

A: We share your concern about making sure that robust privacy and security controls are in place. The very short answer is that Canada’s Anti-Terrorism Act and Mutual Legal Assistance treaty with the United States already represents an exposure of your Ryerson Email to US law enforcement agencies. Three more detailed points here:

First: Moving to the cloud does not take us from a privacy-friendly situtation to a privacy-risky situation.  There are very real privacy and security risks currently associated with maintaining the status quo.  Keeping things the way they are does not prevent access to your data from foreign or domestic law enforcement authorities. Even if privacy and security were the only considerations, which they are not (we are also looking at functionality, storage, cost), we would be recommending some sort of change as the status quo is not where we want to be.  Then, add in to the mix the shifting and evolving legal landscape concerning privacy, lawful access to data, and warrantless searches of data.  Shortly after the terrorist attacks in the United States in 2001, both the U.S. and Canada enacted legislation which expanded law enforcement authorities’ abilities to access data within their own jurisdictions and beyond. Treaties between the United States and Canada make it possible for American law enforcement agencies to access your Email and documents stored at Ryerson. For example, if you are “a person of interest” in an FBI terrorism investigation, the FBI can contact the RCMP (or CSIS) to request information about you. The RCMP can apply to a secret Canadian court, created under Canada’s Anti-Terrorism Act, to get access to your Email and documents. American authorities can get information in Canada without a warrant. Given the similarities between laws in the United States and Canada and the large amount of information routinely shared between U.S. and Canadian agencies, there may be no effective impact on safeguarding your data related to lawful access, between hosting in the U.S. and Canada.  Regardless of what E-mail system you use, there is some risk of access under these legal schemes.  Legal experts and privacy experts are of the view that the amount of risk is very low for the majority of individuals and that the greater privacy risk comes from how users themselves use Email and social media tools to create, share and retain data.  For more information please see:

• David Fraser’s presentation here: https://ryecast.ryerson.ca/25/watch/1050.aspx (Use the slider to go to the 01:43:00 mark.) His slides are here: http://blog.privacylawyer.ca/2011/02/ryerson-university-looks-to-cloud.html Information about David Fraser is here: http://www.privacylawyer.ca/contact.html
• Commissioner Cavoukian Says the Patriot Act Is “Nothing” by Dan Michaluk, Hicks Morley: http://www.slaw.ca/2011/02/26/commissioner-cavoukian-says-the-patriot-act-is-nothing/
• Office of the Information and Privacy Commissioner of Ontario: http://www.ipc.on.ca/english/Home-Page/
• Assistant Privacy Commissioner of Canada on the U.S.A. Patriot Act: http://www.michaelgeist.ca/content/view/3308/125/
• Recent Canadian court cases on government surveillence of your data:  Kirk Makin, “How far should we let the law follow digital footprings?”, Globe and Mail, Nov. 18, 2011, http://bit.ly/tEpmnN
• U.S. rethinking warrantless searches? Julia Angwin, “Judge Declares Law Governing Warrantless Cellphone Tracking Unconstitutional”, Wall Street Journal, Nov. 16, 2011, http://on.wsj.com/rYWDKV

Second: before posting any data anywhere, think about the consequences; namely, have you considered what would happen should the information in or attached to the Email be shared beyond the intended recipients. Email is a necessary and convenient communication tool but it is not necessarily the best choice for all communications, particularly those containing sensitive and confidential information. You cannot control what a recipient does with the information you have sent to them (how long they keep it, or with whom they share it).  A significant number of privacy incidents are user-derived, meaning that they are the result of Emails sent to the wrong addressee or containing information to which others should not have seen. The most significant source of privacy incidents derives from unsecure devices where personal information is stored, specifically laptops, memory sticks and cell phones.  Ryerson policies indicate that users storing personal information on these devices are responsible for their security (http://www.ryerson.ca/about/vpadministration/assets/pdf/InformationProtectionandAccessPolicy.pdf). Ryerson has developed a variety of solutions to support these requirements (http://www.ryerson.ca/ccs/itsecurity/confidentialdata/index.html).  If these solutions don’t meet your educational, teaching, research or administrative needs, please let us know.  We are committed to working with you to finding solutions.

Third:  Assessing privacy risks for this project is an ongoing activity.  Ryerson is performing a privacy risk assessment of the proposal to outsource Email, calendaring and collaboration tools to a cloud provider.  If the current proposal goes to the executive and is approved, we will work toward implementation of a system using the internationally-recognized standard of Privacy by Design (http://privacybydesign.ca/).  We have partnered with the Office of the Information and Privacy Commissioner of Ontario to help us meet this standard.  This means building in user control over how their personal information is shared, their online profile, and enabling users to assess individual risks, of which Ryerson may not be aware, and make informed decisions about the appropriate places to store data and how to communicate.  It means considering the privacy risks for the entire lifecycle of the data, from creation to destruction.   It means looking at ways to build privacy into the cloud configuration and user settings that Ryerson is considering.  Ryerson expects to provide you with information about options available to you.  We expect to be transparent about these risks and want to engage with you in a conversation.   The process does not end with announcing that we are proposing to outsource services to Google.  In fact, a key part of the privacy risk assessment can happen only after contract negotiations commence, should Ryerson decide to pursue this.

Q6: Why is Google offering all this for free with no Ads and no Data Mining? It costs real money for them to host such features.

A: Google wants our students to use their services in the hope that they will continue using them when they leave Ryerson. If students use the consumer service after they leave, Google will make money on ads. If their employer decides to subscribe to Google’s corporate services, Google will profit from the fees it collects from them. Over 4 million businesses use Google Apps for Business. Google is engaged in a world-wide competition with Microsoft for these sorts of cloud-based consumer, corporate, and government services. They have a long term interest in attracting as many people as possible to their platform. However, according to Google:

“Google was founded by a research project at Stanford University, and this is just one way we can give back to the educational community”

Google’s costs are also lower than companies and Universities that run smaller scale machine rooms and data centres. Google provides an overview regarding the efficiency of their data centres here: http://www.google.com/about/datacenters/inside/efficiency/

Q7: Faculty members have raised concerns with Tri-Council regulations and Google data storage as well as other research partners and funders and data storage and data location – how will these be addressed?

A: We are not aware of a Tri-Council regulation that prohibits hosting research data in the United States. However, Article 5.3 in the Tri-Council Policy Statement on Ethical Conduct for Research Involving Humans includes this statement:

“Research data sent over the Internet may require encryption or use of special denominalization software to prevent interception by unauthorized individuals, or other risks to data security. In general, identifiable data obtained through research that is kept on a computer and connected to the Internet should be encrypted.”

Sensitive and confidential research data should never be sent in plain text Emails. Regardless of the Email system being used (Rmail or Gmail) confidential research data should be strongly encrypted if it must be sent via Email. Similarly, confidential research data should be stored in a strongly encrypted format on Internet accessible file servers at Ryerson or if they are stored on Google’s servers. If a research partner or funder prohibits storing data in the United States, Belgium, or Finland, then Google’s services must not be used – just as they are not used today. This does not mean Google docs and other services cannot be used by researchers. We believe Gmail and Google docs are an excellent way to discuss research and write and review research papers that do not include confidential research data. Google makes available a list of its data centres used for its Google Apps services:

http://www.google.com/about/datacenters/locations/index.html

Q8: The Committee cannot hand over custody and control to either Ryerson administration or to Google. RFA members have the right to custody and control of all their emails, correspondence, etc. The RFA asserts that right and it cannot be violated by any contract with Google or any other company.

A: Please see item number 8 under the section Security, Privacy, and the Protection of Confidential Records in the Draft Proposal:

http://email.blog.ryerson.ca/2011/11/09/draft-proposal-to-adopt-google-apps-for-education/

It was designed to address concerns that outsourcing would somehow change the control or custody of records at Ryerson. Our goal is to change the default Google contract language from saying data is owned by the University to saying that data is owned by the University and/or its users. We believe this language and the other parts of item 8 removes any implication that the University is the sole owner of all data and means a contract with Google will have no impact on how the custody and control of records are managed at Ryerson. We do not believe a contract with Google is an appropriate place to further refine issues related to custody and control. Our interest is only to make sure a contract with Google will have no impact on issues related to custody and control at Ryerson. Useful background information on this issue is available here:

• Memo from James Turk, Executive Director, Canadian Association of University Teachers on Custody and Control of Academic Staff Records: http://www.caut.ca/uploads/Memo_0941_CCASR.pdf
• Access and Production Requirements and Records Possed by Faculty Members, Dan Michaluk, Hicks Morley: http://www.hicksmorley.com/images/pdf/2009/Records_possessed_by_faculty___06092009.pdf
• FINAL ORDER PO-3009-F: The university is ordered to request that APUO members produce responsive
  records in the university’s custody or control to it and to issue an access decision to the
  appellant.

Q9: We should resist any attempts to hand over the emails of our members to third parties without the consent of the member and the RFA

A: Please see items one and two in the section titled: Security, Privacy, and the Protection of Confidential Records:

http://email.blog.ryerson.ca/2011/11/09/draft-proposal-to-adopt-google-apps-for-education/

We believe Ryerson’s students and faculty are capable of making an informed choice regarding using Gmail or opting to use Rmail instead. Consequently, we are proposing giving fair notice and allowing faculty and students to opt to use Rmail instead of Gmail if they want to.

Q10: Who is preparing this proposal?

A: The proposal is being made by ACAC and CCS.  ACAC is the Advisory Committee on Academic Computing created by the Provost, that provides a link between CCS and faculty on matters that deal with technology and academia. It strives to establish the appropriate and effective use of educational technology by faculty, student and staff members in the pursuit of excellence in education and research.  ACAC has existed and been active at Ryerson since 1983.

More formally, ACAC acts as an independent advisory committee to the Provost & Vice Provost, Academic, and to the Vice President, Administration & Finance on issues pertaining to computing and technology and how they affect faculty, and vice versa.  Membership of ACAC is comprised of representatives from across all faculties (elected by their deans), and as such members report on ACAC issues directly to their respective deans.

The committee deals with and is responsible for analyzing, investigating and recommending policies and guidelines on issues such as:

• acceptable use of technology
• network and computing security
• information and privacy security
• wiring and wireless policies
• web policy

In addition the committee deals with high-level issues and initiatives, such as:

• promoting effective communication between faculty members and CCS so that issues of concern may be dealt with effectively and efficiently
• identifying, evaluating and recommending both short-term and long-term technological requirements

The current members of ACAC are:

Please see our blog post introducing the consultation process and the Symposium we hosted jointly with Ryerson’s Privacy and Cyber Crime Institute on The Future of Email, Privacy, and Cloud Computing at Ryerson:

http://email.blog.ryerson.ca/2011/01/17/introduction/

Introduction

This draft proposal has been written to provide the Ryerson community with an opportunity to review and provide feedback to the E-mail and Collaboration Committee before the committee makes a final proposal to Ryerson’s executive. We hope you can join us for one of the two town halls we have scheduled where we will present the information provided here and invite your comments. Please also feel free to comment and discuss this proposal in the comments section of this blog. The town halls are scheduled for:

• Monday November 14 at 11:00 AM in LIB 72
• Friday November 25 at 9 AM in LIB 72

Community Consultation

The E-mail and Collaboration Committee has consulted with the Ryerson community regarding the options for providing all Ryerson students, faculty, and staff with a new University-wide E-mail, Calendar, and Collaboration Platform. Our consultations have included:

• information provided on this blog that includes comments from the Ryerson Community;
• a symposium Exploring the future of E-mail, Privacy, and Cloud Computing at Ryerson;
• a requirements survey available to anyone at Ryerson;
• a Request for Proposal(RFP) that reflected Ryerson’s requirements and included sections on accessibility, security, privacy, ownership of data, mail opt out options, legal jurisdictions, and the Patriot Act.
• town halls to discuss this proposal;

The committee has also worked with Ryerson’s Privacy Coordinator and consulted with staff from the Office of the Information and Privacy Commissioner of Ontario regarding developing a Privacy Impact Assessment based on Privacy by Design Principles.

Adoption of Google Apps for Education

Google Apps for Education is a full-featured Web and mobile enabled collaboration platform that includes Gmail, Google calendar, Google Docs (including documents, spreadsheets, presentations, forms, drawings, and tables), Google Sites, Google Groups, and Google Talk (instant messaging, audio chats, and video conferences). Other features include Google Reader, Google+, Blogger, Picasa, Google Video for Business, Google Groups for Business, 25GB email storage per person, BlackBerry and Microsoft Outlook access, and integration with MS Office via SharePoint services. Google makes it possible to integrate their services with Learning Management Systems and Student Administration Systems for example Blackboard and RAMSS. Google also makes it possible to add custom widgets to their services and to build custom online services using Google’s App Engine. Google Apps for Education is not the same as Google’s consumer services. No advertising is shown to students, faculty, and staff and there is no data mining. (Alumni do see ads.) Google offers a level of physical and online security unavailable within Ryerson’s current IT infrastructure. Their services are more robust than any service at Ryerson and routinely provide well over 99.9% availability. All these services are available to Ryerson without cost. (Google also offers additional storage and other service enhancements for a fee.) The committee believes Google offers one of the best online services available anywhere in the world and, unlike any comparable service, makes all of it available for faculty, staff, and students for free. Consequently we recommend:

1. Ryerson complete an in depth privacy impact assessment, financial risk assessment, integration and security assessment of adopting Google Apps for Education;
2. Provided a satisfactory outcome to these steps, Ryerson should negotiate an acceptable agreement with Google and a systems integrator for professional services to help planning and implementing the adoption of Google Apps for Education;
3. Provided a satisfactory contract is negotiated, Ryerson will adopt Google Apps for Education as Ryerson’s University-wide E-mail, Calendar, and collaboration platform;
4. After the transition to Google Apps for Education is complete, the GroupWise E-mail and Calendaring system will be decommissioned;
5. We also anticipate that Faculties and Departments that run their own E-mail and/or calendaring systems will also migrate to Google Apps for Education and that they be encouraged to do so in order to provide a universal calendaring and collaboration platform for everyone at Ryerson;

Security, Privacy, and the Protection of Confidential Records

The superior security, ability to control default privacy settings, the expected language in a contract with Google, and ability to integrate with Ryerson’s identity management, authentication, and directory services means that adopting Google Apps for Education will improve Ryerson’s ability to protect the privacy of its users and the confidentiality of records hosted by Google. However, Google is based in the United States and so falls under U.S. laws including anti-terrorism legislation such as the Patriot Act. Naturally this leads to concern that U.S. law enforcement agencies might have access to information that they would not have access to if Ryerson’s data is hosted by Ryerson or another Canadian organization based entirely in Canada. However, Canada has similar anti-terrorism legislation that provides for access to information without a court order and without notification. U.S. and Canadian law enforcement officials have both formal and informal information sharing agreements in place and routinely share large amounts of information. Also mutual legal assistance treaties allow Canadian authorities to get warrants for US authorities, and vice versa. ( http://blog.privacylawyer.ca/2011/10/cloudlaw-law-and-policy-in-cloud.html ) In other words, U.S. law enforcement agencies are capable of accessing information in Canada without a court-issued warrant and without notifying the person to whom the data belongs. It is therefore difficult to judge if there is a significant increase in risk to using Google Apps for Education. However, even if the increase in risk is extremely small for most people, the consequences of access to private information may be significant. Consequently, we recommend that Ryerson provide an opt-out option for faculty and students who judge they have an increased risk if their E-mail is hosted by Google. Because the incremental risk of using a U.S.-based provider is so small, we expect the vast majority of students, faculty, and staff will prefer to use GMail. However, we recommend:

1. Before providing access to Google Apps for Education, users and departments will be informed by Ryerson that data, including emails, stored with Google will reside in foreign jurisdictions and will be subject to the laws of those jurisdictions including the Patriot Act. They can then make an informed decision about what kind of information they will transmit through GMail or store in any of the Google Apps for Education services.
2. Faculty and students may elect to use RMail instead of GMail. (Staff should discuss any concerns with their managers as operational concerns may make opting out unfeasible.) However they must choose between Email systems. They cannot use both.
3. All faculty, staff, and students will be provided with a Google calendar which may contain automatically updated schedule information from RAMSS and information regarding significant dates, events, and deadlines.
4. By default, all faculty, staff, and students have available to them all the features of Google Apps for Education except E-mail for users who opt to use RMail.
5. Authentication will be done by Ryerson with no need to provide your login credentials to Google when only the web interface is in use.
6. Logging in through my.ryerson.ca and accessing resources available through Google will not send your Ryerson password to Google. Some services may require you provide Google with a password. For example to use an E-mail client that supports IMAP and connects directly to Google’s service. Where possible Ryerson and Google will work together to avoid this scenario or provide options such as using a second password only for Google. Otherwise Ryerson will notify the community where passwords will pass through Google’s service.
7. There will be no advertising or data mining for faculty, staff, and student accounts. Google may display ads in Alumni accounts.
8. Google will not own any data. All data is the property of Ryerson and/or its end users and the contract with Google will have no impact on the intellectual property rights, custody, or control of faculty, staff, and student data.
9. Google will make available to Ryerson SAS 70 Type 2 internal controls compliance reports. These reports are conducted by a third party and include information on Google’s controls and processes related to physical security, privacy, logical security, change management, organization and management.
10. All client/service Web traffic will be encrypted in transit by default as will all University/Google traffic.
11. The RMail system is not expected to provide the capacity or quality of service of GMail. After two years Ryerson will re-examine the use of RMail as an opt out option – especially to explore if there are better ways to mitigate any risks of using a provider in a foreign jurisdiction and to review the quality of service offered by RMail.

Summary

Ryerson’s E-mail and Calendaring systems have not remained competitive with online services provided by companies like Google. For example, Ryerson’s systems do not provide Gmail’s features, storage capacity, or availability. Ryerson does not currently offer University-wide calendaring, instant messaging, video chat services, real-time collaborative document editing and review, and other services required to provide a rich online working and collaboration environment.

Adopting Google Apps for Education will provide the Ryerson community with a rich collaboration platform that will work consistently across the entire University. Just as Ryerson’s Master Plan is a bold undertaking designed to revitalize the campus and act as a catalyst for change and renewal, we believe adopting Google Apps for Education will act as a catalyst by dramatically improving the online environment at Ryerson.

References

• November 25th Town Hall video: https://ryecast.ryerson.ca/25/watch/1565.aspx
• Heather Driscoll’s November 25 slides: TOWNHALL_privacy.pdf
• Brian Lesser’s November 25 slides: Is Ryerson Ready to Go Google?
• November 14 Town Hall: https://ryecast.ryerson.ca/46/watch/1550.aspx
• Google Apps for Education: http://www.google.com/apps/intl/en/edu/
• Security and Privacy: http://www.google.com/apps/intl/en/edu/privacy.html
• Google Accessibility Statements: http://www.google.com/accessibility/policy/
• Is Ryerson Ready to Go Google?
• Presentation slides and videos from the Symposium: Exploring the Future of E-mail, Privacy, and Cloud Computing at Ryerson.
• Detailed information on SAS 70 Type 2: http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-00324.pdf
• Google’s description of SAS 70 Type 2: http://www.google.com/support/a/bin/answer.py?answer=138340
• Universities that have gone Google: http://www.google.com/apps/intl/en/edu/customers.html
• Google Apps for Government: http://www.google.com/apps/intl/en/government/
• Google Apps for Business: http://www.google.com/apps/intl/en/business/index.html

Updated Nov. 28, 2011 with small changes to items 6 and 8 to address concerns expressed by faculty regarding single sign on and custody and control.

Last March we asked the Ryerson community what you want from Ryerson’s E-mail and collaboration systems. We conducted a survey and many of you also took the time to comment on this blog. Here are just a few of the survey comments we received:

• “Search functionality across all folders, unlike RMail, where you have to search one folder at a time.”
• “Threaded E-Mail to group replies together”
• “large attachment size and storage”
• “I need a system that makes it easy to send things to groups – teacher groups, student groups, research teams.”
• “I want my name and e-mail address protected so that only people with Ryerson accounts would be able to access the information.  It should not be readily available to the general public.”
• “Good junk filters.”
• “Almost anything would be better than Groupwise ;-)”
• “If calendaring would allow me to post potential meeting times with students that they could sign up for, that would be great.”
• “SWITCH TO GMAIL! Google Docs is awesome! The calendar is awesome! Google Labs is awesome!
• “Micro$oft Please!!!    Gmail sucks especially in China!”
• “The existing system meets my needs; there is no need to change it.”
• “it would be nice to have iPhone sync features.”
• “It is critical that I can control who can see specifics in my schedule versus that I’m simply ‘busy’, but without seeing any details.”
• “I’ve used external Wikis to do group collaboration.  It would be great if it could be done internally, instead.”
• “google docs is what I would like to see in house at Ryerson.”
• “Online voice and video conference would be useful, especially for graduate students.”

There were hundreds of other comments. We reviewed them all and incorporated your feature requests into a Request for Proposal (RFP) for a New Collaboration Platform for Ryerson. We also added significant sections on accessibility, security, privacy, ownership of data, mail opt out options, legal jurisdictions, and the Patriot Act. The RFP was posted on August 22, 2011 and closed on October 3rd. The proposals Ryerson received were evaluated by a committee that included representatives from Computing and Communications Services, a representative from faculty, and a student representative.

The committee reached a consensus to accept two proposals based on Google Apps for Education. The only difference between the proposals is which third party system integrator may help Ryerson setup, customize, and migrate mail and calendar events to Google Apps for Education.

Google Apps for Education is not the same as Google’s consumer service. The Apps for Education service  allows you to keep your @ryerson.ca address, does not data mine your Email or show you ads. Gmail provides 25 GB of storage space and Apps for education includes a University-wide calendar system, Google Docs, Google Sites, Google Talk, etc.

Does this mean Ryerson will replace its Email and calendaring systems with Google Apps for Education? The RFP was part of a larger consultation process. For background information please see:

http://email.blog.ryerson.ca/2011/01/17/introduction/

The proposals that were accepted will help form part of a recommendation that will go to Ryerson’s executive for approval.

However, before we make a recommendation to the executive, we’d like to put a draft recommendation before you to see what you think. We will be holding two Town Halls where we will present our recommendations:

• Monday November 14 at 11:00 AM in L72
• Friday November 25 at 9 AM in L72

We hope you can join us. We plan to record at least one of the sessions and encourage you to participate by posting questions and comments here on this blog.
We also plan to post a draft recommendation for you to review on this site soon.

Ryerson is evaluating its E-mail, calendaring, and collaboration systems. We are seriously considering using a system like Google’s Apps for Education or Microsoft’s Office 365 for Education. We are also considering other options such as Ryerson hosting its own systems or contracting with a Canadian provider.

Update 2011/11/22: Please note the survey is closed. You may be interested in other blog posts including:

• Draft Proposal to Adopt Google Apps for Education
• Is Ryerson Ready to Go Google?
• Symposium Presentations and Other Resouces
• Email and Collaboration Tools Consultation

We want to hear what you think. What features are important to have in Ryerson’s E-mail system?  Should Ryerson offer instant messaging, Web-based audio chat and video conferencing, document sharing, and collaborative authoring of documents, spreadsheets, and presentations? How important are those features?

Please take the time to fill out an online survey. The survey requires that you log in using your my.ryerson.ca user name and password so that everyone can only fill out the survey once and so we can group responses by faculty, staff, and students. Although you must log in, your Ryerson ID will be removed from the survey database after the survey closes so that your response will be anonymous.

Please complete the survey.

Find out more about this project by reading other posts at http://email.blog.ryerson.ca.

As they become available we will post presentation slides and other resources from the Symposium: Exploring the Future of E-mail, Privacy, and Cloud Computing at Ryerson here:

Video

Complete video of both the morning and afternoon sessions are available:

https://ryecast.ryerson.ca/25/Page/Published/183.aspx

Presentation Slides

Why are we doing this? – Brian Lesser, Acting Director, Computing and Communications Services, Ryerson University

Keynote: Will we have Privacy in the Cloud? … Only if we embed it, by Design: Implications for the Future of Privacy – Dr. Ann Cavoukian,  Information and Privacy Commissioner, Ontario

Privacy and the Cloud for Universities and the Real World. – David Fraser, Partner, McInnes Cooper

Online Services for Education from Microsoft: Live@Edu and Office 365 for Education -Karen McGregor, Industry Solution Specialist – Education, Microsoft

Google Apps for Education:  Securing EDU Data in the Cloud -Steven Butschi, Strategic Accounts Manager, Google

Privacy and Academic Freedom in the Age of Cloud Computing – James Turk, Executive Director, Canadian Association of University Teachers

Next Steps for Ryerson – Dimitrios Androutsos, Chair, Advisory Committee on Academic Computing, Ryerson University

Other Resources

Commissioner Cavoukian Says the Patriot Act Is “Nothing” – Dan Michaluk Partner, Hicks Morley

Privacy Risk Management, Building privacy protection into a Risk Management Framework to ensure that privacy risks are managed, by default – Information and Privacy, Commissioner, Ontario, Canada

Adam Vrankulj posts some student reactions to the idea of outsourcing email and collaboration services: http://goo.gl/hYllv

[ Update: Video of the Symposium is now available at: https://ryecast.ryerson.ca/25/Page/Published/183.aspx ]

Live video of the Symposium, Exploring the Future of E-mail, Privacy, and Cloud Computing at Ryerson, will be available live at:

https://ryecast.ryerson.ca/

Look for the 9:30 AM and 1:00 PM events in the Live Event Schedule list.

The Symposium schedule and other information is available at http://email.blog.ryerson.ca/2011/01/17/introduction/

Online registration is now no longer available for the Symposium: Exploring the Future of E-mail, Privacy, and Cloud Computing at Ryerson. The Symposium is on February 24 and runs from 9:30 AM until 4 PM in the George Vari Engineering and Computing Centre,
245 Church Street. Room ENG 103.

There is no charge for registration and a modest lunch including a variety of sandwiches and vegetable trays will be provided for those that request it. We have reserved most of the available seats for the Ryerson community but have set aside some seats for guests. Each person must register separately – we are not setup to handle group registrations.

[Update: Registration is closed.]

To register please complete the online registration form.

If you have questions about the Symposium please contact: apps@ryerson.ca

Registration will close on February 21.

More information on the Symposium is available here: http://email.blog.ryerson.ca/2011/01/17/introduction