Google's policy changes and implications for institutions using the service

There are fresh concerns over Google’s privacy policy change and how it will affect HE institutions that use google services.There is some [speculation](http://bit.ly/wXKfPp) that there may be confusion at least amongst users of commercial cloud communication services, and perhaps confusion amongst the providers and consuming institutions. There has been some [discussion](http://blogs.hbr.org/cs/2012/01/what_larry_page_doesnt_underst.html?referral=00563cm_mmc=email-_-newsletter-_-daily_alert-_-alert_dateutm_source=newsletter_daily_alertutm_medium=emailutm_campaign=alert_date) about the negative aspects of the change in policy, but most have thought it either not a big deal or that consumers would accept it in exchange for the services. I [wrote](http://seanmehan.globat.com/blog/2011/07/14/commodity-it-affecting-enterprise-strategy/) about these data concerns a long time ago.

The whole move to outsource services was based on two prongs of an argument. The first was that budgets were under severe pressure and that something had to be shed. The second was that computing services were not able to compete in functional terms with the slick offerings of Google, etc. Thus, there was evidence that students preferred external channels of communication and didn’t use institutional offerings much anyway.

Now, I have supported these conclusions in the past myself. But I have always been concerned with privacy issues as well as what may well happen should the move prove cyclical and institutions find that they need to back out of these platforms and find barriers in getting all of the data out. But those concerns are different to the idea that enterprise data is being mined by the provider to sell on to third-parties, perhaps in the form of targeted ads. I always thought that the ticket in was to establish habit with a platform amongst HE students, a group that is destined for above average earnings post school. That would be a good segment to get into your platform early. And every agreement I ever saw with the likes of Google or MS stipulated that the free, enterprise ride would be over once the student left the HE, and would then metamorphose into a normal, mineable customer. That seemed a reasonable business proposition to me.

But some colleges using [Google Apps for Education](http://www.google.com/apps/intl/en/edu/), including Harvard, seemingly actively discourage their students from using those student accounts to transmit personally identifiable of confidential information! But what on earth would a student use the service for in the pursuit of institutional, educational goals, that wouldn’t fall into that set of information? This seems a non-sense to me, and yet the [Google policy](http://www.google.com/apps/intl/en/edu/privacy.html) seems to make it clear that there is no risk. Still, some people who claim that the institutional contracts supersede Google’s blanket privacy policy need to explain this behaviour to me to make me ignore these concerns. Harvard University’s home site for its Google Apps for Education service refers viewers to Google’s basic terms and conditions and further claims that the university has “no authority to enforce these standards.” At face value, it would seem that the end users at colleges are subject to Google’s recent privacy policy changes, just like everyday consumers.

In another [article](http://chronicle.com/blogs/wiredcampus/google-says-new-privacy-policy-has-little-impact-on-education-partners/35629?sid=wcutm_source=wcutm_medium=en) there is placating words from Google and university admins that all is safe, nothing has changed, there is no cause for concern, etc. Yet, it always comes back to a core set of services. But what is in the core, and even if we are safe for now, will we not fall into the same trap eventually with these non-core services and their attractiveness versus declining budgets in the institution to provide equal services, and thus have to expand the portfolio to include the additional services, thus exposing students – and staff – to the data mining shadow?

If they are using the same platform, how are they anonymising data, how is metadata being used and by whom, and how long is the data available for use? This last bit is as concerning to me as any, given the recent [twitter sale](http://rt.com/news/twitter-sells-tweet-archive-529/) of my previous tweets long after I sent them! And watch out, Darth Zuk is already in talks with the same company to sell them your FB data.

twitter
twitter

Leave a Reply

Your email address will not be published. Required fields are marked *