Court Says College Can Snoop On Students' Email
from the no-privacy-violation dept
There have been plenty of cases where courts have said that it’s okay for an employer to snoop on (employer-provided) employee email accounts. And now there’s a case saying basically the same thing for colleges and universities. As long as they provided the email system, there’s apparently no violation of anti-snooping or data privacy laws. I definitely understand the reasoning here, though one might argue that the relationship between a student and a university is quite different than an employee and employer. And I could see how students might have a much higher expectation of privacy. Still, do students really use university email addresses any more, or do they have their own primary email accounts that they had before heading off to school?
Filed Under: college, email, privacy, snooping, universities
Comments on “Court Says College Can Snoop On Students' Email”
I assume that the student is charged an appropriate fee for use of said email system and therefore it is not the same as employer provided email. What’s next … ISPs are allowed to snoop on the email system they charge for?
Re: Re:
Why can’t ISPs snoop? Why can’t Google or Microsoft? (and yes I know they do with bots)
Why can’t Fedex open your mail they deliver? Why is electronic mail different?
Re: Re: Re:
HTTPS. ? SSL. ? TOR. ? PGP/GPG. ? S/MIME. ? AES. ?.?.?.
Re: Re: Re:
SPAM filters already “open” you email. Also, your email must be “opened” even to route. Yes, they are different.
Shipping with FedEx/etc is more akin to sending an encrypted email.
Re: Re: Re: Re:
Exactly. It’s going to be something resembling impossible to properly troubleshoot email routing without indecently seeing some parts of normal email. It’s very unrealistic to expect that the administrator of the system you are using never to see the contents of your email if you don’t encrypt it.
still use mine
I use my uni email addresses. They are required for school use such as communicating with instructors and sharing calendars. Also an .edu address is required for many services, such as Amazon Student.
Re: still use mine
But do you use it for private mail?
Re: Re: still use mine
I use mine for private email. It’s just easier because all school related emails go there. I have about 5 email accounts all together. I have a spam account, and a generic private email, though that one’s become cluttered with enough spam from accounts Ive signed up for that I didn’t want to bother clearing it out. It was just easier when I got my school email to just start over with that one.
Re: Re: still use mine
Just Amazon and one bank account. My entire purchase history is in there along with several bank account notifications. It wouldn’t tell any snoopers who I am having sex with, where my dope is stashed, or what I really think of my profs, but It does show that I got a really sweet deal on light bulbs in may and where I transferred my financial aide money.
Re: still use mine
Ditto.
The Arizona state schools are all gmail based, and required for official communication from the school. Heck, even the local community college here also requires it.
GBH
Re: Re: still use mine
The school I go to is also GMail based. I set it up to forward to my personal e-mail. I don’t think I have logged into the account itself in months.
I believe just about every school still provides an email address for each student. I suspect since the schools are sending important info, class schedules, etc via email now, they gain some cover against claims of not receiving it if they control the entire email infrastructure. If the kid is forwarding his campus email off to Gmail and didn’t get the notice that a test time changed, it’s not the schools problem since they did deliver the notice to his campus email address.
Is it OK for Google to snoop on Gmail users’ account, since they provide the system ?
Ah, sorry… they already do the automatic thing…
Re: Re:
I’ll up that ante:
At many universities Google is providing the apps/email system. For example, UofMinnesota runs it’s own google-powered nodes.
Can google and the Uni both snoop that? Inquiring minds want to know.
Re: Re: Re:
My college also uses gmail. Any email to my edu account also shows up in my gmail inbox. It is like two addresses for the same mailbox.
Re: Re: Re: Re:
I think it’s a great idea from a management perspective. Outsourced to someone that does email/apps very well and it’s probably very cost effective.
Re: The logical conclusion
Taken to its logical conclusion, the only way people can protect themselves from this excuse for email snooping is for every person on the planet to run their own personal mail server.
Re: Re: The logical conclusion
Nah… if we get that ‘open’, they’ll just introduce new regulations we would have to comply with that would include oversight into what gets sent. If you want to avoid snooping, you may as well drive over to the recipient’s house and have a quiet conversation inside with a white-noise generator going and cover your lips while you talk.
Or learn Navajo… did they ever break that language yet?
Re: Re: Re: The logical conclusion
It was a code based on Navajo, so even Navajo speakers who hadn’t learned the code would be of little help in cracking it.
Re: Re: The logical conclusion
Encrypt your mail.
Sheesh. People fought the ?crypto wars? so that you’d have rights. Use them.
Email Encryption using Google Gmail and FireGPG and Gpg4win
For e-mail accounts management one could use Evolution or Thunderbird. Those allow people to handle dozens(or hundreds) of email accounts easily, well once you registered all of them that is.
Encryption should be second nature for people in todays world, where judges instead of erring on the side of privacy err on the side of others that want to violate that privacy.
Being a student is not the same
Employers pay people to be there and provide email as part of the paid job.
Students are not employees and pay to be there, email is part of the paid for service and should thusly have a client /provider privilege of privacy.
Same relationship?
I don’t agree that Uni/Student is the same as Employer/Employee.
First, and obviously, I paid the Uni to go there… I wish it had been the other way.
Second, would the Uni be responsible for my actions? I know that Employers bear some responsibility for the actions of employees while in the course of business. But if I use my Uni-provided account to break the law (infringing, defamation, etc.), would the Uni be held responsible? And I mean actually held responsible, not just accused and included on a lawsuit only to be dismissed later.
While the fact that the Uni is providing that email service means they may have some standing of “well, it’s our service, we’re just letting you use it” to justify snooping, I don’t think it’s the same area as the Employer/Employee fight.
Re: Same relationship?
I just re-read the post again and realized that it was NOT,in fact, trying to make a case of a similar relationship between Uni/Student and Employer/Employee.
-1 for reading-comprehension fail today. 😐
the community college I go to (yes, community college) *requires* use of a student email system (based on outlook online, I think. Doesn’t work with Chrome on Linux, is all I know). Frankly, I have gmail hooked into it to pull messages and to send as that email address because the school requires all school related communication must be from your college supplied email address.
I do not, under an circumstances have that email account send anything even barely personal. It is for school and only for school.
colleges and email
I worked for my college’s info systems tech desk…the school had the students pay a technology fee, which covered their use of the entire network, as well as basic troubleshooting. part of that technology fee was the email system. Students were not mandated to pay the fee, but without it, they would miss out on the vast majority of teacher-sent emails and college sponsored emails.
most colleges that I know of will not send emails out to a private address unless required to do so by law or some other special circumstance.
I would not be shocked in the long run to find that the owner of a domain can pretty much check whatever goes through their property. This isn’t the US mail, there isn’t any expectation of privacy. You give it to someone to give it to someone else.
alumni use college email too
I know lots of folks who use–encouraged by the alumni office–their uni email addresses as alumns. That truly expands the universe for university email snooping. And honestly, how do they have the time?
Universities (I was a university administrator) provide students with email addresses (at no direct charge, usually) so they can communicate with the student body. The Registrar, Department Heads and Deans published schedules and announcements that way.
Students, however, do harass each other and send inappropriate messages to each other, so the university receives complaints about these and resolves them by “spying”. What they do on private external accounts is their business. What they do on the university system can put at risk the reputation of the university.
Re: Re:
See… this is where I have a problem with the whole thing. First, let me say I understand the need for a good reputation for universities (DUKE SUCKS!). A lot of their ability to attract attendance (and thus money) comes from that reputation. I get that.
With that said… who the hell cares about what students say to each other? It’s email. This is a few students talking to each other in a way that’s not polite in society’s view. And?
You know what would garner more respect from me? A university that looks at a harassing string of email calling a student a Jew (derisively) and tells that student “stop opening the emails” and moves on to more important things, like the quality of education and rising costs of tuition and/or the Great Book Racket.
And if there are a bunch of emails flying around ‘hurting people’s feelings’… did I miss the part where college students weren?t freakin adults? Do they need hand-holding and a widdle hug to tell them everything is going to be ok every time someone makes fun of them? Seriously? So instead of preparing young adults for the world that awaits, it?s now part of the university?s job to further shelter them so that nothing ever hurts them?
If universities start taking that job of life-preparation seriously again, maybe people outside the university-sphere (like me) will care about university reputation.
Sorry? rant over.
As long as they provided the email system, there’s apparently no violation of anti-snooping or data privacy laws.
The fact that the school provided the system was only relevant to the SCA claim. The privacy claims were dismissed for other reasons. Perhaps you should actually read the case and understand the law before blogging about it. I know, I know. That’s not going to happen.
I definitely understand the reasoning here, though one might argue that the relationship between a student and a university is quite different than an employee and employer. And I could see how students might have a much higher expectation of privacy.
How is “expectation of privacy” relevant here?
Schools / Universities are not all the same.
There are at least four classes of such.
1. There are public (US concept of public) schools where the student pays to attend. The e-mail system at these schools is owned by government just as the school is.
2. There are private (US concept of private) schools where the student pays to attend. The e-mail system at these schools is not owned by government or the students.
3. There are public schools where the student is paid to attend (West Point being one such). The e-mail system at these schools is owned by government just as the school is and the students are government employees.
4 There are private schools where the student is paid to attend. This is especially true of company owned and managed training schools. The e-mail system at these schools is not owned by government or the students.
It is ludicrous to think that the law in each of the above situations is the same or that the students have the same rights and privileges.
Re: Re:
Ludicrous is dividing privacy into sections until nobody can know what it means.
Most students now use their own email accounts mainly hotmail and only use he uni account for uni business talking to tutors etc. figures taken by talking to students at our uni 2 years ago.
My take on things
Based on the link provided, the student in question was displaying threatening behavior through the email.
This seems less like a University being able to snoop in their student as much as an email provider being able in investigate threats against its own employees.
Normally, when an employee is threatened, the company in question would find all technical data involving the threat, then see about getting a court order from the email provider from which the email originated.
In this case, the company had full access to all relevant data and was able to skip over forcing another company, via court order, to hand over data.
There wasn’t a whole lot of data provided and it really depends on the level of threat.
Required
I had to have, and use the university supplied e-mail for a number of their services, but what it did allow me to do is set a rule to auto-forward all incoming e-mails to a pre-determined alternate that I controlled. If I received something important I would get it, and I would reply from my alternate e-mail. From that reply all of my teachers or other students would then e-mail me directly. All told I only logged in using that e-mail address maybe 4 times unless you count the grading system or online class portal.
Fools!...
Looking for privacy online? Talk about a fool on a fool’s errand! – ITWARZ
That sound...
… You just heard, is the moving of half the student body’s emails to more private accounts. Leave a message after the —
Nobody Uses University Provided Email
Nobody uses their university’s provided email system anymore. The only reason they get used is when they have to verify they are a student with a .edu email address (Amazon’s one free year of Prime for students). All the universities that I’m familiar with, including the one I attend, have email forwarding set up. All my .edu emails get forwarded to my GMail account. While I can see why this would cause an issues, I don’t think it’s as big as it would have been 10 years ago.
encryption
problem solved, snoop away.
http://www.mozilla.org/en-US/thunderbird/
http://enigmail.mozdev.org/home/index.php.html
http://www.gnupg.org/
Not universally usable but between two people it works well.
Re: encryption
Neither is internet email, anymore. Spam killed the early, hoped-for promise of universal email connectivity. Now the only ?universal? is that some spam will get through the filters?and some desired email will be lost in the spam filters.
I understand the younger kids look at email as old-folks’ tech, anyhow.
More reason to use Lavabit
They can’t check it even if they wanted to. All they can check is the headers.
Some people have to use college email systems. My community college not only gives you an email address but will only send things to that email address and will only respond to students if they send it from that email address.
I just graduated here in the UK, and while plenty of very important email was sent through the official university email service, I don’t think anyone used that trashy website for anything else.
On topic of Employee-Employer vs Student-University relationships, its something I’ve never really understood and just accepted. As a student I was paying quite large fees for education, and the university was monitoring my internet usage and claiming the rights to all of my intellectual property (like an employer). Surely we are the employers, or at least just customers, whom have rights to privacy and self enterprise?
Um...
Sorry. Last I checked, my $40,000 a year that I’m paying for tuition helps keep the school afloat, and therefore, entitles me to have a snoop-free, university e-mail account. For them to think otherwise is as ridiculous as American seniors thinking they are entitled to Social Security and Medicare. Oh… wait…