Now that Google is getting a foot in the door at British Universities, offering far superior mail-systems than Universities are able to offer, the question of data policies is becoming a real one. Universities have a tradition of care and diligence when it comes to research data, but that tradition does not necessarily extent to the way e-mail is managed and governed. Not only e-mail, but data released through Virtual Learning Environments is increasingly hosted on servers that are outside the property-domain of Universities (and colleges, schools etc.).
Squeeze on data security?
This move is understandable, external parties can offer specific advantages unatainable by the University. Each student an e-mail box with gigabytes of storage? It is only possible through using a service like Google which has petabytes of storage available all over the world.
But it does beg the question: What happens with potentially confidential data? Google will scan the Gmail account to build a profile of the account-holder so they can target their ads specifically. But what else do they do? Do they ensure a bulletproof safety from hackers?
The simple answer is no, it is impossible, therefore Universities will have to educate their students and staff to understand the risks involved with online storage. A new age of responsible information literacy is dawning and Universities better make sure that they embrace the challenge.
I am in favour of outsourcing services like e-mail and hosting of low-grade sensitivity. But when it comes to research data, grades and personal details there has to be a significant red line between internal and external hosting.
Furthermore, Universities will have to start thinking how this material (whether it is of high or low sensitivity) is protected under intellectual property laws. Are we signing off part of that responsibility? How about a Creative Commons model where the end-users decide?
Plenty of questions, few answers (yet).
