November 25, 2003

How Safe Is Your E-mail?

Print More

Between the passage of the controversial PATRIOT Act and the threat of RIAA subpoenas, students are increasingly concerned about their rights to privacy. An article on states that the University of New Hampshire monitored a private mailing list and shut down a protest with the information they culled from it, while the University of Wyoming has begun testing software that could eventually track every file that passes through its network.

Exactly how “private” a schools’ networks should — and can — be is becoming a topic debated heatedly. “The argument, ‘Don’t worry, we’re not going to invade your privacy’ is woefully inadequate,'” says Matt Gewolb ’04, founder of the Cornell Freedom Project.

“I find [the privacy abuses at UNH] really deeply disturbing — and there’s a possibility that could happen at Cornell,” Gewolb said.

Tracy Mitrano, director of information technology policy and computer law policy, disagrees.

“Students should feel very good [about their privacy on CIT systems], because of [Cornell Information Technology]’s policy and procedures [that] protect access to their e-mail on CIT systems,” Mitrano said. “[Students’] mail is not always restricted to CIT systems, however, and there is no university policy on access to e-mail.”

“The total picture is one of very carefully crafted policy and implementation procedures,” she continued.

This picture is one that is made up of a series of protocol implemented to ensure that private information remains so, barring what Mitrano refers to as “compulsory legal papers” and emergency situations.

Cornell’s Information Technology Rights and Responsibilities states, “Cornell does not monitor or censor e-mail.” Every policy change, including the recently-implemented PureMessage software package, takes this into careful considerations.

PureMessage scans incoming messages for viruses and then tries to guess at whether the e-mail is spam, or junk e-mail, by using an automatic “scorecard.”

“While the software package scans incoming messages and applies a set of heuristics to identify the likelihood that a message may be spam, no person is actually involved in that determination — thus not true monitoring is occurring,” said Rick MacDonald ’71, director of systems and operations at CIT. “No one looks at any portion of the quarantined mail,” he continued.

There are, however, strict circumstances under which the University will look at mail.

“Certainly we will comply with all compulsory legal papers received by the University and accordingly reviewed by University legal counsel,” Mitrano said. “[However,] CIT is absolutely not proactively monitoring its network looking for illegal activities.”

Aside from legal necessity, the University only reads e-mail or internet logs in emergency situations with the permission of the appropriate vice president of the student, according to Mitrano.

“We have sometimes been asked to monitor content without appropriate cause, for example by the RIAA to enforce their copyrights, or even in the case of the stray individual who calls and asks if they could check their ex-boyfriend’s mail to see if he is dating someone new … but in every case, where there is not appropriate cause such as a bona fide emergency or compulsory legal paper or permission by the vice president of students … these requests are unequivocally and unilaterally denied. We simply don’t do it,” she said.

Gewolb says this policy doesn’t go far enough in protecting student privacy. “E-mail privacy is pretty simple. It shouldn’t be read by administrators or third parties, period,” he said.

“It’s in black and white [on their policy website]: they can tell which kind of websites you’ve been visiting. What business is it of the university to monitor our internet usage, read our e-mail, and invade student privacy?” he continued.

Gewolb was referencing Cornell’s “Data Access and Retention” paper, which states that CIT keeps router transaction logs for approximately six months, which are used for “troubleshooting, capacity planning, security investigations, cost allocation,” according to the paper. E-mails sent over Cornell servers are stored for seven days, the paper continues.

Gewolb said that these logs should not be kept at all. Mitrano countered that “University business functions could not operate without back up operations, netflow logs, and other supporting documentation … It is simply not reasonable to purge all logging information.”

Despite their fundamental disagreements, both Mitrano and Gewolb hope to see changes in the University’s policy.

“Explicit policy and procedure about the handling of e-mail exists to protect mail that goes through CIT systems. But there is no university policy explicitly stating the policies and procedure about the handling of mail throughout the whole university … it is on balance better to have a policy on matters such as these not only to make the practices uniform, but to instill a sense of trust throughout the community.”

To these ends, CIT is sponsoring an “Access to Electronic Mail” policy that would extend CIT’s policies — or others drafted — across the entire university. “We hope that the rest of the University will assist us in crafting, and promulgating, this important policy.”

Gewolb says that CIT needs to seriously reconsider its current stance, however: “There needs to be a complete overhaul, with student input and mechanisms in place to ensure the university isn’t reading our private communications … I don’t care if it’s [President] Jeffrey Lehman approving some action, Cornell shouldn’t be reading my e-mail.”

Archived article by Michael Morisy