E-mail policy aims to protect privacy

Yale students may not realize that some Information Technology Services employees can read personal e-mails sent through the University network, though these employees may only access e-mails under extreme circumstances.

In an attempt to address the broader issues of e-mail and Web security, administrators and students at Yale and other universities have adopted strict policies and developed encryption software to protect the privacy of computer network users.

Information Security Officer Morrow Long said the few ITS staffers — about half a dozen — with full access to personal e-mail are expected to follow stringent rules.

“They are highly responsible, take their duties seriously and are subject to audit of their access and actions,” Long said. “No one other than the student should be able to or should be reading his e-mail.”

Although they can monitor students’ e-mail accounts, Yale network officials do not have the tools or the technology to view or track Web sites accessed by computers on the Yale network, Long said.

“There is no current University policy or procedure providing circumstances where the University would track the Web sites a student’s personal computer visits,” he said.

Long said privacy is a top concern for ITS, and the only circumstance in which the department would grant someone access to a student’s e-mail account is in the case of a warrant or subpoena from a law-enforcement agency.

“The University would have to approve this exception to the privacy policy on student e-mail at the highest administrative levels,” he said.

Some Yale students said they were unaware of the administration’s ability to access University e-mail accounts, while others said they knew of the general risks associated with e-mail use.

Although Jon McClain ’06 said he was not aware of the administration’s broad powers, he said he is always careful when composing e-mail.

“I find it to be surprising, although at the same time I am relatively sensitive to what I write over e-mail,” McClain said.

Technology officials at Yale, Princeton and Harvard said e-mail security and privacy are top priorities of system administrators.

“I think IT professionals hold themselves to a particularly high standard to protect people’s privacy,” said Donna Tatro, the associate director of the central IT organization at Princeton.

Daniel Moriarty, senior associate provost and chief information officer at Harvard, said all IT employees at Harvard are required to sign confidentiality agreements to protect private e-mails.

“The policy around here is when in doubt, personal privacy prevails,” Moriarty said.

At Stanford, five undergraduates have developed their own e-mail security software, called “CipherMail.” The group spent three months developing the program and recently released a beta version for limited use and feedback, project leader Christopher Pedregal said.

The program boasts three primary advantages over regular e-mail providers, said Mathew Cowan, one of the program’s developers.

“CipherMail is like FedEx compared to postal mail,” said Cowan, a junior computer science major at Stanford. “We offer guaranteed delivery with the time at which the message was opened, end-to-end client encryption and … no spam.”

The new program’s encryption guarantees that nobody but the sender and the intended recipient will be able to read the messages, Cowan said.

The developers said the software is not specifically designed to eliminate administration oversight of e-mail, but the program prevents message decryption by anyone except the mailbox owner, including system administrators from Yahoo to Yale. While other e-mail security programs with encryption features are currently available, including S/MIME, Pedregal said they are inconvenient and difficult to use — problems that CipherMail attempts to solve by working in a user’s existing e-mail program.

Some university network administrators said they are skeptical of the advantage that CipherMail claims to provide. Moriarty said the encryption feature will only offer protection as long as both sender and recipient use the same security solution.

“End-to-end encryption … is only as good as the community that is included in the encryption,” he said. “It would help in some cases, but it is certainly not a panacea.”

Pedregal and Cowan said people are at the highest risk for e-mail interception when they connect to the Internet using an unsecured wireless connection, but Harvard Chief Information Officer Larry Levine said the odds of interception are very low. He said users themselves are the greatest threat to their own e-mail security.

“Nearly all violations of e-mail privacy occur socially,” Levine said. “When the recipient does not maintain the privacy of the e-mail they receive and shares it with others.”

Comments