Defining M+Google
Cloud-based computing: Software, information or resources delivered to computers through a shared network (Internet) and accessed by users through a Web browser (e.g., Internet Explorer).
Google Core Services: Mail, Calendar, Talk, Docs, Sites and Contacts.
Google Additional Services: Includes Alerts, Blogger, Google+, Picasa, YouTube and others.
Google Dashboard > Individualized view of the personal data associated with a Google account.
M+Google: The private U-M space within Google governed by formal agreement.
• For a complete list of Google Core and Additional Services (goo.gl/RI9sr), and more information on Google Security and Privacy, see the google.umich.edu site.
Google implemented a new privacy policy March 1 that affects all users, including the faculty, staff and students on the U-M Ann Arbor campus who have had access since March 5 to more than 40 tools and services in Google Apps for Education, a cloud-based computing platform.
“The university has policies and agreements in place to help ensure that the U-M community can use these new collaborative tools confidently and securely,” says Paul Howell, U-M’s chief IT security officer.
To address these changes and to clarify the personal and data privacy agreement between the university and Google, Howell offers the following five facts:
1. The @umich space in Google is not the same as the Google commercial space.
The U-M agreement with Google creates a “private space” within Google available only to university users. The “Core Services” (goo.gl/RI9sr) — Mail, Calendar, Talk, Docs, Sites, and Contacts — of the university’s Google Apps for Education environment (M+Google) are accessible only to U-M designated users. A personal Google account — if a person has one — exists outside this space.
2. The U-M agreement applies only to the M+Google “Core Services.”
The university has rolled out a number of Google-provided services; these are divided between “Core Services” and “Additional Services.” Only the Core Services fall under the terms of the university’s agreement with Google. This is important, because there are certain privacy protections in the Core Services environment (see below) that are not found when using the Additional Services.
3. Use of the M+Google Core Services includes three specific guarantees.
First, U-M continues to own its own data and Google may only process or otherwise use @umich account data as required for the purpose of providing services and performing its obligations under the agreement. Secondly, users will not be subject to advertising. All advertising within the Core Services environment is prohibited. Finally, Google’s revised Terms of Service (www.google.com/policies/terms) and Privacy Policy (www.google.com/policies/privacy), effective March 1, do not alter the agreement between U-M and Google with respect to the Core Services.
4. Google’s new Terms of Service and Privacy Policy do apply to the Additional Services.
That means that any data or information used within the Additional Services, such as Google+, YouTube, or Picasa, are not protected by U-M’s agreement and may be subject to individualized data mining and advertising.
5. Users can limit Google’s access to personal information.
The university agreement and existing U-M IT policies ensure a high level of security and privacy within the @umich Google environment. M+Google users may further protect their information through the Google Account Dashboard (see sidebar), including clearing Google Web history and monitoring personal data. Users also may decline Google’s Additional Services that do not fall under the university’s agreement by emailing [email protected] or calling 734-764-HELP (4357).
“The M+Google environment meets the university’s standards for safe computing. But as with many online activities, people may need some guidance to safely use the collaborative tools for teaching and learning,” Howell says.
