Connect Privacy FAQ

Privacy and security are important topics as the campus prepares the transition to Connect, the collection of Google Apps for Education, including email and calendar. Following is a list of frequently asked questions and answers to help campus users better understand how using these new services affect their data privacy.

Many of the answers from this page are adapted from Google’s own Security and Privacy FAQ, where you can find some more answers to other security and privacy related questions. If you have further questions, please contact security@ucsb.edu

1)   What data can be stored on Connect?

Both the nature of email and the public character of the University make email less private than users may anticipate. Do not use Connect to store or transmit sensitive data (as outlined in Electronic Communications Policy). Connect email is not encrypted and should not be used for sensitive comunications.

2)   Can Connect be used for personal events and communications?

Do not use your campus email for any commercial activity, including publishing your address in association with commercial activities. Unless you are appropriately authorized to do so, please don't use email to give the impression you are representing, giving opinions of, or making statements on behalf of the Campus. Other practices to avoid: sending unsolicited mass mailings without the consent of all addressees, unless authorized on behalf of the campus by an appropriate administrative official; sending chain letters, spam, or harassing email; knowingly forwarding or originating hoaxes, scams, viruses, or other types of fraudulent messages; forging messages or masking the identity of an account intentionally; engaging in practices such as "denial of service attacks" that impede the availability of electronic communications services to other users; or violations of copyright law. More details of Personal Use policy can be found in Electronic Communications Policy.

3)   How does privacy protection for Connect differ from consumer level Google services?

UCSB’s contract with Google put in place stronger protective measures around data stored and transmitted in the UCSB implementation of the Google Apps core services than found in consumer-level Google services. Data stored in core services are not scanned for the purpose of displaying ads. Data stored in core services are also not accessible by non-core services. The same access restriction to data in core services applies to third party sites where Google is serving ads. In consumer-level Google services, data is not protected from being shared between any of the services offered, such as between Google Calendar and Google Search. Using Connect/GAFE core services protects data. An example of this protection would be if you log into your Connect/GAFE account, then proceed to Google Search to look for something. Ads displaying in the Google Search results screen (a non-core service) will not be influenced by your data in Connect email (a core service). You can use non-core services from your Connect/GAFE account knowing your data is protected.

4)  How will my personal Google account(s) be affected by my Connect account?

Your Connect account is managed separately from your personal Google account(s), therefore the data and settings from these accounts will remain separate.  Only data that you manually copy between the accounts will be shared (e.g. if you send a personal email to your Connect mail account). 

If you use personal Google account(s) along with your Connect account, to avoid confusion, it is a good idea to use a different web browser for your personal Google account(s) than for your Connect account.

5)   Will Google personnel read our emails and calendars?

No, Google’s scanning and indexing procedures are 100% automated and involve no human interaction.  In order to provide some of the core features in Google Apps products, Google’s automated systems will scan and index some user content. Google scan or index user content in Google Apps in order to provide features that will either directly benefit users or help Google maintain the safety and security of their systems.

For example:

    Email is scanned so Google can perform spam filtering and virus detection.

    Priority Inbox, a Gmail feature, scans email message to identify which messages are considered important and which are considered not important.

    Note that there is no ad-related scanning or processing in Google Apps for Education or Business with ads disabled.

    Some user data, such as documents and email messages, are scanned and indexed so users can privately search for information in their own Google Apps accounts.

Connect data is not part of the general google.com index, except when you choose to publish information publicly.

6)   Does Google give third parties access to our data?

Google may only share information with third parties in conformity with Google’s Privacy Policy and Customer Agreement. Google does not share or reveal private user content such as email or personal information with third parties except as required by law (see the Google Transparency Report), on request by a user or system administrator, or to protect Google’s systems. These exceptions include requests by users that Google's support staff access their email messages in order to diagnose problems; when Google is required by law to do so; and when Google is compelled to disclose personal information because Google reasonably believes it's necessary in order to protect the rights, property or safety of Google, its users and the public.

7)   How does Google handle law enforcement requests?

Google complies with valid legal processes seeking account information, such as search warrants, court orders, or subpoenas. Google attempts to notify users before turning over their data whenever possible and legally permissible.  For more information, please see the Google Transparency Report for information regarding government requests for user data.

8)   Who owns the data that UCSB users put into Google Apps?

Google does not own UCSB users’ data. Google does not take a position on whether the data belongs to UCSB or the individual user, but it knows it doesn’t belong to Google. (For specific questions about UC’s intellectual properties and copyright policies, please refer to UCOP’s Copyright Resources.) Specifically, Google won’t share your data with others except as noted in Google’s Privacy Policy. Google will keep your data as long as UCSB requires Google to keep it. Google maintains multiple backup copies of users’ content, so that Google can recover data and restore accounts in case of errors or system failure. When you ask Google to delete messages and content, Google makes reasonable efforts to remove deleted information from our systems within a commercially reasonable amount of time.

9)   How long does Google keep UCSB’s data?

Google will keep your data as long as UCSB requires Google to keep it. Google believes that you should have control over your data. Google maintains multiple backup copies of users' content so that Google can recover data and restore accounts in case of errors or system failure. When you ask Google to delete messages and content, Google makes reasonable efforts to remove deleted information from our systems within a commercially reasonable amount of time.

10)   How does Google protect UCSB against spam, viruses and phishing attacks?

Google has one of the best spam blockers in the business, and it's integrated into Google Apps. Spam is purged every 30 days. Google has built in virus checking, and they enforce checking of documents before allowing a user to download any message. Most computer viruses are contained in executable files, so standard virus detectors scan messages for executable files that appear to be viruses. Google helps block viruses in the most direct possible way: by not allowing users to receive executable files (such as files ending in .exe) that could contain damaging executable code; even if they are sent in a compressed (.zip, .tar, .tgz, .taz, .z, .gz) format.

Google supplies Chrome™ and Firefox® users with constantly updated filters against phishing and malware.

By combining advanced algorithms with reports about misleading pages from a number of sources, Google downloads to your browser a list of information about sites that may engage in phishing or contain malicious software. Safe Browsing is often able to automatically warn you when you encounter a page that's trying to trick you into disclosing personal information.

11)   Is my data safe from other customers when it is running on the same servers?

Yes. Data is virtually protected as if it were on its own server. Unauthorized parties cannot access your data. Your competitors cannot access your data, and vice versa. In fact, all user accounts are protected via this virtual lock and key that ensures that one user cannot see another user's data. This is similar to how customer data is segmented in other shared infrastructures such as online banking applications.

Google Apps has received a satisfactory SSAE 16 and ISAE 3402 Type II audit, and ISO 27001 certification. This means that an independent auditor has examined the controls protecting the data in Google Apps (including logical security, privacy, Data Center security, etc) and provided reasonable assurance that these controls are in place and operating effectively.

12) How does Google protect its infrastructure against hackers and other threats?

Google, an established provider of web-based services has gone to great lengths to protect against threats. Google runs its data centers using custom hardware running a custom OS and file system. Each of these systems has been optimized for security and performance. The Google Security Team is working with external parties to constantly test and enhance security infrastructure to ensure it is impervious to external attackers. And because Google controls the entire stack running our systems, we are able to quickly respond to any threats or weaknesses that may emerge.

Google maintains a number of geographically distributed data centers. Google’s computing clusters are designed with resiliency and redundancy in mind, eliminating single points of failure and minimizing the impact of common equipment failures and environmental risks. Access to our data centers is restricted to authorize personnel.