Hat tip to Jim Harberson.

The Oldest College Daily recently advised the Yale community of a potential downside to the use of free University-provided email addresses.

Yale students’ email accounts are subject to search without consent or notification by the University, as outlined in a publicly available but little-publicized document.

Under the University’s Information Technology Acceptable Use Policy, the University maintains the right to access not only employee accounts, but students’ accounts as well. While 55 of 73 students interviewed were unsurprised that the University can monitor their correspondences, few were clear on the specifics under which Yale can search their accounts.

Only three students of 73 interviewed were aware of the specifics of Yale’s policy, with one adding that he learned about the University’s regulations through a class.

“I feel like the University should make clear under what circumstances they consider searching emails,” Sherry Du ’17 said. “The school should do more to publicize this.”

Most students said they were not taken aback by the policy because the email account is provided by Yale.

Graduate students who came to Yale after working in the corporate world expressed especially little surprise over the policy. Ashlee Tran SOM ’14 said employees at large corporations assume their emails are monitored.

“It doesn’t shock me at all that they can do that,” Acer Xu ’17 said. “It’s Yale email, it’s an internal server.”

According to its Acceptable Use Policy, several circumstances warrant access to students’ emails: “preserv[ing] the integrity of the IT systems,” complying with “federal, state, or local law or administrative rules,” carrying out “essential business functions of the University,” “preserv[ing] public health and safety” and producing evidence when “there are reasonable grounds to believe that a violation of law or a significant breach of University policy may have taken place.”

Administrators did not define what actions constitute a significant breach of University policy, though ITS Director of Strategic Communications Susan West described these circumstances as “specific and unusual.”

For the University to access a student account, two administrators must give their approval: University Provost Benjamin Polak as well as the dean of Yale College or the appropriate graduate or professional school, though deans are allowed to delegate this task.

However, in situations where “emergency access is necessary to preserve the integrity of facilities or to preserve public health and safety,” systems administrators may access an account without approval.

No explicit mention is made in the Undergraduate Regulations of the University’s right to access student accounts, though the Appropriate Use Policy is accessible through a link on page 128 of the 131-page document.

“Preserv[ing] the integrity of the IT systems,” complying with “federal, state, or local law or administrative rules,” carrying out “essential business functions of the University,” “preserv[ing] public health and safety” and producing evidence when “there are reasonable grounds to believe that a violation of law or a significant breach of University policy may have taken place.”

Translation: Whenever we feel like it.

We don’t know exactly what information the National Security Agency has ceased collecting , and we don’t know what legal issue persuaded which judge that collecting it was a problem. But the Washington Post tells us that there will be a hiatus for some time in the surveillance of terrorist communications. If it should happen that they are able to exploit this particular security gap, we will probably one day learn just who was responsible.

A special federal court that oversees domestic surveillance has raised concerns about the National Security Agency’s collection of certain types of electronic data, prompting the agency to suspend collecting it, U.S. officials said.

The Foreign Intelligence Surveillance Court, which grants orders to U.S. spy agencies to monitor U.S. citizens and residents in terrorism and espionage cases, recently “got a little bit more of an understanding” about the NSA’s collection of the data, said one official, who spoke on the condition of anonymity because such matters are classified.

The data under discussion are records associated with various kinds of communication, but not their content. Examples of this “metadata” include the origin, destination and path of an e-mail; the phone numbers called from a particular telephone; and the Internet address of someone making an Internet phone call. It was not clear what kind of data had provoked the court’s concern.

Some House Republicans have argued that the suspension of collection creates an intelligence gap that undermines the government’s ability to track and identify terrorist networks, according to officials familiar with the matter. Frustrated about waiting for a remedy, these Republicans say the gap can be closed with a technical fix to the Foreign Intelligence Surveillance Act, the officials said.

“This is a basic tool we used to have, and it’s now gone,” said one intelligence official familiar with the impasse. “Every day, every week that goes by, there’s just one more week of information that we’re not collecting. You sit there and say, ‘This is unbelievable that we have this gap.’ ”

The data could be used to help analysts learn whom a suspect was working and communicating with, and to “detect and anticipate” a plot, the official said. “It’s not a concern over what was being collected,” he said. “It’s just a question about whether the law was written in a way that allowed the information to be collected in a way that they were collecting it.” …

The NSA voluntarily stopped gathering the data in December or January rather than wait to be told to do so, the officials said. The agency had been collecting it with court permission for several years, officials said.