Terms of Agreement for Use of Google Apps by NSHE Institutions

NSHE institutions that opt to use Google Apps to provide services to their constituents are being asked to include the following language in their Terms of Agreements.

Use of this service is governed by Board of Regents policy, NAME OF YOUR INSTITUTION COMPUTER USE POLICY, Google Terms of Service, and the following:

Except where User is an employee of the Nevada System of Higher Education acting in good faith in the course and scope of public duties, User will indemnify, defend, and hold harmless Google from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys' fees) arising out of a third party claim: (i) regarding User Data or (ii) regarding Users' use of the Services in violation of the Google Terms of Service.

This language is quite complex, contains defined terms for which no definitions are given, and may be difficult to explain to any one who asks what it means. UNLV is interested in knowing more about the following so that we may be able to explain the language to our constituents?

  1. Why is the language needed?
  2. What does the language actually mean?
  3. What scenarios are possible and what ones are we protecting NSHE from with the language?

Definitions of the following defined terms might be helpful in understanding what the language means:

1. User

2. User Data

3. Services

Examples of the following in the context of the types of users we have (students, faculty, staff) would also be helpful if we are asked to explain the language:

1. Third parties that may bring claims

2. Types of claims that may be brought

3. User data that may be used in such a way as to bring forth a claim

4. A use of the Google applications that would violate the Google Terms of Service

Technical Considerations

Institutions planning to use Google Apps are being asked to collect evidence (paper or electronic log) that each user has acknowledged the agreement. The technology to accomplish this is not trivial, particularly if the plan includes using the existing login with a password known to the user.

Possible options include:

  1. Single sign on in which the institution has access to the user before the user signs in to Google
  2. Third party application that runs on the Google application platform that allows customization of the login page. The application is not yet even in beta so this may not be feasible for a spring launch.
  3. Withhold the password and force users to a special website to receive their password at which time they would agree to the terms of service.

1