Kirtley says the transition that many universities are making to Gmail illustrates the problem: “The fact that so many universities have converted to Gmail programs with little pushback suggests to me that people don’t really grasp the ramifications of this.” When the University of Minnesota’s College of Liberal Arts, of which the journalism school is a part, made the switch to Google, she put a disclaimer at the bottom of her e-mail as her “little way of telling Google” that her messages aren’t intended for the eyes of others. The University of Minnesota’s Law School students have been switched to Google, but so far the faculty, staff and law clinics have been able to hold out, because of the sensitivity of client/attorney communications. The University of Minnesota’s Academic Health Center have also been able to interrupt the transition, since Google has yet to sign a legal agreement to protect patient information. Seife had similar feelings about NYU’s transition to Google, writing that he trusts them “far less than NYU to keep from turning over my communications to a third party without a warrant.”

Geanne Rosenberg, a professor at CUNY’s Baruch College and Graduate School of Journalism, is part of a project with the Carnegie Corporation that’s looking into best practices for educating students and faculty about reducing legal risk, particularly since journalism schools are increasingly filling a role as news providers. She said media law experts and journalism educators met in April at the Poynter Institute, and security issues were discussed, but Rosenberg says they will revisit the topic at the task force’s second meeting this February. As far as the classes she teaches, Rosenberg lectures “in general terms about the fact that all this information could be subject to interception or subpoena risk,” but doesn’t get into the nitty gritty details about specific technological ways to protect from that, though she thinks it’s something “journalism schools should consider ramping up.” Rosenberg is planning an event for this August’s Association for Education in Journalism and Mass Communication (AEJMC) conference in Chicago, and says the topic of teaching cyber-security “is a good one to raise there for an audience of journalism educators.”

Linda Steiner, president of the AEJMC, says that while she’s not aware of any “formal evidence that this is major gap in journalism programs,” if it were to become more apparent, she would take it to the organization to suggest journalism schools start teaching this “in greater detail across the curriculum.”

Adam Penenberg, a journalism professor at NYU, wrote in an e-mailed response that he “doesn’t understand why anyone expects journalism schools to teach comsec. We also don’t teach students how to line up ‘fixers’ in a war-ravaged nation or go undercover with hidden camera. Only a fraction of students will ever need those skills.”

He goes on to write that he “doubts many students would enroll in a class on communication security. I think it is a question better put to news organizations… what is The NY Times, WSJ, Time, Bloomberg, etc. doing on this front? Because they are the ones that assume the risk.”

It’s a question I tried to answer with this piece. The Los Angeles Times declined an interview request, but did say it has “ systems in place to safeguard its journalists’ communications,” but for “obvious reasons, we are not at liberty to disclose detailed information about those protections.”

The New York Times responded similarly, saying that as “a matter of policy we do not discuss these types of security issues publicly,” but the “goal is obviously to have as secure communications as possible between our journalists and their sources and the policy of not discussing details of how we accomplish that is consistent with this goal.”

Alysia Santo is a former assistant editor at CJR.