Berkeley Employee Use of Email

In Spring 2023, EVCP Ben Hermalin and CIO Jenn Stringer sent this campus-wide message about automatic email forwarding by Berkeley employees. Included in the message was a caution about not automatically forwarding Berkeley emails to other email accounts that may not have the same contractual data and privacy protections in place that we have for @berkeley.edu accounts. Starting in the Fall 2023, Berkeley is disabling the ability of users without an exception to automatically forward their email to another account. On Nov. 14, 2023, all Berkeley students, faculty, and staff who are automatically forwarding their email to non-Berkeley accounts, and who don’t already have an exception, will no longer have the ability to do so. 

Find resources to help you navigate this change below, as well as information about why it is taking place. 

Important steps to take now

  • Use your UC Berkeley email for all university business -- for both sending and receiving. 

  • Turn off any automatic forwarding(link is external) you may have set up that sends your Berkeley email to a non-Berkeley account.

  • Use your UC Berkeley email for communication in all business systems, including those that do not require CalNet authentication.

  • List your UC Berkeley email in the campus directory(link is external), on your syllabus, etc.

FAQs on Navigating this Change

Is there a difference between forwarding an email and setting up automatic forwarding?

Yes, forwarding an email on a singular basis to another email address is allowed. Automatic forwarding redirects all incoming email, or, when using a filter, all incoming email of a certain type, to another email address. This will be disabled for accounts forwarding to unapproved domains on November 14, 2023.

How can I turn off automatic forwarding?

Information on how to turn off automatic forwarding can be found here:

https://berkeley.service-now.com/kb?id=kb_article_view&sysparm_article=KB0014574

What are some examples of approved and unapproved domains?

Some examples of approved domains are: @berkeley.edu, other UC campuses, and affiliated labs.

Some examples of unapproved domains are consumer email services: @gmail.com, @yahoo.com, @hotmail.com, @me.com, etc.

Can I occasionally forward individual emails outside of UC Berkeley, if they do not include sensitive student or institutional information?

Yes, UC Berkeley employees can occasionally forward individual emails to non-UC Berkeley email accounts, provided that the email does not include sensitive information, including, but not limited to, information classified at the P3 or P4 level per UC Berkeley's data classification standard

How do I request an exception?

Submit this form to request an automatic email forwarding exception.

Please note: In most cases, you will receive a response to your exception request within 2 weeks, but please allow up to 30 days for more involved requests. 

What's happening to SPA-owned Google accounts that are using automatic forwarding?

Automatic forwarding for SPAs will be reviewed on a case by case basis. SPA members will be contacted to discuss their automatic forwarding needs.

I automatically forward emails between two different Berkeley email accounts (e.g., between a Special Purpose Berkeley (SPA) email account and an individual Berkeley email account). Is this ok?

Yes, automatic forwarding between any Berkeley email accounts is allowed.

I have a dual appointment at another University of California campus or the University of California Office of the President. Can I forward emails between my Berkeley email account and another UC account?

Yes, the UC systemwide Electronic Communications Policy governs email service for all University of California institutions. Email service at these institutions meets security and privacy requirements and forwarding emails between them is generally allowed, but will require an exception. We are still developing the service request and exception request process, but you can let us know here if you would like to be contacted when more information is available.  

I have a dual appointment at a University of California-managed national lab such as Lawrence Berkeley National Lab, Lawrence Livermore National Lab, or Los Alamos National Lab. Can I forward the email between my Berkeley email account and my lab email account?

Yes, you will be able to request an exception to allow you to forward email between your Berkeley email account and a University of California-managed lab. However, please be aware that messages forwarded from your UC Berkeley email account to a national lab email account will lose the privacy protections granted by the UC Electronic Communications Policy. Further information about service changes in support of this policy will be forthcoming. We are still developing an exception request process, but you can let us know here if you would like to be contacted when more information is available.

I want to have one inbox. Can I forward all my personal email to my Berkeley email account?

We strongly advise against forwarding your personal email to your bMail account for many reasons. If a Berkeley employee receives a Public Records Act Request or a Freedom of Information Act Request, the contents of their bMail account, including personal emails forwarded to it, are subject to review. In addition, Google no longer offers UC Berkeley unlimited storage. Berkeley’s Google accounts (including bMail) are currently limited to 150 GB.

I want to forward some, or all, of my Berkeley email to my personal email while I’m on leave. Is that ok?

No, automatic forwarding of Berkeley email to a personal email account, for any duration of time, is not permitted. Employees who wish to remain apprised of important Berkeley emails while on leave may create filters to mark some emails as important. Then, rather than review all of their Berkeley email, they can log into their account and review only those that are filtered. Learn how to create filters

I am an employee leaving the university and I want to set up automatic email forwarding so that new incoming messages reach me at my personal address. Is this possible?

No, if you are an employee or affiliate you will neither be able to directly access, nor forward emails from your Berkeley email account after your grace period has ended. Follow these steps in preparation for your departure

Where can I learn more about Berkeley's email offering?

Learn more about Berkeley email and other resources offered.

FAQs on Policy

Do email policies apply to me?

All employees of UC Berkeley including faculty, staff, and student employees are required to use their @berkeley.edu email address for university business. Related policies on this topic include:

  • UC’s IS-3 Policy requires specific security controls based on the Protection Level of Institutional Information. 

  • UC Procurement Policies and UC’s IS-3 (Sec 15) both require specific contract language and security protections for third-party vendors handling institutional information. Private email service providers have not agreed to these terms. They have no contractual obligations to UC and have not been evaluated for security or privacy compliance.

UC’s Electronic Communications Policy and the campus Email Service Policy both require protecting University email from unauthorized access and unintended redistribution, which applies to forwarding email to personal accounts with inadequate contractual and security controls.

Why is using Berkeley email required?

Use of a non-Berkeley email for university business exposes the campus and its community members to risk for many reasons, including the following. 

  1. Email is a highly targeted vector for cyberattacks, requiring robust security controls to protect it adequately. Berkeley IT identifies and blocks malicious emails to Berkeley email accounts. Berkeley’s email provider also has contractual obligations with respect to the security and privacy of bMail. The campus has no control or assurances regarding the protection of email in non-Berkeley services.

  2. University employees cannot appropriately respond to legal holds and Public Records Act Requests for communications outside centrally supported services. 

  3. Because there is no contractual obligation to do so, a non-Berkeley email provider may not inform users if they are the subject of a Public Records Act Request, Freedom of Information Act Request, or other legal requests for information. The person may not know that information has been requested or provided from their account. 

  4. If a Berkeley employee receives a Public Records Act Request or a Freedom of Information Act Request, and they have been using a personal email for university business, their entire personal email account may be subject to review. 

  5. Every email containing FERPA-protected information that is sent to an email provider without a specific contractual designation (any non-berkeley.edu account) is considered a FERPA violation.

  6. Authentication logs and other forensic information critical for investigating security incidents are generally not available for email outside centrally supported services.

  7. Berkeley IT staff are unable to investigate complaints regarding abuse and/or misuse of emails originating from non-Berkeley addresses.