[dd9990]

GPG and HTTPS are just band aids over a far more serious problem. They don't protect meta data. Knowing what sites you connect to and who you email and how often is more than enough to seriously undermine privacy and chill discourse. The real solution is a political one, not a technical one.

[nly]

Well... technical solutions can get you pretty far. Knowing that "there was a TCP connection that lasted 37 minutes and transferred 2 GB of data between IP1:Port1 and IP2:Port2 starting at 8PM", is different to "Steve in dorm 612 illegally downloaded Spectre last night".

[rms_returns]

> Knowing what sites you connect to and who you email and how often is more than enough to seriously undermine privacy and chill discourse.

Two band-aids are available for circumventing that too. They are called "VPN routing" and "Tor".

[Spooky23]

That is not at all germane to this issue -- we're talking about a campus mail system, so all metadata is inherently available to the system.

[eru]

They intercept people using SMTP to connect to non-campus email systems, too.

[cheezburgler]

Who you e-mail is protected by TLS

[jvoorhis]

Up to the point that your SMTP session is decrypted. It TLS is terminated by your campus's middlebox, it is in their purview.