We're trying to de-bloat.
I contrast this with big companies I work for/with. With hundreds or thousands of seats, they have the critical mass to justify an Enterprise Licenses with Microsoft that means they get what they need. Buy a hundred workstations, and blast down a clean, standard image. As an added perk, they don't have to troubleshoot too deep, just re-blast.
Assuming that Yale isn't blocking access for other mail services, I fail to see how this is any different. Use the yale.edu account for school related matters, and get your own account for private messages.
Of course, this also means that Yale's IT organization has taken into account the implications outsourcing has on the school's intellectual property, etc. As part of the RFP and selection process, these items should be taken into account to ensure the outsourcer's offering has sufficient controls. This is really no different than any large organization choosing to select Exchange, Notes, GroupWise, or outsourcing the service through any number of third party providers. *I do recognize that Google Buzz does change the thought process for GMail users. Of course, that is also a contract issue with Google-as-outsourcer (i.e. privacy and intellectual property protections should be built into the contract, and the outsourcer is obliged to ensure their offering meets the contract specifications).
If an IP is suspected of criminal activity, and it can be related to only a particular network/house, the case may not be a slam dunk. However, it may well be enough to create all sorts of joy for that network/house. It's probably enough probably cause for a warrant which will then find all computer attached to that network confiscated. If they can pin the behavior to a specific machine, then anyone who had access to that machine could be under suspicion.
If you run an open WiFi site, the net could be broadened to any computer the the radius of your signal--the neighbors will love you. Even though one can make the arguement that some random car with a laptop might have parked in front of your house, and you might carry the day in court, you'll still have a lot of hassle and legal fees.
(And that doesn't include anything that might shake out from what's on those computers (child porn, etc.), discovered as a consequence of the search. For that matter, how are charges filed for such a thing on a shared computer?)
I'm not sure the RIAA would be able to get such warrants/subpoena based solely on an IP address. While it will prevent them from simply creating suits based only on IP address, at the end of the day it's just one more hoop to jump through.
At the end of the day, that's my point: while it definitely raises the bar for legal action, I'm not sure it does much more than that in practice.
Note that I'm not a lawyer--this could be 100% bunk (or more!).
Everyone can be taught to sculpt: Michelangelo would have had to be taught how not to. So it is with the great programmers.