(Translated by https://www.hiragana.jp/)
Loughborough University - Acceptable I.T. Use Policy
The Wayback Machine - https://web.archive.org/web/20070506164902/http://www.lboro.ac.uk:80/computing/policies/loughborough-aup.html
Address.
Computing Services.

Policies
Skip navigation.
Open access: Registration Policy
Open access: Getting Help
 
Photo: Helpdesk.

Acceptable Use Policy

Introduction

The University seeks to promote and facilitate the proper and extensive use of Information Technology in the interests of learning and research. Whilst the tradition of academic freedom will be fully respected, this also requires responsible and legal use of the technologies and facilities made available to students and staff of the University.

This Acceptable Use Policy is intended to provide a framework for such use of Loughborough University's I.T. resources. It applies to all computing, telecommunication, and networking facilities provided by any department or section of the University. It should be interpreted such that it has the widest application, in particular references to Computing Services should, where appropriate, be taken to include departmental or other system managers responsible for the provision of a computing service.

This Acceptable Use Policy is taken to include the JANET Acceptable Use Policywww.ja.net/services/publications/policy/aup.html and the JANET Security Policywww.ja.net/services/publications/policy/security-policy.pdf published by the United Kingdom Educational and Research Network Association (UKERNA), the Combined Higher Education Software Team (CHEST) Code of Conduct www.eduserv.org.uk/chest/conduct.html, together with its associated Copyright Acknowledgement, and the Athens individual user terms and conditions www.athensams.net/upload/athens/pdf/org_terms.pdf. Members of the University and all other users of the University's facilities are bound by the provisions of these policies in addition to this Acceptable Use Policy. They are also bound by such other policies as are published via the University on the Computing Services policies web site www.lboro.ac.uk/computing/policies/. It is the responsibility of all users of Loughborough University's I.T. services to read and understand this policy.

1) Purpose of Use

University computing resources are provided primarily to facilitate a person's essential work as an employee or student or other role within the University.

Use for other purposes, such as personal electronic mail or recreational use of the World Wide Web or Usenet News, is a privilege, which can be withdrawn, not a right. Any such use must not interfere with the user's duties or studies or any other person's use of computer systems and must not, in any way, bring the University into disrepute. Priority must always be granted to those needing facilities for academic work.

University e-mail addresses and associated University e-mail systems must be used for all official University business, in order to facilitate auditability and institutional record keeping. All staff and students of the University must regularly read their University e-mail.

Commercial work for outside bodies, using centrally managed services, requires explicit permission from the Director of Computing Services; such use, whether or not authorised, may be liable to charge.

2) Authorisation

In order to use the computing facilities of Loughborough University a person must first be registered. Registration (www.lboro.ac.uk/computing/policies/registration.html) of all members of staff and registered students is carried out automatically. Others must apply to Computing Services. Registration to use University services implies, and is conditional upon, acceptance of this Acceptable Use Policy, for which a signature of acceptance may be required on joining the University. The lack of a signature does not exempt an individual from any obligation under this policy.

The registration procedure grants authorisation to use the core I.T. facilities of the University. Following registration, a username, password and e-mail address will be allocated. Authorisation for other services may be requested by application to Computing Services, Corporate Information Services, or other providers of Information Technology based services.

All individually allocated usernames, passwords and e-mail addresses are for the exclusive use of the individual to whom they are allocated, as are individually allocated certificates. The user is personally responsible and accountable for all activities carried out under their username. The password associated with a particular personal username must not be divulged to any other person, other than to designated members of I.T. staff for the purposes of system support. Other facilities are available for situations where staff need to share e-mail (www.lboro.ac.uk/computing/policies/generic-registration.html). Attempts to access or use any username, e-mail address or certificate, which is not authorised to the user, are prohibited. No one may use, or attempt to use, I.T. resources allocated to another person, except when explicitly authorised by the provider of those resources.

All users must correctly identify themselves at all times. A user must not masquerade as another, withhold their identity or tamper with audit trails. A user must take all reasonable precautions to protect their resources. In particular, passwords used must adhere to current password policy and practice. Advice on what constitutes a good password may be obtained from Computing Services Web pages (www.lboro.ac.uk/computing/doc/guidance.html). This advice must be followed: failure to do so may be regarded as a breach of this policy.

3) Privacy

It should be noted that systems staff, who have appropriate privileges, have the ability, which is occasionally required, to access all files, including electronic mail files, stored on a computer which they manage. It is also occasionally necessary to intercept network traffic. In such circumstances appropriately privileged staff will take all reasonable steps to ensure the privacy of service users. The University fully reserves the right to monitor e-mail, telephone and any other electronically-mediated communications, whether stored or in transit, in line with its rights under the Regulation of Investigatory Powers Act (2000) www.opsi.gov.uk/acts/acts2000/20000023.htm. Reasons for such monitoring may include the need to:

  • ensure operational effectiveness of services,

  • prevent a breach of the law, this policy, or other University policy,

  • investigate a suspected breach of the law, this policy, or other University policy,

  • monitor standards.

Access to staff files, including electronic mail files, will not normally be given to another member of staff unless authorised by the Director of Computing Services, who will use their discretion, in consultation with a senior officer of the University, if appropriate. In such circumstances the Head of Department or Section, or more senior line manager, will be informed, and will normally be consulted prior to action being taken. Such access will normally only be granted where a breach of the law or a serious breach of this policy is suspected, or when a documented and lawful request from a law enforcement agency such as the police or security services has been received.

The University sees student privacy as desirable but not as an absolute right, hence students should not expect to hold or pass information, which they would not wish to be seen by members of staff responsible for their academic work. In addition to when a breach of the law or of this policy is suspected, or when a documented and lawful request from a law enforcement agency such as the police or security services has been received, systems staff are also authorised to release the contents of a student's files, including electronic mail files, when required to by any member of staff who has a direct academic work-based reason for requiring such access.

After a student or member of staff leaves the University, files which are left behind on any computer system owned by the University, including servers, and including electronic mail files, will be considered to be the property of the University. When leaving the University, staff should make arrangements to transfer to colleagues any e-mail or other computer-based information held under their personal account, as this will be closed on their departure.

4) Behaviour

No person shall jeopardise the integrity, performance or reliability of computer equipment, software, data and other stored information. The integrity of the University's computer systems is put at risk if users do not take adequate precautions against malicious software, such as computer virus programs. All users of University I.T. services must ensure that any computer, for which they have responsibility and which is attached to the University network, is adequately protected against viruses, through the use of up t o date anti-virus software www.lboro.ac.uk/computing/security/antivirus.html (any exceptions to this must be approved explicitly by Computing Services - Computing.Services@lboro.ac.uk), and has the latest tested security patches installed. Reasonable care should also be taken to ensure that resource use does not result in a denial of service to others.

Conventional norms of behaviour apply to I.T.-based media, just as they would apply to more traditional media. Within the University setting this should also be taken to mean that the tradition of academic freedom will always be respected. The University, as expressed in its Equal Opportunities Policy www.lboro.ac.uk/admin/personnel/policies/equaloppspolicy.htm, is committed to achieving an educational and working environment which provides equality of opportunity, and freedom from discrimination on the grounds of race, religion, sex, class, sexual orientation, age, disability or special need.

Distributing material, which is offensive, obscene or abusive, may be illegal and may also contravene University codes on harassment. Users of University computer systems must make themselves familiar with, and comply with, the University code of conduct on harassment and bullying www.lboro.ac.uk/admin/personnel/policies/harass&bullying.htm.

No user shall interfere or attempt to interfere in any way with information belonging to or material prepared by another user. Similarly no user shall make unauthorised copies of information belonging to another user. The same conventions of privacy should apply to electronically held information as to that held on traditional media such as paper.

For specific services the University may provide more detailed guidelines, in addition to the policies provided in this Acceptable Use Policy. Users of the HallNet service must adhere to the detailed advice provided by the Hallnet Acceptable Use Policy www.lboro.ac.uk/computing/hallnet/shsaup.html. Users publishing on the World Wide Web must follow the University's Code of Practice for Online Publications www.lboro.ac.uk/computing/policies/cop.html.

Users of services external to the University are expected to abide by any policies, rules and codes of conduct applying to such services. Any breach of such policies, rules and codes of conduct may be regarded as a breach of this Acceptable Use Policy and be dealt with accordingly. The use of Loughborough University credentials to gain unauthorised access to the facilities of any other organisation is similarly prohibited.

5) Definitions of Acceptable & Unacceptable Usage

Unacceptable use of University computers and network resources may be summarised as:

  • the retention or propagation of material that is offensive, obscene or indecent, except in the course of recognised research or teaching that is permitted under UK and international law; propagation will normally be considered to be a much more serious offence;

  • intellectual property rights infringement, including copyright, trademark, patent, design and moral rights;

  • causing annoyance, inconvenience or needless anxiety to others, as specified in the JANET Acceptable Use Policy www.ja.net/services/publications/policy/aup.html;

  • defamation (genuine scholarly criticism is permitted);

  • unsolicited advertising, often referred to as "spamming";

  • sending e-mails that purport to come from an individual other than the person actually sending the message using, e.g., a forged address;

  • attempts to break into or damage computer systems or data held thereon;

  • actions or inactions which intentionally, or unintentionally, aid the distribution of computer viruses or other malicious software;

  • attempts to access or actions intended to facilitate access to computers for which the individual is not authorised;

  • using the University network for unauthenticated access;

  • unauthorised resale of University or JANET services or information.

These restrictions should be taken to mean, for example, that the following activities will normally be considered to be a breach of this policy (potential exceptions should be discussed with Computing Services):

  • the downloading, distribution, or storage of music, video, film, or other material, for which you do not hold a valid licence, or other valid permission from the copyright holder;

  • the distribution or storage by any means of pirated software;

  • connecting an unauthorised device to the University network, i.e. one that has not been configured to comply with this policy and any other relevant regulations and guidelines relating to security, I.T. purchasing policy, and acceptable use;

  • circumvention of Network Access Control;

  • monitoring or interception of network traffic, without permission;

  • probing for the security weaknesses of systems by methods such as port-scanning, without permission;

  • associating any device to network Access Points, including wireless, to which you are not authorised;

  • non-academic activities which generate heavy network traffic, especially those which interfere with others' legitimate use of I.T. services or which incur financial costs;

  • excessive use of resources such as filestore, leading to a denial of service to others, especially when compounded by not responding to requests for action;

  • frivolous use of University owned Computer laboratories, especially where such activities interfere with others' legitimate use of I.T. services;

  • the deliberate viewing and/or printing of pornographic images;

  • the passing on of electronic chain mail;

  • the use of University business mailing lists for non-academic purposes;

  • the use of CDs, DVDs, and other storage devices for the purpose of copying unlicensed copyright software, music, etc.;

  • the copying of other people's web site material without the express permission of the copyright holder;

  • the use of peer-to-peer and related applications within the University. These include, but are not limited to, Ares, BitTorrent, Direct Connect, Morpheus, KaZaA, Skype;

  • Plagiarism (www.lboro.ac.uk/admin/ar/student/handbook/section11/), i.e. the intentional use of other people's material without attribution.

Other uses may be unacceptable in certain circumstances. In particular, users of the Hallnet should take account of the particular conditions of use applying to that service. It should be noted that Hall Service users should not provide any services to others via remote access. The installed machine on each network socket must be a workstation only and not provide any server-based services, including, but not limited to, Web, FTP, IRC, Streaming Media server, peer-to-peer facilities, or e-mail services.

It should be noted that individuals may be held responsible for the retention of attachment material that they have received, via e-mail that they have never opened, via e-mail that they have read. Similarly, opening an attachment, received via unsolicited e-mail, especially if clearly unrelated to work or study, which leads to widespread virus infection, may result in disciplinary action being taken.

Acceptable uses may include:

  • personal e-mail and recreational use of Internet services, as long as these are in keeping with the framework defined in this policy document and do not interfere with one's duties, studies or the work of others;

  • advertising via electronic notice boards, intended for this purpose, or via other University approved mechanisms

However such use must be regarded as a privilege and not as a right and may be withdrawn if abused or if the user is subject to a disciplinary procedure.

6) Legal Constraints

Introduction

Any software and / or hard copy of data or information which is not generated by the user personally and which may become available through the use of University computing or communications resources shall not be copied or used without permission of the University or the copyright owner. In particular, it is up to the user to check the terms and conditions of any licence for the use of the software or information and to abide by them. Software and / or information provided by the University may only be used as part of the user's duties as an employee or student of the University or for educational purposes. The user must abide by all the licensing agreements for software entered into by the University with other parties, noting that the right to use any such software outside the University will cease when an individual leaves the institution. Any software on a privately owned computer that has been licensed under a University agreement must then be removed from it, as well as any University-owned data, such as documents and spreadsheets. When a computer ceases to be owned by the University, all data and software must be removed from it, in accordance with the University's policies and contractual obligations, including the Staff Computer Equipment Disposal Policy www.lboro.ac.uk/computing/policies/disposal.html.

In the case of private work and other personal use of computing facilities, the University will not accept any liability for loss, damage, injury or expense that may result.

The user must comply with all relevant legislation and legal precedent, including the provisions of the following Acts of Parliament, or any re-enactment thereof:

See below for a summary of the main points. Copies of these documents are also available through the University Library. Further advice should be obtained through the Director of Computing Services in the first instance.

Copyright, Designs and Patents Act 1988

This Act, together with a number of Statutory Instruments that have amended and extended it, controls copyright law. It makes it an offence to copy all, or a substantial part, which can be a quite small portion, of a copyright work. There are, however, certain limited user permissions, such as fair dealing, which means under certain circumstances permission is not needed to copy small amounts for non-commercial research or private study. The Act also provides for Moral Rights, whereby authors can sue if their name is not included in a work they wrote, or if the work has been amended in such a way as to impugn their reputation. Copyright covers materials in print and electronic form, and includes words, images, sound, moving images, TV broadcasts and many other media.

Malicious Communications Act 1988

Under this Act it is an offence to send an indecent, offensive, or threatening letter, electronic communication or other article to another person. Additionally under the Telecommunications Act 1984 it is a similar offence to send a telephone message, which is indecent, offensive, or threatening.

Computer Misuse Act 1990

This Act makes it an offence

  • to erase or amend data or programs without authority;

  • to obtain unauthorised access to a computer;

  • to "eavesdrop" on a computer;

  • to make unauthorised use of computer time or facilities;

  • maliciously to corrupt or erase data or programs;

  • to deny access to authorised users.

Criminal Justice & Public Order Act 1994

This defines a criminal offence of intentional harassment, which covers all forms of harassment, including sexual. A person is guilty of an offence if, with intent to cause a person harassment, alarm or distress, they:-

  • use threatening, abusive or insulting words or behaviour, or disorderly behaviour; or

  • display any writing, sign or other visible representation which is threatening, abusive or insulting, thereby causing that or another person harassment, alarm or distress.

Trade Marks Act 1994

This Act provides protection for Registered Trade Marks, which can be any symbol (words or images) or even shapes of objects that are associated with a particular set of goods or services. Anyone who uses a Registered Trade Mark without permission can expose themselves to litigation. This can also arise from the use of a Mark that is confusingly similar to an existing Mark.

Data Protection Act 1998

The University has a comprehensive Data Protection Policy www.lboro.ac.uk/admin/ar/policy/dpact/ludpp.htm, of which the following statement is the summary.

Loughborough University is committed to a policy of protecting the rights and privacy of individuals (includes students, staff and others) in accordance with the Data Protection Act. The University needs to process certain information about its staff, students and other individuals it has dealings with for administrative purposes (e.g. to recruit and pay staff, to administer programmes of study, to record progress, to agree awards, to collect fees, and to comply with legal obligations to funding bodies and government). To comply with the law, information about individuals must be collected and used fairly, stored safely and securely and not disclosed to any third party unlawfully.

The policy applies to all staff and students of the University. Any breach of the Data Protection Act 1998 or the University Data Protection Policy is considered to be an offence and in that event, Loughborough University disciplinary procedures will apply. As a matter of good practice, other agencies and individuals working with the University, and who have access to personal information, will be expected to have read and comply with this policy. It is expected that departments / sections who deal with external agencies will take responsibility for ensuring that such agencies sign a contract agreeing to abide by this policy.

Human Rights Act 1998

This act does not set out to deal with any particular mischief or address specifically any discrete subject area within the law. It is a type of “higher law”, affecting all other laws. In the context of the University, important human rights to be aware of include:

  • the right to a fair trial

  • the right to respect for private and family life, home and correspondence

  • freedom of thought, conscience and religion

  • freedom of expression

  • freedom of assembly

  • prohibition of discrimination

  • the right to education

These rights are not absolute. The University, together with all users of its I.T. services, is obliged to respect these rights and freedoms, balancing them against those rights, duties and obligations which arise from other relevant legislation.

Regulation of Investigatory Powers Act 2000

The Act states that it is an offence for any person to intentionally and without lawful authority intercept any communication. Monitoring or keeping a record of any form of electronic (including telephone) communications to is permitted, in order to:

  • Establish the facts;

  • Ascertain compliance with regulatory or self-regulatory practices or procedures;

  • Demonstrate standards, which are or ought to be achieved by persons using the system;

  • Investigate or detect unauthorised use of the communications system;

  • Prevent or detect crime or in the interests of national security;

  • Ensure the effective operation of the system.

Monitoring but not recording is also permissible in order to:

  • Ascertain whether the communication is business or personal;

  • Protect or support help line staff.

The University reserves the right to monitor e-mail, telephone, and any other communications in line with its rights under this act.

Freedom of Information Act 2000

The Act, intended to increase openness and transparency, obliges public bodies, including Higher Education Institutions, to disclose a wide range of information, both proactively and in response to requests from the public. The types of information that may be have to be found and released are wide-ranging, for example minutes recorded at a board meeting of the institution or documentation relating to important resolutions passed. Retrieval of such a range of information places a considerable burden on an institution subject to such an information request. In addition to setting a new standard of how such bodies disseminate information relating to internal affairs, the Act sets time limits by which the information requested must be made available, and confers clearly stated rights on the public, regarding such information retrieval. Therefore all staff have a responsibility to know what information they hold and where and how to locate it. The University has adopted a comprehensive publication scheme www.lboro.ac.uk/admin/ar/policy/foi/Schemeindex.html.

Communications Act 2003

This act makes it illegal to dishonestly obtain electronic communication services, such as e-mail and the World Wide Web.

7) University Discipline

Staff or students who break this Acceptable Use Policy will find themselves subject to the University's disciplinary procedures. In particular, students should familiarise themselves with the University's Ordinance XVII, Conduct and Discipline of Students www.lboro.ac.uk/admin/ar/calendar/ordinances/ord17.htm. The Director of Computing Services, as well as an individual's department or the Registrar, may take such disciplinary action. Individuals may also be subject to criminal proceedings. The University reserves its right to take legal action against individuals who cause it to be involved in legal proceedings as a result of their violation of licensing agreements and / or other contraventions of this policy.

8) Policy Supervision and Advice

The responsibility for the supervision of this Acceptable Use Policy is delegated to Computing Services. A senior member of Computing Services, normally the Assistant Director - Services Strategy, or their nominee, will be designated as the person responsible for the day-to-day management of the policy's enforcement. They will liaise with the Director of Computing Services, the University Librarian, the Security Manager, the Copyright Officer, the Intellectual Property Office, the Registrar, and Heads of Department and Sections, as required. Procedural guidelines will be published from time to time as a separate document.

Any suspected breach of this policy should be reported to a member of Computing Services staff. The responsible senior member will then take the appropriate action within the University's disciplinary framework, in conjunction with other relevant branches of the University. Computing Services staff will also take action when infringements are detected in the course of their normal duties. Actions will include, where relevant, immediate removal from online information systems of material that is believed to infringe the law. The University reserves the right to audit and / or suspend without notice any account pending any enquiry. Where necessary, this will include the interception of electronically mediated communications.

This policy is not exhaustive and inevitably new social and technical developments will lead to further uses, which are not fully covered. In the first instance students should address questions concerning what is acceptable to their supervisor; staff should initially contact their departmental I.T. Acceptable Use Policy Adviser (https://internal.lboro.ac.uk/diss/cc/uniwide/people/advisers.html) or Head of Department / Section. Where there is any doubt the matter should be raised with Computing Services, whose staff will ensure that all such questions are dealt with at the appropriate level within the University.

3rd edition - Approved by Information Services Committee, May 2005.

 
Home > Computing Services > Policies > Acceptable I.T. Use Policy

[Contents]
University I.T. Policies:
[Acceptable Use Policy] [A.U.P. Procedures]
[HallNet A.U.P.] [Registration Policy]
[Mass E-mail Policy] [E-mail Filtering Policy]
[Unwanted E-mail Guidance]
[Staff Computer Equipment Disposal Policy]
[Code of Practice for Online Publications]
[Connection of Networked Servers]
[Non-authenticated computers]
External I.T. Policies:
[JANET A.U.P.] [JANET Security Policy] [CHEST Code of Conduct]
[Athens Individual User Terms and Conditions]
[Computer Misuse Act]
Related University Policies:
[Policy on dealing with Computer Pornography]
[University Policy on Harassment and Bullying]
[Copyright Issues] [Data Protection Act] [Data Protection Act Policy]
[Data Protection Act - Disclosure of information over the telephone]
[Data Protection Act - Disclosure of student information]

Computing.Services@lboro.ac.uk Telephone +44 (0)1509 22 2320.
October 2005 Copyright © Loughborough University. All rights reserved. Legal information.