3/5/2013 – A recent security incident at Evernote allowed attackers... Read More
Computer Resources Acceptable Use and Security Policy
The University of Alabama undertakes to provide access to local, national, and international sources of electronically generated, stored, and transmitted information and to promote a free and open atmosphere in which thinking and thoughtful people can exchange information and ideas with other thinking and thoughtful people, both on and off campus. To protect users and the University from criminal and civil liability to prevent unnecessary expense, to protect and preserve the work product of authorized users, and to encourage informed and considerate use, The University of Alabama has, in accordance with its regularly established policies and procedures for governance, adopted the following guidelines concerning the use of the University’s computers, computer networks, and computer resources.
Responsible users should avoid actions that may make themselves or their University criminally or civilly liable to others.
A user should avoid any acts or omissions that might subject him/her to criminal penalties or to civil liability to pay money to others. A user will want to be aware, as well, that some acts or omissions that may subject him/her to criminal penalties or civil liability may also subject the University to criminal penalties or civil liability. A user should also know that, under law, he/she may be required to reimburse the University for any amount of money it must pay to another because of injury caused by your conduct. This document presents, by way of example, kinds of conduct most likely to bring down criminal penalties or civil liability. A user should be aware, however, that if any other state or federal law makes the user or the University criminally or civilly liable for certain conduct, that law still applies even if not specifically described herein; and if state or federal law prescribes certain consequences for certain conduct, the user and the University may suffer those consequences even if they are not described herein.
Use of software
Computer software is a form of intellectual property controlled by licenses that spell out clearly how it may be used and distributed. All members of the University community must follow all license provisions regulating the use and distribution of computer software. Use or distribution of software in violation of license provisions may subject the violator to criminal and civil penalties, as well as to civil liability to the licenser. Consider the following examples. You should not run your software on two or more computers simultaneously, unless the license agreement specifically allows it. You should not copy software available through the colleges or University departments, for use at home or in the dormitories, unless the license agreement specifically allows it. You should not copy software for distribution among members of a class or for a friend, even if the purpose in sharing it is purely educational, unless the license agreement specifically allows it.
Use of networks
Networks are also a form of property controlled by agreements between providers and users. Thus, violating a term of such an agreement may bring down upon the violator and the University consequences similar to those already examined with regard to software. Furthermore, public networks are regulated, or subject to regulation, by state and federal government. Violating a state or federal regulation may bring criminal or civil penalties down upon the violator. Finally, you should know that transmitting defamatory utterances concerning a person, organization, or institution may subject the perpetrator and the University to civil liability to pay money damages.
Use of any University property for private gain: The University provides computer resources to promote its teaching, research and service missions. As with other resources, faculty and staff members are bound by state ethics law. Alabama Code 36-25-5(a) provides as follows:
No public official or employee shall use an official position or office to obtain direct personal financial gains for himself, or his family or any business with which he or a member of his family is associated unless such use and gain are specifically authorized by law.
And Alabama Code 36-25-27(a) provides as follows:
Any person subject to this chapter who knowingly or willfully violates any provisions of this chapter other than the requirements of financial and lobbying disclosure shall be found guilty of a felony and shall be fined not more than $10,000.00 or less than $2,001.00, or shall be imprisoned for not more than 10 years but not less than two years or any combination thereof.
Any person subject to this chapter who knowingly or willfully violates any disclosure requirement of this chapter shall be found guilty of a misdemeanor, and shall be punished by a fine of $10.00 a day for each day the appropriate disclosure statement is delinquent or the proper information is unreported, not to exceed $1,000.00 annually.
Use of institutional data
Information critical to the operation of the University, regardless of its format, is an asset of the University and Measures should be taken to protect this asset from unauthorized modification, destruction, or disclosure, whether accidental or intentional. An attached Administrative Data Security Policies and Standards Document addresses this issue.
Responsible users should avoid actions that may inflict needless expense upon their University or others.Computing resources (including, but not limited to, e-mail, application and instructional software, mainframe resources, local area networks, and access to external networks), like all resources, require regular expenditures of money for their purchase and maintenance, even though some of these resources, like network storage space, may seem invisible and, hence cost-free. As with all University resources, the University bears the responsibility and has the authority to allocate or otherwise limit access to computer and network resources in order to ensure their most effective and economical use. For your part, you should not do anything that will impair the operation of computers, terminals, peripherals, or networks. You should not do anything that you know or should know is wasteful of computing resources, including, but not limited to, sending advertisements for commercial enterprises, sending mass mailings, or chain letters, obtaining unnecessary output, maintaining unnecessarily excessive file storage creating unnecessary multiple jobs or processes, or creating unnecessary network traffic.
Responsible users should avoid actions that may destroy, endanger, or divert another’s research or writing. Among the most valuable and most sensitive of the University’s computer resources are the personal work and storage spaces assigned to users. The University treats electronically stored information, including personal files, as confidential and permits examination or disclosure of their contents only when authorized by the owner of the information or when required by local, state, or federal law. Under Alabama Code 13A-8-102, it is a crime to attempt or achieve access to, communication of, examination of, or modification of, to destroy, or to disclose, use, or take data, computer programs or supporting documentation. In plainer words, under pain of state law, none of us may use, transmit, change, or delete another user’s files or software without permission or introduce destructive software, such as programs known as computer viruses, Trojan horses, or worms, into any computer, computer system, or network. In predicting the consequences of such conduct, we should also consider FACULTY HANDBOOK, APPENDIX “C” (Academic Misconduct Disciplinary Policy), pp. 88-91.
Responsible users will contribute positively to a free and open atmosphere for electronic discussion.Cruelty, obscenity, crudity, and offensiveness, for the sake of offensiveness, have no place in the public discourse of a University community, but not all emotionally hurtful, offensive or inconsiderate conduct is or ought to be subject to official punishment. Nevertheless, as members of the University community, we are all responsible to one another and to the thinking and thoughtful community of which each of us ought to be a valuable part.
Responsible users will be considerate of other users of computer resources and facilities.Users may not use any University of Alabama workstation with the intent to intimidate, harass, or display hostility toward others. Users are also asked to be sensitive to the displaying of material that others might find offensive. Persons violating these guidelines in public facilities may be asked to leave the premises. University faculty, staff, and students also may be subject to disciplinary action.
Use of campus e-mail, Internet access, or campus networks for the following purposes can lead to criminal and civil charges, as well as academic sanctions:
- Threats against person or property
- False information about academic or administrative policies or issues
- Messages offensive to the receiver because of their pointlessly hateful, obscene, or libelous content
This list does not include all the kinds of conduct that have been challenged as illegal or inappropriate at one institution or another. It only provides examples. A good rule of thumb is to refrain from saying anything on any network or computer system that you would not say face to face. Hurtful or offensive words spoken on a network or computer system can leave a permanent record that can, depending upon their content, support criminal or civil liability, damage your professional reputation, or diminish your stature in the eyes of those whose respect you would like to keep or earn. You should be aware that e-mail files have been ruled to be discoverable in a court of law, which means that your privilege of confidentiality is not absolute, but may be overridden by court order. If you are a faculty member, you should also make yourself familiar with FACULTY HANDBOOK, APPENDIX “N” [Sexual Harassment (etc.), pp. 124-126]