Policy

Acceptable Use Policy for students

IT Services: rules and code of conduct

Policy

1. The Policy

The electronic communications policy covers internal and external electronic communications. They apply to all resources provided for UWE students, including but not limited to:-

    • Blogs, wikis, postings

    • Computers

    • Computing software

    • E-mail

    • Instant Messaging

    • Internet and Intranet

    • Discussion board postings

    • Network (including ResNet and Net Plus)

    • Pharos Kiosks

    • Printers

    • Remote access service

    • Texts

Note 1: In this policy, students may also be referred as users.

Note 2: Visitors need to abide to this policy and other Security policies in the same way as a UWE student or member of staff.

2. Introduction

1.1 The availability of electronic communications facilities to all members of the University is central to the proper functioning of the University. Enrolment as a student includes the explicit acceptance of the rules and code of conduct relating to the use of these facilities, and respect for the rights of others to use them.

1.2 This document outlines the expectations placed on all users, staff and students, of IT systems of the University.

1.3 This document must be read in conjunction with the computer-related legislation. See the appendix, and also the UWE IT Security Policy.

1.4 The University believes it is important that students have a clear understanding of the expectations that the University places on them and the standards to which they are expected to study and use the facilities. These relate both to the study students undertake and the way in which they conduct themselves at University.

1.5 Misuse is regarded as a matter of utmost seriousness. Evidence of persistent misuse will be pursued under the student disciplinary rules and may lead to expulsion. Evidence of theft or malicious damage may result in legal proceedings.

1.6 UWE is connected to the internet via the Joint Academic Network (JANET). As well as this policy, JANET’s own Acceptable Use Policy must be adhered to. Please visit http://www.ja.net/services/publications/policy/aup.html

3. Approach

The underlying philosophy is that the University's computing and electronic communications facilities should be used in a manner which is ethical, legal and appropriate to the University's aims. The facilities must be used in a manner which does not obstruct the work of others and which encourages a scholarly atmosphere to be maintained. The system is a shared resource and each user has responsibility to learn how to use it appropriately. The University encourages the use and exploration of its IT and electronic communications systems, but discourages behaviour which may inconvenience other users.

4. Scope

This policy applies to all users of Electronic Communications facilities in relation to:

  • Electronic Communications facilities owned, leased, hired or otherwise provided by the University, connected directly or remotely to the University's network or Electronic Communications facilities, or used on the institution's premises, or individuals connecting their equipment to the network e.g. personal laptops

5. Access to and the Use of Electronic Communications Facilities

5.1 No one may use Electronic Communications facilities without prior registration, except where the facility is offered as a service to the public (for example, the University web site for which Terms and Conditions are available at http://www.uwe.ac.uk/info/termsAndConditions.shtml).

5.2 Registration to use the University's Electronic Communications facilities constitutes acceptance of this policy.

5.3 Students are given access to those parts of the system which are appropriate to their role. Students are therefore not normally expected to seek access to other parts of the system unless authority is given. Unauthorised access to data is not acceptable and may result in disciplinary action.

5.4 The granting of access rights to Electronic Communications facilities will be by the provision of access cards, user IDs and passwords giving access to locations, hardware and/or software facilities. The provision of such user references and passwords will constitute access rights for the use of those Electronic Communications facilities under the conditions applicable to those facilities.

5.5 Students using Electronic Communications facilities are expected to comply with the conditions of use which include the following. Users must not:

  • disclose user ids, personal passwords which give access to the system (NB personal passwords should be changed regularly. Please refer to Important Information on Passwords on the ITS web site.). In exceptional circumstances, a password may be disclosed to a UWE member of staff, e.g. for the prevention or detection of crime or for securing the health, safety and welfare of people at work.
  • enable unauthorised third party access to the system
  • use a University user id or password intended for the exclusive use of another user, unless under exceptional circumstances (see first bullet point).
  • deliberately damage Electronic Communications equipment
  • delete, amend or otherwise corrupt the data or data structures of other users without their explicit permission
  • knowingly introduce viruses or other harmful programs or files
  • connect to any internal Electronic Communications facility without the permission of the appropriate manager
  • attempt to gain deliberate unauthorised access to external facilities or services
  • attempt to access, download or store, illegal materials from the Internet
  • use the Electronic Communications facilities to send unsolicited, unauthorised commercial or illegal advertising or other material
  • load software for which no licence is held
  • modify software
  • attempt deliberate or reckless overloading of networks, websites or other IT and Communications facilities
  • use the Electronic Communications facilities of the University for commercial gain without the explicit permission of the appropriate authority.

5.6 Much of the information held on the University's Electronic Communications systems is confidential and must not be disclosed to other parties. Should a student be in any doubt about disclosing information, then they should seek advice from their manager or other appropriate managers. In addition, if students are in doubt about whether an action might constitute unacceptable use, he/she should consult the IT Security Coordinator in IT Services.

6. Equipment

6.1 Students are responsible for ensuring that they are sufficiently familiar with the operation of any equipment they use to make their use safe and effective.

6.2 No equipment or other Electronic Communications facility may be moved without the prior agreement of IT Services.

6.3 No equipment may be connected to the University's networks without the prior agreement of IT Services.

6.4 Students must ensure that they have up-to-date Anti-Virus software installed plus a firewall running at all times on equipment connected to the UWE network.

6.5 Serious damage or the theft of Electronic Communications equipment should be reported to the University's security staff who will advise the University’s Insurance Officer and IT Services.

7. The Use of electronic messages (including e-mails, blogs, wikis, texts, instant messaging etc…)

7.1 Electronic Communications such as e-mails, texts, instant messaging, blogs etc… are fast and convenient means of communicating information. However, because of this there may be a temptation not to take sufficient care when initiating messages and sending replies. It is important that users recognise the need to pay the same care and attention to the composition of electronic messages as to other forms of written communication. An informal communication may be appropriate in some circumstances, for example when communicating with colleagues on an informal topic. It will not however be appropriate when the issue is more formal or when communicating externally. Care should be exercised in constructing messages, for example, the use of capitals is considered to be the equivalent of shouting. Electronic messages lack the cues and clues that convey the sense in which what you say is to be taken, and the wrong impression can easily be conveyed.

7.2 Electronic messages are a valuable means of communication and can be the most appropriate mechanism in a variety of circumstances. For example, for short memos, when the purpose of the communication is to convey straightforward information, where speed of communication is important and where a consistent message to a number of people is required. However there are also a number of situations where it is unlikely to be the most appropriate, for example:

  • when the information to be communicated is complex and/or lengthy
  • when discussion about a topic is likely to be necessary and hence face to face contact is more appropriate
  • when a signature is required on a communication

7.3 Electronic messages should not be used:

  • where the type of information being communicated is such that it would be better conveyed face to face or in writing. This could include information of a sensitive, personal or confidential nature. It should also be remembered that there is inevitably an increased risk of information sent via electronic messages being misdirected. Please refer to the Data Security and UWE IT Security Policies.
  • as a substitute for conveying information personally when this would be more appropriate.

8. The Use of E-mail

8.1 The e-mail system can be accessed by all students. Its use is therefore extensive and hence it is important that all of its users recognise that, whilst such a system can have many benefits, there are also limitations.

Students should note that e-mail is considered by the University as a standard communication mechanism. Students are therefore expected to access the facility as regularly as necessary to send and receive information.

8.2 The e-mail system was not previously used as a means of storing important information. However, since the introduction of UWE Live Mail to the University, students can use Windows Live storing facility called SkyDrive which is backed up by Microsoft.

8.3 UWE email system

UWE Live Mail is now the official email system. It is powered by Microsoft and students have to understand and abide the rules and codes of conduct, not only set by UWE but also Microsoft. UWE Live Mail users must comply with this Acceptable Use Policy stated but also carefully read the UWE Live Mail Policy.

8.4 E-mail is not always the best way to communicate information as e-mail messages can often be misunderstood, and the volume of e-mail messages people receive can be prohibitive to receiving a meaningful reply because of e-mail overload.

It is the responsibility of the person sending an e-mail message to decide whether e-mail is the most appropriate method to communicate the information. The decision to send an e-mail should be based on a number of factors including:

• The subject of the message

• The recipient’s availability

• The speed of transmission

• The speed of response

• The number of recipients

9. Contracts

Users should be aware that enforceable contracts may be formed over the internet and e-mail, and students are advised to take care to avoid entering into any commitments which they do not wish to be legally binding on them personally. Postgraduate students who also have teaching or research contracts with UWE must ensure that they do not enter into contracts or give other commitments which would make UWE responsible, unless they have authority to do so.

Use of UWE internet, e-mail or other electronic communications facilities in such a way as to expose UWE to risk of claims for defamation is prohibited, whether or not the student also has an employment contract with UWE.

10. The Use of UWE Discussion Boards and Forums

The Discussion Boards and Forums belonging to UWE (including Blackboard and UWE Facebook sites) are for staff and students to exchange, discuss and share valuable and helpful pieces of information.

Users of discussion boards and forums should be aware of the following:-

10.1 About your posting:

The discussion boards and forums must not be used to:

  • post information of a sensitive, personal or confidential nature;
  • post messages which are discriminatory, sexually harassing or offensive to others on the grounds of race, age, disability, gender, religion or sexual orientation;
  • post messages using inappropriate language;
  • post commercial or promotional messages;
  • post images from other sites;
  • post illegal content

Your postings should be:

  • to the point and concise;
  • fair and reasonable;
  • non-defamatory, legal and clean (libellous, illegal or obscene postings will not be tolerated and may result in legal action);
  • posted once only.

10.2 About the law:

Use of UWE notice boards and forums is bound by the terms and conditions of the UWE acceptable use policy and legislation such as the Data Protection Act and the Copyright laws. Please refer to sections 14 and 15 and See appendix.

10.3 We reserve the right to:

  • prohibit or delete a posting without notice if we consider it inappropriate;
  • trace the identity of a person who posted a message that breaches the rules and regulations stated in this policy;
  • take further action and apply penalties (including legal action), if the message posted has caused serious harm to an individual, a group or an organisation;

11. Access to the Internet

The University allows lawful access to the internet. However, the rules listed in this policy must be respected. Students must access the internet responsibly and primarily for educational and informational purposes. Students are encouraged to use the Internet as long as they exercise good judgment and discretion when using it.

The right of access must not cause any harm, either directly or indirectly to the student, other students, members of staff or the University. The fact that access to a site may be granted does not mean that access to the site is acceptable and/or appropriate.

The University reserves the right to carry out general checks to ensure appropriate use of facilities including internet access, and employs relevant technology to facilitate this. Regular checks may be carried out if inappropriate use has been suspected. The university does restrict access to some recognised unacceptable and unsafe web sites.

Inappropriate use includes accessing, storing and disseminating material that is:-

    • Illegal (including sites encouraging unlawful activity)

    • Obscene or deliberately offensive in nature

    • Discriminatory (on the grounds of age, disability, faith or belief, gender, race or sexual orientation)

    • Likely to result in harassment or bullying of others

12. The Use of SMS Texting for communicating with UWE Staff

Students may be contacted by members of staff on UWE related matters via the UWE text messaging system. Students may at times be given the opportunity to reply to these texts, and communicate with support staff and/or academic staff. When this opportunity is taken, it is essential that the students read this policy and follow the codes of conduct for using electronic communications. Please refer to section 5 and 7, and section 13 on Unacceptable Behaviour.

General points:

    • Use of text messaging with UWE staff and students should be for UWE related matters.

    • The University reserves the right to monitor the text messaging system and the text messages sent through the system.

    • It is inappropriate to send text messages which might reasonably be considered to be defamatory, obscene, offensive etc… Please refer to section 13 on Unacceptable Behaviour.

    • Text messages should be drafted with care. Please refer to section 5 on “Access to and the Use of electronic communications facilities”.

    • No text messaging service is totally secure. As a consequence, information of a confidential or personal nature should not be sent by text. Another means of communication must be chosen.

    • Copies of text messages may have to be disclosed in litigation. Therefore, students must think carefully about the content of their text messages.

13. Unacceptable Behaviour (applies all forms of electronic communications)

Unacceptable behaviour in relation to the use of IT and electronic communications systems will not be tolerated and where it is identified there are a range of informal and formal routes which may be followed. These include disciplinary action.

Some forms of behaviour will always be considered to fall below the standard of acceptability. These include:

- the use of inappropriate language in communications;

- sending inappropriate messages including those which are discriminatory, sexually harassing or offensive to others on the grounds of race, age, disability, gender, religion or sexual orientation;

- the sending of potentially defamatory messages which criticise other individuals or organisations (legally e-mail is classified as a form of publication);

- the creation, display, downloading, production, circulation, storage or transmission in any form or medium of inappropriate material. This includes pornographic, offensive or illegal material downloaded from any source such as the Internet;

- the downloading, circulation, storage, or transmission in any form or medium of copyright material for which you do not have the author’s express permission;

- forwarding confidential, sensitive or personal information onto third parties without gaining appropriate consent;

- using the IT system for commercial gain;

- overloading the system by sending inappropriate bulk messages;

- sending messages which are rude, overbearing, aggressive or bullying.

Please note that the University can and will investigate any inappropriate or unacceptable use of the Internet and other sources, if judged necessary.

14. Data Protection and Computer Misuse

The Data Protection Act 1998 outlines the legal position in relation to the use of data. The Computer Misuse Act 1990 makes provision for securing computer material against unauthorised access or modification; and for connected purposes. Under the Act, hacking and the introduction of viruses are criminal offences.

For more information on the Data Protection Act and the Computer Misuse Act, please see the appendix.

15. Copyright

Users have a responsibility to ensure that copyright and licensing laws are not breached when composing or forwarding e-mails, e-mails attachments and using the Internet. The laws regarding breach of copyright apply equally to the downloading and copying of information from the Internet. Students must be clear whether there is an entitlement to download information before using and disseminating this. The University’s policy on this is at: http://imp.uwe.ac.uk/.

Follow the link to ‘Finance’ and type ‘Fin018’ in the field entitled ‘Containing this term’.

There are strict regulations regarding the copying and printing of copyright material, details of which can be found in here: http://www.uwe.ac.uk/library/info/copyright/

Other copyright legislation information can also be found in the Appendix.

16. Other forms of electronic communications systems

The University uses surveillance equipment, as permitted by the Data Protection Act, in order to ensure the safety of its staff and students and security of its property. The University recognises the right of individuals to privacy, and hence use of this equipment is restricted and would only be used for other purposes after appropriate staff had been advised of the intention to do so.

For the Data Protection Policy, please visit http://imp.uwe.ac.uk/. Follow the link to ‘Finance’ and type ‘Data Protection’ in the field entitled ‘Containing this term’.

17. Charges

All charges due (e.g. for manuals, printouts etc) must be paid at the time of receipt of goods. No credit is permitted.

18. Penalties

18.1 Any student found to have broken these rules or otherwise misused IT facilities and electronic communications may have their computer account locked.

If locked out of the system, a student should report to the IT Services Support Centre during normal opening hours. An appointment will be made as soon as is possible with a representative of IT Services. That representative will inform the student of the reason for the lock-out and will determine the sanction for the offence.

There are a range of penalties which may be imposed depending on the nature and severity of the misuse, and whether it is a first or repeat offence. In each case, IT Services will consult with the Executive of the student's faculty in order to make a decision about the appropriate course of action. Penalties include:

- a warning to the student about the action that might be taken in the event of further incidents of misuse

- a period during which access to IT systems and facilities and electronic communications is removed or limited

- obtaining a written agreement from the student that the offence will not be repeated

- a fine.

Other sanctions may be applied where justified by the offence. An offender may be required to pay all costs of any damage to any equipment supplied by the University, and related costs including staff time, hire of equipment etc.

Where offences are serious or persistent, complaint may be made under the University’s Disciplinary Rules and Procedures.

Episodes of misuse will be entered on the student's record.

18.2 Theft and vandalism

In case of deliberate theft or vandalism, complaint may be made under the University’s Disciplinary Rules and Procedures.

18.3 Non-payment of debt

Non-payment of debts or the existence of any other outstanding obligation may result in a student's award being withheld.

Any queries about this policy statement should be raised with IT Services.

The University reserves the right to change this policy from time to time as may be deemed necessary.

Appendix – Computer related-legislation

1. Computer Misuse Act

The Computer Misuse Act (1990) was introduced to secure computer material against unauthorised access or modification. Three categories of criminal offences were established to cover the following conduct:

1. Unauthorised access to computer material (basic hacking) including the illicit copying of software held in any computer.

Penalty: up to six months of imprisonment or up to a £5,000 fine.

2. Unauthorised access with intent to commit or facilitate commission of further offences, which covers more serious cases of hacking.

Penalty: up to five years of imprisonment and an unlimited fine.

3. Unauthorised modification of computer material, which includes:

i. intentional and unauthorised destruction of software or data;

ii. the circulation of ‘infected’ materials on-line;

iii. an unauthorised addition of a password to a data file.

Penalty: up to five years of imprisonment and an unlimited fine.

You must not:

    • display any information which enables others to gain unauthorised access to computer material (this includes instructions for gaining such access, computer codes or other devices which facilitate unauthorised access);

    • display any information which may lead to any unauthorised modification of computer materials (such modification would include activities such as the circulation of ‘infected’ software or the unauthorised use of a password);

    • display any material which may incite or encourage others to carry out unauthorised access to or modification of computer materials.

2. Copyright

The Copyright, Design and Patents Act (1988) is applicable to all types of creations, including text, graphics and sounds by an author or an artist. This includes any which are accessible through the University's IT facilities and network. Any unloading, downloading or printing of information through on-line technologies, which is not authorised by the copyright owner will be deemed to be an infringement of his/her rights.

Some types of infringement give rise to criminal offences, the penalties for which are up to two years imprisonment or an unlimited fine. It is also possible for the copyright owner to claim compensation or to have infringing activities prevented by injunction.

For further information on Copyright, please see http://www.uwe.ac.uk/finance/sec/copyright/index.shtml

You must not:

    • make, transmit, print or store an electronic copy of copyright material on the University’s IT equipment without the permission of the owner.

3. Data Protection

The Data Protection Act (1998) concerns the processing of information about living individuals. It gives rights to those individuals about whom information is recorded and demands good practice in handling information about people.

Every person or organisation holding personal data (data controller) must be registered with the Information Commissioner.

For further information on Data Protection, please see http://www.uwe.ac.uk/finance/sec/dp/index.shtml

You must:

    • only use personal data for a University related purpose;

    • ensure that the use of University related personal data is restricted to the minimum consistent with the achievement of academic purposes;

    • contact the University's Data Protection Officer before conducting any activity which involves the collection, storage or display of personal data through the University’s IT facilities.

4. Official Secrets Acts

The Official Secrets Acts (1911) establish severe criminal penalties for any person who discloses any material which relates to security, intelligence, defence or international relations and which has come into that person’s possession through an unauthorised disclosure by a crown servant or government contractor. They also cover material which has been legitimately disclosed by a crown servant or government contractor on terms requiring it to be kept confidential or in circumstances in which it might reasonably be expected to be treated as confidential. This means that certain information handled by the University’s departments may be covered by the provisions of the Acts, particularly if such information concerns a project specifically commissioned by a government office.

You must:

    • Ensure that any such material is securely stored and avoid displaying it on the University’s IT facilities.

5. Defamation

Defamation consists of the publication of an untrue statement (which can include an opinion), which adversely affects the reputation of a person or a group of persons. If such a statement is published in a permanent form, as is the case with statements published on the Internet, including messages transmitted by email, an action for libel may be brought against those responsible.

In accordance with the Defamation Act (1996), the University acknowledges the convention of academic freedom, but will take all reasonable care to avoid the dissemination of defamatory material and will act promptly to remove any such material which comes to its attention. Messages which have only one intended recipient may reach a vast audience through the Internet and as a result, the transmission of statements which discredit an identifiable individual or organisation may lead to substantial financial penalties.

You must:

    • ensure that all published facts are accurate;

    • ensure that opinions and views expressed in personal home pages or via bulletin boards do not discredit their subjects in any way which could damage their reputation.

You must not:

    • place links to bulletin boards which are likely to publish defamatory materials.

Remember that your email communications are publications.

6. Obscenity

The University is committed to the prevention of publication through any of the University’s IT facilities of any material which it may consider pornographic, excessively violent or which comes with the provisions of the Obscene Publications Act (1959), the Protection of Children Act (1978) or the Criminal Justice Public Order Act (1994). The University will regard any such publications as a very serious matter, which it will not hesitate to report to the law enforcement agencies. Users of the IT facilities are reminded that these are principally for use in connection with academic purposes, therefore any use of the IT equipment to publish or gain access to obscene, pornographic or excessively violent material is inappropriate, and you may be liable to legal proceedings.

You must not:

    • disseminate, access or encourage access to materials which the institution deems to be obscene, pornographic or excessively violent through the University’s IT facilities.

7. Communications

The Telecommunications Act (1984) and the Interception of Communications Act (1985) make it illegal to communicate any information of an indecent, obscene or menacing character by a public telecommunications system, or to misuse or tap a telecommunications system.

You must:

    • ensure that use of institutional voice and data systems, i.e. telephones and networks, is operated in accordance with the provision of these acts.

8. Health and Safety

The Health and Safety at Work Act (1974), including the Control of Substances Hazardous to Health (COSHH) Regulations (1988), regulates safety in the workplace and contains a number of clauses pertinent to the IT environment, such as the Display Screen Equipment Regulations (1992).

You must:

    • operate in accordance with the institutional code of conduct as detailed in the health and safety section.

9. Computer Evidence

The Police and Criminal Evidence Act (1984) limits the use of certain computer material as evidence in court.

Disclosure of computer held information to the law enforcement agencies may be covered by the provision of this act.

10. Discrimination

Both the Sex Discrimination Act (1975) and the Race Relations Act (1976) are guided by the same principle, which is the prevention of unfair discrimination.

Placing discriminatory advertisements may in certain circumstances be regarded as a criminal offence under both Acts, which establish fines of up to £5,000 for those found guilty of causing such advertisements to be published. Inciting racial hatred by displaying any written material which is threatening, abusive or insulting is an offence under the Public Order Act (1986). Anyone found guilty of the offence of inciting racial hatred may be liable to imprisonment for up to two years.

In addition, European Union legislation can cover situations where discrimination takes place on the grounds of sexual orientation. Therefore, any material located on or disseminated through the University’s IT facilities which may be considered discriminatory or may encourage discrimination on grounds of sex, gender, sexual orientation, race or ethnic origin may be unlawful. Any such material will also be against the University’s Equal Opportunities Policy.

You must not:

    • use the University’s IT services to place or disseminate materials which discriminate or encourage discrimination on grounds of sex, gender, sexual orientation, religion, race or ethnic origin.

11. Criminal Law

The incitement to commit a crime is a criminal offence in itself, regardless of whether a crime has actually been committed or not. This includes the provision of information via IT equipment/services which facilitates crime.

You must not:

    • place links to sites which facilitate illegal or improper use;

    • place links to sites where copyright protected works, such as computer software, are unlawfully distributed;

    • place links to sites which display pornographic materials;

    • place links to bulletin boards which are likely to contain discriminatory statements.

    • post messages which would be in contempt of court.

12. Advertisements and Commercial Activity

The University’s IT facilities must not be used for placing or distributing advertisements relating to any course or business other than those promoting the University’s teaching and research activities or its own trading operations.

You must:

    • remember that all advertisements should be ‘legal, decent, honest and truthful’ and comply with the Code of Practice for Advertisers issued by the Advertising Standards Authority.

13. International Law and the Internet

Since there is no international convention on Internet regulation, caution is necessary in considering what law may be applicable. As a basic rule, all users of the University’s IT facilities must note that although certain materials may be considered legal in their places of origin, that does not prevent the application of UK law if those materials are considered to be illegal under the law in this country. Similarly, material transmitted world-wide is subject to the law of whichever country it is viewed in.

14. Regulation of Investigatory Powers Act 2000 & Lawful Business Practice Regulations

As required by UK legislation, IT Services draws to the attention of all users of the University's Data and Telephones Networks the fact that their communications may be intercepted as permitted by legislation.

The legislation allows an employer and/or organisation to intercept without consent for purposes such as recording evidence of transactions, ensuring regulatory compliance, detecting crime or unauthorised use, and ensuring the operation of their telecoms systems. The employer and/or organisation does not need to gain consent before intercepting for these purposes, although it does need to inform staff and students that interceptions may take place.

15. JANET’s Acceptable Use Policy

UWE is connected to the internet via the Joint Academic Network (JANET). As well as this policy, JANET’s own Acceptable Use Policy must be adhered to. Please visit http://www.ja.net/services/publications/policy/aup.html

16. UWE IT Acceptable Use Policy