Policy #: IT0003
Effective Date: 11/19/08
Last Revision Date: 10/4/11

Policy for Acceptable Use of UCSC Electronic Information Resources
(Acceptable Use Policy)

Vice Chancellor, Information Technology
(Policy IT-0003)


I.   PURPOSE / INTRODUCTION / APPLICABILITY

The intent of this policy is to identify appropriate and inappropriate use of UCSC electronic information resources (eIRs). This policy applies to all users of UCSC eIRs.

It is the policy of the University of California to provide electronic information resources (eIRs) to students, faculty and staff to be used in ways that are consistent with the University's mission - instruction, research, and public service - and in activities that support that mission. These resources include computers, terminals, networks, modems, printers, portable electronic devices, telephones (including cell phones), and electronic media.

The University expects that its user community will respect the public trust through which these resources have been provided. Users of UCSC eIRs are expected to comply with the law, University and campus policies, industry regulations, and contractual obligations that apply to their activities. This applies to all UCSC eIRs as well as to all computers and computing equipment, whether University-owned or not, connected to campus networks or other UCSC eIRs.

UCSC units that administer eIRs may establish local guidelines for the appropriate use of their resources in addition to this campuswide policy. Local guidelines must be consistent with campuswide policies and the University of California Electronic Communications Policy (UC ECP).


II.   DETAILED POLICY STATEMENT

All users of UCSC eIRs are expected to comply with applicable laws, University and campus policies, industry regulations, and contractual obligations. These include, but are not limited to, the UC ECP and Section 502 of the California Penal Code. The University has determined that the following list, while not exhaustive, constitutes unacceptable behavior which may be subject to loss of access to eIRs, disciplinary action, and additional consequences of civil or criminal prosecution.

1. Use of any University resources in a manner that violates the law or UC policy, including but not limited to violation of copyrights, patent protections, trademarks, license agreements, intellectual property law or contracts that specify conditions of use of intellectual property at UCSC [1];

2. Interfering with the normal operation of UCSC eIRs (see endnote [2] for provisions for instructional and research activities). This includes

  • use of UCSC eIRs for purposes or in a manner that could reasonably be expected to disrupt UCSC eIRs,
  • any action that disrupts the availability of a system or resource for others, such as running programs or sending electronic messages that utilize all system resources and prevent others from making productive use of the system,
  • attempts to alter, damage, delete, destroy or otherwise abuse any computer or network resource, including development or use of malicious programs.

3. Accessing or attempting to access UCSC eIRs or facilities without proper authorization, or intentionally enabling others to do so. This includes, but is not limited to, disclosing a password or otherwise making a password-protected account available to others; running programs that attempt to calculate or guess passwords, or that are designed and crafted to trick other users into disclosing their passwords; sharing or transferring account privileges to another person; electronic eavesdropping on communications facilities;

4. Use of UCSC eIRs to harass others in a manner that interferes with their rights or in a manner that creates a hostile working or learning environment in violation of University policy, including sexual or other forms of harassment [3];

5. Sending unsolicited commercial or bulk email (spam) or otherwise transmitting inappropriate mass messages. Note: This provision is not intended to limit the use of email or other mass messaging for official University business;

6. Employing a false identity (the name or electronic identification of another), except as allowed under UC ECP Section III.D.6, False Identity and Anonymity.


III.   ADDITIONAL POLICIES AND EXPECTATIONS

All users of UCSC eIRs are expected to comply with the following specific policies and expectations. Violations characterize unacceptable behavior and may result in loss of access to eIRs, disciplinary action, and additional consequences of prosecution under the law.

1. Implying University Representation or Endorsement
Users shall not state or give the impression [4] that the user is representing, giving opinions, endorsing products or services of a non-University entity, or otherwise making statements on behalf of the University or any unit of the University unless appropriately authorized to do so. Communications that may inaccurately give the impression that the author represents the University must include an explicit disclaimer. Example disclaimers from UC policy include:

  • "The opinions or statements expressed herein are those of the author and do not represent the position of the University of California."[5]
  • "These statements are my own, not those of the Regents of the University of California."[6]
  • "References or pointers to non-University entities do not represent endorsement by the Regents of the University of California."[7]
  • "Links on these pages to commercial web sites do not represent endorsement by the University of California or its affiliates."[8]

2. Personal Use of UCSC Electronic Information Resources
UCSC eIRs are to be used for University business purposes. University users may use UCSC eIRs for incidental personal purposes provided that such use complies with all of the provisions of the UC ECP and UC Business and Finance Bulletin G-46, and does not:

  • directly or indirectly interfere with the University's operation of eIRs,
  • interfere with the user's employment or other obligations to the University,
  • burden the University with noticeable incremental costs,
  • violate the law or University policy,
  • include use for commercial purposes not under the auspices of the University,
  • include use for personal financial gain except as permitted under applicable academic personnel policies,
  • inappropriately imply University representation or endorsement (see #1, above).

In general, individuals are discouraged from using UCSC email accounts and web pages for non-University business, and are allowed to access outside accounts incidentally using UCSC eIRs.

Any incidental personal use of University resources may be designated University records subject to disclosure to the University and third parties in accordance with law.

3. Accessibility
The Americans with Disabilities Act (ADA) mandates that UC Santa Cruz, as an educational institution, make its programs, services, and activities accessible to, and usable by, people with disabilities. When faculty and staff use the Internet, including email and web pages, to provide information, they are required to make that information accessible to those using adaptive technology. Detailed information about making electronic resources accessible can be found in UCSC's Web Policies, the UCSC ADA web site, and at the UCOP Web Accessibility web site.

4. Anonymity
A user of UCSC eIRs may remain anonymous (the sender's name or electronic identification are hidden), including for the purpose of whistleblowing, except when publishing web pages or engaging in broadcast activities requiring licensing by the Federal Communications Commission (FCC).

5. Off-Campus Network Connections
The University also expects that all those who choose to use our off-campus network connections will understand and honor the policies of those regional and national network organizations to which the University is a party. The use policies for these networks are available separately from this policy statement at http://www.cenic.org/page_id=114/.

6. Students using UCSC's residential networks
Students using UCSC's residential networks are expected to read and comply with the Resnet Usage Guidelines and Responsible Use Policy.


IV.   VIOLATIONS

Violations of this policy constitute unacceptable behavior and may result in loss of access to eIRs, corrective or disciplinary action in accordance with existing University personnel policies, bargaining agreements, guidelines, and the Code of Student Conduct, and additional consequences of prosecution under the law.

The University of California responds promptly to allegations regarding violations of law and University policy, including those arising from the use of eIRs. Suspected violations of this policy or law may be reported to the ITS Support Center (see Getting Help) or the Whistleblower Officer.


V.   POLICY AUTHORITY

The campus Information Security Officer on behalf of the Office of the Chancellor and the Office of the Campus Provost and Executive Vice Chancellor (CP/EVC) is the campus authority for UCSC's Acceptable Use Policy.

This policy amends and supersedes Policies for Use of UCSC Computing Facilities, dated May 26, 1992.

This policy was initially reviewed and approved by the CP/EVC on November 19, 2008. Next review date is October 2013.


VI.   GETTING HELP:

For questions about this policy, contact the ITS Support Center at itrequest.ucsc.eduhelp@ucsc.edu, 459-HELP, or in person M-F 8AM-5PM, 54 Kerr Hall


VII.   REFERENCES

Federal and State Law:

University of California:

UC Santa Cruz:


--------------------
Endnotes

[1] See UC Digital Copyright ProtectionUC Guidance on Fair Use of Copyrighted Materials in Teaching and Research, and Digital Millennium Copyright Act at UC Santa Cruz
[2] Note: This section is intended support University business functions, not to restrict instructional or research activities. In situations where these activities could reasonably be expected to disrupt normal operations, permission of the affected resource owner must be obtained in advance. In the case of campus systems or networks, individuals should coordinate through their ITS Divisional Liaison
[3] Also see UCSC's Principles of CommunityPolicy on Sexual AssaultCode of Student Conduct, and Hate/Bias Policy, and the UC Policy on Sexual Harassment 
[4] Including by use of the University's name, insignia, seal, address, or University title of a faculty or staff member
[5] UC Merced Information Technology Resources Acceptable Use Policy
[6] UCECP Attachment 2, Sec II.B.1, Representation
[7] UCECP Attachment 2, Sec II.B.2, Endorsements
[8] UCI Administrative Policies & Procedures, Sec. 800-16: World Wide Web Policy


Rev. 10/4/11