Policy for Acceptable Use of UCSC Electronic Information Resources (Acceptable Use Policy): IT0003
Effective Date: 11/19/08
Last Revision Date: 5/22/15

Policy for Acceptable Use of UCSC Electronic Information Resources
(Acceptable Use Policy)

Vice Chancellor, Information Technology
(Policy IT-0003)

• I. Purpose/Introduction/Applicability
• II. Detailed Policy Statement
• III. Violations
• IV. Policy Authority
• V. Getting Help
• VI. References

I.   PURPOSE / INTRODUCTION / APPLICABILITY

The intent of this policy is to identify appropriate and inappropriate use of UCSC Electronic Information Resources (eIRs). This policy applies to all users of UCSC eIRs.

It is the policy of the University of California to provide electronic information resources (eIRs) to students, faculty and staff to be used in ways that are consistent with the University's mission - instruction, research, and public service - and in activities that support that mission. These resources include computers, terminals, networks, modems, printers, portable electronic devices, telephones (including cell phones), and electronic media.

The University expects that its user community will respect the public trust through which these resources have been provided. Users of UCSC eIRs are expected to comply with the law, University and campus policies, industry regulations, and contractual obligations that apply to their activities. This applies to all UCSC eIRs as well as to all computers and computing equipment, whether University-owned or not, connected to campus networks or other UCSC eIRs.

UCSC units that administer eIRs may establish local guidelines for the appropriate use of their resources in addition to this campuswide policy. Local guidelines must be consistent with campuswide policies and the University of California Electronic Communications Policy (UC ECP).

II.   DETAILED POLICY STATEMENT

All users of UCSC eIRs are expected to comply with applicable laws and regulations, University and campus policies, and contractual obligations. These include, but are not limited to, the UC ECP, Section 502 of the California Penal Code, and the following specific policies and expectations. Violations may result in loss of access to eIRs, disciplinary action, and additional consequences of prosecution under the law.

A. The following activities are prohibited:

1. Use of any University resources in a manner that violates the law or UC policy, including but not limited to violation of copyrights, patent protections, trademarks, license agreements, intellectual property law or contracts that specify conditions of use of intellectual property at UCSC [1];
2. Interfering with the normal operation of UCSC eIRs. This includes but is not limited to:
   
   • use of UCSC eIRs for purposes or in a manner that could reasonably be expected to disrupt UCSC eIRs,
   • any action that disrupts the availability of a system or resource for others, such as running programs or sending electronic messages that utilize all system resources and prevent others from making productive use of the system,
   • attempts to alter, damage, delete, destroy or otherwise abuse any computer or network resource, including development or use of malicious programs.
   • Note: This section is intended support University business functions, not to restrict instructional or research activities. In situations where these activities could reasonably be expected to disrupt normal operations, permission of the affected resource owner must be obtained in advance. In the case of campus systems or networks, individuals should coordinate through their ITS Divisional Liaison.
3. Accessing or attempting to access UCSC eIRs or facilities without proper authorization, or intentionally enabling others to do so. This includes, but is not limited to, disclosing a password or otherwise making a password-protected account available to others; running programs that attempt to calculate or guess passwords, or that are designed and crafted to trick other users into disclosing their passwords; sharing or transferring account privileges to another person; electronic eavesdropping on communications facilities;
4. Use of UCSC eIRs to harass others in a manner that interferes with their rights or in a manner that creates a hostile working or learning environment in violation of University policy, including sexual or other forms of harassment [2];
5. Sending unsolicited commercial or bulk email (spam) or otherwise transmitting inappropriate mass messages. Note: This provision is not intended to limit the use of email or other mass messaging for official University business;
6. Employing a false identity (the name or electronic identification of another), except as allowed under UC ECP Section III.D.6, False Identity and Anonymity.

B. Implying University Representation or Endorsement
Users shall not state or give the impression [3] that the user is representing, giving opinions, endorsing products or services of a non-University entity, or otherwise making statements on behalf of the University or any unit of the University unless appropriately authorized to do so. Communications that may inaccurately give the impression that the user represents the University must include an explicit disclaimer. Example disclaimers from UC policy include:

• "The opinions or statements expressed herein are those of the author and do not represent the position of the University of California."[4]
• "These statements are my own, not those of the Regents of the University of California."[5]
• "References or pointers to non-University entities do not represent endorsement by the Regents of the University of California."[6]
• "Links on these pages to commercial web sites do not represent endorsement by the University of California or its affiliates."[7]

C. Personal Use of UCSC Electronic Information Resources
UCSC eIRs are to be used for University business purposes. University users may use UCSC eIRs for incidental personal purposes provided that such use complies with all of the provisions of this policy, the UC ECP and UC Business and Finance Bulletin G-46, and does not:

• directly or indirectly interfere with the University's operation of eIRs,
• interfere with the user's employment or other obligations to the University,
• burden the University with noticeable incremental costs,
• violate the law or University policy,
• include use for commercial purposes not under the auspices of the University,
• include use for personal financial gain except as permitted under applicable academic personnel policies,

Any incidental personal use of University resources may be designated University records subject to disclosure to the University and third parties in accordance with law.

D. Accessibility
All electronic communications intended to accomplish the academic and administrative tasks of the University must be accessible to allowable users with disabilities in compliance with law and University policies.

• Americans with Disabilities Act (ADA)
• UC Information Technology Accessibility Policy
• UC Electronic Accessibility web site
• UCSC ADA web site

E. Anonymity
Per the UC ECP, Section III.D.6, False Identity and Anonymity, “A user of University electronic communications resources may remain anonymous (the sender's name or electronic identification are hidden) except when publishing web pages and transmitting broadcasts.”

F. Students using UCSC's residential networks
Students using UCSC's residential networks are expected to read and comply with the Resnet Responsible Use Policy.

III.   VIOLATIONS

Violations of this policy constitute unacceptable behavior and may result in loss of access to eIRs, corrective or disciplinary action in accordance with existing University personnel policies, bargaining agreements, guidelines, and the Code of Student Conduct, and additional consequences of prosecution under the law.

The University of California responds promptly to allegations regarding violations of law and University policy, including those arising from the use of eIRs. Suspected violations of this policy or law may be reported to the ITS Support Center (see Getting Help) or the Whistleblower Officer.

IV.   POLICY AUTHORITY

The campus Information Security Officer on behalf of the Office of the Chancellor and the Office of the Campus Provost and Executive Vice Chancellor (CP/EVC) is the campus authority for UCSC's Acceptable Use Policy.

This policy amends and supersedes Policies for Use of UCSC Computing Facilities, dated May 26, 1992.

This policy was initially reviewed and approved by the CP/EVC on November 19, 2008. Last update was May 2015. Next review date is May 2020.

V.   GETTING HELP:

For questions about this policy, contact the ITS Support Center at itrequest.ucsc.edu, help@ucsc.edu, 459-HELP, or in person M-F 8AM-5PM, 54 Kerr Hall

VI.   REFERENCES

Federal and State Law:

University of California:

UC Santa Cruz:

--------------------
Endnotes

[1] See UC Digital Copyright Protection, UC Guidance on Fair Use of Copyrighted Materials in Teaching and Research, and Digital Millennium Copyright Act at UC Santa Cruz
[2] Also see UCSC's Principles of Community, Policy on Sexual Assault, Code of Student Conduct, and Hate/Bias Policy, and the UC Policy on Sexual Harassment
[3] Including by use of the University's name, insignia, seal, address, or University title of a faculty or staff member
[4] UC Merced Acceptable Use Policy
[5] UCECP Attachment 2, Sec II.B.1, Representation
[6] UCECP Attachment 2, Sec II.B.2, Endorsements
[7] UCI Administrative Policies & Procedures, Sec. 800-16: World Wide Web Policy

Rev. 5/22/15