Acceptable Use of IT Policy
1. Background information
5. Legal framework
6. Administration and implementation
7. Disciplinary action
9. Policy review
10. Further assistance
11. Attachment 1
This policy is designed to guide members of the University community (including students, staff and religious members of the University) and contractors in the acceptable use of telephone, computer and information systems and networks (including local and hard drives, Internet, email and other electronic technologies) ('ACU IT Facilities') provided by Australian Catholic University.
This policy is intended to be read in conjunction with other relevant policies which includes but are not limited to the University Telecommunications Usage Policy; Electronic Messaging (Email) Policy; AARNet Access Policy; the respective codes of conduct relating to staff and students; the policy on Discrimination and Harassment and the applicable grievance management policies for staff and students.
Use of the ACU IT Facilities, including telephones and computers (including the internet, and email) indicates agreement to comply with, and understanding of, this policy.
The ACU IT Facilities, and in particular Internet, computer and telephone facilities, are important resources that the University makes available to staff and students with the understanding that they are used for research, teaching and community services in agreement with the University mission and mandate. It is therefore the responsibility of the user to make appropriate use of these facilities. Whatever the usage, the University expects the user to show that the use of these facilities is fully compatible with this guiding principle. Notwithstanding this personal obligation on the behalf of each user, the University may at any time take appropriate action to establish if ACU IT Facilities are being misused. In case of doubt it is for the user to prove that the facilities are being used properly.
Subject to the above understanding, the University community is encouraged to make innovative and creative use of information technologies in support of education and research and will generally be provided with Internet access.
Access to information representing a multitude of views on current and historical issues is allowed for the information and enlightenment of the University community. Consistent with other University policies, this policy is intended to respect the rights of individuals and articulate the obligations of academic freedom.
The University recognises that the purpose of copyright is to protect the rights of the creators of intellectual property and to prevent the unauthorised use of commercial products.
The University cannot guarantee the protection of individuals against the existence or receipt of material that may be offensive to them. As such, those who make use of electronic communications are warned that they may traverse or be recipients of material they find offensive.
Those who use telephones email and/or make information about themselves available on the Internet should be aware that invasions of privacy may sometimes occur and the University cannot protect users from technological abuse. Users are reminded that email should not be used to send sensitive and confidential information unless appropriate security measures, including encryption, have been taken.
The ACU IT Facilities are limited and should be used wisely and carefully with consideration for the rights of others. These facilities offer powerful tools for communication amongst members of the community and of communities outside the University. When used appropriately, these tools can enhance dialogue and understanding. When used unlawfully or inappropriately, however, these tools may infringe on the beliefs or rights of others.
Access to and use of the ACU IT Facilities is a privilege provided (and which may be removed) at ACU's discretion that carries associated responsibilities including the following.
3.1 ACU IT Facilities are to be used only for University-related research, instruction, learning, and dissemination of scholarly information, administrative and business-related activities unless otherwise determined by the University. In addition, such use must be conducted in a manner that is lawful and respectful to others.
3.2 The University, as a matter of discretion, permits minimal use of its telephone facilities to make and receive personal calls, and some use of its internet and email facilities to send and receive personal messages, provided that such use is minimal and kept to a reasonable level and does not adversely impact on personal work productivity. See attached Guidelines on Limited personal use of ACU IT Facilities. The University may cease to allow such personal use at any time.
3.3 Users may not attempt to modify ACU's Facilities - including its computer system and network facilities or attempt to crash systems. They must not tamper with any software protection or restrictions placed on computer applications or files.
3.4 Users may not encroach on others' use of the ACU IT Facilities, including computer resources by using them inappropriately. Such activities would include, but are not limited to:
- party-political activities;
- tying up computer resources for game playing;
- waging or betting or other trivial applications;
- sending harassing or frivolous messages, such as chain letters, junk mail and other types of broadcast material, either locally or over the Internet;
- knowingly accessing or sending sexually explicit, pornographic or otherwise offensive material;
- using without thought, excessive amounts of storage;
- intentionally introducing any computer viruses or other rogue programs to Australian Catholic University hardware or software or physically damaging systems.
Under no circumstances will the University tolerate misuse of the ACU IT Facilities for harassment including but not limited to unlawful harassment such as sexual harassment. Further details of what constitutes harassment may be found in the University's policy on Discrimination and Harassment. If a person using any of the ACU IT Facilities believes that she/he has been harassed as a result of an electronically transmitted message (or otherwise) it is important that the message (or applicable material) not be erased. Rather, the message should be saved and the origin, date, time and location of the message should be written down and the procedure followed in the applicable University grievance management policy.
3.5 Users must not purport to express views on behalf of the University without official authorisation to do so, or to cause another person to reasonably misconstrue that a personal view represents the official position of the University.
3.6 Users must remember that information distributed through the ACU IT Facilities is a form of publishing, and many of the same standards apply. The Director University Relations has responsibility for ensuring that University standards for publishing information about the University are met.
3.7 The use of the ACU IT Facilities for commercial purposes is expressly forbidden unless it is for the authorised commercial activities of the University.
4.1 Users are not permitted to gain access to the Internet other than through an authorised account registered in their name. Users must not supply false or misleading data nor improperly obtain another's password in order to gain access to computers or network systems, data or information. The negligence of another user in revealing an account name or password does not constitute authorised use. Users should not attempt to subvert the restrictions associated with their computer accounts.
4.2 Users are responsible for all use of their computer account(s). They should make appropriate use of the system and network-provided protection features and take precautions against others obtaining access to their computer resources. Individual password security is the responsibility of each user.
5.1 Users are responsible for making use of software and electronic materials in accordance with copyright and licensing restrictions and applicable University policies. ACU IT Facilities, equipment and software may not be used to violate copyright or the terms of any licence agreement. No one may inspect, modify, distribute or copy proprietary data, directories, programs, files, disks or other software without proper authorisation.
5.2 Staff are reminded that the University is the owner of copyright over, among other things, all email messages created by its employees as part of their employment.
5.3 All members of the University community are bound by federal and state laws relating to harassment, copyright, breach of confidence, defamation, privacy, anti-discrimination, personal information and other statutes relating to electronic media.
Surveillance, Logging and monitoring of ACU IT Facilities (other than telephones)
6.1 The University conducts surveillance of the ACU IT Facilities (other than the content of telephone calls). As part of this, all actions performed using the ACU IT Facilities (except for the content of telephone calls) can be logged and may be monitored by the University, or by another person on the University's behalf, on an ongoing basis. You should expect this surveillance to be continuous and ongoing. This includes document creation and deletion, file management, email and other electronic communications which are sent or received, both internally and externally, and internet activity (including the sites visited, the content of those sites and the time spent at each site). The University considers that such surveillance is appropriate to allow it to, among other things, enforce its policies to prevent the use of proprietary software or copies of electronic texts or images in disregard of copyright restrictions or contractual obligations; to safeguard the integrity of computers, networks and data either at the University or elsewhere and to protect the University against any untoward consequences.
6.2 The University may restrict the use of the ACU IT Facilities (including computers, Internet, email and other network systems) where it believes it is appropriate to do so, for example if they are non-work related or wasteful of electronic resources, such as broadcast or mass emailing. In addition the University may block access to internet sites if it considers it appropriate to do so. The University reserves the right to limit access to its networks through University-owned or other computers and to remove or limit access to material stored on University-owned computers. The University also reserves the right to limit the size of individual electronic mail items sent, the total volume of mail sent and the amount of electronic mail retained on central mail servers.
7.1 All users are expected to conduct themselves consistently with the obligations outlined in this policy and all other applicable University policies. Failure to comply with this policy or any form of misuse of the ACU IT Facilities may subject the user to disciplinary action. When appropriate, temporary restrictive actions will be taken by system or network administrators pending further disciplinary action.
7.2 This policy does not preclude action being taken against members of the University (including staff and students) under Australian law generally.
The terms and prescribed conduct described in the policy are not intended to be exhaustive, nor do they anticipate every possible use of the ACU IT Facilities. Users are encouraged to act with caution and take into account the underlying principles intended by this policy. If users feel unsure of the appropriate action relating to the use of any of the ACU IT Facilities they should contact nominated supervisor in the first instance.
The University may make changes to this Policy from time to time to improve the effectiveness of its operation. Staff members who wish to make comments about this Policy may forward suggestions to the Director, Human Relations and Equal Opportunity.
Staff wishing to obtain further information on the Acceptable Use of IT Policy should first consult their nominated supervisor. Should further information be needed, they should contact the Human Relation Consultant assigned to their campus.
Guidelines on minimal personal use of IT Facilities
Occasional minimal person usage of ACU IT Facilities is permitted only if all of the following conditions are met:
- usage generally occurs during personal time;
- there are no appreciable costs to the University;
- any use is brief in duration, occurs infrequently and is the most effective use of time or resources;
- usage does not disrupt or distract from the conduct of University business;
- the use does not disrupt other University employees;
- usage does not obligate other University employees to make personal use of University resources;
- usage does not compromise the security or integrity of University property, information, or software; and/or
- usage does not breach a state, territory or Commonwealth law.
Examples of minimal personal usage
Examples of permitted personal usage of ACU IT Facilities include, but are not limited to, the following:
- short electronic communication with children and dependents;
- scheduling personal appointments (eg medical, child/elder care arrangements);
- personal use of computers for listening to news or music at employee’s workstation, provided it does not disturb others or interfere with access to computer usage for official use as authorised by a supervisor;
- use of games, during breaks, that an employee has not personally installed on a University computer (ie games installed during a default install of the operating system, eg Windows solitaire).
The following personal usage of University IT Facilities is specifically prohibited:
- any usage for the purpose of conducting an outside business;
- usage for any unsolicited mass mailing that is not directly relevant to an employee’s duties as an employee of the University. For these purposes, emails that are sent only to employees who are members of an association (eg a club or an interest group) will not be considered to be unsolicited mass mailing;
- usage for the purpose of supporting, promoting or soliciting for an outside organisation or group, except if authorised by the relevant Core Planning Group member;
- any campaign or political use;
- commercial uses such as advertising or selling;
- any illegal activity;
- any use in violation of University policy; or
- any personal use of property or equipment of the University taken off-site or removed from other official University work sites, regardless of whether there is cost to the University or not.