Technology
Appropriate Use Regulations
INTRODUCTION
All regulations are
subordinate to the technology policies of the Oakland Community College Board
of Trustees, attached at the end of this document.
Appropriate uses of technology
are those which facilitate communication among those conducting College
business, support the function of College systems, and otherwise further OCC's
Inappropriate uses of
technology are those which violate the function of College business by harming
or interfering with the work of others or by engaging in illegal acts. The TAUR makes it a violation "to
recklessly or maliciously interfere with or damage, in violation of College
rules, computer or network resources or computer data, files, or other
information." The TAUR also makes
it clear that "misappropriation of data or copyrighted materials,
including computer software, may constitute theft."
Further definition of
Appropriate and Inappropriate Use appears in OCC Board Policy 3.8.2 reprinted
at the end of this document.
College owned or
operated computing resources are for the use of faculty, students, staff and
other authorized individuals.
Individuals should exercise responsible, ethical behavior when using
these facilities. The College does not
attempt to articulate all required or proscribed behavior by its users. Therefore, each individual's judgment on
appropriate conduct must be relied upon. The basic premise is that legitimate use of a computer or network does
not extend to whatever an individual is capable of doing with it. Just because individuals are able to
circumvent restrictions or security doesn't mean that they are allowed to do
so.
The College has the
right, but not the duty, to monitor any and all aspects of its network,
including, but not limited to, monitoring sites individuals visit on the
Internet, monitoring chat groups and newsgroups, reviewing material downloaded
or uploaded by individuals, and reviewing email sent and received by individuals.
All users should be aware that the IT System Administrators perform periodic
security checks of the College network and attached components. These checks include password scanning, virus
detection, file system/directory use and hardware and
software inventory probes. OCC
extends to its student, faculty, and staff a reasonable expectation of privacy
in electronic communications. However,
the privacy of electronic communications and documents cannot be guaranteed by
the College. Users of the network give a
limited waiver of any right to privacy in material created, stored, sent or
received via the College’s network; this limited waiver constitutes consent by
the user to any and all such monitoring and security checks and measures as
OCC, in its reasonable discretion, determines are appropriate to protect the
network and its community of users.
Disclaimer of Liability
The College will not be responsible for any damages, direct or indirect, arising out of the use of its Internet, computing or telecommunication resources.
VIOLATIONS
Alleged violations of
the types below should be reported directly to the appropriate Dean or other
responsible administrator or to the police if the situation is potentially serious
or requires immediate attention. If the
person responsible is not affiliated with the College or if it is not possible
to identify the individual, the incident can still be reported. Save electronic copies of all correspondence
for evidence.
Violations of
these Regulations or the OCC Board Policy on Information Technologies will be
subject to consequences consistent with Board Policy 3.8.2.E, “Violations”, and
this Regulation. The College reserves the
right to audit and/or suspend without notice the electronic communications of
any user pending the results of an inquiry into a suspected violation of TAUR
or the law. Users in suspected violation
of TAUR may lose their right to access College electronic communications. Consequences of inappropriate use may
include, but are not limited to: the immediate removal from online information
systems of material that is believed to infringe TAUR or the law; reporting of
suspected violations to appropriate law enforcement authorities; and action by
the Dean or another responsible administrator within the College’s disciplinary
framework potentially resulting in discharge or dismissal from the College.
All of the activities
listed as violations below are examples of prohibited conduct. However, the list is not comprehensive. Some of the conduct identified as violations
of the TAUR is also illegal.
ACCESS
·
Unauthorized access
As
stated in the TAUR, legitimate use
of a computer or network does not extend to whatever an individual is capable
of doing. In some cases, operating
systems have security holes or other loopholes that people can use to gain
access to the system or to data on that system.
This is considered unauthorized access.
If someone inadvertently turns on file sharing on their personal
computer, you do not have the right to read or delete their files unless you
have been given explicit permission from the owner. This is much like accidentally leaving your
house door unlocked. You wouldn't expect
a burglar to use that as an excuse for robbing you.
·
Unauthorized use of College resources (e.g. using someone else's dial-in access or borrowing
their OCC ID and password to access College systems).
·
Unauthorized use by sharing OCC IDs and passwords (unauthorized use).
Your OCC ID and password are provided for your personal use only. OCC IDs provide access to a wide range of services that are restricted for personal use you (such as grades, address information, registration bill, salary, benefits) or are restricted for use by the College community (such as e-mail, remote dial-in, library services, Internet access, news, chat). If you share your OCC ID with a spouse, family members, friends or others, then you are giving them access to services they are not authorized to use. They will also have access to all of your personal information. They may even embarrass you by posting to a news group in your name or by posing as you in a chat session or e-mail.
Obtaining,
possessing, using or attempting to use someone else's password regardless of
how the password was obtained (e.g. password sharing).
DO NOT SHARE YOUR PASSWORD WITH
ANYONE. If you suspect that someone may have
discovered your password, change it immediately and/or notify the OCC IT
DO NOT USE ANYONE ELSE'S PASSWORD. Using someone
else's password to access services or data is also a violation of policy
regardless of how the password was obtained. (PERIOD/DOT/ZERO Tolerance)
·
Accessing, or attempting to access, another individual's
data or information without proper authorization (e.g. using another's OCC ID and password to look at their
personal information).
·
Sending forged messages under someone else's OCC ID (e.g. sending hoax messages, even if intended to be a
joke).
·
Unauthorized Encryption Prohibited.
The
use of any unauthorized encryption technology which hinders the ability of the
College to access data on any College computer system or network is prohibited.
INTERFERENCE
Interfering with Activities of Others
This can be any activity that disrupts a system and interferes with other people's ability to use that system. In some cases, consuming more than your "fair" share of resources can constitute interference. Some examples are:
-
E-mail bombing
that causes a disk to fill up, the network to bog down, or an e-mail
application to crash.
-
Taking
advantage of a net split to take over a chat channel and then kicking off or
blocking other users.
-
Posting many
messages to a single news group or mailing list making it difficult for
subscribers to carry on their normal discussion.
-
Flooding a
chat channel with a continuous stream of messages so that it disrupts the
conversation.
Denial of service attacks will be treated as a direct intrusion to the College network, and offenders will be prosecuted by the College.
·
Releasing a virus, worm or other program that damages or
otherwise harms a system or network.
·
Preventing others from accessing services (e.g. taking over a chat channel and kicking other users
off).
· E-mail Bombing (sending a crippling number of files across the network)
Flooding someone with numerous or large e-mail messages in an attempt to disrupt them or their site is know as "e-mail bombing." Often this is done to retaliate because someone has done something annoying. But more often than not, e-mail bombing will either cause problems for your local system or disrupt service for thousands of other innocent bystanders. If you are having a problem with someone, pursue an acceptable method to report the situation.
·
Impeding, interfering with, impairing, or otherwise causing
harm to the activities of others
(e.g. propagating electronic chain mail or sending forged or falsified e-mail).
·
Chain E-mail and Virus Hoaxes
The
most important thing to remember if you get chain e-mail is do not help propagate it.
Chain e-mail usually contains phrases like "pass this on,"
"forward - do not delete," "don't break the chain,"
"this is safe, don't worry," "let's see how long this takes to
get back to the start," "this has been around the world 20
times," "7 years of good luck!," "I don't wanna die,"
"your mom would want you to do this," etc. Often, there is some story about how lucky a
person has been since they forwarded the chain e-mail or how unlucky they were
because they didn't. Sometimes chain
e-mail is disguised. It tells of some
kid who is dying and wants post cards, or it warns about e-mail viruses or
internet shutdowns. Don't fall for
it. It's all chain mail, and it's
designed to get you to forward it.
In
recent years, chain mail hoaxes of
various sorts have become widespread on the Internet. Some are virus warnings like "Good
Times," "PenPal," and "Irina." Others are like the "Naughty Robot"
that claims to have all your credit card numbers. They tell you to forward the
"warning" to everyone you know.
Most hoaxes start out as pranks but often live on for years, getting
passed around by new people who have just joined the Internet community. Don't believe every warning you get via
e-mail. You should not pass these
warnings on unless you verify the authenticity.
You should contact the OCC IT
-
CIAC
-
National Fraud Information Center
If you get chain e-mail from someone with an OCC e-mail address, you should report it. If you get chain e-mail from someone not affiliated with OCC, you can reply to the sender and let them know you are not happy about getting chain e-mail from them, or you can delete and ignore it.
WRONGFUL USE
·
Tapping phone or network lines (e.g. running network
sniffers without authorization)
Running a network "sniffer" program to examine or collect data from the network is considered tapping a network.
·
Unauthorized access to data or files even if they are not
securely protected (e.g. breaking
into a system by taking advantage of security holes).
·
Commercial Use of College Resources
Using e-mail to solicit sales or conduct business, setting up a web page to
advertise or sell a service, or posting an advertisement to a news group all
constitute commercial use. Even if you
use your own personal computer, but you use the College’s network, you are in
violation of the regulations.
·
Export Restrictions
Because
of
·
Forgery
Altering electronic communications to hide your identity or impersonate someone else is considered forgery. All e-mail, news posts, chat sessions or any other form of communication should contain your name and/or OCC ID. Forgery includes using another person's identity or using an identity that's fake (like god@heaven or anon@nowhere). Forgeries intended as pranks or jokes are still considered violations.
·
Downloading or posting to College computers, or transporting
across College networks, material that is illegal, proprietary, in violation of
College contracts or otherwise is damaging to the institution (e.g. launching a computer virus, distributing child
pornography via the web or posting a College site-licensed program to a public
bulletin board)
·
Using College resources for unauthorized purposes (e.g. using personal computers connected to the campus
network to set up web servers for illegal, commercial or profit-making
purposes).
HARASSMENT
Electronic communication that is repeated and unwanted may constitute harassment. In general, communication targeted at a specific individual with the intent to harass or threaten is a violation of OCC policy. If you receive unwanted e-mail or other form of communication, you may want to consider notifying the sender that it is unwanted. Many times a person will not realize that their communication is unwanted unless you tell them. If the sender continues to communicate after being placed on notice, or if you feel uncomfortable confronting the sender, the incident should be reported.
·
Harassing, threatening, or otherwise causing harm to
specific individuals (e.g. sending
an individual repeated and unwanted {harassing} e-mail or using e-mail to
threaten or stalk someone).
·
Harassing or threatening classes of individuals.
ILLEGALITIES
Everything listed
under the “Illegal under State and Federal Laws” (at the end of the TAUR) is a violation of College
policy. This is not a comprehensive
list, but it contains the activities most frequently asked about.
Copyright holders have many rights, including the right to reproduce, adapt, distribute, display and perform their work. Reproducing, displaying or distributing copyrighted material without permission infringes on the copyright holder's rights. However, "fair use" applies in some cases. If a small amount of the work is used in a non-commercial situation and does not economically impact the copyright holder, it may be considered fair use. For example, quoting some passages from a book in a report for a class assignment would be considered fair use. Linking to another web page from your web page is not usually considered infringement. However, copying some of the contents of another web page into yours or use of video clips without permission would likely be infringement.
-
Making a copy
of all or a portion of a sound recording onto a computer hard drive, server or
other hardware used in connection with a web site or other online forum. This includes converting a sound recording
into a file format (such as a .wav or mp3 file) and saving it to a hard drive
or server;
-
Transmitting a
copy or otherwise permitting users to download sound recordings from a site or
other forum; and/or
-
Digitally transmitting
to users, at their request, a particular sound recording chosen by or on behalf
of the recipient.
If you reproduce or offer full-length sound recordings for download without the
authorization of the copyright owner, you are in violation of federal copyright
law and could face civil as well as criminal penalties. Placing
statements on your web site, such as "for demo purposes only," or
that the sound files must be "deleted with 24 hours," does not
prevent or extinguish this liability.
There are several entities you may need to contact before you can use recorded
music online. First, you should
understand that the copyright in a sound recording is distinct from the
copyright in the recording's underlying musical composition. Thus, even if you have secured the necessary
licenses for publicly performing musical compositions (from, for example,
ASCAP, BMI and/or SESAC) or for making reproductions of musical compositions
(from, for example, the Harry Fox Agency), these licenses only apply to the
musical composition, not the sound recording.
Licenses to use particular sound recordings must be secured from the
sound recording copyright owners -- generally the record company that released
the recording.
-
Theft of
information from computers belonging to financial institutions or federal
agencies, or computers used in interstate commerce;
-
Unauthorized
access to government computers;
-
Damage to
systems or data (intentionally or recklessly);
-
Trafficking in
stolen passwords; and/or
-
Extortionate threats
to damage computers.
OCC BOARD POLICY ON APPROPRIATE USE OF
INFORMATION TECHNOLOGY RESOURCES (3.8.2)