Guidelines for Implementation of Acceptable Use of NLU Information Systems Policy Definitions
Policy Definitions
National Louis University Information Systems refers to all computers and Information Systems owned or operated by NLU and includes hardware, software, data, and communication networks associated with these systems and services. These systems range from multi-user systems to single-user terminals and personal computers, whether freestanding or connected to networks.
System users are all those individuals with privileges to use NLU computing systems and services, including but not limited to students, faculty, university staff and administrative officers.
Deans and vice presidents with the assistance of LITS (Learning and Information Technology Services) system administrators will determine who is permitted access to a particular system. LITS system administrators and other designated system users hold responsibility for the maintenance and security of NLU Information Systems as a part of their stated responsibilities as academic or non-academic employees. LITS system administrators report directly to the NLU technical director. The NLU Technical Director directly reports to the NLU Chief Information Officer who reports directly to the University President. The NLU Chief Information Officer holds ultimate responsibility for the maintenance and security of NLU Information Systems.
1. Adherence to Laws Governing Ownership and Copyright Law
Users must observe intellectual property rights including, in particular, copyright laws as they apply to software and electronic forms of information.
Users may use only legally obtained, licensed data, or software in compliance with license or other agreements and federal copyright and intellectual property laws.
Users shall not place copyrighted material (software, images, music, movies, etc.) on any NLU computer without prior permission from the copyright holder or as granted in a license agreement or other contract defining uses.
Peer-to-peer File Sharing
Peer-to-Peer (P2P) file sharing is the use of a P2P application that shares files with other users across the internet, making the computer act as a client and server simultaneously. P2P applications such as BitTorrent, Kazaa, Bearshare, Morphus, Gnutella, LimeWire and others, are used to download files, as well as to make them available for others to download. When using P2P applications, be aware that the content of the "shared" folder on your machine will be available to other P2P users. As a result, a P2P user can download music, movies, games or other digital files directly from someone else's machine, without knowing if the material is copyright protected. This process of file sharing can be a source of illegal distribution of copyright protected material, which may result in civil and criminal penalties. Further, users of P2P software may inadvertently share sensitive files like tax returns, bank statements, or confidential business files.
National Louis University raises awareness about copyright law and takes appropriate action in support of enforcement as required by policy and law. The University's Acceptable Use of Information Systems Policy states that all members of the University must comply with US copyright law and it explains the fair use standards for using and duplicating copyrighted material. In addition, the policy prohibits the duplication of software for multiple uses, meeting the Digital Millennium Copyright Act (DMCA) requirements.
2. Authorized Use
Individuals using NLU Information Systems and services must be identified either through the physical location of an office or instructional computer or through an authorized NLU computer account, as with multiple user systems. System users may not access or use another user’s computer account or allow another person to use his or her account.
LITS system administrators create accounts and regulate access to NLU Information Systems by authorized system users. System administration privileges are granted only for official purposes and under the authority of designated academic and administrative officers. Unauthorized usage or assignment of administrative privileges is expressly prohibited.
Users must not conceal their identity when using NLU systems, except when anonymous access is explicitly provided (as with anonymous FTP).
NLU computing systems and services may not be used as a means of unauthorized access to computing accounts or systems inside of or outside of NLU’s Information Systems.
Other uses of NLU Information Systems may be permissible including revenue-generating activities subject to policies and procedures governing contractual agreements.
3. Privacy
All access to protected information stored in NLU records systems will be in strict compliance with the provisions of federal and state laws. The Family Educational Rights and Privacy Act (FERPA) or “Buckley Amendment” (34 C.F.R. Part 99, as amended by 61 Fed. Reg. 59291 Nov. 21, 1966) provides for protection against unwarranted disclosure of private information contained in “official” University records. FERPA guarantees all postsecondary students the right to consent to disclosures of personally identifiable information contained in student education records, except to the extent that FERPA authorizes disclosure www.edlaw.net.
Computer System users must respect the privacy of others by refraining from inspecting, broadcasting, or modifying data files without the consent of the individual or individuals involved. Administrative users may inspect or repair data files (including e-mail stored on NLU mail systems) as required as part of their employment, and then only to the extent necessary to maintain the integrity and operations of NLU systems.
University employees and others may not seek out, examine, use, modify, or disclose, without authorization, personal or confidential information contained in a computer, which they access as part of their job function. Employees must take necessary precautions to protect the confidentiality of personal or confidential information encountered in the performance of their duties.
Use of internet systems (IP) to transmit information does not guarantee privacy and confidentiality. Sensitive material transferred over Information Systems (including e-mail and the World Wide Web) may be at risk of detection by a third party. Users should exercise caution and care when transferring such material in any form.
4. Malicious and Destructive Uses of NLU Information Systems
The following uses of NLU computers and Information Systems are specifically prohibited:
- Use of computer programs to decode passwords or access control information
- Attempts to circumvent or subvert system or network security measures
- Engaging in any activity that might be purposefully harmful to systems or to any information stored thereon, such as creating or propagating viruses, disrupting services, or damaging files or making unauthorized modifications to University data
- Wasting computing resources or network resources, for example, by intentionally placing a program in an endless loop, printing excessive amounts of paper, or by sending chain-letters or unsolicited mass mailings
- Using mail or messaging services to harass, libel, intimidate, or distribute misinformation, for example, by broadcasting unsolicited messages, by repeatedly sending unwanted mail, or by using someone else’s name or user ID
- Users must not access or attempt to access data on any system they are not authorized to use. Users must not make or attempt to make any deliberate, unauthorized changes to data on an NLU system.
- Users must not intercept or attempt to intercept data communications not intended for that user’s access, for example, by “promiscuous” bus monitoring or wiretapping.
5. Enforcement
Authorized LITS system administrators may monitor computer activity for the sole purpose of maintaining system performance, security, and integrity. In instances when individuals are suspected of violating policies, the contents of user files may be inspected only upon the approval of the University officer having clear responsibility for the activity of the user.
At the discretion of the LITS system administrator(s) responsible for the resource or service in question, in collaboration with the appropriate administrative authority, Information System computer use privileges may be temporarily or permanently revoked, following due process appropriate for the parties involved, pending the outcome of an investigation of misuse, or finding substantiating violations of these guidelines.
6. Due Process
NLU Information System users have the right to due process (consistent with respective policies governing the categories of users) in cases of discipline resulting from violations of the guidelines outlined in this document.
When a LITS systems administrator believes it necessary to preserve the integrity of facilities, user services, or data, he or she may suspend any account, whether or not the account owner (the user) is suspected of any violation. Where practical, 24-hour notice will be given in advance of revocation.
If, in the judgment of the LITS systems administrator, the violation warrants action beyond the LITS system administrator’s authority, he or she will refer the case first to the university administrator or disciplinary body appropriate to the violator’s status (e.g., in the case of a faculty member, his/her dean), and, as deemed appropriate, to a law enforcement authority.
An NLU Information System user accused of a violation will be notified of the charge and have an opportunity to respond (consistent with respective policies governing the categories of users) before a final determination of a penalty. If a penalty is imposed, the accused violator may request a review by the designated administrator or body empowered to assure due process and an impartial and timely review of the charges.
Note: National Louis University supports the EDUCAUSE Code of Software and Intellectual Rights. Users should consider the EDUCAUSE Code as a standard to guide their ethical use of electronic resources and information:
Respect for intellectual labor and creativity is vital to academic discourse and enterprise. This principle applies to works of all authors and publishers in all media. It encompasses respect for the right to acknowledgment, right to privacy, and right to determine the form, manner, and terms of publication and distribution.
Because electronic information is volatile and easily reproduced, respect for the work and personal expression of others is especially critical in computer environments. Violations of authorial integrity, including plagiarism, invasion of privacy, unauthorized access and trade secret and copyright violations, may be grounds for sanctions against members of the academic community.
(See: “Using Software: A Guide to the Legal and Ethical Use of Software for Members of the Academic Community,” Educom/ITAA, 1987. net.educause.edu/ir/library/html/code.html).