The term IT facilities shall mean the facilities of University Information Services, and all other information technology facilities provided by the University, and any in College institutions designated by the appropriate College authority concerned as facilities to which these rules shall apply.
IT facilities are provided for use only in accordance with the aims of the University and the Colleges as promulgated from time to time, unless stated otherwise by the appropriate Authorized Officer.
1. No person shall use IT facilities, or allow them to be used by others, without due authorization given by the ISC or by the appropriate Authorized Officer, who may impose conditions of use to ensure efficient operation.
2. By means of published documentation an Authorized Officer may designate an IT facility as authorized for use by specified classes of persons and for specified purposes. In the case of facilities not so designated, resources are allocated individually; every such allocation of IT resources shall be used only for the designated purpose and only by the person to whom the allocation was made. Use shall not be made of IT resources allocated to another person or group of persons unless such use has been specifically authorized by the ISC or by the appropriate Authorized Officer.
3. No person shall by any wilful, deliberate, reckless, unlawful act, or omission interfere with the work of another user or jeopardize the integrity of data networks, computing equipment, systems programs, or other stored information.
4. All persons authorized to use IT facilities shall be expected to treat as privileged any information which may become available to them through the use of such facilities and which is not obviously intended for unrestricted dissemination; such information shall not be copied, modified, disseminated, or used, either in whole or in part, without the permission of the appropriate person or body.
5. In the case of any information which is designated in a Notice issued by or on behalf of the ISC as proprietary or otherwise confidential, every person using IT facilities shall be required:
(a) to observe any instructions that may be issued specifying ways in which the information may be used;
(b) not to copy, modify, disseminate, or make use of it in any way not specified in those instructions, without first obtaining permission from the appropriate Authorized Officer.
6. No person shall use IT facilities to hold or process personal data except in accordance with the provisions of relevant legislation, including the Data Protection Act 1998. Any person wishing to use IT facilities for such a purpose shall be required to inform the Authorized Officer in advance and to comply with any restrictions that may be imposed concerning the manner in which the data may be held or the processing carried out.
7. No person shall use IT facilities for private financial gain or for commercial purposes, including consultancy or any other work outside the scope of official duties or functions for the time being, without specific authorization to do so.
8. Any person who misuses IT facilities or who uses IT facilities for private financial gain or for commercial purposes, with or without specific authorization to do so, may be charged with the cost of such use or misuse at a rate determined from time to time by the appropriate Authorized Officer. If any person who has been so charged with the cost of IT resources fails to make reimbursement, any authorization to use IT facilities shall be suspended automatically until reimbursement is made in full, and the matter shall be reported by the ISC to the appropriate University or College financial authority.
9. No person shall use IT facilities for unlawful activities.
10. Any person believed to be in breach of one or more of these rules shall be reported by the Authorized Officer to the ISC who may at their discretion, after considering the Officer's report and any other relevant matters, impose a penalty or penalties in accordance with Regulation 5(g) for the ISC. The ISC may also recommend to the appropriate University or College authority that proceedings be initiated under either or both of the University and College disciplinary procedures and any appropriate legislation.