obli

ACCEPTABLE USE POLICY FOR IT RESOURCES


Section 1: Policy Statement Section 5. General Responsibilities
Section 2. Basic Standards Section 7. Tolerated Use
Section 3. Definitions Section 8. Enforcement Procedures
Section 4. Scope And Applicability Section 9. Waiver

Section 6. Appropriate Use

a. Appropriate Use

Users may only use the IT System for its authorized purposes, which is to support the research, education, clinical, administrative and other functions of the UP SYSTEM. The particular purposes of any of the components of the IT System, as well as the nature and scope of authorized incidental personal use, may vary according to the duties and responsibilities of a user.

b. Proper Authorization

Users may access only those facilities and components of the IT System that are consistent with their authorization coming from competent authorities.

c. Specific Proscriptions on Use

The following categories of use of the IT System are considered prohibited and/or inappropriate:

i. Uses Contrary To Law
  1. Unlawful use. Users may not use the IT System for any activity that is contrary to any law or administrative rule or regulation, or to encourage any such unlawful activity. Violators shall suffer a penalty ranging from suspension for one year to expulsion or dismissal
  2. Infringement of protected material. Users must not infringe on the copyright and other property rights covering software, databases and all other copyrighted material such as text, images, icons, retrieved from or through the IT System. These acts shall include, but is not limited to, the unauthorized copying, reproduction, dissemination, distribution, importation, use, removal, alteration, substitution, modification, storage, unloading, downloading, communication, publication or broadcasting of such material. Users must properly attribute any material they copy from or through the IT System. Users are reminded that the infringement of intellectual property rights belonging to others through the use of telecommunications networks is a criminal offense under Section 33(b) of the Electronic Commerce Act. Violators shall suffer a penalty ranging from suspension for one month to expulsion or dismissal.
  3. Hacking. Users may not use the IT System to gain unauthorized access into or interfere with another computer, system, server, information or communication system, or to obtain any access in order to corrupt, alter, steal or destroy any such system or information within such system or to introduce viruses. Users are reminded that all of the foregoing acts constitute the crime of Hacking under Section 33(a) of the Electronic Commerce Act and are punishable by mandatory imprisonment and/or a fine. Violators shall suffer a penalty ranging from suspension for one year to expulsion or dismissal. The penalty shall carry with it permanent withdrawal of all IT privileges.
ii. Uses Inconsistent With The Purposes Of The UP System
  1. Cheating. Users may not use the IT System to engage in cheating or academic dishonesty. Acts prohibited under this provision include but are not limited to the following:
    1. Copying a computer file that contains another person's work and submitting it for one's own credit;
    2. Copying a computer file that contains another person's work and using it as a model for one's own work;
    3. Collaborating on a work, sharing the computer files and submitting the shared file, ora modification thereof, as one's individual work, when the work is supposed to be done individually; and
    4. Communicating with another person on-line during the conduct of an examination. Violators shall suffer a penalty of suspension for not less than one semester. Students found guilty of cheating shall be barred form graduating with honors, even if their weighted average is within the requirement for graduation with honors.
  2. Political use. Users may not use the IT System for any partisan political activities. Violators shall suffer a penalty ranging from suspension for one month to one year.
  3. Unauthorized Commercial use.
    1. Users may not use the IT System for commercial purposes, except as permitted under other written policies of the UP SYSTEM or with the written approval of a competent authority.
    2. Violators shall suffer a penalty ranging from suspension for one month to one year with fine. If the violator is a student, the fine shall be P1,000.00 or the amount equivalent to the earnings, whichever is higher. If the violator is a faculty member or an employee, the fine shall be one-half of his monthly salary or the amount equivalent to the earnings, whichever is higher.
  4. Personal use. Users may not use the IT System for personal activities not related to appropriate University functions except in a purely incidental manner. Violators shall suffer a penalty ranging from suspension for one month to one year.
  5. Unauthorized gaming or entertainment. Users may not play games or use entertainment software on or through the IT System unless authorized in writing by competent authorities. Violators shall suffer a penalty ranging from suspension for one week to one year; provided, that the penalty for habitual offense shall be expulsion or dismissal. The presence of game software or any part thereof may be presumptive evidence of unauthorized gaming or entertainment.

  6. Use contrary to University policy or contract. Users may not use the IT System in violation of other policies of the University, or in any manner inconsistent with the contractual obligations of the University. Violators shall suffer a penalty ranging from suspension for one week to one year in addition to the penalty of the offense facilitated through IT network.

iii. Uses That Damage The Integrity, Reliability, Confidentiality And Efficiency Of The IT System
  1. Software and hardware installation and removal. Unless properly authorized, users may not destroy, remove, modify or install any computer equipment, peripheral, operating system, disk partition, software, database, or other component of the IT System; or connect any computer unit or external network to the IT System. Violators shall suffer a penalty ranging from suspension for one month to expulsion.
  2. Unauthorized or destructive programs. Unless properly authorized and part of her/his administrative or academic duties, users may not develop or use programs on the IT System that may or are intended to:
    1. interfere with the ability of the UP SYSTEM to enforce these policies;
    2. damage any software or hardware component of the system;
    3. modify normally protected or restricted portions of the system or user accounts;
    4. access private or restricted portions of the system; or
    5. interfere with or disrupt other computer users. Violators shall suffer a penalty ranging from suspension for one year to expulsion.
  3. Destructive acts. Users may not attempt to crash, tie up, or deny any service on, the IT System. Violators shall suffer a penalty ranging from suspension for one year to expulsion.
  4. Unauthorized access. Users may not attempt to gain unauthorized access, exceed authorized access, or enable unauthorized access to the IT System, or to other networks or systems of which the IT System is a part. Violators shall suffer a penalty ranging from suspension for one month to one year.
  5. Password protection. A user who has been authorized to use a password-protected account may not disclose such password or otherwise makes the account available to others without permission of the system administrator. Violators shall suffer a penalty ranging from suspension for one week to one year.
  6. Concealing access. Users may not conceal, delete, or modify information or records pertaining to access to the IT System at the time of access, or alter system logs after such access for the purpose of concealing identity or to hide unauthorized use. Users may not conceal their own identity or masquerade as other users when accessing, sending, receiving, processing or storing through or on the IT System. Violators shall suffer a penalty ranging from suspension for one year to expulsion.
  7. Prohibited material. Users may not publish (on mailing lists, bulletin boards, and the World Wide Web) or disseminate prohibited materials over, or store such information on, the IT System. Prohibited materials under this provision include but are not limited to the following:
    1. Any collection of passwords, personal identification numbers (PINs), private digital certificates, credit card numbers, or other secure identification information;
    2. Any material that enables others to gain unauthorized access to a computer system. This may include instructions for gaining such access, computer code, or other devices. This would effectively preclude displaying items such as 'Hackers Guides', etc.;
    3. Any material that permits an unauthorized user, who has gained access to a system, to carry out any modification of the computer programs or data stored in the system; and
    4. Any material that incites or encourages others to carry out unauthorized access to or modification of a computer system. Violators shall suffer a penalty ranging from suspension for one year to expulsion.
iv. Uses That Encroach On The Rights Of The Users
  1. Wasteful and destructive practices. Users may not encroach on others' access and use of the IT System through wasteful and destructive practices such as but not limited to the following:

    1. Sending chain-letters or excessive messages including spamming, either locally or off-campus; violators shall suffer a penalty ranging from suspension for one week to one month; spamming, includes the act of (1) repeated cross-posting the same message to as many newsgroups or mailing lists as possible, whether or not the message is germane to the stated topic of the newsgroups or mailing lists targeted, (2) maliciously sending out of unsolicited email in bulk, or (3) sending large unwanted or unnecessary files to a single email address.
    2. Printing excess copies of documents, files, data, or programs; violators shall suffer a penalty ranging from suspension for one week to one month;
    3. Running grossly inefficient programs when efficient alternatives are known by the user to be available; violators shall suffer a penalty ranging from suspension for one week to one month;
    4. Using more than one computer terminal at a time, unless specifically authorized by competent authority. Faculty members whose duties require the use of more than one computer shall be exempted. Violators shall suffer a penalty ranging from suspension for one week to one year;
    5. Locking public access computers using screen savers or otherwise, unless specifically authorized by competent authority; violators shall suffer a penalty ranging from suspension for one week to one month;
    6. Not logging out of the system to allow other users to make use of the public access computer; violators shall suffer a penalty ranging from suspension for one week to one month; and
    7. Using a service which has been identified by the System Administrator as causing an excessive amount of traffic on the IT System or its external network links; violators shall suffer a penalty ranging from suspension for one week to one year.

     

  2. Offensive material.

    1. Users may not use the facilities of the IT System to produce, disseminate, or display material that could be considered offensive, pornographic, racially abusive, or libelous in nature.
    2. Users may not use electronic communication facilities (such as mail, chat, or systems with similar functions) to send messages which are fraudulent, maliciously harassing, obscene, threatening, or in violation of laws, administrative rules and regulations, or other policies of the University System or its constituent universities (CU). Violators shall suffer a penalty ranging from suspension for one month to expulsion or dismissal.

    3. Inappropriate messages. Users may not send to a mailing list, including local or network news groups and bulletin boards, any unsolicited material inconsistent with the list's purpose. Users of an electronic mailing list are responsible for determining the purpose of the list before sending messages to or receiving messages from the list. Subscribers to an electronic mailing list are deemed to have solicited any material delivered by the list that is consistent with the list's purpose. Violators shall suffer a penalty ranging from suspension for one week to one month.

v. Uses which Violate Privacy
  1. Confidential information.
    1. Unless properly authorized, users may not attempt to gain access to archives or systems that contain, process, or transmit confidential information. Authorized users may not exceed their approved levels of access, nor should they disclose confidential information to others.
    2. Users shall treat as confidential such information which may become available to them through the use of the IT System, whether intentionally or accidentally. Users may not copy, modify, disseminate, or use such information, either in whole or in part, without the permission of the person or body entitled to give it. Violators shall suffer a penalty ranging from suspension for one year to expulsion or dismissal.
  2. Encrypted information. Users shall consider as confidential all encrypted information. This includes but is not limited to passwords, digital keys and signatures. Users may not decrypt, attempt to decrypt, or enable others to decrypt such information if they are not the intended recipient. Violators shall suffer a penalty ranging from suspension for one year to expulsion or dismissal.

  3. Information belonging to others. Users may not intentionally seek or provide information on, obtain copies of, or modify files, programs, or passwords belonging to other users, without the permission of those other users. Violators shall suffer a penalty ranging from suspension for one month to expulsion or dismissal.

  4. Wiretapping, traffic capture and snooping. Unless properly authorized, users may not re-route or capture data transmitted over the IT System. Violators shall suffer a penalty ranging from suspension for one year to expulsion or dismissal.

vi. In addition to the penalties provided, all IT privileges of the offender may be suspended for a maximum of the period of the penalty. If the violation amounts to a penalty punishable by expulsion or dismissal, IT privileges may be revoked permanently.

vii. repeated violations of any of the acts proscribed under this policy shall be considered as gross misconduct.

 

Section 5. General Responsibilities TOC Section 7. Tolerated Use