(Message nnsc-pol-proc:52) Received: from avalon.dartmouth.edu by NNSC.NSF.NET id aa01048; 19 Oct 92 9:47 EDT Received: by avalon.dartmouth.edu (5.57/Ultrix3.0-C) id AA10875; Mon, 19 Oct 92 09:47:43 -0400 From: Steve Campbell Message-Id: <9210191347.AA10875@avalon.dartmouth.edu> Subject: Dartmouth Computing Code To: pol-proc-doc@NNSC.NSF.NET Date: Mon, 19 Oct 92 9:47:41 EDT Below is the Dartmouth Computing Code. It addresses ethical issues for computer users at Dartmouth. While it does not directly address the Internet, the principles are the same, and we are likely to expand it in the future to include Internet usage. This Code gets printed in the glossy "Computing at Dartmouth" booklet that we give to each new Dartmouth student, faculty and staff person. ------------------------ Dartmouth Computing Code 22 January 1992 I. General Provisions Dartmouth College actively endorses the following Computing Code, formulated by the Council on Computing: Computer Use. The primary goal and objective of this Computing Code is to assure that every user of Dartmouth College computing has two fundamental rights: privacy and a fair share of resources. II. Resources No one should deliberately attempt to degrade Dartmouth computer systems, networks, or personal computer performance, or to deprive other users of the resources of, or authorized access to, any College- or individually owned computer. Loopholes in the Dartmouth computer systems and network or knowledge of a special password should not be used to damage computer systems or networks, to obtain unauthorized resources, or to take resources from other users. The unauthorized duplication or use of any software that is licensed or protected by copyright is theft. Unauthorized use of College-owned computing resources for commercial purposes is prohibited. When necessary for the maintenance of a system or network, Computing Services personnel may restrict the availability of shared resources. III. Privacy Each user number, log-in name, or other user ID and associated password belongs to an individual, department, or school. No one should use a user number without explicit permission from the owner. All use should be in accordance with College policy on computer use as set forth in this Computing Code. Owners accept the burden for the responsible use and dissemination of their user numbers and passwords. Programs and files belong to the owner of the user number or directory containing the programs and files. They are presumed to be private and confidential unless the owner has explicitly made them available to the public. When necessary for the maintenance of a system or network, Computing Services personnel may gain access to files belonging to others. Local area networks and local resources, including file servers, printers, and similar devices, shall be subject to the same rights to privacy and confidentiality afforded centralized computer systems. Programs and files that belong to the owner of a personal computer shall be subject to the same rights to privacy afforded to programs and files resident on any computer connected to the Dartmouth network. All programs and files are presumed to be private and confidential. Some programs gather information about the people who use them. If such information could directly or indirectly identify a person using the program, then each user should be warned and given a chance to leave the program before data collection begins. To avoid issuing excessive numbers of warning messages, an exception is made for host operating systems and some utilities which collect identifying information as part of their normal operation. A list of these exempted programs and the data that they collect is available from Computing Services and is also on the PUBLIC file server. The provider of any program that gathers information about those who use it must either install a privacy warning or request Computing Services to place the program on the list of exempted programs. Appendix to Computing Code Programs Not Required to Issue Privacy Warnings: The utility programs listed below collect information about the people who use them, but are not required to warn of this fact when the program is used. This list is maintained by Computing Services and is reviewed at least annually by the Council on Computing at its first fall meeting. Any program not included on this list that collects information that could directly or indirectly identify a person using the program must warn each user that such information collection is about to occur and must give the user a chance to leave the program before data collection begins. Computing Services cannot guarantee that programs not provided by Computing Services adhere to this provision. List of exempted programs and the data that they collect: All host operating systems on campus (DCTS, UNIX, CMS, VMS, etc.) keep a log of the account numbers of the people who have connected to that host, their connect and disconnect times, what programs they run, the amount of computer resources consumed, etc. This information is used for system administration and billing. BlitzMail keeps a log of the names of the people who have connected to the server, their connect and disconnect times, information about client machine capacities, and summary information about (but not the text of) messages sent or received. The KeyServer program keeps a log of the names of people who have connected to the server, their network addresses, their connect and disconnect times, and the key-served software that they used. The PUBLIC file server keeps a log of the names of people who gain access to certain folders on the server.