_________________________________________________________________ Below is a policy on Software Copyright that we developed at the University of British Columbia approximately two years ago. I am interested in knowing what policies are in place at other Universities so that we can update our policy if necessary. Please post your policy here if possible, or fax or mail to me if you prefer. I'd also be interested in knowing any details you can share on how you've published and publicized the policy, and the level at which the policy was approved. Any policies you may have on the broader copyright issue, ie not specific to software, would also be appreciated. Thank you. Teresa Tenisci Security Manager, Administrative Systems Dept of Information Systems Management, UBC 2011 West Mall Vancouver BC Canada V6T1Z2 Fax: (604)822-6057 Phone: (604)822-2481 _________________________________________________________________ "The University's software copyright policy is to honour all copyright and software license agreements for all computer systems, including microcomputers and minicomputers. It is not acceptable for faculty or staff to use an unauthorized copy of software on University computers. It is the faculty, staff member or student's responsibility to be aware of and abide by any expressed or implied software copyright or licensing agreements for all software installed or executed on microcomputers by them. Violation of this policy by installing unauthorized copies of software on University processors or by unauthorized copying of software licensed to the University will result in disciplinary action." ________________________________________________________________ From <@CUNYVM.CUNY.EDU:UNINFSEC@cuvmc.bitnet> Fri May 1 12:50:12 1992 id ; Fri, 1 May 92 12:50:07 -0600 Status: OR Subj: June 6, 1990 Draft of U. of Delaware Guide to Responsible Computing From: GORDON Subject: June 6, 1990 Draft of U. of Delaware Guide to Responsible Computing To: "'David D. Grisham'" DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT A Guide to Responsible Computing at the University of Delaware Draft June 6, 1990 Prepared by staff in Academic Computing Support and Computing and Network Services Table of Contents Policy for Responsible Computing Use 1 User Responsibilities 2 System Administrator Responsibilities 3 Misuse of Computing Resources and Privileges 5 Consequences of Misuse of Computing Resources 6 and Privileges Academic Honesty 7 Works Consulted 8 DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Policy for Responsible Computing Use The University of Delaware aims to provide the best possible computing services to staff, faculty, and students with the fewest restrictions. The University manages these resources for the mutual benefit of all students, staff, and faculty. Access to the University's computing facilities is a privilege granted to members of the University community. Computer equipment and accounts are to be used only for the purpose for which they are assigned. The University reserves the right to limit or restrict access to its computer systems. All users of University-owned or University-leased computing systems, whether the system(s) are operated by Academic Computing and Instructional Technology (ACIT), by Computing and Network Services (CNS), or by any other University department, must conduct their computing activities in a responsible manner, respecting the rights of other computing users and respecting all computing license agreements. Computer facilities and accounts are owned by the University and are to be used for University-related activities only. Computing resources are not to be used for commercial purposes or non-university related activities without written authorization from ACIT or CNS and/or without the payment of appropriate fees to the University in the case of commercial use. All University-owned microcomputers and advanced workstations are also to be used only for University-related purposes. All access to central computing systems must be approved by ACIT or CNS. All access to departmental computer systems must be approved by the department chair, director, or his or her authorized representative. Unauthorized access to information stored on a computer and unauthorized use of University computing resources are both direct violations of the University's standards for ethical conduct as outlined in the University of Delaware Policy Manual, the Personnel Policies and Procedures for Professional and Salaried Staff, the Faculty Handbook, and the Student Guide to Policies. The University of Delaware treats the abuse of computing facilities, equipment, software, information, networks, or privileges as seriously as it treats other violations of its codes of conduct. Computer abuse is a crime in the State of Delaware. Individuals who abuse University computing resources may be subject to prosecution under Title 11, $931 -- $939 of the Delaware Code. If you have any questions, please consult with your system administrator, with the staff in ACIT or CNS, or with your dean, project director, supervisor, chairman, or advisor. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT User Responsibilities If you use the University's computing resources or facilities, you have the following responsibilities: % Use the University's computing facilities, including hardware, software, networks, and computer accounts, responsibly and appropriately, respecting the rights of other computing users and respecting all computing license agreements. % Use only those computers and computer accounts for which you have authorization. % Use mainframe accounts only for the purpose(s) for which they have been issued. Use University-owned microcomputers and advanced workstations for University-related projects only. % Be responsible for all use of your accounts and for protecting each account's password. In other words, do not share computer accounts. If someone else learns your password, you must change it. % Report unauthorized use of your accounts to your project director, instructor, supervisor, system administrator, or other appropriate University authority. % Make backup copies of your data, files, programs, diskettes, and tapes. % Cooperate with system administrator requests for information about computing activities. Under certain unusual circumstances, a system administrator is authorized to access your computer files. If you are a project director for a group of mainframe computing users, a supervisor whose staff use computers, or a faculty member whose students use computers, you must help your project members, staff, or students learn more about ethical computing practices. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT System Administrator Responsibilities This document uses the phrase system administrator to refer to all of the following University personnel: % systems programmers employed by CNS % other staff employed by CNS whose responsibilities include system, site, or network administration % staff employed by ACIT whose responsibilities include system, site, or network administration % staff employed by other University departments whose duties include system, site, or network administration. A system administrator's use of the University's computing resources is governed by the same guidelines as any other user's computing activity. However, a system administrator has additional responsibilities to the users of the network, site, system, or systems he or she administers: % A system administrator ensures that all users of the systems, networks, and servers that he or she administers have access to the appropriate software and hardware required for their University computing. % A system administrator is responsible for the security of a system, network, or server. % A system administrator must make sure that all hardware and software license agreements are faithfully executed on all systems, networks, and servers for which he or she has responsibility. % A system administrator must take reasonable precautions to guard against corruption of data or software or damage to hardware or facilities.* Footnote text: * The University is not responsible for loss of information from computing misuse, malfunction of computing hardware, malfunction of computing software, or external contamination of data or programs. The staff in ACIT and CNS and all other system administrators must make every effort to ensure the integrity of the University's computer systems and the information stored thereon. However, users must be aware that no security or back-up system is 100.00% foolproof. % A system administrator must treat information about and information stored by the system's users as confidential. In discharging his or her duties to protect the security and integrity of a network, system, or server and to allow users reasonable access to the hardware and software they require, a system administrator may need to examine user information, files, diskettes, or tapes. This extraordinary step is justified when a system administrator % is an eyewitness to a computing abuse, % or notices an unusual degradation of service or other aberrant behavior on the system, network, or server, % or receives a complaint of computing abuse or degradation of service, % and has evidence that leads to a user's computing activity as the probable source of the problem or abuse under investigation. While investigating a suspected abuse of computing; a suspected hardware failure; or a suspected bug in an application program, compiler, network, operating system, or system utility, a system administrator should ordinarily ask a user's permission before inspecting that user's files, diskettes, or tapes. However, in cases that the system administrator judges to be serious or in cases in which the user is not available in a timely fashion, the system administrator may inspect the information in question so long as he obtains permission from at least one of the following: % the user's supervisor, project director, dean, or academic advisor % the system administrator's own administrative officer (e.g., department director, chair, or other individual designated by the administrative officer) % the University Provost, Associate Provost for ACIT, Associate Vice President for CNS, or other individual designated by these University officers. In addition, if a system administrator has evidence that a system or network for which he or she is responsible is in grave, imminent danger of crashing, sustaining damage to its hardware or software, or sustaining damage to user jobs, he or she may take whatever steps maintaining the integrity of the system requires. In the event that he or she has had to inspect user files in the pursuit of this important responsibility, he or she must notify one of the following of his or her action and the reasons for taking those actions: % the user or users whose files were inspected % the user's supervisor, project director, dean, or academic advisor % the system administrator's own administrative officer (e.g., department director, chair, or other individual designated by the administrative officer) % the University Provost, Associate Provost for ACIT, Associate Vice President for CNS, or other individual designated by these University officers. Any department may, at the discretion of its director or chair, extend more authority to its system administrators as circumstances warrant. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Misuse of Computing Resources and Privileges Misuse of computing resources and privileges includes, but is not restricted to, the following: % attempting to modify or remove computer equipment, software, or peripherals without proper authorization % accessing computers, computer software, computer data or information, or networks without proper authorization, regardless of whether the computer, software, data, information, or network in question is owned by the University (That is, if you abuse the networks to which the University belongs or the computers at other sites connected to those networks, the University will treat this matter as an abuse of your University of Delaware computing privileges.) % using a computer or computer data for purposes other than that for which it was intended or authorized % sending fraudulent computer mail or breaking into another user's electronic mailbox % violating any software license agreement or copyright, including copying or redistributing copyrighted computer software, data, or reports without proper, recorded authorization % violating the property rights or copyrights of software holders or the holders of computer-generated data or reports without proper, recorded authorization % harassing or threatening other users or interfering with their access to the University's computing facilities % taking advantage of another user's naivete or negligence to gain access to any computer account, data, software, or file other than your own % encroaching on others' use of the University's computers (e.g., tying up a computer with excessive game playing; sending frivolous or excessive messages, either locally or off-campus; printing excess copies of documents, files, data, or programs; running grossly inefficient programs when efficient alternatives are available; modifying system facilities, operating systems, or disk partitions; attempting to crash or tie up a University computer; damaging or vandalizing University computing facilities, equipment, software, or computer files) % disclosing or removing proprietary information, software, printed output or magnetic media without the explicit permission of the owner % reading other users' data, information, files, or programs on a display screen, as printed output, or via electronic means, without the owner's explicit permission. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Consequences of Misuse of Computing Resources and Privileges Abuse of computing privileges is subject to disciplinary action. If system administrators or the staff in ACIT, CNS, or the Department of Public Safety have strong evidence of misuse of computing resources, and if that evidence points to the computing activities or the computer files of an individual, they have the obligation to pursue any or all of the following steps to protect the user community: % Notify the user's project director, instructor, dean, or supervisor of the investigation. % Suspend or restrict the user's computing privileges during the investigation. A user may appeal such a suspension or restriction and petition for reinstatement of computing privileges through the University's judicial system or through the grievance procedures outlined in the faculty collective bargaining agreement. % Inspect that user's files, diskettes, and/or tapes. System administrators must be certain that the trail of evidence leads to the user's computing activities or computing files before inspecting the user's files. % Refer the matter for processing through the University's judicial system. If necessary, staff members from ACIT and CNS as well as faculty members with computing expertise may be called upon to advise the University judicial officers on the implications of the evidence presented and, in the event of a finding of guilt, of the seriousness of the offense. Disciplinary action may include the loss of computing privileges and other disciplinary sanctions. In some cases, an abuser of the University's computing resources may also be liable for civil or criminal prosecution. It should be understood that these regulations do not preclude enforcement under the laws and regulations of the State of Delaware, any municipality or county therein, and/or the United States of America. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Academic Honesty Faculty and students are reminded that computer-assisted plagiarism is still plagiarism. Unless specifically authorized by a class instructor, all of the following uses of a computer are violations of the University's guidelines for academic honesty and are punishable as acts of plagiarism: % copying a computer file that contains another student's assignment and submitting it as your own work % copying a computer file that contains another student's assignment and using it as a model for your own assignment % working together on an assignment, sharing the computer files or programs involved, and then submitting individual copies of the assignment as your own individual work % knowingly allowing another student to copy or use one of your computer files and to submit that file, or a modification thereof, as his or her individual work. For further information on this topic, students are urged to consult the University of Delaware Student Guide to Policies, to consult with their individual instructors, and to refer to the pamphlet "Academic Honesty & Dishonesty: Important information for faculty and students." DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Works Consulted Baylor University. Computer Policies. 1989. Copy located in the computer file ethics/Baylor.policy on ariel.unm.edu. Catholic University of America, The. Statement of Ethics in the Use of Computers. 1988. [Reprinted in ACM SIGUCCS Newsletter. Volume 19, Number 1. 1989.] Chapman, Gary. CPSR [Computer Professionals for Social Responsibility] Statement on the Computer Virus. Communications of the ACM. Volume 32, Number 6. 1989. Colgate University. Agreement for use of Computing Facilities. 1989. Copy located in the computer file ethics/ColgateU.policy on ariel.unm.edu. Columbia University. Administrative Policies [of the Center for Computing Activities]. No date. Copy located in the computer file ethics/ColumbiaU.policy on ariel.unm.edu. Delaware Code (Annotated). Computer Related Offenses. Title 11, $931 -- $939. 1987. Delaware Code (Annotated), 1989 Supplement. Computer Related Offenses. Title 11, $937. 1989. Ermann, M. David; Mary B. Williams; and Claudio Gutierrez. Computers, Ethics, and Society. Oxford University Press. 1990. Faculty Senate of the University of Delaware. Ethetical [sic] Conduct in Computing. Unpublished draft statement discussed by Faculty Senate in 1989. Farber, David J. NSF [National Science Foundation] Poses Code of Networking Ethics. Communications of the ACM. Volume 32, Number 6. 1989. Hoffman, W. Michael and Jennifer Mills Moore, eds. Ethics and the Management of Computer Technology: Proceedings of the Fourth National Conference on Business Ethics Sponsored by the Center for Business Ethics, Bentley College. Oelgeschlager, Gunn, and Hain. 1982. Indiana University, Academic Computing Policy Committee, Subcommittee on Ethical Use of Computers. Computer Users' Privileges and Responsibilities: Indiana University. 1990. Copy received via electronic mail April 25, 1990, from Mark Sheehan, Indiana University Computing Services. Internet Activities Board. Ethics Policy Statement. 1988. [Reprinted in Purdue University's PUCC Newsletter. March 1989.] Johnson, Deborah G. Computer Ethics. Prentice Hall. 1985. Lees, John. [Michigan State University] College of Engineering Computer Use Policy - DRAFT. 1990. Received via electronic mail April 23, 1990, from John Lees. Parker, Donn B.; Susan Swope; and Bruce N. Baker. Ethical Conflicts in Information and Computer Science, Technology, and Business. QED Information Sciences, Inc. 1990. Ryland, Jane N. SecurityQA Sleeper Issue Comes into its Own. CAUSE/EFFECT. Volume 12, Number 4. 1989. Temple University. Rules of Conduct for Using Computing Resources at Temple University. 1988. University of Delaware. Academic Honesty & Dishonesty: Important information for faculty and students. 1989. University of Delaware. Code of Conduct. Student Guide to Policies. 1989. University of Delaware. Code of Ethics. Personnel Policies and Procedures for Professional and Salaried Staff. 1989. University of Delaware. Misconduct in Research. University of Delaware Policy Manual. Policy 6-11. 1989. University of Delaware. University of Delaware Faculty Handbook. 1990 [on-line edition consulted]. University of Delaware. 1989-1990 Residence Halls Handbook. 1989. University of Delaware Libraries. Circulation Procedures and Services. No date. University of New Mexico. UNM Ethics Code for Computer Use [Draft]. 1989. Copy located in the computer file ethics/UofNewMexico.policy on ariel.unm.edu. Weissman, Ronald F. E. Ethical and Responsible Computing. The OPEN WINDOW (Brown University), Volume 3, Number 1. 1989. [Cited in Ryland's article.] DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT Submitted for comments by Richard Gordon Manager, Non-Numerical Applications ACS, University of Delaware richard@vax1.udel.edu or acs02244@udelvm.bitnet From lynx!umn.edu!spool.mu.edu!sol.ctr.columbia.edu!usc!sdd.hp.com!ux1.cso.uiuc.edu!m.cs.uiuc.edu!kadie Thu Jul 2 13:19:47 MDT 1992 Article: 1936 of comp.admin.policy Xref: lynx alt.comp.acad-freedom.talk:4035 comp.admin.policy:1936 Path: lynx!umn.edu!spool.mu.edu!sol.ctr.columbia.edu!usc!sdd.hp.com!ux1.cso.uiuc.edu!m.cs.uiuc.edu!kadie From: kadie@m.cs.uiuc.edu (Carl M. Kadie) Newsgroups: alt.comp.acad-freedom.talk,comp.admin.policy Subject: Re: Rice U. - "Appropriate Use of Computing Facilities Policy" Message-ID: <1992Jun28.141311.25263@m.cs.uiuc.edu> Date: 28 Jun 92 14:13:11 GMT Article-I.D.: m.1992Jun28.141311.25263 References: <1992Jun27.181753.21585@eff.org> Organization: University of Illinois, Dept. of Comp. Sci., Urbana, IL Lines: 205 >Rice's University Computing Policy - You should already have this in >the archive. It hasn't changed, but I'm sending it along as part of >the set. Of significant note is the section requiring permission of >the Vice President for Information Systems for a student to send >communications off-campus and to access external computing facilities. >Last semester, Owlnet obtained blanket permission for student users to >access external computing facilities for educational purposes. All >Owlnet student users (1500 students) automatically receive permission >as part of their account acquisition. Existing users were given >permission also. Owlnet essentially found a way to give the students >what they wanted, access to off-campus facilities, including e-mail and >news posting, without requiring the University to go through the >relatively arduous process of changing a University wide policy.