Computer Ethics Policy

Georgia State University
March 6, 1995
Version 1.0

1. Overview

This document details the Acceptable Use and Ethics Policy which covers the proper utilization of the computers, networks and related services at Georgia State University. This policy has been developed to ensure a quality computing environment at GSU that furthers the academic, research and service mission of the University. Providing this environment requires equitable resource distribution, computer and network availability, personal privacy and data integrity. Achieving this goal requires that everyone in the University community cooperate and adhere to these guidelines. This policy has been developed by members of the Wells Computer Center, in conjunction with the Offices of the Dean of Students, Human Resources and Legal Affairs.

2.0 Authorized users

Individuals who have been granted and hold an active and authorized account on a GSU computer or network and abide by this policy are considered authorized users.

3.0 Authorized use

Authorized use is predicated on access by an authorized user. Authorized use is that which is consistent with the academic, research and service goals of this institution and falls within the guidelines of this policy and the policy of the Board of Regents which states that property owned by the institution shall be used only for institutional purposes.

4.0 Individual Rights

4.1 Privacy

The computing professionals at GSU are committed to preserving the privacy of each authorized user of the computer systems and gives every effort to ensure that computers and electronic devices are not used to prevent this. However, it is impossible to guarantee such privacy and there are several specific issues that users must be aware of. Electronic mail messages are not secure and therefore should not be assumed to be private. Also, despite best efforts to prevent it, a determined person could gain unauthorized access to stored data and thus violate your privacy. Under the Georgia Open Records law it is possible that information which is stored on a computer system, including electronic mail, would be available for inspection by any member of the public. Finally, in the process of performing normal systems/network management and auditing functions, it may be necessary to view user's files or confidential information. However, system, network and application administrators are bound by both professional ethics as well as job requirements to respect the privacy of those involved and not initiate disclosure of information obtained in this manner.

4.2 Freedom of Expression

Freedom of expression is a constitutional right afforded to all members of the community and existing University policies apply equally to computerized expression, subject to Section 3.0 of this policy. GSU computer and network users should realize that there are services available on the Internet which may be considered offensive to some. With this in mind, users take responsibility for their own navigation of the network.

4.3 Safety and Freedom from Harassment

While GSU cannot control harassment or unsolicited contact on the network, those who believe they have been harassed should follow standard University procedures and bring such violations to the attention of the University Ombudsperson.

5.0 Individual Responsibilities

Users of GSU computer equipment are expected to understand this policy and abide by it. This policy is widely distributed and easily accessible, so lack of knowledge of this policy is not an excuse for failure to observe it. Questions regarding this policy can be directed to the newsgroup gsu.comp.policy, to the Director of the Wells Computer Center, or to the Office of Legal Affairs. Disregard for this policy may result in disciplinary actions as set forth in Section 6.0 of this document.

5.1 Morals and Ethics

Users are expected to respect the right to privacy of other individuals on the network. Do not go browsing around in someone's files even if security permissions permit. This is analogous to condoning someone rifling around on your desk or in your house simply because you forgot to lock your door. It is expected that explicit permission from the owner of the files is obtained before they are accessed. Users are expected to respect the right of freedom of expression of other individuals on the network.

5.2 Expected Behaviors

This section details some guidelines relating to computer based activities. GSU computer users are expected to read signon messages and system news for specific information such as system changes, policies and scheduled downtime. Additionally, valuable information is available in the GSU gopher and World Wide Web and the various GSU newsgroups related to computing. System and network administrators may find it necessary to contact you regarding policy issues. If repeated attempts to contact an individual are unsuccessful, the system or network administrator may be forced to temporarily deactivate the account simply to compel the owner to make return contact.

5.2.1 Userids and passwords

It is a violation of policy to use a computer userid (or any computer resource) that is not assigned to you or to share userid passwords with other individuals (including computing personnel). A computer userid is granted to an individual and that individual is responsible for any use of the account. If you knowingly share your password with someone else and this policy is violated, you will also be subject to the sanctions outlined in Section 6.0. If file sharing with others is necessary, there are methods and techniques to accomplish this without sharing your userid and password. Users should follow guidelines for password selection which includes choosing a password that cannot be easily guessed by others, changing it often, and verifying the last login time. Remember that your password is the first line of defense against unauthorized access to your account.

5.2.2 Providing services

Users are not permitted to provide network or computer-based services using GSU computers or networks without prior permission from the department responsible for the computers or networks in question. Examples of such services include, but are not limited to, FTP, WEB, and MUD servers.

5.2.3 Unauthorized access

You must not attempt to guess or break another user's password. Attempts to gain access to GSU computers and networks to which you are not authorized is prohibited. You may not use GSU facilities to login or attempt to login to computers external to GSU to which you are not authorized. If you suspect that your account has been compromised, you should contact the computer or network administrator in the department which is responsible for the computer or network in question.

5.2.4 Unauthorized monitoring

Users are not permitted to use computers and networks to monitor or attempt to monitor electronic transmissions.

5.2.5 Disruption of service

Deliberate attempts to disrupt the operation or degrade the performance of computers or networks are prohibited.

5.2.6 Distribution of Resources

Do not circumvent or attempt to circumvent any policies or procedures that have been established to ensure equitable resource distribution in our shared computing environment. For example, you must not deliberately circumvent the modem inactivity timer.

5.2.7 Mass Electronic Mailings

University-wide electronic mailings are not permitted without prior permission due to the heavy use of resources this requires. In general, there are better and more efficient ways to make information globally available. Use of the GSU newsgroups is encouraged for these activities.

5.2.8 Game playing

The policy regarding game playing on GSU computers and networks is established by the department responsible for the computers and networks in question. However, no department should permit game playing to interfere with normal University business.

5.2.9 Business use

There is to be no use of GSU computers or networks for non-GSU business purposes or non-GSU related employment. Billable accounts permit limited use for these purposes and are available on some Wells Computer Center computers. Contact the Account Manager at WCC for more information about billable accounts.

5.2.10 Use of copyrighted or licensed materials

There shall be no copying or installation of software on GSU computers if such copying or installation would violate any copyright or licensing agreement. You may be asked to show a valid license agreement to ensure the legal use of software on GSU computers. Contact the department head responsible for the specific computer if you have any questions regarding licensing issues.

5.2.11 Usenet News

You must abide by the established rules of conduct of Usenet, also known as "netiquette". This information is available both from Client Services and from the news.newusers.questions newsgroup.

6.0 Sanctions

Violators of this policy may be subject to one or more of the following sanctions which can be imposed by the department responsible for the computers and networks on which the violation occurred:

1. admonition
2. temporary or permanent suspension of computer privileges
3. temporary or permanent suspension of lab privileges

Additional sanctions, such as University suspension and employee action, may also apply as outlined in the Student Handbook and the Classified Employee Handbook. Legal action can also be taken as per Section 6.1. Appeals to these sanctions are explained in Section 6.2.

6.1 Legal Restraints

Users of GSU computing facilities are expected to abide by State and Federal laws that apply to the usage of computers. These laws exist to "establish certain acts involving computer fraud or abuse as crimes punishable by defined fines or imprisonment or both".
As an example, the Georgia Computer Systems Protection Act was enacted in 1991 to "provide for criminal liability and the definition of penalties for the crimes of computer theft, computer trespass, computer invasion of privacy, computer forgery, and computer password disclosure". The penalties range from fines up to $50,000 and imprisonment up to 15 years. The full text of this act and others are available via the GSU gopher and World Wide Web.

6.2 Appeals

Appeals to sanctions should be handled through the existing University grievance and appeals policy for both employees and students. .