Computer Use Regulation
REG 08.00.2
Information Technology
Authority: Issued by the Chancellor. Changes or exceptions to administrative
regulations issued by the Chancellor may only be made by the Chancellor.
History: First Issued: January 8, 1999. Last Revised: June 1, 2004. Additional
History Information.
Related Policies:
NCSU POL08.00.1 - Computer Use
NCSU REG01.25.2 - Copyright
Infringement Policy Statement
NCSU REG07.30.14 - Home Use of Equipment
NCSU REG08.00.9 -
University E-mail Retention
Additional References: Advice
Memo on Public Computers and Pornography
Contact Info: Associate Vice Chancellor for Resource Management and Information
Systems (919-515-9224)
1. Introduction
North Carolina State University's (hereinafter "University") computer
networks, equipment and resources are owned by the University and are provided
primarily to support the academic and administrative functions of the University.
The use of this equipment and technologies is governed by federal and state
law, and University policies and procedures.
2. Regulatory Limitations
2.1. Accounts are for the exclusive use of the individual to which they were
assigned and users may not allow or facilitate access to University computer
accounts, equipment, or restricted files or systems by others. Users may not
set up a proxy or anonymous remailer for purposes of allowing access to others.
2.1.1. Students and employees of NC State are authorized users unless access privileges
have been revoked under University procedures.
2.1.2. Guest accounts may be authorized by the Associate Vice Chancellor for Resource
Management and Information Systems, or the Vice Provost for Information Technology,
or their designees.
2.2. Use of University computing systems and networks must comply
with federal and state law.
2.3. Use of University computing systems and networks must not
violate any policy or directive of the Board of Governors, the NC State Board
of Trustees, the UNC General Administration, or the NC State administration.
2.4. The University may examine personalelectronic information stored on or
passing over University equipment or networks, for the following purposes:
2.4.1. To insure the security and operating performance of its systems and networks.
2.4.2. To enforce University policies or compliance with state or federal law
where examination is approved in advance by a dean, vice chancellor, or vice
provost, and either
2.4.2a. there is a reasonable suspicion that a law or University policy has been
violated and examination is appropriate to investigate the apparent violation,
or
2.4.2b.examination is necessary to comply with a state or federal law.
2.5. Computer Users should have no expectation of privacy in personal material
stored by them on the University computing systems when the conditions of subparagraph
2.4.1, 2.4.2(a), or 2.4.2(b) above have been satisfied.
2.6. The University may authorize confidential passwords or other secure entry
identification; however, users should have no expectation of privacy in the
material sent or received by them over the University computing systems or
networks. While general content review will not be undertaken, monitoring of
this material may occur for the reasons specified above.
2.7. For information related to university business, a supervisor or other
university official may have access for any work-related purpose. No permission
or approval is needed for such access. If personal and business information
are not clearly separated, a university official may examine all information
to the extent needed to separate and access business information for work-related
purposes. Deans or Vice Chancellors may approve rules to exclude personal
files from storage on network drives, in which case all files and data on the
affected systems may be treated as information related to University business.
2.8. The University reserves the right to limit or revoke access to University
computing systems or networks when
2.8.1. federal or state laws or University policies are violated , or
2.8.2. where University contractual obligations or University operations may be
impeded.
2.9. All material prepared and utilized for purposes of University business
and posted to or sent over University computing equipment, systems or networks
must be accurate and must correctly identify the sender, unless a University
administrator (department head or higher) approves anonymity for a University
business purpose.
2.10. Any traffic on the University's networks, stripped of information content,
may be monitored for operational or research purposes.
2.11. All material prepared for purpose of University business and posted to
or sent over University computing equipment, systems, or networks must be limited
to information needed for University business. Personal quotations or other
personal statements in signature blocks are not permitted. Supervisors are
responsible for enforcement of this provision.
2.12. University computers must be registered with NC State in the ncsu.edu domain.
It is forbidden to register a non-ncsu.edu domain for any computer, that
is connected to the NC State network without approval of the Associate Vice
Chancellor for Resource Management and Information Systems, the Vice Provost
for Information Technology or their designees. If such approval is given, it
must be made clear that the non-ncsu.edu address is using NC State resources
for delivery.
3. Personal Use
Authorized users may access University computing equipment, systems and networks
for personal uses if the following conditions are met:
3.1. The use does not overload the University computing equipment or systems,
or otherwise negatively impact the system's performance.
3.2. The use does not result in commercial gain or private profit, except as
allowed under University intellectual property policies and the external activities
for pay policy. However, in no case may University computing resources be used
for solicitation of external activity for pay.
3.3. The use does not violate any University licensing agreements or any law
or University policy on copyright and trademark.
3.4. The use does not state or imply University sponsorship or endorsement.
3.5. The use does not violate laws or University policies against race, sex,
religious, disability, or age discrimination, or harassment.
3.6. The use does not involve unauthorized passwords or identifying data that
attempts to circumvent system security or in any way attempts to gain unauthorized
access.
3.7. The use does not involve sending or soliciting chain letters, nor does
it involve sending unsolicited bulk mail messages (e.g., "junk mail," or "spam," or "MLM.").
3.8. The use does not result in any direct cost to the University.
3.9. Any creation of a personal World Wide Web page or a personal collection
of electronic material that is accessible to others must include a disclaimer
that reads as follows:
"The material located at this site is not endorsed, sponsored or provided
by or on behalf of North Carolina State University."
4. Use of Computing Facilities for Commercial, Advertising, and
Broadcast Purposes
4.1. No paid advertising will be allowed on official University Websites. However,
an NC State Website may contain a simple acknowledgment of sponsorship by an
outside entity in the following form: "Support for this Website [or university
unit] has been provided by _____________."
4.1.1. An "official University Website" is any World Wide Web address
that is sponsored or endorsed or created on authority of a University department
or administrative unit. Websites on University servers are either "University
Websites" or personal Websites allowed by the University.
4.1.2. "Paid advertising" means advertising or promotional information
provided in exchange for legal consideration, including money or other valuable
benefits.
4.2. Personal Web pages that are maintained by University computer account
holders may not contain paid advertising. This guideline is consistent with
the University policy against use of University resources for private gain
or commercial purposes.
4.3. University computer account holders may send advertisements to news groups
dedicated to advertising. The ads may not refer readers to a University telephone
number. Like other personal use of State computing resources, the ads must
be sent on an employee's own time, not during hours when they are being paid
to work.
4.4. University computer account holders may not "broadcast" E-mail
messages without prior approval from a University official with the rank of
chancellor, provost, vice chancellor for finance and business, or their designees. "Broadcast," means
transmission of an unsolicited message to a significant number of computer
accounts on a University server or servers; the intent is to prevent mass mailings
from tying up employee time and computer resources.
4.5. Registered marks of the University (e.g., an image of a wolf) may be used
in the Websites of University computer account holders on the conditions that
(a) they are not used for or related to private profit or commercial purposes,
and (b) they do not mislead or confuse viewers as to whether the Web page is
University-sponsored.
4.6. The Chancellor or designee may approve specific exceptions to the prohibition
on paid advertising.
5. Violation of Policy
5.1. Any violation of this policy by employees may be "misconduct" under
EPA policies (faculty and EPA non-faculty), or "unacceptable personal
conduct" under SPA policies. For students, violations are misconduct under
the applicable student disciplinary code. Violators may be referred to the
appropriate disciplinary procedure, and violations of law may also be referred
for criminal or civil prosecution. Sanctions may include revocation of access
privileges in addition to other sanctions available under the regular disciplinary
policies.
5.2. Apart from referrals to disciplinary procedures, a University system administrator
(or designees) may suspend a user's access privileges or suspend services to
a computer, for as long as necessary to protect the University's computing
resources, to prevent an ongoing threat of harm to persons or property, or
to prevent a threat of interference with normal University functions. As soon
as practicable following the suspension of access privileges, the system administrator
must take the following actions:
5.2.1. The user must be sent written or electronic notice of the suspension of
access and the reasons for it, and notice of the time, date, and location at
which the suspension may be discussed with the system administrator.
5.2.2. The user must be given an opportunity to meet with the system administrator
at his or her earliest convenience to discuss the suspension and present any
reasons the user has why the suspension should be lifted. The system administrator
must reconsider his or her suspension decision in light of the information
received at this meeting.
5.2.3. Following the meeting, the user must be sent a copy of the system administrator's
decision upon reconsideration, and must be notified that the user may appeal
to the system administrator's immediate supervisor if the user is dissatisfied
with the outcome of the meeting.
6. Application of Public Records Law
All information created or received for University work purposes and contained
in University computing equipment files, servers or electronic mail (e-mail)
depositories are public records and are available to the public unless an exception
to the Public Records law applies. As with hard-copy documents, e-mail
users are responsible for the retention of e-mail messages that have lasting
or archival value in accordance with the N.C. Public Records Law and NC State
University's published guidelines regarding records retention and disposition. (recommended
by UIT on 7/9/03)
7. Additional Rules
Additional rules on computer use may be adopted by various divisions/departments
to meet specific administrative or academic needs. Any adopted requirement
must:
7.1. Comply with applicable federal and state laws;
7.2. Be consistent with the policies of NC State and the University of North
Carolina;
7.3. Be posted in writing or electronically in a manner that is available to
all affected users; and
7.4. Be filed with the Office of Legal Affairs, the Associate Vice Chancellor
for Resource Management and Information Systems, and the Vice Provost for Information
Technology.
