Access and Usage Policy, 2003

Academic Computer Network: Policy on Access and Usage: Approved by the Faculty Council, October 2, 2003; approved by the Regents.

Introduction
Advisories
Access to Academic Computing Facilities
Client Priviliges and Responsibilities
Proper Use
Computer Staff Authorities and Responsibilities
Copyrights and Licenses
Violations
Bringing of Charges
Disciplinary Action
Appeal of Disciplinary Action
Discipline Policy
 

Introduction

Open access to the academic network and associated academic computer facilities (Academic Computer Network or ACN) of the New Mexico Institute of Mining and Technology (Tech) and the world is a privilege and requires that individual users act responsibly. Users must respect the rights of other users, respect the integrity of the systems and related physical resources, and observe all relevant laws, regulations, and contractual obligations. This document has been prepared to help people retain that privilege. The preparation of this document included review and modification by the people using the Tech academic network and computers.

This document contains the official policy on access and use of the academic computing facilities and the academic network at Tech. In addition to this policy academic departments at Tech may have supplemental computer usage policies. You will need to contact them to find out about their policy.

The policy presented here applies to all academic computer systems at Tech, regardless of their operating system or manufacturer.

The term "academic computer" is meant to include any computer that is used primarily for academic efforts at Tech. It may or may not be connected to the Ethernet network at Tech. The term "academic computer system" may include network resources as well as the computer.

The phrase "general use academic computer facility" is meant to include facilities, machines, and peripherals that are intended to be used by more than one person in support of the Tech's educational mission. (This would, as an example, include user areas that a department has created for use by students enrolled in its programs. It would not necessarily include computing facilities in a professor's office.)

The term "Computer Staff" includes any professional staff and part-time student employees who work in academic computer facilities.

None of the statements in this policy are to be interpreted in a manner that would hinder the educational mission of Tech. If there is conflict, or ambiguity, between statements of this policy and those of other Institute policies, they will be resolved by the Director for Academic Computing and the appropriate Tech representative(s).

This policy will naturally change over the course of time as required to stay abreast of changes in the direction of Tech, in the computer field, and in society. Any such changes will be subject to comment and review by the Tech community and will require approval by such bodies as the President of Tech deems necessary, before going into effect.

Advisories

All data on any academic computer are considered to be the sole property of the owner of the account that created the data, except in instance where the account owner has previously assigned those rights to another or the original work is not that of the account owner.

Access to Academic Computing Facilities

Any member of Tech may apply for an account to use designated general use academic computing facilities. Accounts may also be created for faculty and staff of other schools by special arrangement. Valid identification must be presented when applying for an account. Students may also be required to present a current class schedule and proof of validation to show that any required fees have been paid.

Each account holder (or applicant) is required to supply the Computer Staff with the information necessary to properly maintain the system's account information database. [It should be noted that portions of this data may be accessible to anyone with access to the system and that some of the Computer Staff would have full access to the database. In particular, no right to anonymity or privacy exists. That is, users should know that it is possible for others to determine a user's name, given their login id.]

Persons granted special access means (e.g. means to access facilities outside the normal hours of operation) must restrict this access to themselves. If they wish to have permission to allow others access to their special privilege, they must specifically ask for it. In any case they must understand that the responsibility for the facilities so accessed still rests with them. In no case should the means of access (keys, access cards, combinations, passwords, etc.) be lent or given to others and if this occurs, access may subsequently be denied to both the user and the borrower.

Client Privileges and Responsibilities

Prior to receiving the privileges associated with an academic computer account, users must sign a statement that they also accept the responsibilities that accompany those privileges. People using the academic computer facilities are responsible at all times for using those facilities in a manner that is consistent with this policy and its intent.

They are responsible for obeying all official notices posted in the user areas, attached to equipment, displayed in the message of the day, posted in local policy newsgroups by appropriate staff members, or announced using electronic mail. They are also responsible for knowing and abiding by the policy set forth in this document, along with any changes announced by any of the means noted in this paragraph.

Users are also responsible for any and all activity initiated by their account. For this reason, as well as to protect their own data, they should select a secure password for their account and keep that password secret at all times. Passwords should not be written down, stored online, or given to others. (Passwords should never be given to ANYONE, even to someone claiming to be a Computer Staff member.)

Users are responsible for protecting their own files and data from reading and/or writing by others, with whatever protection mechanics are provided by the operating system in use. They are also responsible for picking up their printer output in a timely fashion to avoid theft or disposal.

Those using the academic computing facilities must act in a manner that will not cause damage to the academic computing resources of Tech. Examples of acts that can damage Tech's computing resources include, but are not limited to, electronic distribution of chain-letters, pyramid-schemes, harassing mail, illegal mail and posting material inappropriate for a targeted Usenet news group.

Theft, accidental damage, or damage caused by other parties must be reported to the Computer Staff as soon as possible so that corrective action can be taken.

Anyone observing or suspecting security violations, harassment, or other inappropriate behavior (for example, noise pollution in a user area) is encouraged to report such behavior to the Computer Staff.

Proper Use

The academic computing facilities exist as a resource of Tech to support its missions. The academic computing facilities are not to be used for any commercial activity not already associated with legitimate research activity. Commercial activities include, but are not limited to, consulting, typing services, and developing software for sale.

Game playing and the development of computer games are permitted on academic systems only when resources and facilities permit. These activities may be limited by time and locations. Work in pursuit of the goals of Tech has priority over game playing and game development (unrelated to course work).

Many resources, such as consoles, disk space, CPU cycles, network bandwidth, printer queues, batch queues, and software licenses, are shared by many people. Use of one or more of these resources in any way that unreasonably restricts its use by others is inappropriate and may require action by the Computer Staff to free the resource. Anyone repeatedly using these limited resources in an unreasonable way, and showing willful disregard for this policy, may be seen as attempting to deny services to others and may lose their access.

Anyone conducting experiments on computer security or self-replicating code must have that activity initially, and then periodically, reviewed to address the risks the work may place upon the rest of the Tech community. The Director of Academic Computing must be notified of the activities of such work well in advance of their occurrence in order to evaluate the risks involved. When possible, special arrangements will be made to provide an adequate environment for these efforts without risking damage to, or impairment of, other's work. Codes that fall into the above categories would include, but not be limited to, virus code, worm code, password cracking code, and password grabbing code.

The state of the systems security at any given time is not to be interpreted as an opportunity for abuse either by attempting to harm the systems or by stealing copyrighted or licensed software. Deliberate alteration of system files can be considered vandalism or malicious destruction of Tech property.

The ability to connect to other systems via the network does not imply the privilege to make use of or even connect to these systems unless properly authorized by the owner(s) of the system(s) in question. Tech facilities and network connections may not be used for the purposes of making unauthorized connections to, breaking into, or adversely affecting the performance of other systems on the network, whether these systems are Tech owned or not.

Other organizations that operate computing and network facilities that are reachable from Tech may have their own policies governing the use of those resources. When accessing remote resources from Tech facilities users are responsible for obeying both the policies set forth in this document and the policies of the other organizations.

Computer Staff Authorities and Responsibilities

Tech attempts to acquire and maintain resources that will be beneficial to most people. Tech also makes every reasonable effort to provide sufficient resources to ensure that reasonable use is possible for all users.

Tech will not, at its own expense, acquire, write, or maintain programs or hardware peculiar to a particular person's application. Tech will maintain a person's resources, at that person's expense, if there is sufficient time and staff available to do so. The Computer Staff has the responsibility to provide, when possible, advance notice of system shutdowns for maintenance, upgrades, or changes so that people may plan around periods of system unavailability.

However, under some circumstances, the Computer Staff may shut down a system with little or no advance notification. Every effort will be made to give people a chance to save their work before the system is taken out of service.

From time to time the Computer Staff may be required to adversely affect a person's work (for example, terminate their process) to protect either the computer system (machines and/or network) or other people's work. When such action is required the Computer Staff will attempt to contact the users in question and inform them what needs to be done. If they cannot be contacted in the time permitted by the situation, then the Computer Staff member responsible for affecting the users' work must deliver notification, to the user, of what happened and if possible what can be done to prevent it from happening again.

In accordance with federal and state law, the Computer Staff will undertake reasonable effort to maintain the privacy of a person's files, electronic mail, and printer listings. The following actions will require prior authorization, by the faculty or staff member responsible for granting accounts on the systems in question, before they can be carried out:

Computer Staff are also responsible for reporting any violations of Tech policy, state law, or federal law pertaining to the use of Tech computer facilities to the appropriate authorities whenever such violations come to their attention.

Copyrights and Licenses

It is against federal or state law and this policy to violate copyrights or patents. This applies to, but is not limited to: software, music, video, and any eligible digital item. It is against this policy and against federal or state law, to violate software license agreements.

Copying of licensed software is illegal except as allowed for by the license. Licensed software is not to be copied by anybody except as allowed by license. Many software packages have a limited number of licenses and so require people to share the licenses. The license agreements for some software found on academic computing systems may specifically restrict the software to instructional use. The System Administrator for the system on which the software resides must be consulted beforehand when planning the use of third party software (found on academic computing systems) for research or administrative tasks in lieu of purchasing research or administrative licenses for this software. To ensure compliance, only the System Administrator for the system may install software on that system.

Source code for licensed software may not be included in any software developed at Tech, in part or in whole, except as specifically permitted by the license pertaining to that source code.

If you have doubts, or questions, about the legality of copying any software, please contact the Director of Academic Computing before you undertake any copying.

Violations

Students and other users of the New Mexico Institute of Mining and Technology Academic Computer Network (ACN) facilities and equipment are expected to adhere at all times to the rules and guidelines established by state or federal law and by this document and related documents adopted by other academic departments. Individuals who violate these rules are subject to disciplinary action as indicated below.

The disposition of situations involving a violation of the policies set forth in this document and the penalties that may be imposed upon the person guilty of the violation(s) are described in this section.

Accidental infractions of this policy such as poorly chosen passwords, overloading systems, excessive disk space consumption, poor judgment, and so on, are typically handled internally in an informal manner by electronic mail or in-person discussions.

More serious infractions, such as unauthorized use, denial of service, attempts to steal passwords or data, attempts to steal licensed software, violations of Tech policies, harassment, or repeated minor infractions, may result in the temporary or permanent loss of academic computer system privileges without advance notice or warning.

Offenses that are in violation of state or federal laws can result in immediate loss, without advance notice or warning, of all academic computing privileges. The appropriate authorities will be notified of any such infractions, and penalties may be imposed under Tech regulations, New Mexico law, or the laws of the United States including the New Mexico Statutes 1978, Annotated, Chapter 30, Article 45.

Bringing of Charges

Charges of violations of these rules may be brought by any member of the student body, staff, and faculty. Charges should be directed to the faculty or staff member responsible for the academic computing system involved with the infraction. That person will determine if further action is required. He or she may require that the charges be made in writing. Normally, charges will be brought within ten days of the alleged violation, but in special cases the time limitation may be extended.

Notification of Charges

If further action is required, the faculty or staff member will turn the matter over to the ACN Discipline Committee. This committee is comprised of two members of the faculty, two students, and a Computer Staff member from the system involved (all of whom are users of the ACN and familiar with its operations). Members are selected and appointed by the Vice President for Academic Affairs. The committee will, after meeting with the individual charged and other parties who have information relevant to the case, decide what penalties, if any, are appropriate to the case.

Disciplinary Action

Any individual who is found to have violated ACN rules and/or policies is subject to one or more of the following penalties:

The committee may also decide to file charges of violation of the General Campus Rules with the Dean of Students.

Appeal of Disciplinary Action

Students who have been found to have violated ACN policies may appeal that finding to the Dean of Students. Further appeals will follow Institute policies on appeals.

Discipline Policy

Users of New Mexico Tech Academic Computer Network (ACN) facilities and equipment are expected to fully adhere to the general Rules, Regulations, and Guidelines established by the Vice President for Academic Affairs in the Student Handbook. Students who violate the rules will be subject to the disciplinary procedures and penalties as enumerated in the General Campus Rules and Disciplinary Policy sections of the Handbook. Faculty and staff using ACN facilities and equipment are subject to the policies and procedures set forth in the Disciplinary Action section of the New Mexico Tech Employee Handbook. Some situations involving faculty may be covered by regulations governing academic freedom and tenure. Users are fully subject to the appropriate state and federal laws as well.

If a violation is sufficiently serious, the matter will be referred to the appropriate authority (e.g., the Director of Academic Computing, Dean of Students, Vice President for Academic Affairs, Human Resources Director).

If a complaint concerns the appropriate nature of content, such as electronic mail or World-Wide-Web homepage, a Mediating Committee composed of the Dean of Students, Director of Public Information, Director of Academic Computing, and President of the Student Association, or their designees, will meet with the individual to discuss the complaint. If no voluntary remedy can be reached, the issue will be referred to the ACN Discipline Committee.