Home Regulations Regulations of Use

Regulations Concerning the Use of University Computing Services

Please note the addition to paragraph 10 indicated by red text and the changes to paragraph 8 (Data Protection).

Senate has made the following regulations for the use of the University's computing services:

1. No person shall use the computing facilities of the University without due authorisation given on behalf of the University by the Head of the Department operating the facility, or by the Computer Centre when its facilities are being used.
   
   
2. Every allocation of computing resources shall be made on the understanding that it is to be used only for the purpose for which it was requested and only by the person or persons by whom or on whose behalf the request was made. Computing Resources will normally only be made available to support activities relating to research, teaching or administration, and any unauthorised use for other purposes may be treated as a disciplinary offence (see paragraphs 10 and 11). Use shall not be made of computing resources allocated to another person or group of persons unless such use has been specifically authorised.
   
   
3. No person or persons shall by any wilful or deliberate act jeopardise the integrity of the computing equipment, its systems programmes, the work of other users or other stored information.
   
   
4. Those persons authorised to use the computing resources shall be expected to treat as privileged any information not provided or generated by themselves which may become available to them through their use of computing resources; they shall not copy, modify, disseminate, or use any part of it without permission of the appropriate person or body. Furthermore they must observe any special restrictions placed on the use of specified software or data and stated in any documentation relating to its use.
   
   Unless advised to the contrary, they must assume that all software is subject to the provisions of copyright law.
   
   Arrangements for the back-up copying and distribution of software and documentation, which are subject to the conditions of the licences for their use, will be made by the University: individual users of software will not be permitted to copy or to pass on (even to other members of the University) copies of the software, unless and only to the extent that the terms of the licence specifically permit.
   
   
5. In the case of any information which is designated in a Notice issued by the University as proprietary or otherwise confidential, every person using the facilities shall be required:
   
   
   1. to observe the instructions that may be issued by the University specifying ways in which the information may be used; to ensure that the requirements of the agreements, contracts or licences under which the software is made available to the University will be maintained in all respects;
      
      
   2. not to copy, modify, disseminate, or make use of it in any way not specified in those instructions, without first obtaining written permission from the University;
      
      
   3. to ensure that, where legitimate copies are made, such copies carry an appropriate copyright statement either as provided by the manufacturer or in suitable alternative form.
      
      
6. No person or persons shall obtain or distribute software by illegal means, nor run any illegally obtained software on University equipment. Users will return all copies of the software at the end of their course/year/project/period of employment or when requested to do so. They will also assist the University, in the event of the termination of a licence for the use of some software product, to remove all copies of that software and to make arrangements for the safeguarding of the authorised archival copy.
   
   
7. The University and users of its resources are required to comply with the Computer Misuse Act 1990. Three specific offences are defined:
   
   Definition 1: Unauthorised Access to Computer Material, including using another person's identifier (username) and password, without proper authority, in order to use data or a program, to alter, delete, copy or move a program or data, or simply to output a program or data (for example, to a screen or printer); laying a trap to obtain a password; reading examination papers or examination results;
   
   Definition 2: Unauthorised Access to a Computer with intent, including gaining access to financial or administrative records;
   
   Definition 3: Unauthorised Modification of Computer Material, including destroying another user's files; modifying system files; creation of a virus; introduction of a local virus; introduction of a networked virus; changing examination results; and deliberately generating information to cause a complete system malfunction.
   
   
8. The Data Protection Act 1998 regulates the processing of personal data using computers (and/or manual files). 'Personal data' means any information relating to a living individual, and 'processing' means almost anything done with it, including, for example, storing it.
   
   The Data Protection Act 1998 also gives individuals certain rights of access to personal data held about them by others. Any personal data processed by a person at the University, using the resources of the University, will be deemed to be held by the University for the purposes of the Act, unless that person has registered as a Data Controller with the Office of the Data Protection Commissioner (ODPC). Therefore personal data processed by any person at the University may have to be made available if an individual applies to the University for access to it.
   
   Persons processing personal data must have the proper authorisation from their Head of Department/Office and must make themselves aware of the general requirements of the Data Protection Act 1998, and in particular must abide by the eight Data Protection Principles as set out in Schedule I of the Act and further explained in Schedules II and III. Copies of the University's current guidance on data protection can be obtained from Heads of Department or from the University's Data Protection Officer.
   
   The guidance is also available at http://www.le.ac.uk/ua/rg/dataprotection/. In brief, the requirements are that the personal data must be: fairly and lawfully obtained; be accurate; be kept up-to-date; be held securely; not be put onto an Internet site or taken outside of the European Economic Area without the consent of the individual concerned; and be deleted or destroyed when it is no longer relevant to retain it. Persons who fail to comply with any Guidance or Code of Practice in force may be held personally liable for any resulting breaches of the Data Protection Act 1998.
   
   Any person who wishes to use the University's resources for private purposes such as consultancy or any other activity which is unrelated to their studies or work at the University, must have the proper authorisation to do this and must be registered as a 'data controller' with the ODPC. It should be noted that any person failing to register with the ODPC in such circumstances may be liable to criminal prosecution.
   
   
9. If at any time persons are allocated computing resources for private purposes, including consultancy or any other work outside the scope of their official duties or functions, they shall be personally responsible for reimbursing the Computer Centre by a specified date, at a rate determined from time to time, for the cost of the resources used.
   
   
10. If any persons use computing resources for private purposes without specific authorisation to do so, they shall be charged with the cost of such use in accordance with paragraph 9, and action may also be taken under paragraph 11. Any persons who have been charged with the cost of computing resources who fail to make reimbursement within the stipulated time shall be suspended from use of computing resources until they make such reimbursement.
    
    Occasional personal use of the University e-mail service is permitted so long as such use is not excessive, in volume, frequency or time and does not disrupt or restrict usage by other legitimate users.
    
    
11. The staff of the University will at all times have authority to maintain good order in the use of the University's computing facilities and may suspend or exclude from their use any person who breaks these Regulations. They may report to the Vice-Chancellor or a Pro-Vice-Chancellor any person responsible for serious or persistent misuse of computing facilities which breach these or any other Regulations: such conduct by any student will be considered a breach of the Code of Student discipline.
    
    
12. Computer programs developed on facilities provided by the University cannot be sold without the prior written agreement of the University. Users are responsible for reporting to the University, immediately it comes to their notice, any reasonable probability of financial or commercial advantage arising out of their use of the resources, whenever this advantage would accrue and whomsoever would benefit. Users may not attempt to incorporate any software or any modified version of the software into any program written by them, without the written permission of the University.
    
    
13. The University expects users, when applying for research contracts and other outside monies, to take into account all costs including computing and data preparation costs. Where there is outside financial support, or when such support becomes available, to cover the computing elements of a project, this must immediately be declared in writing to the University. All such chargeable work must be run under the username specifically allocated for that purpose.
    
    
14. Additional regulations specific to individual facilities may be added from time to time.

LAST REVISED: 2005  

|||