Guidelines for Web Information Providers

• Introduction
• The mechanics of information provision
  • Authoring
  • Publishing
  • Adaptation for the Web
  • Server Administration
  • Facilities available to Cambridge information providers
• Web servers
  • Types of server
  • Links to a new server
  • Registration and naming
• The regulatory framework
  • University and College regulations
  • Publishing information about the University or a College
  • Authorization for Use of the CUDN and JANET Acceptable Use Policy
  • Legal considerations
• Accessibility information
• General Remarks on content and style
• Further information

Introduction

The Web (the World Wide Web) is a system for providing information in a flexible manner via the Internet computer network. Much displayed information consists of hypertext, which is plain text formatted by the use of a "mark-up" language called HTML (hypertext markup language). As well as hypertext, web information may consist of images, animated pictures or movies and sound. Programs may be included to which run on the displaying machine in order to achieve special effects.

It is an international system so, unless special steps are taken, information "put on the web" might be seen anywhere in the world. The provision of information via the web therefore constitutes publishing the material and the laws and regulations which govern traditional publishing are likely to be applicable.

The Computing Service and the UAS use the web for provision of University information services. It is IT Syndicate policy that institutions should maintain their own information rather than rely on material provided centrally. The idea is that information should be managed close to home. Departments and Colleges run their own web servers and/or maintain their information using the managed web server service provided by the Computing Service. Some institutions include only institutional information, others allow individuals to provide data too.

Individuals have a number of routes for publishing information: some publish material on their private machines, others publish via the PWF or CUS, and some use the student-run computing facility (SRCF).

This document has four main sections:

• the first discusses the mechanics of web information provision;
• the second gives examples of different types of server and how they may be linked with associated systems;
• the third concentrates on the requirements for web servers to operate within a regulatory framework consisting of University and College rules, the conditions for the use of academic networks and the relevant laws of the land;
• the fourth gives some general guidelines on security, content, layout etc.

The mechanics of information provision

There are four activities involved in the provision of information via the web. In the case of an individual publishing his own material, all four may be carried out by the same person; for institutions it is usually the case that several people are involved. The four activities are

• Authoring
• Publishing
• Adaptation for the web
• Administration of the server

Authoring

The authors are the people who provide the raw information. They may be experts in a particular field providing research information, lecturers making their notes available, Departmental secretaries providing general information about their Departments, Chairmen of Examiners giving details of topics in particular papers, College staff with collections of photographs of buildings etc. Adding the HTML "markup" to the plain text may or may not be done by the author of the original material.

Publishing

The publisher of information is the person authorised to make it publicly available. The author may be the publisher as well, but in a Department there may well be just one or two people who are authorised to publish official information about the institution in order to ensure some degree of quality control.

While authors should, of course, be aware of the legal restraints imposed by publishing laws, it is the publishers who have the ultimate responsibility. The publishers also need to manage those people responsible for each item of information (e.g. for ensuring its accuracy and for carrying out updates).

All web information should have an indication of the publisher, their affiliation and when the material was last updated; the publisher is normally the point of contact for reader comments. A contact email address should be provided.

Adaptation for the web

As soon as there is a reasonable amount of information on a server, whether from one publisher or several, there is work to be done organising a structure. This entails maintaining an appropriate "home" page with links into the body of information and perhaps to other relevant material elsewhere on the web, setting up suitable menus and cross links between the information. The home page requires regular monitoring and checking to ensure that links are not erroneous or out of date and maintaining regular topical information keeps the page fresh. It is emphasized that the maintenance of web information involves an ongoing commitment; it is not an activity which is done once and then requires only minimal effort.

Larger documents need to be broken down into units both to avoid the transfer of excessively massive amounts of data in one go and so that users can read the pages more comfortably. Such breaking down requires some thought about how the information is to be used; for example, where users might wish to save or print an entire document, it may be appropriate to provide both subdivided and entire versions.

Clearly, pictures (especially moving ones) and high quality sounds require more information to be transmitted over the network than plain text. There is some skill in presenting information in such a way that readers attached to the network via slow links (and perhaps paying for telephone calls on dialup connections) can first see essential text information and then have the option of stopping the downloading of graphical material. Pictures should be 'labelled' so that readers who do not or cannot view graphics will then see something meaningful (or nothing if the picture is purely decorative). Similarly, readers who do not or cannot handle animated pictures or sounds should at least be able to understand whether they are missing essential information.

Server administration

The computer serving the web data needs to be managed. The software which serves the information, once installed, will require maintenance as will the operating system. The filing system in which the data resides needs to be appropriately structured into directories to ensure a logical way for administrators to find things and help with efficient running. All the usual system management tasks associated with system security, regular backups, maintenance contracts etc. have to be looked after. If constant availability of the information is important, perhaps some hardware spares need to be carried on site.

In order to avoid the work involved in managing their own web server machine, smaller institutions or cross-institutional groups may prefer to use the managed web server service offered by the Computing Service. The use of this facility is restricted to departments and similar organisations; it is not available to individuals, societies etc. However, registered University societies have their own mechanism for publishing web pages. See further details at the end of this document.

Facilities available to Cambridge information providers

There are several Computing Service-run facilties available to information providers in the University and colleges.

Site-wide search engine

The Computing Service run a site-wide search engine that creates an index of the content of all more-or-less official web servers within the University. You can use the search engine to search just your site, and we can provide you with a 'packaged' search which makes this easier. Although the search engine will find appropriately named web servers by itself, it is a better plan to let web-support@ucs.cam.ac.uk know when you plan to make a new web server available, and the packaging will be set up for you. The data used by the packaged search is also used in the maintenance of the a-z and department directory files on www.cam.ac.uk, so it is very useful to keep up to date.

Web servers that are for multi-institutional projects and have addresses outside the University network, but are Cambridge based, can usually be indexed by the search engines, but we will have to do this explicitly, so you will have to let us know.

More information about the search engine is at http://www.cam.ac.uk/cs/web-search/.

The Raven web authentication service

Raven is a service used by some University of Cambridge web sites to identify people so that decisions (such as granting or denying access) can be made based on who that person is. Raven is provided by the University Computing Service, and uses standard Computing Service user identifiers (CRSid) and 'Raven passwords' to identify people. See Information for Webmasters to find out how web servers in the University can be configured to use Raven's services.

Web servers

Types of server

The simplest case is that of a private individual wishing to publish material about himself or herself. One way of doing this is to use a Mac or PC connected via a College or Departmental network. Such a machine normally runs other tasks besides the web and this may degrade performance from time to time (someone accessing the web information may notice delayed response while the machine is dealing with a spreadsheet, for example). Note that the machine should remain connected and switched on all the time. All four activities associated with web publication are generally carried out by the one individual.

Alternatively, an individual might make "personal pages" available on a shared multi-user machine such as those below.

Another common instance is that of a research group in a department with a shared machine. Again the machine commonly has other tasks besides running the web site, but, in this case, the system is likely to have an administrator. The separate members of the group may all act as authors, and the tasks of publishing and adapting the material for the web may be handled by one particular member of the group or several people.

Once there is substantial material to present, a dedicated machine is generally the most efficient way to handle the web. Some of the larger departments have such web servers and the centralised University information run by the Computing Service also uses dedicated machines. Alternatively, smaller departments may prefer to use the Computing Service's managed web server service mentioned earlier, and University Societies may prefer to use the facilities specially set up for them; see further information at the end of this document.

Links to a new server

When setting up a new server or information for a new institution on the managed web server service, it is good practice to inform computer staff in your institution and the managers of any associated web servers so that links to your new information can be set up to help readers find it. For example, a server for a research group might be linked from the Department's home page; a Fellow's private web server might be mentioned in his or her College's web information.

Registration and naming

The Computing Service is responsible for allocating domain names within the cam.ac.uk domain under some fairly strict guidelines laid down by the IT Syndicate: such names may only be issued for institutions and for University-wide services - for example darwin.cam.ac.uk for Darwin College and hermes.cam.ac.uk for the University email system. Anyone setting up a server in a new domain or starting to use the managed web server service needs to consult the Computing Service about allocating a suitable name; this should be done through institution-liaison@ucs.cam.ac.uk. The choice of an appropriate name is particularly important for institutional information, but may be relevant in other cases too.

Cross-departmental or cross-institutional web servers and others requiring names other than in cam.ac.uk may be set up within the CUDN, but seek advice from institution-liaison@ucs.cam.ac.uk.

The regulatory framework

There are various sets of relevant rules and regulations, all of which must be complied with.

University and College regulations

A consequence of the IT Syndicate policy that institutions should maintain their own web information is that it is up to individual institutions to decide upon their own supplementary regulations. Anyone setting up web pages for a University or College institution must first ensure that they are abiding by these locally-issued directives. The first contact for this purpose would normally be the local computer systems manager (who may well be running a server on behalf of the institution and so will have useful advice); failing that, try the Departmental Secretary or the College Bursar. Personal pages on Computing Service systems such as the PWF, CUS and University Society pages are similarly covered by particular regulations.

Some institutions may forbid individual independent web servers on their networks altogether; others may impose conditions such as insisting that standard disclaimers must appear whenever private pages are accessed. Infringement of local regulations risks disconnection of the machine by the local network manager; infringement of University regulations on an institution's web server risks disconnection by the Computing Service of the whole institution's network, isolating the institution from the CUDN. However, such matters are more usually corrected by liaison rather than by imposition of these ultimate sanctions.

Publishing information about the University or a College

A general guideline is that no individual shall publish material which might bring the University or a College into disrepute or which could endanger its good name and reputation. Another general rule is that anything which is illegal in itself is also contrary to University and College regulations.

Individuals should beware of unintentionally and without authorisation publishing material which may appear (or be misread) as being on behalf of an institution. Restrictions on what may be published on behalf of the University appear in the Statutes and Ordinances and similar considerations may apply in the case of individual Colleges. In particular, there are likely to be restrictions and codes of practice regarding the use of shields and crests in published material. Institutions may also impose restrictions of their own. Finally, even if material is specifically authorised to be published on behalf of an institution, there may be a need for an additional check that confidential material is not being inadvertently released.

Authorization for Use of the CUDN and JANET Acceptable Use Policy

Since a machine attached to a College or Departmental network usually achieves connection to the Internet via the University Data Network (CUDN) and the Joint Academic Network (JANET), any web information comes within the scope of both the IT Syndicate Rules and the associated Guidelines, and the Rules governing the use of JANET.

The IT Syndicate's Rules are published in Ordinances and are also available in the Computing Service's web pages. Note in particular that the use of IT facilities for private financial gain or for commercial purposes requires special authorisation.

The complete regulations governing the use of the CUDN and JANET are published in the documents "Authorization for Use of the CUDN" and "JANET Acceptable Use Policy" respectively. A summary of the main restrictions appears in the Guidelines which amplify the IT Syndicate's Rules; both Rules and Guidelines are published online.

The main restrictions likely to be of interest to someone providing web information are as follows. Many of them are also covered by legal prohibitions.

The CUDN and JANET do not allow:

• the creation or transmission (other than for properly supervised and lawful research purposes) of any offensive, obscene or indecent images, data or other material, or any data capable of being resolved into indecent images or material;
• the creation or transmission of material which is designed or likely to cause annoyance, inconvenience or needless anxiety;
• the creation or transmission of defamatory material.

Other forbidden activities are less directly relevant to web information providers, but one particular risk deserves mention. If a web server is used to distribute software, care must be exercised to avoid infringement of the regulation which forbids the promulgation of viruses and other such programs likely to cause disruption and inconvenience to others.

Legal considerations

At the highest level there are legal responsibilities regarding publishing which include copyright, libel, official secrets, race relations, equal opportunities, data protection and freedom of information, protection of children, minors and vulnerable adults, accessibility to information by the disabled, etc. Only general information about the main areas is given here. The situation can become complicated when the server is in one country and the person accessing the data in another; it may then not be clear which country's laws apply.

Copyright

While it is very easy to scan material such as pictures for inclusion in web information, or to fetch information from elsewhere on the network and include it among one's own data, permission to publish copyright material on the web must first be obtained from the authors and publishers just as for traditional publishing. Note in particular that permission to use non-text (such as maps, trademarks, photographs, drawings, animated pictures, audio etc.) may need separate negotiation from that for the associated text. Even if permission for traditional publication has already been obtained, the change of use for web needs to be reported to the copyright holder and appropriate extension of the permission obtained before the material is used.

Note that the laws on the publishing of material (whether on paper or electronically) are much stricter than those on photocopying, for example.

Although not strictly a copyright problem, there have been related cases where links have been set up so as to give a misleading impression by omitting or reordering some of the original information to which they point. Target organisations to which such links are directed may take strong objection. It is therefore good practice to liaise with the manager of a server in cases where extensive links to it are set up.

Libel

Beware of publishing information about individuals and organisations. Data which might defame or damage reputations, even if just expressed as an opinion, could become the subject of a libel action. If in doubt, do not publish or check first with an appropriate authority such as the University Press and Publications Office.

Official Secrets

The Official Secrets Act 1989 is the relevant legislation. Some research material from government and commercial contracts may come within its remit, particularly when associated with defence matters. Certain information provided by suppliers under government contract can also be deemed classified under the Act.

Race Relations and Equal Opportunities

Under the Race Relations Act 1976 it is forbidden to publish material which discriminates or encourages discrimination on the grounds of race or ethnic origin. Similarly, the Sex Discrimination Act 1975 covers equal opportunities and forbids discrimination on the grounds of gender. This might also relate to the next section.

Data Protection and Freedom of Information

The Data Protection Act 1998 is designed to ensure that storers of computer information about living individuals are registered and that the information is correct. The University and Colleges have registrations covering such things as directories, but that does not necessarily cover individual members of staff acting for themselves. Web publishers are advised to seek permission from individuals before including their "personal data", especially if photographs are to be included, since these are likely to reveal race or gender or both. In cases of doubt, consult the Data Protection Officer (data.protection@admin.cam.ac.uk).

The Freedom of Information Act came into force in January 2005 and makes it possible for anyone to request recorded information. Please see further information at http://www. admin.cam.ac.uk/univ/information/foi/ about your obligations to answer requests.

Illegal material including protection of children, minors and vulnerable adults

Many schools are now connected to the Internet, besides the individuals who connect from home via dialup, so there is certainly high risk of web material being seen by minors. The laws governing the protection of children and minors are mostly concerned with pornographic and violent material; there seems unlikely to be any reason why such data should be made available or linked to from within the University or Colleges. If there is any doubt about the legality of material, please seek advice.

Any published pictures of children must only be published with the specific written consent of their parent or guardian, and their names must not be included in the accompanying text. Pictures including children when no identifying features are in the shot are usually permissible, for instance if faces, sweatshirt logos, etc. cannot be seen.

Accessibility information

The Special Education Needs and Disability Act (2001) made it an offence to publish on the web or make available information on the web that is not accessible by disabled students, staff or public. The University Web Accessibility Policy gives full information on your obligations.

General remarks on content and style

It is inadvisable to publish in detail the specification and whereabouts of all the equipment in the institution. Such information could be a boon to thieves and thefts from Departments in the past may have been facilitated by web material.

Keep information relevant and try to ensure that what is displayed makes sense even if images, pictures etc. fail to appear because of network congestion or because the user is on a slow connection. Test that the information displays correctly using as many different browsers as possible; do not assume that, because a page looks beautiful on your own PC, that it will look as good on another PC and another browser.

The University has a house style and Departments use it for their printed material. A separate house style for the web is available.

The IT Syndicate Rules restrict use of the CUDN for commercial advertising and similar activities unless specific permission is obtained. Deciding what is and is not commercial can be problematic. For example, an author who is a member of a Department may include his publications as part of a CV on a personal or Departmental web server, but a straightforward advertisement for such publications would not be appropriate. Similarly, a Department which has produced a teaching package might well include details on its web server, but would be well advised to provide a pointer to a commercial outlet elsewhere rather than offer it for sale directly. Similarly, web information must not be provided on behalf of third parties (i.e. outside the University and Colleges) without specific authorisation. Whence permissions and authorisations should be sought depends upon how widely the web information is readable; if only within the institution, then local rules apply; if the material is accessible via the CUDN, then the IT Syndicate is the appropriate authority; if non-University material is made available over JANET from a University or College web server, then a JANET proxy licence must be obtained via the Computing Service.

Further information

For any advice on setting up and running a web server or web materials, contact web-support@ucs.cam.ac.uk at the Computing Service.

For details of the Computing Service Managed Web Server Service, see Computing Service leaflet G26, available via the web at the URL http://www.cam.ac.uk/cs/docs/eleaflets/g26/.

For information about publishing material on behalf of the University, contact web-support@ucs.cam.ac.uk in the first instance.

For regulations governing the connection of computers to a local area network, contact the institution's Computer Officer.

For conditions of publishing material in a Department, contact the Departmental Secretary. For Colleges, the appropriate person varies from one College to another; try the Bursar's office in the first instance if the Computer Officer cannot help.

The IT Syndicate Rules and associated Guidelines are available via the web at the URLs http://www.cam.ac.uk/cs/itsyndicate/rules/rules.html and http://www.cam.ac.uk/cs/itsyndicate/rules/guidelines.html.

Provision of web information for University Societies is described in Computing Service leaflet G65, also available via WWW at the URL http://www.cam.ac.uk/cs/docs/leaflets/g65/.

For queries aqbout establishing names for servers and setting up cross-institutional services, contact institution.liaison@ucs.cam.ac.uk.

Last updated 8 April 2005