< Previous page ^ Table of Contents Next page >

Authorization for use of the Cambridge University Data Network: Notice

1. Authority

This document is published by the Director of the University Computing Service, as the Authorized Officer for services under the supervision of the Information Technology Syndicate. It specifies the designated use of the Cambridge University Data Network (CUDN) for the purposes of the rules made by the Syndicate.

2. Definition of CUDN

The CUDN is the name given to the collection of networking services and facilities operated by the University Computing Service in support of the communication requirements of the University of Cambridge, the Colleges of the University, and affiliated institutions.

3. Definition of User

This document applies to any institution, organization, or person authorized to use the CUDN, whether by section 4 below or by specific authorization by the Director of the University Computing Service. Any such institution, organization, or person is hereinafter referred to as the User.

4. Specified classes of persons authorized to use the CUDN

Staff and resident students of the University, and Fellows, staff, and students of the Colleges of the University are authorized to use the CUDN while holding those positions; persons designated as Visiting Scholars by the Head of the relevant University Department or, in the case of a College, by the Head of the College, are authorized to use the CUDN while so designated. Members of other institutions or organizations which have a direct connection to the CUDN are authorized to use the CUDN, but only when accessing the CUDN via that connection. (Such persons are not authorized to use other University facilities in order to make use of the CUDN unless explicit authorization to use those facilities has been given).

5. Provision of third party access

Occasional access to the CUDN may be provided by a User for temporary visitors in the same manner that the User may provide access to other facilities, e.g. a telephone system. In such cases, the User shall ensure that the facility is not abused. A User shall not otherwise, without the prior agreement of the Computing Service, provide any individual, institution, or organization who is not a User with direct or indirect access to the CUDN [1].

6. Connection of private networks

When a User is authorized to connect their own network, referred to hereinafter as a Private Network, to the CUDN, the User must ensure that any use of the Private Network which results in use of the CUDN is in accordance with the Authorization for Use of the CUDN.

7. Use of other networks connected to the CUDN

When the CUDN is used to access another network, abuse of the acceptable use policies of that other network is contrary to the Authorization for Use of the CUDN. In particular, acceptable use of JANET is specified by the JANET Acceptable Use Policy [2].

8. Specified purposes for use of the CUDN

The CUDN shall be used only in accordance with the aims of the University and the rules made by the Information Technology Syndicate, each as promulgated from time to time, and subject to the following conditions [3].

8.1 The CUDN shall be used only in accordance with all applicable legislation currently in force [4].

8.2 The CUDN shall not be used for the transmission or deliberate reception of defamatory material [5].

8.3 The CUDN shall not be used for the transmission of unsolicited commercial or advertising material.

8.4 The User should be aware that the CUDN is part of the Internet, which is an open network across which information is in general transferred without encryption or other means of obscuring the transmitted material. The content of communications may therefore become accessible to persons other than the intended recipient(s). Moreover, other information relating to the transmission of a communication, such as means of identifying the source and destination, is routinely available to those who operate the CUDN and the other networks which make up the Internet.

(a) If the User becomes aware of information, other than information which is intended to be publicly available, for which the User is not the intended recipient, the User shall keep that information confidential and may, at the User's discretion, forward the information to the intended recipient, advise the sender of the unintended reception, or destroy the information; save that, if the information appears to refer to the misuse of a computer system or network or to any criminal activity, the User may disclose the information to a relevant authority, which may include the Computing Service management and/or the Police.

(b) The Computing Service shall have to right to record and/or analyse data relating to the transmission of information on the CUDN for investigating network problems (including, but not limited to, performance), the misuse of computers connected to the CUDN or elsewhere, or use of the network which is not in accordance with relevant acceptable use policies; in each case the problem or offence may be actual or, with reasonable grounds, suspected. This data may also be recorded for the purposes of accounting and/or statistical analysis, whether for the production of historical reports or for load prediction relating to the network or to local or remote network services. The conditions specified in (a) above shall also apply to members of staff of the Computing Service except in so far as disclosure is essential for the execution of their duty.

(c) In cases when the recording and/or analysis of data (see (b) above) relates to the information contained in high-level protocol data units (for example the user's data in an electronic mail message), the investigation of each case shall be individually authorized by the Director of the Computing Service or the Director's nominated deputy.

8.5 It is the responsibility of the institution, organization, or individual person for whom the CUDN connection is provided to take reasonable steps to ensure compliance with the conditions of use and to ensure that unacceptable use of the CUDN does not occur. The discharge of this responsibility must include making the documents 'Authorized Use of the CUDN' (this document) and 'JANET Acceptable Use Policy' [4] known to those who use that CUDN connection.

8.6 The institution, organization, or individual person for whom the CUDN connection is provided shall nominate a contact person who shall be reasonably accessible and shall have the authority and willingness to act to assist the Computing Service in diagnosing and remedying problems in the User's equipment connected to the CUDN, the User's Private Network, or any equipment connected to the Private Network, when those problems are interfering with the proper operation of the CUDN or any networks to which the CUDN is connected.

8.7 The Computing Service shall have the right of access to any equipment connected to the CUDN or a Private Network to determine whether and how that equipment or network may be interfering with the proper operation of the CUDN or any networks to which the CUDN is connected.

8.8 The Computing Service shall have the right to remove or disable the CUDN connection if the Computing Service believe that the User, the Private Network, or any connected equipment is interfering with the proper operation of the CUDN or any networks to which the CUDN is connected, or is abusing the usage conditions.

8.9 The Computing Service shall have the right to perform tests over the CUDN to investigate network performance, reliability, and security. In particular, such tests may investigate the vulnerability of computers connected either directly to the CUDN or to a Private Network.

8.10 If a User believes that the Computing Service is behaving unreasonably in the exercise of the rights of this Clause (8), they may report this to the Chairman of the Information Technology Syndicate, who may appoint one or more persons to investigate the actions of the Computing Service in this respect and to report their findings to the Syndicate.

8.11 The University, its Colleges and affiliated institutions, and their agents and servants shall not be held responsible for loss or damage, direct or indirect, arising from use of the CUDN or any of the networks to which it is connected, whether directly or indirectly.

Notes

[1] This note provides explicit detail concerning the provision of CUDN access to third parties as specified in clause 5.

The essence is that access to the CUDN must not be provided to third parties (individuals or organizations) except under the circumstances specified below and subject to any additional conditions that the hosting institution may apply.

[2] Copies of the JANET Acceptable Use Policy may be obtained from the JANET Liaison Desk, UKERNA, Atlas Centre, Chilton, Didcot, Oxfordshire, OX11 0QS. At the time of writing (June 1999) Version 4.0 (April 1995) is current.

[3] The document Use and Misuse of IT Facilities, available from the Computing Service, gives more details of the allowable use of the CUDN in accordance with this document and the Rules made by the IT Syndicate.

[4] This legislation includes, but is not limited to:

[5] Criminal libel can occur whether the defamatory statements are true or false and whether or not the statements are made available only to one other person, but the material must be likely to cause serious damage to a person's reputation or a disturbance of the peace. Civil libel does not require serious damage, but it is a defence to show that the words were true in fact or substance. This Notice does not give full legal details relating to libel and similar actions.


< Previous page ^ Table of Contents Next page >

Cambridge University Reporter, 23 June 1999
Copyright © 1999 The Chancellor, Masters and Scholars of the University of Cambridge.