Student Technology Services Policies

Sample Violations • Photography Policy

The Johns Hopkins University is committed to providing a robust information technology environment to support its students and faculty in the pursuit of their research and instructional objectives. In general, undergraduate and graduate students are afforded the same access to computing and networking resources as are faculty and staff.

Understanding that for the university to maintain an environment of open access to networked computing resources is important, those who use these facilities must comply with the written policies coercing their use as well as the “spirit and intent” of these policies. Appropriate use of the resources includes instruction, independent study, authorizes research, and the official work of the offices, departments, recognized student organizations, and the agencies of the university. Any activity that intentionally obstructs or hinders the authorized use of campus computing and network resources is prohibited.

Examples of inappropriate activities include (but are not limited to):

Interfering with system security or integrity by:

• breaking into a system and/or accessing data files and programs without authorization;
• releasing a virus or other program that disables system performance or hinders other clients;
• exploiting security gaps;
• hindering supervisory or accounting functions of the systems;
• tapping phone or network lines.

Obstructing users from authorized services by:

• monopolizing computing resources or computer access;
• obtaining, possessing, using, or attempting to use someone else’s account or password without notification or permission;
• accessing, or attempting to access, another user’s data or information without proper authorization.

Harassment

• sending unsolicited e-mail, junk mail, or propagating chain letters;
• e-mail “bombing,” spamming, “ etc.;
• ethnic, racial, and sexual harassment.
  Forging Electronic Information
• creating, altering, or deleting the attribution of origin (e.g., “from” in e-mail, IP address in headers);
• sending messages under someone else’s address (e.g., hoax messages, even if intended as a joke).

Using university computers and networking resources for personal or private commercial purposes or financial gain.

The dramatic increase in the use of computers and shared networks during the past few years has correspondingly increased the potential for abuse of the system. As a matter of policy and sound security practices, Homewood Academic Computing routinely logs the use of its shared computing systems and monitors the traffic and performance of the campus network. So that the entire campus community can benefit from the shared systems as they are intended to be used, all users are expected to follow them as well. If you know someone who is willfully performing any of the inappropriate activities listed above and need assistance dealing with them, send an e-mail to Student Technology Services at consult@jhu.edu.

Student Privacy on JHU computer systems and networks means that each account, and the contents of files associated with that account, belong to the designated user(s); they must not be used or intruded upon by anyone else without the explicit permission of the designated owner; however, pursuant to the Electronic Communications Privacy Act of 1989, Title 18, United States Code, Sections 2510 and following, notice is hereby given that there are no facilities provided by the university that guarantee the confidentiality of files. The university reserves and intends to exercise the right to review, audit, intercept, access and disclose messages created, received, or sent over its computer and/or e-mail systems for any purpose.

A user of the university’s computer systems has no right of privacy in e-mail messages or other communications that are created, sent, received, or stored on these systems. Users of the university’s computer systems and networks are advised that they should not assume the confidentiality on any message. Further, a personal password does not guarantee the confidentiality of e-mail messages. Even when a message is deleted or erased, it is still possible to retrieve and read the message. However, it is not the routine policy of the university administrators or designees to view others’ files, and the intention is to keep files private, even though such privacy cannot be guaranteed.
Computer access for students is for educational purposes only. In general, educational use is interpreted loosely; however, abuse for economic gain or uses of a computer or network that adversely affects others will not be tolerated. If a concern emerges or there is a complaint regarding the usage of networks or university computers, the university or designated administrator (such as Student Technology Services) has the right to review the contents of your computer memory and storage, trace information, backups, file server accounts, and any multiuser computer account contents, to determine your involvement. Use of files or other software that is solely for the purpose of harassing other persons is considered just cause for administrative action. Possession of software solely intended to compromise system security or performance is also prohibited and will not be tolerated.

Descriptions of Sample Violations (Not Exclusive) E-Mail [Top]
You must not overload the communications servers; do not abuse your communication privileges. E-mail is a fast, convenient form of communication. That makes it easy to send mail to multiple recipients and puts a strain on shared systems. Note: If abuse is suspected, some e-mail is saved and is subject to examination by proper authorities as evidence.

Do not help propagate chain e-mail letters.
Forwarding chain e-mail is a violation of university computer policy. Chain e-mail can usually be identified by phrases in the subject line, such as “Forward- do not delete,” “don’t break the chain,” etc. Some chain e-mails promise good luck, tell stories and ask for help, or warn of false e-mail viruses. If there are a large number of addresses in the message, chances are very good that it is a chain e-mail. Do not be fooled. Delete all chain e-mail from your account. Contact Student Technology Services with any questions.

Do not “bomb” e-mail accounts
Sending numerous or large e-mail messages to one person is considered “e-mail bombing.” This may or may not be done in an attempt to disrupt the recipient’s network services. Sometimes e-mail “bombs” are used as a method of retaliation. Even if no harm was intended or it was simply a “harmless prank,” a single e-mail “bomb” can cause service disruptions to thousands of users.

Forgery
You must not alter any form of electronic communication (especially via forged electronic mail and news postings). Messages, sentiments, and declarations sent as electronic mail or sent as electronic postings should meet the same standards for distribution or display as if they were tangible documents or instruments. Forgery includes using another person’s identity.

Forgeries intended as pranks or jokes are still violations. Attempts to alter the attribution of origin (e.g., the “from” or “addressee” lines) in electronic mail, messages, or postings, will be considered transgression of university rules. You are free to publish your opinions, but they should be clearly and accurately identified as from you, or, if you are acting as the authorized agent of a group recognized by the university, as coming from the group authorized to represent.

Commercial Use of University Resources
The use of university resources, such as, but not limited to, e-mail, newsgroups, or the World Wide Web in order to advertise or solicit sales is strictly prohibited. Any commercial use of the University’s systems (through an office, RESNET, or JHU-Connect network connection, or stored on an e-mail account) resulting in a financial gain to yourself or someone else is a violation of this policy.

Copyright Infringements
Copyright exists in any original work which exists or is fixed in any tangible medium of expression. Images displayable on computer screens, computer software, music, books, magazines, scientific and other journals, photographs, and articles are some of the things subject to copyright. A copyright notice is not required. It is a violation of copyright law to copy, distribute, display, exhibit, or perform copyrighted works without authority of the owner of the copyright.

For your use, the university provides many programs and data that have been obtained under contracts or licenses stating that they may not be copied, cross-assembled, or reverse-complied. You are responsible for determining whether or not programs or data are restricted in this manner before copying, cross-assembling, or reverse-compiling them in whole or in any part. If it is unclear whether or not you have permission to do so, assume that you do not have permission to do so. Homewood Academic Computing will assist with any questions regarding software usage and licensing.

The Recording Industry Association of America (RIAA) has brought to the university’s attention numerous cases of Homewood students putting literally hundreds of copyrighted songs on sites residing on servers that are connected to the university network. We agree with RIAA’s Anti-Piracy Counsel that putting such songs on sites and downloading them amounts to serious violations of United States and foreign copyright law. Persons who put copyrighted music on sites and those who download it expose themselves to civil, and possibly criminal, consequences. Should RIAA or individual copyright owners take action against students who are alleged copyright infringes, the university will not provide such a person a legal defense or an indemnity against the award of damages. Such damages can amount to $100,000 per act of infringement.

Harassment
Any repeated or unwanted communication may constitute harassment. Any communication with the direct intention of harassing, threatening, implying or otherwise causing harm to individuals, classes of individuals is a violation of university policy. If you should receive any harassing messages electronically, you may consider notifying the sender. Many times the sender may not realize that their communication is unwanted or offensive unless you tell them. However, if the sender continues after being notified, you do not wish to contact the sender, or if the situation is serious, you should contact Student Technology Services at consult@jhu.edu. If the situation requires immediate attention, call University Security at 6-4600. Be sure to save copies of all harassing material.

Interfering with a User’s Authorized Services
Any activity that causes disruptions in service to other users is considered interference. In some cases, using more resources than you are entitled to can also be considered interference (e.g., using excessive storage space on shared systems, flooding chat channels or newsgroups). More importantly, you must not monopolize computing resources for leisure activities such as game playing and other trivial applications locally or over an affiliated network; printing excessive copies of documents, files, images or data. You should refrain from using unwarranted or excessive amounts of storage; printing documents or files numerous times because you have not checked thoroughly for all errors and corrections; or run grossly inefficient programs when efficient alternatives are known to be available. You should be sensitive to special needs for software and services available in only one location, and cede place to those whose work requires the special items.

Sharing Resource Accounts and Passwords
Your network login and password are for your personal use. If you share your login and password with your spouse, family members, friends or roommates, then you are giving them access to services they are not authorized to use. They may embarrass you by sending an e-mail, posting messages, or even chatting with people while posing as you. Do not share your account or password with anyone. If you suspect that someone may have obtained your password, change it immediately. If you suspect that someone has repeatedly accessed your login and password, notify Student Technology Services at 6-4242 immediately or send e-mail to consult@jhu.edu. Conversely, using someone else’s password to access services or data is also a violation of policy, regardless of how the password was obtained. Do not use anyone else’s password, account, or e-mail.

Disruption of System Security or Integrity
Tampering with the operation of any server or network resource is prohibited. Any such activity constitutes a threat to the normal operation of that resource and can potentially affect thousands of users. Any attempt will be regarded as malicious in intent and will be pursued in that perspective.

Tapping Phone or Network Lines
Running a network “sniffer” program to examine or collect data from the network is considered tapping a network and may constitute a violation of state or federal civil and criminal statutes. The university will pursue any suspected cases of network “tapping” accordingly.

Unauthorized Access
Legitimate use of the university’s computer systems does not extend to what one is capable of doing on that system. In some cases, there may be security loopholes through which people can gain access to a system or to data on that system, a network, or data. This is unauthorized access. If a student accidentally permits access to his or her files through the network, you do not have the right to access those files unless you have been given explicit authorization to access the material. This is similar to accidentally leaving your dorm room unlocked. You wouldn’t expect your neighbor to use that as an excuse for entering your room.

Consequences of Misuse
Infractions of this shared use policy may result in loss of system and network privileges. When Student Technology Services has reason to believe a user has violated the shared system policy, it may suspend the user’s account pending the outcome of an inquiry into the matter.

If, in addition to withdrawing privileges, Student Technology Services believes the violation warrants additional disciplinary action, the infraction may be referred to the Associate Dean of Student Life, Undergraduate Ethics Board, or Associate Dean responsible for graduate students in the school in which the accused student is enrolled for disciplinary procedures administered by them.

Certain violations may constitute criminal activity, which may be referred to local or federal law enforcement authorities. In particular, federal statutes 18 USCS 2511 (Electronic Communications Privacy Act), 18 USCS 1030 (Computer Crime Act), and Maryland state statute Article 27, Section 146, deal with the use of information technology and networking. Members of the university community are expected to respect any applicable local, state, or federal laws. Should further action be applicable, as in cases which violate local, state, or federal laws, the appropriate authorities may be notified.

Conclusion
The Johns Hopkins University and Student Technology Services recognize that our clients are extremely diverse in their needs and requirements. Providing this large range of services for research and instruction necessarily entails providing a relatively unrestricted and flexible systems’ and networks’ organization. To this end, we depend on and request that our users practice considerate and responsible computing and adhere to common sense standards. As noted in the Student Academic Manual:

“Students are expected to refrain from conduct that injures persons or property. The university expects all students to be law-abiding citizens, to respect the rights of others and to refrain from behavior which tends to impair the university’s purpose or its reputation within the community.”

When problems arise they will be dealt with to insure the unimpaired operation of our systems and network, but we request that all users are considerate and prudent in their use of resources. The shared systems are an extremely important and ever changing resource for the JHU community. As a member you are responsible for staying informed about the policies and procedures updates.

Photography and Film Rights Policy [Top]
The Johns Hopkins University reserves the right from time to time to film or take photographs of faculty, staff, and students engaged in teaching, research, clinical practices, and other activities, as well as casual and portrait photography or film. These photographs and films will be used in such publications as catalogs, posters, advertisements, recruitment and development materials, as well as on the university’s Web site, for various videos, or for distribution to local, state, or national media for promotional purposes. Classes will be photographed only with the permission of the faculty member.

Such photographs and film-including digital media-which will be kept in the files and archive of The Johns Hopkins University, will remain available for use by the university without time limitations or restrictions. Faculty, students, and staff are made aware by virtue of this policy that the university reserves the right to alter photography and film for creative purposes. Faculty, students, and staff who do not want their photographs used in the manner(s) described in this policy statement should contact the Office of Communications and Public Affairs.

Faculty and students are advised that persons in public places are deemed by law to have no expectation of privacy and are subject to being photographed by third parties. The Johns Hopkins University has no control over the use of photographs or film taken by third parties, including without limitation the news media covering university activities.