Conditions of Use of Information Technology (IT) Facilities

Conditions of Use of Information Technology (IT) Facilities at Imperial College

This is a local copy of a college security policy document.

The User agrees and accepts that:

Use of College IT facilities, and their use to access non-College IT facilities, must be for the purpose of University research, teaching, coursework, associated administration or other authorised use. No 'private/commercial' work is permitted without prior authorisation. College IT facilities include the network, the virtual private network (VPN), computers, printers and the associated services e.g. software, data, email, Web, E-journals, bulletin boards, data bases but do not exclude any other part of the College IT facilities.
Occasional personal use of the Desk top computer, e-mail and web access is permitted provided such use does not disrupt the conduct of College business or other Users.
When using College IT facilities the user must comply with the College Information Systems Security Policy and all relevant statutory and other provisions, regulations, rules and codes of practice. Specifically, but not exclusively, the User must:
- Not disclose to others her/his College login name/password combination(s) or access or attempt to access IT facilities at College or elsewhere for which permission has not been granted or facilitate such unauthorised access by others.
- Not use or produce materials or resources to facilitate unauthorised corruption, changes, malfunction or access to any IT facilities at the College or elsewhere. Attempted access to IT facilities includes scanning activities (e.g. port scanning).
- Not display, store, receive or transmit images or text which could be considered offensive e.g. material of a sexual, pornographic, paedophilic, sexist, racist, libellous, threatening, defamatory, of a terrorist nature or likely to bring the College into disrepute.
- Not forge email signatures and/or headers, initiate and/or forward 'chain' or 'junk' or 'harassing' email.
- Not play unauthorised games.
- Respect the copyright of all material and software made available by the College and third parties and not use, download, copy, store or supply copyright materials including software and retrieved data other than with the permission of the Copyright holder or under the terms of the license held by the College.
- When holding data about living individuals, covered by the College Data Protection Policy, register that data and its uses, and treat it in accordance with the Principles, as required by the Data Protection Act. Student users must not construct or maintain computer files of personal data for use in connection with their academic studies/research without the express authority of the Departmental/Divisional Data Protection Co-ordinator.
- When responsible for Information Servers or the information held thereon abide by the College Code of Practice for Information Servers and be aware that a User may be considered in law to be a Publisher in certain circumstances.
All data/programs created/owned/stored by the user on or connected to College IT facilities may, in the instance of suspected wrong doing, be subjected to inspection by College or by statutory authorities. Should the data/programs be encrypted the User shall be required to provide the decryption key to facilitate decryption of the data/programs.
Other than any statutory obligation, the College will not be liable for any loss, damage or inconvenience arising directly or indirectly from the use of, or prevention of use of, any IT facility provided and/or managed by the College.
Whilst the College takes appropriate security measures against unauthorised access to, alteration, disclosure, destruction or accidental loss of personal and other data it cannot and does not give any warranties or undertakings to the USER about security, confidentiality or integrity of data, personal or other. The same applies to other IT material submitted to or processed on facilities provided or managed by the College or otherwise deposited at or left on its premises.
His/her name, address, photograph, status, e-mail name, login name, alias, College Identifier (CID) and other related information will be stored in computerised form for use for administrative and other purposes e.g. monitoring system usage.
As provided by the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000, made under the Regulation of Investigatory Powers Act 2000 the College will intercept and monitor electronic communications for the purposes permitted under those Regulations in accordance with the Code of Practice on Monitoring Electronic communications in the College Information Systems Security Policy.
These conditions apply to non-College owned equipment e.g. personal Laptops, home PCs when connected to the College network, directly and/or via the VPN, for the duration that the equipment is using the College network.

Breach of these conditions may lead to College disciplinary procedures being invoked, with penalties which could include suspension from the use of all College computing facilities for extended periods and/or fines. Serious cases may lead to expulsion or dismissal from the College and may involve civil or criminal action being taken against the User.

If you need advice or have any queries on the above please contact CSG.