Policy on Responsible Use of College Computing Resources at RISD
This policy applies to all users of College computing resources, whether affiliated with the College or not, and to all uses of those resources, whether on campus or from remote locations. Additional policies may apply to specific computers, computer systems, or networks provided or operated by specific units of the College or to uses within specific units. Consult the operators or managers of the specific computer, computer system, or network in which you are interested or the management of the unit for further information.
As a part of the physical and social learning infrastructure, RISD acquires, develops, and maintains computer systems, software, and networks. These computing resources are intended for College-related purposes, including direct and indirect support of the Colleges instruction, research, and service missions; of College administrative functions; of student and campus life activities; and of the free exchange of ideas among members of the College community and between the College community and the wider local, national, and world communities.
The rights of academic freedom and freedom of expression apply to the use of College computing resources. So, too, however, do the responsibilities and limitations associated with those rights. The use of College computing resources, like the use of any other College-provided resource and like any other College-related activity, is subject to the normal requirements of legal and ethical behavior within the College community. Thus, legitimate use of a computer, computer system, software, or network does not extend to whatever is technically possible. Although some limitations are built into computer operating systems, software and networks, those limitations are not the sole restrictions on what is permissible. Users must abide by all applicable restrictions, whether or not they are built into the operating system or network and whether or not they can be circumvented by technical means.
All users of College computing resources must:
- Comply with all federal, Rhode Island, and other applicable law; all generally applicable College rules and policies; and all applicable contracts and licenses. Examples of such laws, rules, policies, contracts, and licenses include the laws of libel, privacy, copyright, trademark, obscenity, and child pornography; the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit "hacking", "cracking", and similar activities; the College's code of student conduct; the College's sexual harassment policy; and all applicable software licenses. Users who engage in electronic communications with persons in other states or countries or on other systems or networks should be aware that they may also be subject to the laws of those other states and countries and the rules and policies of those other systems and networks. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.
- Use only those computing resources that they are authorized to use and use them only in the manner and to the extent authorized. Ability to access computing resources does not, by itself, imply authorization to do so. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before proceeding. The College requires all users to register their computer or other such device as authorization to access all associated systems and services. Computer accounts are automatically created for all registered students and staff and are available for full-time and adjunct faculty. Accounts and passwords may not, under any circumstances, be shared with, or used by, persons other than those to whom they have been assigned by the College.
- Respect the privacy of other users and their accounts, regardless of whether those accounts are securely protected. Again, ability to access other persons' accounts does not, by itself, imply authorization to do so. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before proceeding.
- Respect the finite capacity of those resources and limit use so as not to consume an unreasonable amount of those resources or to interfere unreasonably with the activity of other users. The College does place limits on the amount of e-mail and file storage. However, there is no set bandwidth, CPU time, or other limit applicable to all uses of College computing resources, the College may require users of those resources to limit or refrain from specific uses in accordance with this principle. The reasonableness of any particular use will be judged in the context of all of the relevant circumstances.
- Refrain from using those resources for personal commercial purposes or for personal financial or other gain. Personal use of College computing resources for other purposes is permitted when it does not consume a significant amount of those resources, does not interfere with the performance of the user's job or other College responsibilities, and is otherwise in compliance with this policy. Further limits may be imposed upon personal use in accordance with normal supervisory procedures.
- Refrain from stating or implying that they speak on behalf of the College and from using College trademarks and logos without authorization to do so. Affiliation with the College does not, by itself, imply authorization to speak on behalf of the College. Authorization to use College trademarks and logos on College computing resources may be granted only by the Communications Department as appropriate. The use of suitable disclaimers is encouraged.
- Refrain from copying software or other copyrighted materials, unless specifically authorized to do so by the owners of those files. Users must comply with all licensing agreements for software installed on RISD-owned computers. RISD does not permit and will not tolerate the use of software that has been copied or installed in violation of copyright or license agreement. Any software found to be in violation of copyright law will be removed from the computer immediately.
Users who violate this policy may be denied access to College computing resources and may be subject to other penalties and disciplinary action, both within and outside of the College. Violations will normally be handled through the College disciplinary procedures applicable to the relevant user. For example, alleged violations: by students will normally be investigated, and any penalties or other discipline will normally be imposed, by the Dean of Student Affairs, Faculty to the appropriate Dean and Provost, and Staff to the Executive Vice President for Administration and Finance. However, the College may temporarily suspend or block access to an account, prior to the initiation or completion of such procedures, when it reasonably appears necessary to do so in order to protect the integrity, security, or functionality of College or other computing resources or to protect the College from liability. The College may also refer suspected violations of applicable law to appropriate law enforcement agencies.
Security and Privacy
The College employs various measures to protect the security of its computing resources and of their users' accounts. Users should be aware, however, that the College cannot guarantee such security. Users should therefore engage in "safe computing" practices by establishing appropriate access restrictions for their accounts, guarding their passwords, and changing them regularly.
Users should also be aware that their uses of College computing resources are not completely private. While the College does not routinely monitor individual usage of its computing resources, the normal operation and maintenance of the College's computing resources require the backup and caching of data and communications, the logging of activity, make and model of computers, configuration, software usage, the monitoring of general usage patterns, and other such activities that are necessary for the rendition of service. The College may also specifically monitor the activity and accounts of individual users of College computing resources, including individual login sessions and communications, without notice, when (a) the user has voluntarily made them accessible to the public, as by posting to Usenet or a web page; (b) it reasonably appears necessary to do so to protect the integrity, security, or functionality of College or other computing resources or to protect the College from liability; (c) there is reasonable cause to believe that the user has violated, or is violating, this policy; (d) an account appears to be engaged in unusual or unusually excessive activity, as indicated by the monitoring of general activity and usage patterns; or (e) it is otherwise required or permitted by law. Any such individual monitoring, other than that specified in "(a)", required by law, or necessary to respond to perceived emergency situations, must be authorized in advance by the Executive Vice President for Finance and Administration for those incidents involving College staff, the Provost for this incidents involving either students or faculty .
The College, in its discretion, may disclose the results of any such general or individual monitoring, including the contents and records of individual communications, to appropriate College personnel or law enforcement agencies and may use those results in appropriate College disciplinary proceedings.
This policy was approved as of
This policy was last reviewed/modified on: 7/22/2020
Information Technology Services
Senior Vice President of Finance and Administration