Policy Manual

Allowable Uses

Non-Competition

University electronic resources shall support the mission of the University and not be in competition with commercial providers.

Restrictions

University electronic communications resources may not be used for:

  • Unlawful activities;
  • Commercial purposes not under the auspices of the University;
  • Personal financial gain except as permitted under applicable personnel policies;
  • Personal use inconsistent with acceptable uses;
  • Uses that violate other University or campus policies or guidelines

Representation

Use of the University’s name and seal is regulated by University Communications. Users of electronic communications resources must abide by this statute as well as by University and campus policies on the use of the University’s name, seals, and trademarks. Users of electronic communications resources shall not give the impression that they are representing, giving opinions, or otherwise making statements on behalf of the University or any unity or sub-unit of the University unless appropriately authorized to do so.

Endorsements

Users of electronic communications resources must abide by University and campus policies regarding endorsements. References or pointers to any non-University entity contained within the University electronic communications shall not imply University endorsement or the products or resources of that entity.

False Identity and Anonymity

Users of University electronic communications resources shall not, either directly or by implication employ a false electronic identity (the name or electronic identification of another). However, a supervisor may direct an employee to use the supervisor’s identity to transact University business for which the supervisor is responsible. In such cases an employee’s use of the supervisor’s electronic identity does not constitute a false identity.

A user of University electronic communications resources may use a pseudonym an alternative name or electronic identification for oneself for privacy or other reasons, so long as the pseudonym clearly does not constitute a false identity. The gcsu.edu mail address shall be the official means of communication and the only authorized e-mail address used to conduct University business. Pseudonyms or alternative names shall be approved by University Communications.

A user of University electronic communications resources may not remain anonymous except when publishing web pages and transmitting broadcasts.

Interference

University electronic communications resources shall not be used for purposes that could reasonably be expected to directly or indirectly cause excessive strain on any electronic communications resources, or interference with others’ use of electronic communications resources.

Users of electronic communications resources shall not send or forward

  • Electronic chain mail letters or their equivalents in other resources.
  • Spam that exploits electronic communications systems for purposes beyond their intended scope to amplify the widespread distribution of unsolicited electronic communications.
  • An extremely large message or send multiple electronic communications to one or more recipients to interfere with the recipient’s use of electronic communications systems and resources.
  • Intentionally engage in other practices such as “denial of service attacks” that impede the availability of electronic communications resources.

Personal Use

University users of a University electronic communications facility or resource may use that resource for incidental personal purposes that, in addition to the foregoing constraints and conditions, such use does not

  • Directly or indirectly interfere with the University’s operation of electronic communications resources.
  • Interfere with the user’s employment or other obligations to the University.
  • Burden the University with noticeable incremental costs. When noticeable incremental costs for personal use are incurred, users shall follow campus guidelines and procedures for reimbursement to the University.
  • Does not constitute a commercial service.

Approved contractors or vendors using University electronic resources shall reimburse the University for the use of those resources at fair value.

The Georgia Open Records Act requires the University to disclose specified public records. In response to request for such disclosure, it may be necessary to access electronic communications records that users consider to be personal allowing the Director of Legal Affairs to determine whether they are public records that are subject to disclosure.

The University is not responsible for any loss or damage incurred by an individual as a result of personal use of University electronic communications resources.

Accessibility

All electronic communications intended to accomplish the academic and administrative tasks of the University shall be accessible to allowable users with disabilities in compliance with law and University policies. Alternate accommodations shall conform to law and University policies and guidelines.

Intellectual Property

The contents of all electronic communications shall conform to laws and Fair Use policies of the University and USG regarding protection of intellectual property, including laws and policies regarding copyright, patents, and trademarks. When the content and distributions of an electronic communication would exceed fair use as defined by the federal Copyright Act of 1976 or the Digital Millennium Copyright Act, or the TEACH Act, users of University electronic communications resources shall secure appropriate permission to distribute protected material in any form, including text, photographic images, audio, video, graphic illustrations, and computer software.

Access Restriction

Access to and use of University electronic communications resources or electronic communications resources, when provided is a privilege accorded at the discretion of the University. This privilege is subject to the normal conditions of acceptable use, including procedures for initiation and termination of access. In addition, access to and users of University electronic communications resources or electronic communications resources may be wholly or partially restricted or rescinded by the University without prior notice and without the knowledge or approval of the electronic communications users when required by and consistent with law. Access to resources may be restricted when there is substantial reason to believe that violation of law or University policies have taken place, when there are compelling circumstances, or under time-dependent, critical operational circumstances. Restoration of access and use under such condition is subject to established university procedures or, in the absence of such procedures, to the approval of the CIO. Service providers may, nonetheless, restrict access to or from University electronic communications systems and resources on a temporary basis as needed in Emergency Circumstances and Compelling Circumstances in order to address an emergency or prevent damage or loss.

In compliance with the Digital Millennium Copyright Act, the University reserves the right as determined by the CIO or their designee to suspend or terminate access to University electronic communications systems and resources by any user who violates copyright law.

Privacy and Confidentiality

The University recognizes that principles of academic freedom and shared governance, freedom of speech, and privacy hold important implications for the use of electronic communications in an academic setting. This policy reflects these firmly-held principles within the context of the University’s legal and operational obligations. The University respects the privacy of electronic communications in the same way that it respects the privacy of paper correspondence and telephone conversations, while seeking to ensure that University administrative records are accessible for the conduct of the University’s business.

The University does not routinely inspect, monitor, or disclose electronic communications without the holder’s consent. Nonetheless, subject to the requirements for authorization, notification, and other conditions specified in this Policy, the University may deny access to its electronic communications resources and may inspect, monitor, or disclose electronic communications under very stated policy considerations.

University policy prohibits University employees and others from “seeking out, using, or disclosing” personal information without authorization, and requires employees to take necessary precautions to protect the confidentiality of personal information encountered in the performance of their duties or otherwise.

University contracts with outside vendors for electronic communications resources shall explicitly reflect and be consistent with this and other University policies as well as all laws related to privacy.

Access Without Consent

An electronic communication holder’s consent shall be obtained by the University prior to any inspection, monitoring, or disclosing of the contents of University electronic communications records, in the holder’s possessions, except as provided for below.

The University, after approval of the CIO, shall only permit the inspection, monitoring, or disclosure of electronic communications records without the consent of the holder of such records;

  • When required by and consistent with law.
  • When there is substantial reason to believe that violations of law or University policies, have taken place.
  • When there are compelling circumstances.
  • Under time dependent, critical operational circumstances.

When under the circumstances described above, the contents of electronic communications must be inspected, monitored, or disclosed without the holder’s consent, the following shall apply: Compelling Circumstances: The Electronic Communications Policy cites circumstances under which access to electronic communications may occur without the prior consent of the holder. The following are University policies that may all access without the holder’s notification:

  • University policies governing sexual or other forms of harassment.
  • Certain portions of policies governing access to University records.
  • Breach of the faculty code of conduct.
  • Personnel policies for staff members.
  • Collective bargaining agreements and memoranda of understanding.
  • Policies applying to campus activities, organizations, and students.

Violations of other policies can normally be detected and investigated without requiring nonconsensual access to electronic communications. On occasion, attention to possible policy violations is brought about because of the receipt by others of electronic communications. However, it is acknowledged that electronic communications can be forged, the true identity of the sender can be masked, and the apparent sender might deny authorship of the electronic communication. In such circumstances and provided there is substantiated reason that point to the identity of the sender, non-consensual access to the purported sender’s electronic communication may be authorized, but only to the lowest level of extent necessary for verifying unambiguously the identity of the sender, and only for major violations of the following policies:

  • Policies governing sales of goods or services outside the University.
  • Policies governing use of University material or property.
  • Policies governing use of University credit, purchasing power, or facilities.
  • Policies applying to campus activities, organizations, and students governing use of

University properties for commercial purposes and personal financial gain.

  • Policies governing provision of University mailing lists to others.
  • Policies governing the reproduction of copyrighted material for teaching and research.
  • Campus access guidelines for employee organizations.

Authorization: Except in emergency circumstances, such actions must be authorized in advance and in writing by the, the Chief Information Officer. This authority may not further be redelegated. Authorization shall be limited to the lowest level of perusal of contents and the lowest level of action necessary to resolve the situation.

Emergency Circumstances: In emergency circumstances, the lowest level of perusal of contents and the lowest level of action necessary to resolve the emergency may be taken immediately without authorization, but appropriate authorization must then be sought without delay following the procedures.

Notification: In either case, the responsible authority or designee shall at the earliest possible opportunity that is lawful and consistent with other University policy notify the affected individual of the action(s) taken and the reasons for the action(s) taken. The University will issue in a manner consistent with law an annual report summarizing instances of authorized or emergency non-consensual access.

Compliance with Law: Actions taken shall be in full compliance with the law and other applicable University policies. Advice of the University’s Director of Legal Affairs must always be sought prior to any action involving electronic communications (a) stored on equipment not owned or housed by the University, or (b) whose consent is protected under the federal Family Educational Rights and Privacy Act of 1974.

Recourse: Review and appeal of action taken for recourse to individuals who believe that actions taken by employees or agents of the University were in violation of this Policy, shall make initial contact with the University’s Chief Information Officer.