5.22.1 – Procedure – Acceptable Use of Computers and Information Technology Resources

Part 1: Purpose

Subpart A: Acceptable Use. This procedure establishes responsibilities for acceptable use of Lake Superior College (LSC) information technology resources. College information technology resources are provided for use by currently enrolled LSC students, administrators, faculty, other employees, and other authorized users. College information technology resources are the property of LSC, and are provided for the direct and indirect support of the College’s education, research, service, student and campus life activities, administrative, and business purposes, within the limitations of available College technology, financial and human resources. The use of LSC information technology is a privilege conditioned on compliance with LSC Policy 5.22, LSC Procedure 5.22.2 Cellular and Mobile Computing Devices, this procedure, and any procedures or guidelines adopted pursuant to this procedure.

Subpart B: Academic Freedom. Nothing in this procedure shall be interpreted to expand, diminish, or alter academic freedom provided under Minnesota State Board Policy, a system collective bargaining agreement, or the terms of any charter establishing a college library as a community or public library.

Part 2: Applicability. This procedure applies to all users of LSC information technology, whether or not the user is affiliated with LSC and to all uses of those resources, wherever located.

LSC is not responsible for any personal or unauthorized use of its resources, and security of data transmitted on its information technology resources cannot be guaranteed.

Part 3: Definitions

Subpart A: The definitions in LSC Procedure 5.22.2, Cellular and Other Mobile Computing Devices, apply to this procedure.

Subpart B: Security Measures. Security measures means processes, software, and hardware used by system and network administrators to protect the confidentiality, integrity, and availability of the computer resources and data owned by the College or its authorized users. Security measure include, but are not limited to, monitoring or reviewing individual users accounts for potential or actual policy violations and investigating security-related issues.

Subpart C: College Information Technology. College information technology means all facilities, technologies, and information resources used for information processing, transfer, storage and communications. This includes, but is not limited to, computer hardware and software, computer labs, classroom technologies such as computer-based instructional management systems, and computing and electronic communications devices and services, such as modems, e-mail, networks, telephones (including cellular), voicemail, facsimile transmissions, video, and multimedia materials.

Subpart D: Transmit. Transmit means to send, store, collect, transfer, or otherwise alter or affect information technology resources or data contained therein.

Subpart E: User. User means any individual, including, but not limited to, students, administrators, faculty, other employees, volunteers, and other authorized individuals using College information technology in any manner, whether or not the user is affiliated with LSC.

Part 4: Responsibilities of All Users

Subpart A: Compliance with Applicable Law and Policy

1. Users must comply with laws and regulations, Minnesota State Board Policy and System Procedure and LSC policies and procedures, contracts, and licenses applicable to their particular uses. This includes, but is not limited to, the laws of libel, data privacy, copyright, trademark, gambling, obscenity, and child pornography; the federal Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit “hacking” and similar activities; state computer crime statutes; Student Code of Conduct; applicable software licenses; and Minnesota State Board Policies 1.B.1, prohibiting discrimination and harassment; 1.C.2, prohibiting fraudulent or other dishonest acts; and 3.26, concerning intellectual property.
2. Users are responsible for the content of their personal use on College information technology, and any liability resulting from that use.
3. Users must use only College information technology they are authorized to use and use them only in the manner and to the extent authorized. Ability to access information technology resources does not, by itself, imply authorization to do so.
4. Users are responsible for use of College information technology under their authorization.

Subpart B: Unauthorized Use

1. Users must not:
   1. Use any account or password assigned by the College to someone else.
   2. Share any account or password assigned to the user by the College with any other individual, including family members; or
   3. Allow others to use College information technology resources under their control in violations of this procedure or related laws and policies, including, but not limited to, copyright laws or license agreements.
2. Users must not circumvent, attempt to circumvent, or assist another in circumventing security controls in place to protect the privacy and integrity of data stored on College information technology.
3. Users must not change, conceal, or forge the identification of the person using the College information technology, including, but not limited to, use of e-mail.
4. Users must not download or install software onto the College’s information technology without prior authorization from appropriate campus or Minnesota State officials, except when necessary to meet the academic mission.
5. All electronic communicators, including e-mail, web postings, etc are subject to libel laws, academic misconduct penalties, and harassment-related prohibitions as outlined in college policies.
6. Users must not engage in inappropriate uses, including:
   1. activities that violate state or federal law or regulation;
   2. wagering or betting;
   3. harassment, threats to or defamation of others, stalking, and/or illegal discrimination;
   4. fund-raising, private business, or commercial activity unrelated to the mission of LSC, as determined by the Director of Institutional Advancement:
   5. storage, display, transmission, or intentional or solicited receipt of material that is or may be reasonably regarded as obscene, sexually explicit, or pornographic, including any depiction, photograph, audio recording, or written word, except as such access relates to the academic pursuits of a LSC student or professional activities of a LSC employee; and
   6. “spamming” through widespread dissemination of unsolicited and unauthorized e-mail messages including chain letters;
   7. Promotional advocacy;
   8. Advertisement of events or items for sale or rent that result in personal gain or revenue for non-college departments, programs or approved organizations.

Subpart C: Protecting Privacy. Users must not violate the privacy of other users and their accounts, regardless of whether those accounts are securely protected. Technical ability to access others’ accounts does not, by itself, imply authorization to do so.

Subpart D: Limitations on Use. Users must avoid excessive use of the College’s information technology. Excessive use means use that is disproportionate to that of other users, or is unrelated to academic or employment-related needs, or that interfere with other authorized uses. The College may require users to limit or refrain from certain uses in accordance with this provision. The reasonableness of any specific use shall be determined by the College Administration in the context of relevant circumstances.

Subpart E: Unauthorized Trademark Use. Users must not state or imply that they speak on behalf of the College, and must not use College trademarks or logos without prior authorization. Affiliation with the College does not, by itself, imply authorization to speak on behalf of the College.

Subpart F: Social Networking Guidelines. Users of official College social networking sites are expected to follow all guidelines as described by the College (link to guidelines). Every attempt will be made by the College to keep the guidelines relevant given the rapidly changing nature of social networking sites. The College uses social networking sites for the express purpose of fostering online communities and interactions with various constituent groups. All users are expected to exercise their freedom of speech with responsibility. The College reserves the right to edit or remove, without notice, any content posted at an official College social networking site in accordance with the published guidelines for using such sites.

Part 5: System Employee Users. All employees of Minnesota State and LSC are subject to State of Minnesota Statutes section 43A.38, the code of ethics for employees in the executive branch. In addition to compliance with that statute and this procedure, it is expected that employees will use the traditional communication rules of reasonableness, respect, courtesy, and common sense when using the College’s information technology.

Subpart A: Personal Use

1. Personal use of system-owned cellular devices is not allowed. See LSC Procedure 5.22.2 Cellular and Other Mobile Computing Devices.
2. In accordance with Minnesota Statutes, section 43.A.38, subdivision 4, system employees may make reasonable use of system information technology for personal communications as long as the use is in accordance with state law, Minnesota State Board Policy and System Procedure, and the use, including the value of employee time spent, does not result in an incremental cost to the state, or results in an incremental cost that is so small as to make accounting for is unreasonable or administratively impracticable, as determined by the system. Reasonable use means use consistent with this procedure.

Subpart B: Union Activities. Employees shall not use the College’s technology resources for union activities except as authorized by law and applicable collective bargaining agreements. Prohibited uses include campaigning for union office, union organizing activities, political activities, fundraising, and solicitation of employees for union membership. In the interest of maintaining effective labor-management relationships and efficient use of College time and resources, College e-mail systems may be used by employee representatives of the union for certain union activities, in accordance with applicable collective bargaining agreements. Union use of electronic communication technology is subject to the same conditions as employee use of such technology, as set forth in LSC Policy 5.22. and this procedure, including security and privacy provisions.

Subpart C: Political Activities. College employees shall not use the College’s information technology for political activities prohibited by State of Minnesota Statutes sections 43A.32 or 211B.09, or other applicable state or federal law.

Subpart D: Religious Activities. College employees shall not use College information technology in a manner that creates the impression that the College supports any religious group or religion generally in violation of the Establishment Clause of the First Amendment of the United States Constitution or Article 1, Section 16 of the Minnesota State Constitution.

Part 6: Security and Privacy

Subpart A: Security. Users shall take appropriate security measures, including the appropriate use of secure facsimiles or encryption or encoding devices, when electronically transmitting data that is not public.

Subpart B: Privacy. Data transmitted via College information technology are not guaranteed to be private. Deletion of a message or file may not fully eliminate the data from the system.

Subpart C: Right to Employ Security Measures. The College reserves the right to monitor any use of the College’s information technology, including those used for personal purposes. Users have no expectation of privacy for any use of the College’s technology resources, except as provided under federal wiretap regulations (21 U.S.C. sections 2701-2711).

The College does not routinely monitor individual usage of its information technology resources. Normal operation and maintenance of the College’s information require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns, and other activities that are necessary for such services. When violations are suspected, appropriate steps must be taken to investigate and take corrective action or other actions as warranted. College officials may access data on the College’s information technology, without notice, for other business purposes including, but not limited to, retrieving business-related information, re-routing or disposing of undeliverable mail, or responding to requests for information permitted by law.

Part 7: Application of Government Records Laws

Subpart A: Data Practices Laws. Government data maintained on the College’s information technology is subject to data practices laws, including the Minnesota Government Data Practices Act and the federal Family Education Rights and Privacy Act, to the same extent as they would be if kept in any other medium. Users are responsible for handling government data to which they have access or control in accordance with applicable data practices laws.

The College shall ensure the confidentiality of electronic data in accord with the Confidentiality of Student Records policy and related procedures.

Subpart B: Record Retention Schedules. Official College records created or maintained electronically are subject to the requirements of the Official Records Act, Minnesota Statutes section 138.17 to the same extent as official records in any other media. Official records must be retained in accordance with the applicable approved records retention schedule appropriate for the type, nature, and content of the record. Willful improper disposal of official records may subject an employee to disciplinary action.

Part 8: College Policies & Procedures

1. Reporting of illegal activities – Illegal activities will be reported to the Vice President of Technology and Connect eLearning in accordance with local, state and federal law and Minnesota State guidance as determined by the College’s administration.
2. Reviewing requests for use of college property – Requests to use the trademarks or logos of the College shall be reviewed by the Director of Public Information and Governmental Relations.
3. Security and Integrity – The Vice President of Technology and Connect eLearning shall be responsible for establishing and implementing security policies, standards and guidelines to protect the integrity of LSC information technology and its users.
4. Questions – Concerns or problems regarding the use of college information technology or concerning intended or unintended interruption of service should be sent to the Vice President of Technology and Connect eLearning.
5. Decisions – Regarding the approval of the use of hardware or software are to be made by the Vice President of Technology and Connect eLearning.

Part 9: Enforcement. Conduct that involves the use of college information technology resources to violate a college policy or procedure, or state or federal law, or to violate another’s rights, is a serious abuse subject to limitation or termination of user privileges and appropriate disciplinary action, legal action or both.

Subpart A: Access Limitations. LSC reserves the right to temporarily restrict or prohibit use of its information technology by any user without notice.

Subpart B: Repeat Violations of Copyright Laws. LSC may permanently deny use of the College’s information technology by any individual determined to be a repeat violator of copyright laws governing Internet use.

Subpart C: Disciplinary Proceedings. Complaints shall be investigated by the Vice President of Technology and Connect eLearning and/or designee who will make a recommendation to the appropriate administrator if sanctioning is warranted. Alleged violations shall be addressed through applicable college policies and procedures, to address allegations of illegal discrimination and harassment; Student Code of Conduct for other allegations against students; or the applicable collective bargaining agreement or personnel plan for other allegations involving employees. Appeals shall be heard in accordance with the College’s Non-discrimination policy, Student Code of Conduct or applicable collective bargaining agreements or personnel plans. Continued use of the College’s information technology is a privilege subject to limitation, modification, or termination.

Subpart D: Sanctions. Willful or intentional violations of this procedure are considered to be misconduct under applicable student and employee conduct standards. Users who violate this policy may be denied access to the College’s information technology and may be subject to other penalties and disciplinary action, both within and outside of the College. Discipline for violations of this policy may include any action up to and including termination or expulsion.

Subpart E: Referral to Law Enforcement. Under appropriate circumstances, LSC may refer suspected violations of law to appropriate law enforcement authorities, and provide access to investigative or other data as permitted by law.

Date Implemented: October, 2010