Shared Unix workstation policies
Introduction
The shared Unix workstations support research and degree-granting instructional programs at Stanford University. These systems include Unix workstations and servers, their associated software, storage, and input/output devices, and access to Stanford's computer network, SUNet. The policies that govern the use of these systems have been established to provide equitable, secure, and reliable access to these resources.
The centrally managed, shared Unix workstations are owned and operated by Stanford University, a private institution, for its private purposes. These computer facilities are not for public use. These facilities are not a provider of wire or electronic communication service to the public nor are these facilities a provider of remote computing services to the public.
Responsible Use
Stanford expects each person affiliated with the University to be a responsible user of its resources. Such resources include computer hardware, software, and SUNet, the campus-wide computer network. Misappropriation of these resources can be prosecuted under applicable statutes. Students will be held accountable for their conduct under the Fundamental Standard. Complaints alleging a Stanford person's abuse of computing resources will be referred to the appropriate Computer Security Officer, University Judicial Affairs Office, or cognizant Staff Affairs Officer.
Eligibility to use the Shared Workstations
One must be eligible for and have obtained a valid SUNet ID (Stanford University Network Identifier) before one can use the shared workstations. All Stanford students, faculty, and staff are eligible for a SUNet ID. Persons not affiliated with the Stanford community may obtain SUNet IDs if they are sponsored for one by authorized members of the community.
The shared workstations may not be used for any political or commercial purposes. Its facilities are not available to summer conferences, alumni programs, industrial affiliates programs, continuing education, and similar organizations or uses.
Computer accounts and other computer facility access privileges are granted to individuals only. You may use only your own account and access privileges; you may not grant permission to any other person to use them.
Service Agreement
Each person who uses the shared workstations must assume responsibility for his or her personal actions. Each person who uses these computer facilities consents to the following:
I have been given the opportunity to read the shared workstation usage policies. I promise that my use of the shared workstations will conform to these policies.
The account or access privileges I have requested are solely for my individual use.
I will not grant permission to anyone else to use my computer account or access privileges.
I am personally responsible for all use of the computer facilities for which I have an account or access privileges.
The remainder of this policy statement contains important information on:
Ownership of Data
Newsgroups (Bulletin Boards)
Reliability of Data Storage and the Privacy of Data
Termination of Access and Accounts
Offensive Behaviors
Ownership of Data
Copyright is the ownership and control of the intellectual property in original works of authorship. University policy is that all rights in copyright shall remain with the creator (except in situations where work is done for hire or under contractual obligations, but such work is not allowed on the shared workstations). Therefore, your work is your property.
The shared workstations are the licensee of many software packages that are protected by copyright law. Under the terms of the license agreements, it is forbidden to provide copies of such materials for use elsewhere. Moreover, it must prohibit individuals from making copies to be used elsewhere. Further, Stanford has a University-wide policy regarding software copying to which all community members are expected to adhere: unlawful software copying is not permitted. (For more information, see the Stanford University Computer and Network Usage Policy on the web at http://adminguide.stanford.edu/62.pdf)
The shared workstations may include scanning equipment that transfers images and text from printed pages into computer-readable form. Neither this equipment nor the computer files resulting from the use of this equipment may be used in violation of any copyright.
Newsgroups (Bulletin Boards)
As a Stanford service, some of its computer systems are allowed to store newsgroups containing information contributed by campus members and, through Stanford's wide-area network connections, by individuals world-wide. Stanford is not responsible for the content of these newsgroups. The shared workstation system's policy is that the content of a message is the responsibility of its author. The University reserves the right to remove from the newsgroups any contribution which, in its opinion, creates a possible liability for Stanford or a duty by Stanford to any party.
Reliability of Data Storage and the Privacy of Data
To as great a degree as possible, the shared workstations provide reliable storage for files, text, programs, data, and other materials stored on these computers. (Files stored on removable media, such as your personally-owned floppy disks, are excluded.) Computer systems are complex: they are subject to failures in ways that cannot be foreseen. To minimize the effects of such failures, the the shared workstation computers periodically copy all files to alternate media (usually magnetic tape). The resulting tapes can be used to restore files that have been lost due to hardware or software malfunctions.
The shared workstation administrators undertake, by their best efforts, to hold private those files that are stored. However, because the ability to maintain the privacy of your files is limited, as described below, you should be wary of using these systems (or any shared-access computer system) for the storage of highly sensitive information. Users of these facilities are cautioned to have no expectation of absolute privacy.
There are several respects in which the desire to assure privacy conflicts with the goal of assuring reliable storage of, and access to, your files:
When files are copied to the backup media using a program run by staff, every file will be backed up irrespective of any file protection mechanisms that have been set.
When you delete a file, you cannot be assured that every copy of the file will be deleted. A number of copies may be retained on backup media for up to a year.
As described in the section dealing with Offensive Behaviors below, when an allegation of misconduct is made, we reserve the right to inspect any files stored on these computers and to record any communications that pass through these computers. We will provide, to an appropriate authority, any information we possess that is relevant to the specific allegation.
Termination of Access and Accounts
For students and faculty, eligibility for and access to the workstations ends 120 days after affiliation with Stanford ceases; for staff, SUNet ID services end as soon as employment ends. For those persons with sponsored SUNet IDs, eligibility and access end as soon as sponsorship ends. Prior to the expiration of eligibility, all users are responsible for forwarding their email to a new address, if applicable, and for removing their files, programs, and directories from the Leland Systems. After a person's grace period has expired, his or her account will be deleted and all access will terminate. Stanford students who have been registered in the spring, and who will register again in the fall, are customarily allowed to use the systems during the summer, though this is not guaranteed.
Offensive Behaviors
Stanford deplores any behavior harmful to people, property, or endeavor. Stanford staff will investigate and pursue appropriate disciplinary or legal action when the behavior of an individual user of the shared workstation systems is alleged to have caused or is causing harm or abridgement of the rights of other persons, including their legitimate use and enjoyment of shared workstation computer facilities or other computers accessible via SUNet.
The following are among the activities particularly proscribed:
Theft of computer services including, but not limited to:
Obtaining services fraudulently (e.g., use of another person's name or University ID; giving one's password to another person; using another person's account regardless of permission).
Using the facilities for any commercial purpose or for any partisan political purpose.
Gaining unauthorized access to computer system privileges.
Theft of data including, but not limited to:
Accessing another person's files without proper and appropriate permission. (Plagiarism, which is the unacknowledged use of another's work, is usually punishable under the provisions of the Honor Code); copying programs or data protected by copyright or by special license (see also Ownership of Data elsewhere in this document).
Using the facilities to harass another person, i.e., to take any intentional action to deny or degrade another person's legitimate access to the shared workstations or to other computers accessible via the network. Harassment includes, but is not limited to, the following examples:
The creation or running of a "computer virus" program or any program that can disrupt normal system functioning, disclose system data, destroy system data, obtain undue system resources, and/or multiply without internal restraint.
Using the facilities as the base from which to "attack" the security of any computer.
Using the facilities to start or perpetuate electronic mail chain letters.
Forgery of electronic mail.
Any action taken by a student which results in an unfair academic advantage may constitute a violation of the Honor Code.
Our actions in response to an allegation of offensive behavior against an individual user of the systems depend upon many factors, including the source of the allegation and the nature of the alleged behavior.
In situations where an instructor alleges plagiarism or unpermitted collaboration, the investigators will, in cooperation with the Computer Security Officer, gather any information relevant to the specific allegation, discuss that information and its interpretation with the instructor, and, upon the request of the instructor, provide that information to the appropriate University Officer.
In situations characterized as minor infractions of our rules, the investigators will, in cooperation with the Computer Security Officer, communicate with the responsible person, informing that individual of the nature of the purported violation. The individual will have the opportunity to discuss these matters with staff. At our discretion, the investigators will consult with the Computer Security Officer, Judicial Affairs, or the cognizant Staff Affairs Officer. In circumstances where facts are inconclusive, staff may propose that an individual's computer activities be monitored. In such a situation, permission will first be obtained in writing from the CIO or designated representative of ITSS.
Situations in which a person's behavior creates a disruption of service to our clients may be met by suspending access and services to that person. Access and services might be restored following a discussion, as described above.
When requested to do so by a law enforcement agency of appropriate jurisdiction, or when there is reason to believe that illegal activities or significant infractions of our rules have occurred or are continuing to occur, staff may monitor a suspected individual's computer files and activities. In situations where staff propose to initiate such monitoring, permission in writing will first be obtained from the CIO or designated representative of ITSS. When necessary, staff may invoke the assistance of a law enforcement agency.
Information gathered through monitoring an individual's computer activities or files may be examined by computer service managers at Stanford. The purpose of such examination is to provide the investigating authorities with relevant and adequate information to guide their actions. Staff will use that information for no other purpose. Such information is forwarded to Judicial Affairs in the case of students, to the cognizant Staff Affairs Officer in the case of staff, or to a law enforcement agency. Only such authorities may initiate any disciplinary or legal action. Data will be kept as long as required by the investigating or adjudicating authority.
To protect the privacy of uninvolved second or third parties, files containing "electronic mail" messages will be examined only under conditions where there are extremely clear indications that such messages contain information pertinent to the investigation.
Additional Information
Additional information about computing at Stanford, the policies, and interpretations of the policies can be found on the Computing and Network Usage Policy.
