Fife and Tayside Metropolitan Area Network FaTMAN - Acceptable Use Policy

Acceptable Use Policy
Version: 2.0
Date: April 2009

Acknowledgements:

Parts of this document are based on the JANET Acceptable Use Policy version 10.0 copyright © The JNT Association.

This document Copyright © The FaTMAN Consortium, 2009.

Background and Definitions

1. "FaTMAN" is the name given to the collection of networking services and facilities provided by the FaTMAN consortium . A principal function of FaTMAN is to provide access to and from the JANET network which is provided by the Scottish Further and Higher Education Funding Council (SFC) and its partner bodies in the Joint Information Systems Committee (JISC). The JANET network is managed by JANET(UK).

2. FaTMAN is a JANET Delivery Partner and provides JANET services in the Fife and Tayside region under contract to JANET(UK). All JANET services are provided under the JANET terms. ("JANET terms" and other references to JANET are more fully explained the the JANET Acceptable Use Policy and other documents on the JANET web site.) Any additional services provided by FaTMAN must be used in ways defined within this Acceptable Use Policy.

3. Any dispute over the interpretation of this Policy will be resolved by the FaTMAN Management Group.

4. FaTMAN is the Fife and Tayside Metropolitan Area Network. The members of the FaTMAN Consortium set up the FaTMAN Management Committee to be responsible for the operation of the FaTMAN network. This includes the day-to-day management of this Policy.

5. The FaTMAN Acceptable Use Policy applies in the first instance to any organisation authorised to use FaTMAN (a "User Organisation"). It applies also to use of JANET by the User Organisation’s own members and all those to whom it otherwise provides with access to FaTMAN (collectively, its "Members").

6. It is therefore recommended that each member organisation establishes its own statement of acceptable use within the context of the services provided to its users, and in a form that is compatible with the conditions expressed in this Policy. Such a statement may refer to, or include, this document. If material from this document is included, this must be done in such a way as to ensure that there is no misrepresentation of the intent of the JANET Acceptable Use Policy or the FaTMAN Acceptable Use Policy. The JANET Service Desk and the FaTMAN Management Committee can advise on this aspect as and where necessary.

7. The primary objective of FaTMAN is to support academic activities such as learning, teaching and research and related administrative activities. FaTMAN is not a public network. Eligibility for connection to JANET and its services is determined by the JANET Connection Policy which is maintained by JANET(UK) on behalf of the JISC. Eligibility for connection to FaTMAN is determined by the FaTMAN Management Committee.

Acceptable Use

8. A User Organisation and its members may use FaTMAN for the purpose of communicating with other User Organisations and their members, and with organisations, individuals and services attached to networks which are reachable via FaTMAN and/or JANET. All use of JANET is subject to the JANET terms which include the JANET Acceptable Use Policy.

9. Subject to clauses 11 to 19 below, FaTMAN may be used by a User Organisation and its Members for any lawful activity that is in furtherance of the aims and policies of that organisation. (Note 1)

10. It is the responsibility of the User Organisation to ensure that its Members use JANET services in accordance with this JANET Acceptable Use Policy, and with current legislation. (Note 2)

Unacceptable Use

11. FaTMAN may not be used by a User Organisation or its Members for any of the activities described below. (Note 3)

12. Creation or transmission, or causing the transmission, of any offensive, obscene or indecent images, data or other material, or any data capable of being resolved into obscene or indecent images or material. (Note 4)

13. Creation or transmission of material with the intent to cause annoyance, inconvenience or needless anxiety.

14. Creation or transmission of material with the intent to defraud.

15. Creation or transmission of defamatory material.

16. Creation or transmission of material such that this infringes the copyright of another person.

17. Creation or transmission of unsolicited bulk or marketing material to users of networked facilities or services, save where that material is embedded within, or is otherwise part of, a service to which the user or their User Organisation has chosen to subscribe.

18. Deliberate unauthorised access to networked facilities or services. (Note 5) (Note 6)

19. Deliberate activities having, with reasonable likelihood, any of the following characteristics:

• wasting staff effort or networked resources, including time on end systems accessible and the effort of staff involved in the support of those systems;
• corrupting or destroying other users' data;
• violating the privacy of other users;
• disrupting the work of other users;
• denying service to other users (for example, by deliberate or reckless overloading of access links or of switching equipment);
• continuing to use an item of networking software or hardware after FaTMAN or JANET(UK) has requested that use cease because it is causing disruption to the correct functioning of FaTMAN and/or JANET;
• other misuse of FaTMAN or networked resources, such as the introduction of "viruses" or other harmful software via FaTMAN and/or JANET.

Access to Other Networks via FaTMAN

20. Where FaTMAN is being used to access another network, any abuse of the acceptable use policy of that network will be regarded as unacceptable use of FaTMAN. Any deliberate activity as described in clause 19 above, and where applied to a user of that network, will also be regarded as unacceptable use of FaTMAN.

21. Any breach of industry good practice (as represented by the standards of the London Internet Exchange) that is likely to damage the reputation of the FaTMAN network will also be regarded prima facie as unacceptable use of FaTMAN.

12. Monitoring of traffic while in transition over the FaTMAN network is not allowed except by authority of the FaTMAN Management Group.

Passing on and Resale of FaTMAN Service

22. A User Organisation may extend FaTMAN access to other individuals on a limited basis where this is done in pursuance of the User Organisation’s remit and for which it receives public funds, provided no charge is made for such access. (Note 7)

23. It is expected that such use will be regulated by the User Organisation in the same manner as it would regulate occasional use by third parties of its other facilities, such as its telephone and IT support systems. Any individual using FaTMAN in this manner must therefore be subject to the same requirement to use FaTMAN in an acceptable manner as is required by the User Organisation of its Members.

24. Otherwise, a User Organisation is not permitted to provide access to FaTMAN to third parties without the prior agreement of the FaTMAN Management Committee. (Note 8)

25. Where a User Organisation is entitled to make use of licensing by JANET(UK) (such as Sponsored and Proxy Licences), any organisations or individuals who are properly licenced shall be entitled to make use of FaTMAN to access JANET services.

Compliance

26. It is the responsibility of the User Organisation to take reasonable steps to ensure its Members’ compliance with the conditions set out in this Policy document, and to ensure that unacceptable use of FaTMAN and/or JANET is dealt with promptly and effectively should it occur. The discharge of this responsibility includes informing all Members.

27. Where necessary, service may be withdrawn from the User Organisation. Where violation of these conditions is unlawful, or results in loss or damage to members of the FaTMAN consortium or FaTMAN resources or the resources of third parties accessible via FaTMAN, the matter may be referred for legal action.

28. The FaTMAN Management Committee reserves the right to monitor traffic passing over FaTMAN. Such authorisation will be given only where there is good reason; this might include operational problems or where there is reason to believe that the FaTMAN Acceptable Use Policy, the Acceptable Use Policies of other networks or relevant statutes or other requirements have been broken.

Explanatory Notes

Note 1: Use by the User Organisation and its members may be in pursuance of activities for commercial gain as well as for not-for-profit activities, provided such activities remain in accordance with the aims and policies of that organisation.

Note 2: It is preferable for misuse to be prevented by a combination of responsible attitudes to the use of FaTMAN and JANET resources on the part of its users and appropriate disciplinary measures taken by the Organisations.

Note 3: The list of unacceptable activities in this section is not necessarily exhaustive. In accordance with clause 9, the use of FaTMAN for any activity which may reasonably be regarded as unlawful is not permitted. The purpose of this section is to bring as clearly as possible to the reader’s attention those activities most commonly associated with the abuse of a network.

Note 4: It may be permissible for such material to be received, created or transmitted where this is for properly supervised and lawful purposes. This may include, for example, approved teaching or research, or the reception or transmission of such material by authorised personnel in the course of an investigation into a suspected or alleged abuse of the institution’s facilities. The discretion to approve such use, and the responsibility for any such approval, rests with the User Organisation.

Note 5: Implicit authorisation may only be presumed where a host and port have been advertised as providing a service (for example by a DNS MX record) and will be considered to have been withdrawn if a complaint from the provider of the service or resource is received either by the User Organisation, by the FaTMAN Management Committee (or its operating agent) or by JANET(UK). For all other services and ports, access will be presumed to be unauthorised unless explicit authority can be demonstrated.

Note 6: Where a User Organisation wishes to commission or itself perform a test for vulnerabilities in its IT systems (for example, via "penetration testing") this, as an action authorised by that Organisation, will not be a breach of clause 18. However, that Organisation should inform the JANET CSIRT, in advance of the test, of the source, nature and timing of the test. This is to avoid wasting the time and resources of the JANET CSIRT in investigating the perceived attack on the Organisation, or automatically blocking it.

Note 7: It is intended that this provision be used, for example, to permit a guest of the User Organisation to gain access to FaTMAN and JANET for the purpose of maintaining contact with his or her home organisation, or of carrying out his or her teaching or research activities whilst using the User Organisation’s facilities. It is expected that such use will be occasional and reasonably time-limited.

Note 8: A third party, where an individual, means someone who is not acting as a Member of the User Organisation. Where it applies to a separate organisation, this is defined to be any organisation that is in law a separate entity to the User Organisation.

Contact Details and URLs

FaTMAN Home Page