Acceptable Use of Information Systems at Virginia Tech
Access to computer systems and networks owned or operated by Virginia Tech imposes certain responsibilities and obligations and is granted subject to university policies, and local, state, and federal laws. This standard applies to the use of any computing or communications device, regardless of ownership, while connected to the University network, and to the use of any information technology services provided by or through the University. Every individual using these systems and services is expected to know and follow this standard. The referring policy is Policy 7000: Acceptable Use and Administration of Computer and Communication Systems.
Acceptable use is always ethical, reflects academic honesty, and shows restraint in the consumption of shared resources. It demonstrates respect for intellectual property, ownership of data, system security mechanisms, and individuals' rights to privacy and to freedom from intimidation and harassment.
Standard
In making acceptable use of resources you must:
- use resources only for authorized purposes.
- protect your user name and system from unauthorized use. You are responsible for all activities on your user name or that originate from your system.
- access only information that is your own, that is publicly available, or to which you have been given authorized access.
- use only legal versions of copyrighted software in compliance with vendor license requirements.
- be considerate in your use of shared resources. Refrain from monopolizing systems, overloading networks with excessive data, degrading services, or wasting computer time, connect time, disk space, printer paper, manuals, or other resources.
In making acceptable use of resources you must NOT:
- use another person's system, user name or credentials, password, files, or data without permission.
- use computer programs to decode passwords or access control information.
- attempt to circumvent or subvert system or network security measures.
- engage in any activity that might be purposefully harmful to systems or to any information stored thereon, such as creating or propagating viruses, disrupting services, or damaging files or making unauthorized modifications to university data.
- use university systems for commercial purposes, such as using electronic mail to circulate advertising for products.
- if you are an employee, use university systems for commercial or partisan political purposes, such as using electronic mail to circulate advertising for products or for political candidates.
- make or use illegal copies of copyrighted materials or software, store such copies on university systems, or transmit them over university networks.
- use mail or messaging services to broadcast unsolicited messages, by repeatedly sending unwanted mail, or by using someone else's name or credentials.
- waste computing resources or network resources, for example, by intentionally placing a program in an endless loop, printing excessive amounts of paper, or by sending chain letters or unsolicited mass mailings.
- use the university's systems or networks for personal gain; for example, by selling access to your user name or to university systems or networks, or by performing work for profit with university resources in a manner not authorized by the university.
- engage in any other activity that does not comply with the general principles presented above.
Relevant Regulations
The following state law is relevant to access or use any apps or websites developed by ByteDance or Tencent for any official university purposes or on university-issued devices or while connected to university-maintained networks including Eduroam at a Virginia Tech location. See the Virginia Tech IT Applications Restrictions website for details.
State law prohibits certain applications and websites (pdf). Effective July 1, 2023, the law prohibits any employee or agent of any public body or person or entity contracting with any such public body from downloading or using any application, including TikTok or WeChat, or accessing any website developed by ByteDance Ltd. or Tencent Holdings Ltd. (i) on any government-issued device or government-owned or government-leased equipment, including mobile phones, desktop computers, laptop computers, tablets, or other devices capable of connecting to the Internet, or (ii) while connected to any wired or wireless Internet network owned, operated, or maintained by the commonwealth.
The following two federal regulations are of particular note with regard to acceptable use of email service and of fax machines.
Sending bulk email: Any department or individual utilizing University resources to send email advertising or promoting a commercial product or service must conform to the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (otherwise known as CAN-SPAM (http://www.ftc.gov/business-guidance/resources/can-spam-act-compliance-guide-business). Note that all mailings of this sort must also conform to all other existing University policies (e.g., the use of University resources for personal gain is prohibited). See the “Bulk Email at VT” article in the Knowledge Base (http://4help.ctdj.net/sp?id=kb_article&sys_id=a0719dfddb1a9014e727ea084b961952) for full requirements and details.
Fax machines: Any department or individual utilizing fax machines to send information to others must comply with the Junk Fax Act of 2005 (http://www.congress.gov/bill/109th-congress/senate-bill/714) which, in part, stipulates that:
1. The sender has an established business relationship with the person.
2. The sender obtained the fax number through voluntary communication from the recipient or from an Internet directory or site to which the recipient voluntarily made the fax number available for public distribution.
3. The advertisement contains a conspicuous notice on its first page that the recipient may request not to be sent any further unsolicited advertisements, and includes a domestic telephone and fax number (neither of which can be a pay-per-call number) for sending such requests.
Reporting Suspected Violations
Suspected violations of this standard and policy 7000 may be reported by sending an email to itso@ctdj.net which will automatically generate a ticket for follow up on the report. See policy 7000 for further information.
Information Disclaimer
Individuals using computer systems owned by Virginia Tech do so subject to applicable laws and University policies. Virginia Tech disclaims any responsibility and/or warranties for information and materials residing on non-university systems or available over publicly accessible networks. Such materials do not necessarily reflect the attitudes, opinions, or values of the Commonwealth of Virginia, Virginia Tech, its faculty, staff, or students.
Revision date: September 1, 2020 at the request of University Legal Office
Revised December 1, 2021 at the request of University Legal Office, changed verbiage of 7th bullet to remove verbiage related to intimidation and harassment.
Revised June 1, 2023 to include Virginia state law that prohibits use of TikTok and associated applications for university business.