Guidelines for Internet use

Guidelines for Internet Use
November 21, 2003

Preamble

Private Universität Witten/Herdecke gGmbH (herein called the university) owns and operates an information technology infrastructure (herein called IT infrastructure) consisting of data processing installations (computers), communication systems (networks) and other data processing equipment and installations. Connection to the worldwide Internet is currently provided by the research network of the DFN-Verein.

These guidelines for Internet use define terms and conditions governing the use of these services.

The guidelines

a) adhere to the university’s statutory purposes,
b) contain basic rules for a regular IT infrastructure,
c) state the rights of third parties (for example copyright, provider injunctions, data security),
d) oblige users to proper conduct, economical use of available resources and adherence to user regulations as stated by the respective Internet providers (currently DFN-Verein),
e) define sanctions to be taken by the university in case of violation of these guidelines.

1. Scope of application

These guidelines apply to all university institutions and cover their IT infrastructure including computers, communication networks and other data processing installations and equipment.

2. Users and functions

a) The IT infrastructure mentioned in section 1 is available to members (students and employees) of the university for the purpose of fulfilling their functions in research, teaching, administration, education and further education, public relations and representation and for other tasks as defined in the NRW Higher Education Act and internal university regulations.

b) Other persons and institutions can be authorized to use the IT infrastructure.

3. Formal authorization of use

a) Persons intending to use the IT infrastructure according to section 1 require a formal user authorization issued by the university.

b) The university is the system owner.

c) Applicants must recognize these guidelines.

d) Application forms are available at the IT department (BIT - Bereich für Informationstechnologie) where applications for user authorization will be decided. Authorization can be made conditional on an applicant’s level of knowledge of the IT infrastructure. Data will be deleted six months after expiry of authorization.

4. Users’ obligations

a) Unless authorized by the IT department, users are forbidden in particular
• to interfere with the hardware installation and install hardware of their own,
• to alter the configuration of the operation systems or the network,
• to install software.
Users are obliged in particular to adhere to and observe information provided by the IT department.

b) Users must ensure that they employ available resources (computer workstations, CPU capacity, storage capacity, network capacity, peripheral equipment and office material) responsibly and economically. Users must refrain from foreseeable impairment of operations and avoid to the best of their knowledge anything that might cause damage to the IT infrastructure or other users.

c) Users must refrain from any type of misuse of the IT infrastructure. In this context they are obliged in particular
• to use authorized user identifications only,
• not to pass on user identifications nor passwords,
• to protect access to the IT resources via confidential passwords or equivalent procedures,
• to ensure that unauthorized third parties have no access to the IT resources; specifically: to avoid oversimple or easy-to-guess passwords, to change passwords frequently, and to remember to log out.

d) In addition, users have a specific obligation
• to adhere to the respective Internet provider’s (currently DFN-Verein) user regulations exclusively – copy available at the IT department,
• to observe statutory regulations (authorship, copyright) when using software, documentation and other data,
• not to copy nor pass on software, documentation or data – unless explicitly permitted – nor to use them for other than authorized purposes, especially not for commercial purposes.

e) The IT infrastructure may only be used in accordance with legal regulations. The following activities in particular are unlawful under the penal code:
• spying out other individuals’ passwords or data (§ 202 a StGB/penal code),
• unauthorized modification, deletion, suppression or destruction of data (§ 303 a StGB),
• acts of computer sabotage (§ 303 b StGB) or computer fraud (§ 263 a StGB),
• circulation of propaganda by illegal organizations (§ 86 StGB) or racist conceptions (§ 131 StGB),
• circulation of certain forms of pornography in the Internet (§ 184 section 3 StGB),
• downloading or possession of material containing child pornography (§ 184 section 5 StGB),
• libel or slander (§§ 185 ff StGB).

f) Users must pre-arrange with the university’s data security officer any projects that involve processing personal data. This does not affect obligations resulting from legal regulations on data security.

g) Users are not permitted to take note of, alter, or handle messages addressed to other users.

h) Contraventions may lead to claims for damages.

i) Users bear full responsibility for all activities performed with their user identity, also by third parties whose access has been facilitated through negligence.

5. Liability

a) The university does not guarantee that a user’s specific requirements will be met by the IT infrastructure. The university cannot assume any liability for intactness, completeness, and confidentiality of data stored in the university IT infrastructure.

b) The university does not assume liability for damage of any kind caused to users by the use of the IT resources according to section 1, with the exception of deliberate actions on the part of the university or authorized personnel.

6. Consequences of unauthorized or illegal use

a) In case of violations of legal regulations or these guidelines, specifically section 4 (users’ obligations), the university reserves the right to cancel a user’s authorization in part or totally. It is immaterial whether the violation caused damage or not.

b) In cases of serious or repeated violation a user can be permanently denied use of all IT resources defined in section 1.

7. Additional regulations

a) Fees for the use of IT resources may be stipulated in additional regulations.

b) Additional or different user regulations may be defined for certain systems where necessary.

c) Complaints by users will be decided by a committee convened for this purpose.

The German version of these Guidelines for Internet Use is legally binding.