Acceptable Use Policy

This Acceptable Use Policy has been created in support of Jiscom’s Member Communities and Service Users.  Please note that this policy is closely aligned to the “Acceptable Use Policy” of Jisc, the parent company Jiscom. 

Overview:

The Janet Network is an extremely reliable, secure, world class, high-speed, high bandwidth network that serves over 18 million users across the UK enabling national and international communication and collaboration. 

Jiscom’s aim is to further utilise the Janet Network by engaging with and enabling a greater number of organisations to use its various technically advanced products and services.

Issued: 5th May 2016

Reference: AUP-001

Author: Jisc Group Legal

Next Review Date: 31st May 2017

Background:

1.   This Acceptable Use Policy applies to any organisation authorised by Jiscom to use Janet Network (each a “User Organisation”) andto allthosetowhomthe User Organisationotherwiseprovideswithaccesstothe Janet Network (the “Users”).  Note that Jiscom’s parent company Jisc additionally enables access to the Janet Network by its members and other organisations – such access is subject to Jisc’s own acceptable use policy as can be accessed here https://community.jisc.ac.uk/library/acceptable-use-policy

2.   The Acceptable Use Policy defines acceptable and unacceptable use of the Janet Network and its products and services.

Acceptable Use:

3. User Organisations and Users may use the Janet Network for the purpose of communicating with other user organisations and their users,  and with organisations,  individuals and services attached to networks which are reachable via the Janet Network.

4.   Subject to clause 6 below, the Janet Network may be used by a User Organisation and its Users for any lawful activity.    [Use by the User Organisation and its Users may be in pursuance of activities for commercial gain as well as for not for profit activities.  (See Note 1.)]

5.   It is the responsibility of User Organisation to ensure that the Janet Network, together with its products and services, are used by the User Organisation and its Users in accordance with this Acceptable Use Policy, all applicable Jiscom policies and in accordance with current legislation.  (See Note 2.)

Unacceptable Use

6.   The Janet Network may NOT be used by User Organisations or Users for any activity that may reasonably be regarded as unlawful or potentially so.  This includes, but is not limited to, any activities as listed below, or any activities which are unlawful under prevailing legislation. (See Note 3.). Unacceptable use includes:

6.1 Creation or transmission, or causing the transmission, of any offensive, obscene or indecent images,  data or other material,  or any data capable of being resolved into obscene or indecent images or material. 

6.2 Creation or transmission of material with the intent to cause annoyance,  inconvenience or needless anxiety.

6.3 Creation or transmission of material with the intent to defraud.

6.4 Creation or transmission of defamatory material.

6.5 Creation or transmission of material such that this infringes the copyright of another person.

6.6 Creationortransmissionofunsolicitedbulkormarketingmaterialtousersofnetworked facilities or services, save where that material is embedded within, or is otherwise part of, a Janet Network service to which the User or their User Organisation has chosen to subscribe.

6.7  Deliberate unauthorised access to networked facilities, products or services. 

(See Note 4 and Note 5.)

6.8  Deliberate or reckless activities having,  with reasonable likelihood,  any of the following characteristics:

6.8.1 Wasting staff effort or Jisc and/or Jiscom resources, including time on end systems of other users of the Janet Network, and the effort of staff involved in the support of those systems;

6.8.2 corrupting or destroying other users’ data;

6.8.3 violating the privacy of other users;

6.8.4 disrupting the work of other users;

6.8.5 denying service to other users (for example, by overloading of access links or switching equipment, of Janet Network services, or of services or end systems on another Janet Network user organisation’s network);

6.8.6 continuing to use an item of software or hardware after the JANET Network Operations Centre or its authorised representative has requested that use cease because it is causing disruption to the correct functioning of the Janet Network;

6.8.7 the introduction of viruses or other harmful software via the Janet Network to resources on Janet Network, or on another Janet Network user organisation’s network.

Access to Other Networks via the Janet Network

7. Where the Janet Network is being used to access another network, any deliberate or persistent breach of the acceptable use policy of that network will be regarded as unacceptable use of the Janet Network and a breach of this Acceptable Use Policy.  Any activity as described in clause 6 above, and where applied either to a user of that network, or to an end system attached to it, will also be regarded as unacceptable use of the Janet Network and a breach of this Acceptable Use Policy.

8.   Any deliberate or persistent breach of industry good practice (as represented by the current standards of the London Internet Exchange) that is likely to damage the reputation of the Janet Network, Jisc or Jiscom will also be regarded prima facie as unacceptable use of the Janet Network and a breach of this Acceptable Use Policy.

Compliance

9. It is the responsibility of the User Organisation to take reasonable steps to ensure its Users’ compliance with the conditions set out in this Acceptable Use Policy,  and to ensure that unacceptable use of the Janet Network is dealt with promptly and effectively should it occur.  The discharge of this responsibility includes informing all Users with access to the Janet Network of their obligations in this respect. (See Note 6.)

10. Where necessary, Janet Network services, including access to the Janet Network itself, may be withdrawn from the User Organisation.  Where violation of these conditions is unlawful, or results in loss or damage to Jisc, Jiscom, the Janet Network (or its services and resources) or the services or resources of third parties accessible via the Janet Network, the matter may be referred for legal action.

Explanatory Notes

Note 1:

The Acceptable Use Policy does not make any particular statement as to the acceptability of using JANET for activities resulting in commercial gain to the User Organisation, other than this is acceptable where lawful.  However, it should be noted that there are legal constraints applying to a publicly funded User Organisation in such activities.  Where the User Organisation is operating as an economic undertaking the issue of State Aid will need to be considered.  There is also an issue of the status of both JANET and the User Organisation’s network as private networks.  Both are addressed in the JANET Eligibility Policy and more particularly in the JANET factsheets referenced therein.]

Note 2:

It is preferable for misuse to be prevented by a combination of responsible attitudes to the use of Janet Network resources on the part of its Users and appropriate disciplinary measures taken by their User Organisations.

Note 3:

The list of unacceptable activities in this section is not exhaustive.  The purpose is to bring as clearly as possible to the reader’s attention those activities most commonly associated with the abuse and potentially unlawful use of a network.

Note 4:

Implicit authorisation may only be presumed where a host and port have been advertised as  providing a service (for example by a DNSMX record)  and will be considered to have been withdrawn if a complaint from the provider of the service or resource is received either by the User Organisation or by Jisc or Jiscom. For all other services and ports,  access will be presumed to be unauthorised unless explicit authority can be demonstrated.

Note 5:

Where a User Organisation wishes to commission or itself perform a test for vulnerabilities in its IT systems (for example, via penetration testing) this, as an action authorised by the User Organisation, will not be a breach of clause 6.7.  However, the User Organisation should inform the Janet (Computer Security and Incident Response Team) CSIRT, in advance of the test, of the source, nature and timing of the test.  This is to avoid wasting the time and resources of the CSIRT in investigating the perceived attack on the User Organisation, or automatically blocking it.

Note 6:

In order to discharge this responsibility, it is recommended that each User Organisation establishes its own statement of acceptable use within the context of the services provided to its Users. This should be cast in a form that is compatible with the provisions of this Acceptable Use Policy. Such a statement may refer to, or include material from this document. If material is included,  this must be done in such a way as to ensure that there is no misrepresentation of the intent of the Jiscom Acceptable Use Policy. The Janet Service Desk can advise on this aspect if required.