Electronic Communications Policy - Principles and Procedures.docDocument Transcript
UNIVERSITY OF WALES INSTITUTE, CARDIFF
ELECTRONIC COMMUNICATIONS - PRINCIPLES AND PROCEDURES
1.1 Communication plays an essential role in the conduct of business. UWIC values the ability of staff to
communicate with colleagues, students and business contacts and invests substantially in information
and communication technology systems enabling efficient working. It is expected that such
equipment is used responsibly.
1.2 How communication is conducted not only reflects on the individual but on UWIC as an organisation.
Therefore, although we will respect personal autonomy and privacy, the policy and these principles
and procedures indicate what is expected of staff and what can be expected of UWIC in relation to the
use of e-mail, the Internet and other means of electronic communication such as fax, fixed line or
1.3 Staff are expected to use the information technology and communications facilities sensibly,
professionally, lawfully, consistently with their duties, with respect for colleagues and in accordance
with the policy and UWIC’s rules and procedures.
1.4 These principles and procedures apply to all UWIC employees whatever their position in the
organisation and to both temporary and permanent staff. Any use of UWIC’s electronic
communications systems in contravention of the policy may lead to disciplinary action being taken
under UWIC’s disciplinary procedures.
1.5 It is important that this policy is read carefully. Once the document has been read and understood the
Declaration of Acceptance must be signed and returned to the Personnel.
1.6 Care must be taken when using e-mail as a means of communication as all expressions of fact,
intention and opinion via e-mail may bind the individual and/or UWIC and can be produced in court
in the same way as oral or written statements.
1.7 All staff are trusted to use the Internet sensibly. Note that when visiting an Internet site the unique
address for the computer used (your IP address) can be logged by the site so UWIC can be identified.
Therefore any activity you engage in may affect UWIC.
1.8 The advantage of the Internet and e-mail is that it is an extremely easy and informal way of accessing
and disseminating information. However, the same principles apply to information exchanged in this
way as apply under the terms of employment to any other means of communication. For example,
sending defamatory, sexist or racist jokes or other material are grounds for an action for defamation,
harassment or incitement to racial hatred in the same way as making defamatory, sexist or racist
comments to a colleague. Therefore, do not use the Internet and e-mail for purposes that would be
subject to disciplinary or legal action in any other context.
1.9 Due care should be exercised when collecting, processing or disclosing any personal data. Such data
should only be processed on behalf of UWIC where it is a necessary part of the duties of the post
1.10 Although e-mail and Internet access is intended to be used for institutional purposes, it is appreciated
that there may be occasions when the system and/or the facilities need to be used for personal
purposes. Staff are expected to use them responsibly and to abide by the guidelines for the use of
1.11 Telephones and Fax Machines are intended to be used for business purposes
1.12 Generally, intellectual property rights protect all aspects of communication. These rights are infringed
by any form of copying. Downloading, copying, possessing and distributing material from the
Internet may be an infringement of Copyright or other Intellectual Property Rights.
1.13 If there is any doubt concerning the use of facilities, permission should be sought from the appropriate
1.14 Network level monitoring will be carried out on an ongoing basis to ensure the correct operation and
security of the systems and services and in order to provide any billing data required. This monitoring
will not generally include accessing individual business and personal communications, however
UWIC retains the right to examine the content of email and monitor use of Internet without any
further notice. Any such monitoring would only be carried out if evidence existed that a particular
usage policy was being abused or law broken and would require written authorisation from a member
of the Vice Chancellor and Principal’s Management Board or their nominated authority.
1.15 Any monitoring performed will be done so in line with appropriate legislation and records generated
from this will only be used for the purposes originally identified and will only be distributed to those
requiring access for the uses intended.
Use of UWIC’s Information & Communication Technology Facilities:
1.15.1 When accessing remote facilities through network links or any other method these procedures remain
applicable. In addition, users should be aware that they are subject to any regulations applicable at the
remote site. Users must also observe the Acceptable Use Policy (AUP) of the Joint Academic
1.15.2 Networked services administered by UWIC must not be used for unauthorised access to, or activity
on, remote facilities.
1.15.3 To enforce compliance with the JANET Acceptable Use Policy, and regulate the extent and
management of the network, no equipment may be connected in any way into any network or other IT
facility of UWIC without the prior agreement of the Head of Information Systems (or nominee). For
this purpose, and to protect the security of its network, UWIC will record all successful and failed
attempts to login to its network.
1.15.4 Unless prior consent from a user, or authorisation from the Head of Information Systems has been
obtained, staff are expressly prohibited from:
a) introducing packet-sniffing software (i.e. software which is used to intercept data on a
network) or password detecting software;
b) seeking to gain access to restricted areas of the network;
c) knowingly seeking to access data which is known or ought to have been known to be
d) introducing any form of computer viruses; and
e) carrying out any other hacking activities.
UWIC – Electronic Communications - Principles and Procedures 2
1.15.5 For information, the following activities are criminal offences under the Computer Misuse Act 1990:
a) Unauthorised access to computer material: this makes illegal the activity of “hacking”; whether
by a “remote” hacker, working from a distance, who attempts to gain unauthorised access to
any program or data held in any computer; or by persons such as employees or students who
may have limited authorisation to use the computer but knowingly exceed that authority. The
"hacking" need not be directed at a particular computer, program or data. For example, it is
unlawful, without proper authority; to use another person's ID and password in order to access
a computer or use data or a program; to alter, delete, copy or move a program or data, or
simply to output a program or data; to lay a trap to obtain a password.
b) Unauthorised access to a computer system with intent to commit or facilitate the committing of
a further offence: this covers the situation where an unauthorised access offence (as in the
paragraph above) is committed with intent to commit a further offence. It covers a range of
situations, eg where a person gains unauthorised access to computer material in order to
commit theft by re-directing funds to his/her own bank account.
c) Unauthorised modification of computer material: this offence includes the deliberate erasure or
corruption of programs or data, including introduction of viruses and worms, modifying or
destroying another user's file or system files, etc.
1.15.6 UWIC has means of checking upon individual access to prohibited material and will exercise these
powers as a reasonable service provider for those purposes. Following an appropriate investigation,
where an unacceptable use is established, disciplinary action will follow.
1.15.7 Where access to materials that would normally be prohibited is deemed necessary for scholarship or
research, permission from your Head of School/Unit should be obtained in advance. This procedure
extends to material that might be deemed to be racist or sexist in its application.
1.15.8 In considering what constitutes acceptable use of its IT facilities and equipment UWIC has
a) Users should be responsible for ensuring that they are sufficiently familiar with the operation
of any equipment they use to make their use of it safe and effective and to avoid interference
with the use of it by others.
b) Users must take every precaution to avoid damage to equipment caused by smoking, eating or
drinking in its vicinity.
c) No equipment or other IT facility may be moved without the prior agreement of the designated
authority. A permanent or long-term move of equipment should be recorded in the
departmental, or central inventory (held by ISD), and with Estates to enable portable appliance
testing records to be updated.
d) No equipment or facility may be taken off site without written permission in the appropriate
form from the user’s line manager. Such equipment must be returned by the due agreed date.
It is the user’s responsibility to ensure that equipment and facilities are used for the benefit of
UWIC; otherwise the terms of insurance cover will be void.
e) Users may be charged for the cost, as determined by the line manager or Head of Information
Systems, of remedying any loss or damage they cause.
UWIC – Electronic Communications - Principles and Procedures 3
Use of Electronic Mail
1.15.9 In conducting business, it should be expressly agreed with the recipient that the use of e-mail is an
acceptable form of communication bearing in mind that if the material is confidential, privileged,
price sensitive or commercially sensitive un-encrypted e-mail is not secure.
1.15.10 Some intended recipients might have rigorous e-mail gateway protocols (or firewalls) that can
automatically screen all incoming e-mail for content and source. If this is the case, consider whether
this means of communication is appropriate.
1.15.11 Prior to encrypting a message, consult the appropriate line manager to obtain confirmation that
encryption is suitable in that particular case. Further details on the encryption of e-mail messages can
be obtained from the E-mail Code of Practice.
1.15.12 Activate the recipient read receipt mechanism when it is important that you record a message has been
1.15.13 The term "unacceptable use" is used here, as with other institutions and organizations providing e-
mail facilities, to refer to any use that could lead to disciplinary action.
a) Unauthorised Access - E-mail facilities are provided to registered staff and students for their
own use, and departmental e-mail addresses are provided for use by nominated staff. The
following constitute unauthorised forms of access to these facilities and would be subject to
disciplinary action. The first three of these also render the user liable to prosecution under the
Computer Misuse Act 1990.
i) permitting anyone else to send e-mail using the username or e-mail address you have
ii) sending e-mail using another user's username or e-mail address;
iii) sending e-mail from a departmental username you are not authorised to use;
iv) attempting to disguise the e-mail address from which your message is sent or the
identity of the sender.
b) Unauthorised Purposes - The e-mail system is intended to support UWIC's institutional
activities, and in principle, any other use is not permitted. In practice, limited use of e-mail for
personal purposes is regarded as acceptable, while more extensive use of e-mail for the
purposes listed below could lead to disciplinary action:
i) private commercial use of UWIC's e-mail facilities;
ii) use of e-mail which is self-evidently trivial and therefore constitutes a waste of the
iii) sending unsolicited mail to multiple recipients, except where it relates to the academic
or administrative activities of UWIC.
c) Legitimate Use - Students may legitimately use UWIC's e-mail facilities to keep in touch with
their families. If there is a need to use e-mail for commercial purposes or a need to send
substantial amounts of personal e-mail, a personal account should be set up with a commercial
Internet Service Provider.
UWIC – Electronic Communications - Principles and Procedures 4
d) Improper Content - Any e-mail message which lays the sender and/or UWIC open to civil or
criminal proceedings may also result in disciplinary action (UWIC may be jointly liable, as
employer, for any infringements by staff). An e-mail message is, for legal purposes, treated as
a publication, and is therefore subject to all the normal legal restrictions on publication. In
addition, there are some types of content that contravene UWIC’s Regulations and Policies. It
is a disciplinary offence to send an e-mail message that is:
vi) constitutes racial or sexual harassment;
vii) might cause unnecessary distress to the recipient.
viii) include copyright material in an e-mail message without the permission of the copyright
Since an e-mail message itself is protected by copyright, forwarding a message without permission
could be construed as a breach of copyright. Of course, permission need not be sought where a
message obviously contains information intended for forwarding or for wider dissemination.
Head of ISD
UWIC – Electronic Communications - Principles and Procedures 5