I: Access to Information Technology Facilities
A. Governing Principles
support of its essential mission to enhance educational, economic and cultural
opportunities for the people of West Kentucky, Murray State University offers
information technology resources to its students, faculty and staff. These
resources contribute to the work of all members of the University community.
They advance the scholarly pursuit of knowledge and those administrative
functions necessary for the operation of the University.
of the University's information technology facilities are required to comply
with and be subject to the MSU Information Technology Acceptable Use policy,
university policies, federal and state statutes and applicable vendor policies,
a list of which can be obtained from the office of the Chief Information
Officer. The University reserves the right to amend this document at any time
without prior notice.
information technology users are expected to demonstrate respect for the rights
of other users and to promote equitable use by all, enabling necessary access
access to information technology resources is contingent upon prudent and
B. Authorization and Equity
University information technology resources are provided to
faculty, staff, and students for the purposes of study, research, service and
other academic and university related activities. Access to information
technology resources is granted to an individual by MSU for that individual's
sole use in furthering the University’s mission and purpose. Information
technology resources must be shared among users in an equitable manner. The
user may not participate in any behavior that unreasonably interferes with the
equitable use of information technology resources by another.
C. Acknowledgement of Receipt
Signature on an account application form, acceptance of a user ID,
or online registration denotes that the applicant has read and understands the
guidelines available and also denotes acceptance of this Acceptable Use
D. Priority for Access and
The priority guiding information technology access and resource
allocation is teaching and learning. Service, research and administrative
priorities will be determined as they support teaching and learning.
II: Security of University Information Technology Resources
A. Protection of Information
Technology Resources and Institutional Data
protect the integrity of the University's information technology facilities and
the users thereof against unauthorized or improper use of those facilities, MSU
reserves the right, without notice, to temporarily limit or restrict any
individual's use and to inspect, copy, remove, or otherwise alter any data,
file, or system resource which may undermine the authorized use of any
information technology facility.
B. Investigation and Review
of Policy Infractions
sanctions are imposed by the appropriate university authority and may include,
but are not limited to, limitation or revocation of access rights and/or
reimbursement to the university for all costs incurred in detecting and proving
the violation of these rules, as well as from the violation itself.
must use only those information technology resources which the University has
authorized for their individual use. The unauthorized use of information
technology resources or providing false or misleading information for the
purpose of obtaining access to information technology facilities is prohibited
and may be regarded as a criminal act and will be treated accordingly. Users
may not use university information technology facilities to gain unauthorized
access to other institutions, organizations, or individuals.
to comply with one or more of the specific requirements of this policy may
jeopardize access to or use of Murray State facilities and services and could
result in a review and investigation into the identified violation.
of systems and facilities have the authority to immediately terminate any program
or access that is suspected to be inappropriate or detrimental to operations.
C. Control and Licensing of
users are expected to comply with all intellectual property laws including
may not copy, distribute, display, or disclose third party proprietary software
without prior authorization from the licenser. Proprietary software may not be
installed on systems not properly licensed for its use. The University does not
condone or authorize the copying or possession of illegal software. University
students and employees are prohibited from copying software illegally and
possessing illegal copies of software, whether for course-related, job-related,
or private use. Any violations of this policy is the personal responsibility of
the user. The University assumes no liability for such acts.
user who suspects or has knowledge of copyright or intellectual property law
violations must immediately report this activity to the University Chief
Information Officer. Failure to report such activity will be considered a
violation of the Information Technology Acceptable Use Policy.
D. Individual Privacy
are authorized to access, use, copy, modify, delete or grant others access to
their personal files or data, as specified in this policy. However, users are
not authorized to perform any of these functions on another user's account or a
university system unless specifically authorized by the account holder, job
description, the Chief Information Officer or designee, or the appropriate system
may not monitor another user's data communications.
privacy is not to be violated. However, user privacy is subject to all
university policies. As such, authorized individuals may access and disseminate
private information in performance of their official job duties. Unauthorized
personal use of a user’s private information is prohibited .
to protect the privacy of others by intentionally or unintentionally permitting
access to systems or data is unacceptable. Violations of this requirement
include, but are not limited to:
a. Leaving confidential or
protected information on a screen where it could be viewed by unauthorized
b. Giving a personal password
to someone else
c. Leaving a personal
password where it can easily be found
d. Allowing someone to use a
system signed on under a personal password
e. Knowingly failing to
report a personal password that has been used by another person, with or
f. Leaving a system signed on
and accessible while unattended
unauthorized release of any personal or confidential information may violate
state and federal law and will not be tolerated. Failure to protect
confidential information is unacceptable.
a. Users are responsible for
their information technology accounts; they should maintain secure passwords
and take precautions against unauthorized access to their information
technology resources. Users may be charged with a violation if someone uses
their accounts inappropriately.
security infractions include, but are not limited to:
a. Using information
technology resources for unauthorized remote activities
b. Deliberately causing
system failure, disruption, or compromising system security
c. Intentionally obscuring,
changing, or forging of the date, time, physical source, logical source, or
other label or header information on data or electronic communications
d. Unauthorized interception
of electronically transmitted information without prior written authorization
from the Chief Information Officer or designee
e. Performing an act which
will adversely impact the operation of computers, terminals, peripherals, or
networks. This includes, but is not limited to, tampering with components of a
local area network (LAN) or the high-speed backbone network, otherwise blocking
communication lines, or interfering with the operational readiness of a
III: Copyright and the Use of MSU’s Information Technology Resources
A. General Copyright
nature and purpose of copyright in general.
a. Copyright protections are
intended to promote progress in science and the arts and to stimulate the
production and publication of enlightening and creative matter.
b. Books, periodicals,
musical works, motion pictures, sound recordings, computer programs, and
photographs are examples of materials or works which may be protected by
c. The rights afforded to the
holder of a copyright include the exclusive rights to copy and distribute the
work to which the copyright applies.
d. It is not the purpose of
this policy to discuss copyright principles in detail. Helpful information
regarding Federal Copyright Law is available on-line from the United States
Copyright Office whose address is http://www.copyright.gov/ That site contains relevant materials such as “Copyright Basics”
and “Frequently Asked Questions” as well as links to various publications which
cover a wide array of topics.
a. An act which violates any
right of the holder of a copyright is an infringing act and is illegal.
i. Section II of this Acceptable Use Policy specifically discusses the “Control and Licensing of Software.”
ii. As described below under Section III (C), violation of copyright may carry civil and criminal penalties.
b. Securing the permission of the copyright owner to make use of a work is an effective method for addressing a copyright issue.
on copyright protections.
a. Copyright protections are
not absolute and there are exceptions to the rights afforded by copyright.
b. The “fair use” doctrine is
one such exception.
“fair use” doctrine recognizes instances in which use of a copyrighted work in
connection with certain activities is considered “fair” and not infringing
although such behavior could be infringing in other contexts.
of the “fair use” exception entails a fact intensive inquiry and the
consideration of various factors.
a. It cannot be assumed the “fair use” exception automatically applies to a particular situation or that all rights afforded by copyright give way merely because a use occurs, for example, within the context of the classroom.
b. The United States Copyright Office has stated, “There is no specific number of words, lines, or notes that may safely be taken without permission. Acknowledging the source of the copyrighted material does not substitute for obtaining permission.” “Fair Use,” U. S. Copyright Office Fact Sheet.
United States Copyright Office has prepared the publication “Reproduction of
Copyrighted Works by Educators and Librarians” which is found at http://www.copyright.gov/circs/ and which may be relevant to common situations at MSU.
B. Application of Copyright
Principles to Users of MSU’s Information Technology Resources
principles apply to materials posted to and downloaded from the internet.
compliance by users of MSU’s information technology resources
a. As stated in the
“Frequently Asked Questions” found on the website of the United States
Copyright Office, “Uploading or downloading works protected by copyright
without the authority of the copyright owner is an infringement of the
copyright owner's exclusive rights of reproduction and/or distribution. . . .
[S]ince any original work of authorship fixed in a tangible medium (including a
computer file) is protected by federal copyright law upon creation, in the
absence of clear information to the contrary, most works may be assumed to be
protected by federal copyright law.”
b. Users of MSU’s Information
Technology Resources must be aware that potential copyright issues exist with
respect to materials copied from or posted to the internet.
c. If posting or downloading
information to or from the internet, the MSU website or any webpage, or any
other site is required as part of a regular university function or activity,
those involved are responsible for ensuring copyright is not violated.
a. MSU’s Information
Technology Resources must be used in accordance with copyright law. The
following policy statements do not limit the breadth of the preceding
i. It is
a violation of this Acceptable Use Policy to use MSU’s information technology
resources to place materials protected by copyright on the internet or any
other site in violation of the rights of the holder of the copyright.
It is a
violation of this Acceptable Use Policy to use any information technology
resources to place materials protected by copyright on any MSU webpage or
website in violation of the rights of the holder of the copyright.
a violation of this Acceptable Use Policy to use MSU’s Information Technology
Resources to download or distribute copyrighted materials in violation of the
rights of the holder of the copyright.
(p2p) file sharing often involves works which are protected by copyright. It is
a violation of this Acceptable Use Policy for users of MSU’s Information
Technology Resources to download protected music or movies in violation of the
rights of the holder of the copyright.
of copyrighted material in violation of the rights of the holder of any
copyright interest, including unauthorized p2p file sharing, may lead to civil
and criminal penalties.
of MSU’s Information Technology Resources, like the users of other resources,
are responsible for determining whether their use of the information technology
resources violates copyright and whether materials posted to or copied from the
internet or MSU’s website or any MSU webpage are protected by copyright and for
complying with the copyright applicable to the work.
a. It has been held that the rationale “try before you buy” is not a “fair use” which prevents the unauthorized downloading of music from being infringing.
b. The unauthorized downloading of only a “few” songs is no defense to a claim of copyright infringement.
b. Actions by MSU to foster
copyright compliance by users of its Information Technology Resources
to MSU of materials on its website which violate copyright
accordance with law, MSU will expeditiously remove or disable access to
infringing material if it has actual knowledge that material is infringing or
receives notice from the owner, or the authorized agent of the owner, of the
copyright interest allegedly infringed.
notice from the owner, or authorized agent of the owner, of a copyright
interest referred to in paragraph B.2.b.i.a. must contain the following:
i. A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
ii. Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site.
iii. Identification of the material, or a reference or link to the material or activity, that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit MSU to locate the material or reference or link.
iv. Information reasonably sufficient to permit MSU to contact the complaining party, such as an address, telephone number, and, if available, an electronic mail address at which the complaining party may be contacted.
v. A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
vi. A statement that the information in the notification is accurate, and under penalty of perjury, and that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
has designated its Chief Information Officer as its agent for receipt of
notices of claimed infringement. She may be contacted at 114 Industry and
Technology Building, Murray State University, Murray Ky. 42071. Her telephone
number is 270.809.2154 and her e-mail address is Linda.Miller@Murraystate.edu
program to combat the unauthorized downloading and/or distribution of copyrighted
material by users of MSU’s Information Technology Resources
i. MSU uses technological resources to identify potential p2p traffic. These resources do not unduly interfere with the educational and research use of the MSU network.
ii. MSU accommodates and does not interfere with standard technical measures that are used by copyright owners to identify or protect copyrighted works.
i. MSU will educate the users of its information technology resources of the importance of complying with copyright in connection with the use of its information technology resources.
ii. Students in the Residential Colleges have been warned, and students will continue to be warned, against the unauthorized uploading, downloading, and distribution of copyrighted material including p2p file sharing.
i. The Information Technology
Advisory Committee will periodically review legal alternatives for downloading
or otherwise acquiring copyrighted material.
ii. If such alternatives are identified,
the results will be provided to the campus community.
iii. If deemed practicable by
MSU, alternatives for downloading or otherwise acquiring copyrighted material
may be made available.
C. Penalties for Violation of
MSU policy regarding copyright and Information Technology Resources
under the law for copyright infringement.
a. Users may be sued for
their infringing activities. Acts can be infringing and result in civil
penalties even though there is no intent to violate a copyright. Under certain
circumstances, the infringer may be responsible for the other party's
attorney's fees. Statutory civil damages can be as high as $150,000 for each
work infringed if a violation is committed willfully.
b. Willful copyright
infringement can also be a crime. Even a first time offense can carry a
prison term of from 1 to 5 years plus fines depending upon the facts and
a. Procedures are discussed
above with respect to notifying MSU of the presence of infringing materials on
b. The procedure for handling
complaints against any individual suspected of violating this policy regarding
copyright and the use of MSU’s Information Technology Resources is described in
c. Users of MSU Information
Technology Resources who engage in activity contrary to this copyright policy,
including unauthorized p2p file sharing, will be disciplined.
d. Complaints against
students should be referred to the Vice President for Student Affairs.
i. Such referral may result in proceedings before the University Judicial Board.
ii. Sanctions which may be imposed against any student violating this policy include, depending upon the circumstances, referral to alternative services, warning, loss of privileges, probation, restitution, a program of self-improvement and education, recommendation of suspension, and recommendation of expulsion.
e. Complaints against faculty
and staff who violate this policy will be handled in accordance with
established university policy or practice.
i. Penalties assessed against faculty and staff who violate this policy may include written warning, loss of privileges, suspension of employment, and termination of employment depending upon the circumstances.
ii. Complaints against employees subject to receipt of employee disciplinary reports will be handled in accordance with provisions of the Personnel Policies and Procedures Manual regarding employee discipline. The severity of the violation will be taken into account in assessing any penalty.
iii. Established grievance procedures will be utilized to review any penalty imposed.
iv. Temporary or permanent loss of access to MSU’s information technology resources may occur with a first violation of this policy. In appropriate circumstances, repeat offenders will permanently lose access.
f. In the event MSU becomes
aware of a user’s alleged violation of this policy, it may take advantage of
the provisions regarding “Protection of Information Technology Resources and
Institutional Data” and “Investigation and Review of Policy Infractions” found
in Section II above.
g. As provided under Section
II, under “Control and Licensing of Software,” any user who suspects or has
knowledge of copyright violations must immediately report this activity to the
University’s Chief Information Officer, whose contact information is found
above in Section B.2.b.ii. Failure to report such activity will be
considered a violation of the Information Technology Acceptable Use Policy.
D. Periodic Policy Review
policy related to copyright and the use of MSU’s Information Technology Resources
will be reviewed periodically in order to assure that it addresses the changing
needs and concerns of Murray State University and to remain compliant with law.
Information Technology Advisory Committee will perform the periodic review
stated in the preceding paragraph by applying assessment criteria it deems
a. It is authorized to revise
and/or implement new policies under this Section III upon approval of the
President of the University.
b. The authorization under
this Section includes implementing revised or additional procedures related to,
or penalties for, alleged violations of this policy. All such additions and/or
revisions must be approved by the President of the University.
IV: Ethical Practices
B. Protection and Maintenance
users are expected to conduct themselves in a legal, professional, fair,
considerate, and ethical manner. Each individual should use equipment safely,
responsibly and only for its intended function. Users should keep all equipment
clean and in good operating condition.
and maintenance of equipment includes, but are not limited to:
a. Having only authorized staff perform installations
b. Plugging all equipment into an Underwriter's Laboratory approved surge protector or uninterruptible power supply
c. Locating equipment according to manufacturer’s specifications. Equipment should be protected from extreme heat or cold, excessive humidity, smoke, dust, overloaded circuits, stressed or worn cords, or any other potentially damaging situation
d. Keeping food and beverages away from equipment
e. Scheduling routine maintenance
software, tools, supplies, etc., are not to be removed from their assigned
locations without authorization from the administrator responsible for those
or replacement of any item damaged when used for purposes other than those
related to university functions or when used without authorization will be at
the user's expense. Unpaid debts incurred in this manner will be handled in
accordance with the usual Accounting and Financial Services procedures.
C. Harassing, Offensive,
Profane, and Abusive Material
information technology resources may not be used in a harassing, offensive,
profane, or abusive manner. The perception or reaction of affected persons is a
major factor in determining if a specific action is in violation of this
information technology resources may not be used for personal or commercial
profit. Individuals may not use information technology resources for any
commercial purpose without prior written authorization from the Chief
Information Officer, or designee.
A. Procedure for Reporting
should be reported to the faculty/immediate supervisor of the individual, the
Chief Information Officer, or the administrator responsible for the system that
was breached or misused. The notified party will inform the appropriate
university official. Violations may result in one or more of the
a. Verbal or written warning
with reference to appropriate policy
b. Suspend access either
temporarily or permanently
c. File a formal Employee
Disciplinary Report (EDR), if the individual is an employee
d. Formally submit student
infractions to the Vice President for Student Affairs
e. Consult with the
University Attorney and/or Public Safety, who may file civil or criminal
f. Refer complaints of
harassment or discrimination to the Office of Equal Opportunity
g. For any individuals
outside of the immediate university community, send a written notice of the
infraction to the employer, principal, or entity that initiated access for that
may be filed using existing procedures for staff, faculty, and students. All
other appeals will go to the Vice President for Administrative Services for
VI: Administration of Policy
A. Procedure for Development,
Review and Modification of this Policy
Policy Review Subcommittee of the Information Technology Advisory Committee
will be a body comprised of at least four members of the larger committee in
addition to the Chief Information Officer. The Policy Review Subcommittee will
meet at the call of the Chief Information Officer.
for new policies and/or modifications to existing policies will be forwarded to
the Chief Information Officer. The proposals and comments will be brought
before the ITAC Policy Review Subcommittee by the Chief Information Officer.
B. Communication of Policy
on an account application form, acceptance of a user ID, or online registration
denotes that the applicant has read and understands the guidelines available
and also denotes acceptance of the Information Technology Acceptable Use
policy is available online at http://campus.murraystate.edu/aup/ and in print form in Waterfield Library.
C. Other Information
with their own information technology labs will adhere to the same general
operating guidelines as established by this policy.
Glossary of Terms
Technical Terms used
in the Technology Policy
Rights Permission to use an MSU information
technology resource according to appropriate limitations, controls, and guidelines.
purpose A goal or end involving
the buying and/or selling of goods or services for the purpose of making a
Data A representation of facts, concepts, or instructions suitable for
communication, interpretation, or processing by human or automatic means.
Space Allocation the amount of disk storage
space assigned to a particular user by University Information Systems or the
appropriate system administrator.
Use Use of information technology resources in
accordance with this policy, within the rules of an individual MSU facility,
and so as not to unreasonably interfere with the use of the same resources by
File A collection of data treated as a unit.
use of authority or special privilege Use of one's access right(s) or position in a manner that violates
the rules of use of those privileges as specified by the Chief Information
Officer, or designee, or the appropriate system administrator.
Technology Resource Any information
technology/network equipment, facility or service made available to users by
Murray State University.
Password A string of characters that a user must supply to meet security
requirements before gaining access to a particular information technology
and Responsible Use Use of information
technology resources in a manner that promotes the efficient use and security
of one's own access right(s), the access rights of other users, and MSU
information technology resources.
Activity Any information technology
action or behavior that accesses remote site facilities via an MSU information
Site Any information technology/network equipment,
facility, or service not part of, but connected with, MSU information
technology resources via a communications network.
Administrator Any individual authorized
by the Chief Information Officer, the Provost/Vice President, or a designee to
administer a particular information technology hardware system and/or its
Transmission The transfer of a signal, message, or other form of information
from one location to another.
Act With the exception of information technology
actions or behaviors permitted in this policy, any act performed without the
explicit permission of the Chief Information Officer, or designee, or the
appropriate system administrator.
Record Information or data indicating the level of
usage of information technology resources by a particular user.
User Any individual -- whether student, staff, or individual external
to MSU -- who uses MSU information technology resources.
ID A character string that uniquely identifies a
particular user of MSU information technology resources.
Information Technology Acceptable Use Policy (downloadable PDF)
Requires Adobe Acrobat Reader