• CSULB Home
• Students
• Faculty & Staff
• Alumni
• Parents
• Visitors & Community
• Giving to CSULB

Information Security Management and Compliance

Acceptable Use of CSULB Electronic Communications Systems and Services

printable version

1. POLICY STATEMENT

   Electronic communications systems and services are essential to conducting University business. The continued and reliable availability of these systems and services are paramount to California State University, Long Beach’s (University) ability to fulfill its mission of education, research, and public service. To this end, the University uses, supports and provides electronic communications systems and services for telecommunications, mail, education, and research.

   The University encourages the use of electronic communications systems and services for lawful purposes and makes them widely available to the university community. Nonetheless, the use of electronic communications resources is limited by restrictions that apply to all University property and by constraints necessary for the reliable operation of electronic communications systems and services. The University reserves the right to deny use of its electronic communications systems and services, when necessary, to satisfy these restrictions and constraints.

   The contents of all electronic communications systems and services shall conform to CSU and CSULB policies and standards, state law and federal law including the Copyright Act of 1976 and all subsequent amendments including, but not limited to, the Digital Millennium Copyright Act of 1998 and the Teach Act of 2002.

   All electronic communications systems and services intended to accomplish the academic and administrative tasks of the University shall be accessible to users with disabilities in compliance with law and University policies. Alternate accommodations shall conform to law and University policies and standards.

2. GENERAL PROVISIONS

   1. PURPOSE

      The purposes of this policy are to:

      • Ensure that University electronic communications systems and services are used for purposes appropriate to the University’s mission;
      • Ensure that User’s privacy rights are protected;
      • Inform the University community about the applicability of laws and standards to electronic communications;
      • Ensure that electronic communications system and services are used in compliance with those laws and standards; and
      • Prevent disruption to and misuse of University electronic communications systems and services.

   2. SCOPE

      This policy applies to:

      • All electronic communications systems and services, owned or managed by the University or auxiliary organizations;
      • All electronic communications systems and services provided by the University or auxiliary organizations through contracts or other agreements;
      • All users and uses of University electronic communications system and services ; and
      • All University electronic communications records in the possession of University employees or of other users of electronic communications system and services provided by the University.

   3. DEFINITIONS

      Terms used in this Policy are defined in Appendix A.

3. INCIDENTAL USE

   University users may use electronic communications systems and services for incidental personal use provided that such use does not 1) interfere with the University’s operation of electronic communications systems and services; 2) interfere with the user’s employment or other obligations to the University; 3) burden the University with noticeable incremental costs; or 4) create a security risk to the confidential or intellectual information maintained and protected by the University. When noticeable incremental costs for personal use are incurred, users shall be responsible for reimbursement to the University.

4. PROHIBITED USE

   Users are prohibited from utilizing University electronic communications systems and services for any unlawful, unethical or unprofessional purpose or activity. Examples of prohibited use include but are not limited to:

   • Transmission of threats, harassment or defamation
   • Download or distribution of material or programs that could be deemed harmful to University electronic communications systems or services
   • Violations of any state of federal laws or any applicable CSU or CSULB policy or regulation, including but not limited to, Rules of the Academic Senate, the Faculty Code, the Faculty Handbook and Administrative Guidelines
   • Intentional access, viewing, download or dissemination of materials containing obscene matter
   • Violation of software licensing agreements
   • Intentional damage to equipment, software or data
   • Commercial activities unrelated to the mission of the University. This includes soliciting, promoting, selling, marketing or advertising products or services (e.g. consulting services) or other revenue generating private business operations for personal financial gain. Disputes regarding a commercial activity’s relatedness to mission of the University shall be resolved by the University President or designee.
     
     Campus auxiliary organizations are authorized to provide services and products to students, faculty and staff, and invited guests of the University through operating and service support leases.
     
     The University President or designee may authorize additional limited commercial uses under separate policy provisions and such uses are exceptions to the above commercial use prohibitions.

   University electronic communications system and services may not be used to:

   1. circumvent legitimate copyright protections or illegally access, copy or disseminate copyrighted material in any form including, but not limited to, print, music, video or other multimedia content, that is not permitted under the principle of Fair Use;
   2. distribute or duplicate copyrighted software without appropriate licensing agreements or use of software in a manner inconsistent with the license; or
   3. engage in peer-to-peer technology for non-business purposes. This includes, but is not limited to, transfer of music, movies, software, and other intellectual property.

   Illegal file-sharing and other copyright violations are a violation of Title 5 of the California Code of Regulations.

5. PRIVACY

   The University recognizes that principles of academic freedom and shared governance, freedom of speech, and privacy hold important implications for the use of electronic communications systems and services. This Policy reflects these firmly-held principles within the context of the University’s legal and other obligations. The University respects the privacy of electronic communications in the same way that it respects the privacy of paper correspondence and telephone conversations, while seeking to ensure that University administrative records are accessible for the conduct of the University’s business.

   Limitations of Privacy

   It is not the intent of the University to examine or disclose electronic communication records without the holder’s consent. However, under limited circumstances as described in this policy, the University may examine or disclose electronic communications records without the holder’s consent.

   An electronic communication holder’s consent shall be obtained by the University prior to any access for the purpose of examination or disclosure of the contents of University electronic communications record in the holder’s possession, except as provided below.

   Access without Consent

   The University shall permit the examination or disclosure of electronic communications records without the consent of the holder when (1) required by and consistent with law; (2) when there is substantial reason to believe that violations of law or of University policies have taken place; (3) when there are compelling circumstances; (4) under time-dependent, critical operational circumstances; or 5) to preserve records or information consistent with the University Litigation Hold policy.

   Automated Monitoring

   The right to privacy does not preclude system administrators from maintaining and monitoring system logs of user activity. Automated searches for files and transmissions that endanger privacy, confidentiality of data, system security or integrity are performed regularly to protect all users and ensure the continued availability of University electronic communications systems and services. System administrators may take appropriate actions in response to detection of such files or transmissions.

   Third Party Services

   University contracts with outside vendors for electronic communications services must explicitly reflect and be consistent with this Policy and other University policies related to privacy. Any third party organization providing contractors to the University shall be provided access to this policy for review prior to commencing work for the University.

6. SECURITY

   The University makes reasonable efforts to provide secure and reliable electronic communications systems and services. The University cannot ensure security of data transmitted over the Internet. Information submitted via the Internet may not be secure and could be observed by a third party while in transit. Submission of passwords, credit card numbers or other personal information via the Internet could result in identity theft.

   Additionally, University Users and Public Users accessing the Internet should be aware that the Internet permits access to non-University users who are not subject to University policies, and may contain content materials, goods and services that individual users may find personally offensive or objectionable. The University does not have the right or capability to monitor or restrict Internet content. Therefore, the University disclaims any responsibility and liability for any conduct, content, materials or goods and services available on or through the Internet.

7. RESPONSE TO POLICY VIOLATIONS

   When there is reason to believe that a violation of this policy has occurred, an investigation shall be conducted. User access to electronic communications systems and services may be temporarily suspended while an investigation is being conducted.

   If the investigation involves faculty or staff members and warrants University action, an explanation of the causal events shall be reported to the appropriate Vice President. In cases involving students, the Office of Judicial Affairs and the Dean of Students Office shall be notified. Investigating officials shall examine charges of violations with due respect for individual privacy, the security of other users, and the rights of due process.

   Violations of University policy may result in sanctions, including but not limited to, limitation or revocation of access rights and/or reimbursement to the University for any expense related to the violation, including costs associated with the detection and investigation of the violation, as well as from the violation itself. Violation of applicable statutes may result in criminal prosecution.

Approved by President Alexander

August 2007