Computer Rules and Responsibilities

Using Harvard's network to download or share copyrighted music, movies, television shows or games without the permission of the copyright owner may result in legal sanctions, network termination, and/or disciplinary action.

BitTorrent, Gnutella, eDonkey, and other filesharing programs can transmit files on your computer to others in violation of copyright laws, with or without your knowledge. If these programs are on your computer, you will be held responsible for any copyright violations that may result.

Section I

Use of Computers and Networks

Students who are provided access to University computer facilities and to the campus-wide communication network assume responsibility for their appropriate use. The University expects students to be careful, honest, responsible, and civil in the use of computers and networks. Those who use wide-area networks (such as the Internet) to communicate with individuals or to connect to computers at other institutions are expected to abide by the rules for the remote systems and networks as well as those for Harvard's systems.

Be advised that, in addition to violating College rules, certain computer misconduct is prohibited by federal and state law and is, therefore, subject to criminal and civil penalties. Such misconduct includes knowingly gaining unauthorized access to a computer system or database, falsely obtaining electronic services or data without payment of required charges, intentionally intercepting electronic communications, and obtaining, altering or destroying others' electronic information. Similarly, serious legal penalties may result from the use of Harvard's computers or network to violate copyright laws, as is possible with the use of peer-to-peer filesharing programs. Moreover, a student may be held responsible for misuse that occurs by allowing a third party access to the student's own computer, account, or network connection.

Students are expected to abide by these rules and policies and to consult an official of Harvard University Information Technology prior to any activity that would appear to threaten the security or performance of University computers and networks. Failure to do so may result in disciplinary action.

Use of Facilities

Computer and network facilities are provided to students primarily for their educational use. These facilities have tangible value. Consequently, attempts to circumvent accounting systems or to use the computer accounts of others will be treated as forms of attempted theft.

Students may not attempt to damage or to degrade the performance of Harvard's computers and networks and should not disrupt the work of other users. Students may not attempt to circumvent security systems or to exploit or probe for security holes in any Harvard network or system, nor may students attempt any such activity against other systems accessed through Harvard's facilities. Execution or compilation of programs designed to breach system security is prohibited unless authorized in advanced. Students assume personal responsibility for the use of their accounts. Consequently, students may not disclose their passwords or otherwise make Harvard's facilities available to unauthorized individuals (including family or friends). Moreover, the possession or collection of others passwords, personal identification numbers (PINs), private digital certificates, or other secure identification information is prohibited. Use of Harvard's computers and networks for business├▒related purposes without authorization is prohibited (see Student Business Activity in the Handbook for Students).

Privacy of Information

Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Examination, collection, or dissemination of that information without authorization from the owner is a violation of the owner's rights to control his or her own property. Systems administrators, however, may gain access to users' data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules.

Computer systems and networks provide mechanisms for the protection of private information from examination. These mechanisms are necessarily imperfect and any attempt to circumvent them or to gain unauthorized access to private information (including both stored computer files and messages transmitted over a network) will be treated as a violation of privacy and will be cause for disciplinary action.

In general, information that the owner would reasonably regard as private must be treated as private by other users. Examples include the contents of electronic mail boxes, the private file storage areas of individual users, and information stored in other areas that are not public. That measures have not been taken to protect such information does not make it permissible for others to inspect it.

On shared and networked computer systems certain information about users and their activities is visible to others. Users are cautioned that certain accounting and directory information (for example, user names and email addresses), certain records of file names and executed commands, and information stored in public areas, are not private. Nonetheless, such unsecured information about other users must not be manipulated in ways that they might reasonably find intrusive; for example, eavesdropping by computer and systematic monitoring of the behavior of others are likely to be considered invasions of privacy that would be cause for disciplinary action. The compilation or redistribution of information from University directories (printed or electronic) is forbidden.

Electronic Communication

Harvard neither sanctions nor censors individual expression of opinion on its systems. The same standards of behavior, however, are expected in the use of email as in the use of telephones and written and oral communication. Therefore email, like telephone messages, must be neither obscene nor harassing (see Harassment and Obscene or Harassing Telephone Calls in the Handbook for Students). Similarly, messages must not misrepresent the identity of the sender and should not be sent as chain letters or broadcast indiscriminately to large numbers of individuals. This prohibition includes unauthorized mass electronic mailings. For example, email on a given topic that is sent to large numbers of recipients should in general be directed only to those who have indicated a willingness to receive such email.

Intellectual Property and Copyrighted Materials

Computer programs written as part of one's academic work should be regarded as literary creations and subject to the same standards of misrepresentation of copied work (see Preparation of Papers and Other Work: Plagiarism and Collaboration in the Handbook for Students). In addition, attempts to duplicate, use, or distribute software or other data without authorization by the owner is prohibited.

All Harvard users must respect the copyrights in works that are accessible through computers connected to the Harvard network. Federal copyright law prohibits the reproduction, distribution, public display or public performance of copyrighted materials without permission of the copyright owner, unless fair use or another exemption under copyright law applies. In appropriate circumstances, Harvard will terminate the network access of users who are found to have repeatedly infringed the copyrights of others, and may also take disciplinary action.

Information about the application of copyright law to peer-to-peer file sharing of music, movies and other copyrighted works is available at www.dmca.harvard.edu. Students with questions about copyright or this policy are invited to raise those questions with an appropriate dean, tutor or academic officer.

Section II

Additional Policies from Harvard University Information Technology (HUIT)

These policies are intended to serve as an addendum to the FAS statement on Use of Computers and Networks. These are departmental policies that apply specifically to the use of Harvard University Information Technology (HUIT) facilities and resources.

Unauthorized use of the Harvard network, computer systems, or facilities is prohibited.

Security and Privacy

  • Users understand that timesharing and network-based system activity is automatically logged on a continuous basis. These logs do not include private user text, mail contents, or personal data, but do include a record of user processes that may be examined by authorized system administrators.
  • The staff of HUIT consider user accounts to be the private property of individuals who have opened them, and as a result will never ask users to reveal their passwords. However, users who request assistance from HUIT give the staff implicit permission to view specific data in their accounts that is necessary to investigate, diagnose, or correct the problem.

Use of Facilities

  • Individuals should not attempt to exploit, test, or probe for suspected security holes on Harvard computers or networks, but instead should report them to HUIT. Likewise, users should not disseminate to others any information that serves to circumvent or degrade system or network security or integrity.
  • Physical theft, rearrangement, or damage to any University computer or network equipment, facilities, or property is strictly prohibited, and will be reported to the police. This includes all public computer labs, network hubs, wiring, and links.
  • HUIT must ensure that academic work takes precedence at all times over other computing activities in its facilities. In situations of high user demand that may strain available computer resources, HUIT reserves the right to restrict (e.g., to specific times of day) or prohibit computer entertainment activities such as game playing. Similarly, loud or disruptive behavior that may hinder academic work in the computer labs is not permitted.
  • Individuals must abide by all official posted rules and official communications from HUIT regarding use of facilities and resources.

Use of the Harvard Network

  • Users with personal computers on the Harvard network are expected to take reasonable precautions to ensure the security of their systems. Individuals may be held responsible for misuse by others that occurs on their systems.
  • HUIT reserves the right to scan the Harvard network and systems connected to it to assist in identifying and protecting against exploitable security vulnerabilities (e.g., viruses) and to preserve network integrity and availability of resources (e.g., sufficient bandwidth). Computers may be disconnected from the network until security issues have been resolved. Users may not scan the Harvard network or computers that they do not own or officially administer.
  • Attempts to monitor, analyze, or tamper with network data packets that are not explicitly addressed to your computer are prohibited.
  • Using a network address other than the one assigned by HUIT is prohibited.
  • Users are not permitted to register external domain names (i.e., any domain outside of harvard.edu) that reference systems on the Harvard network without authorization.
  • Users may not advertise routing information on the Harvard network or act as gateways to external or private networks.
  • It is prohibited to create secondary physical networks, using devices including bridges, routers, or wireless access points, connected to the Harvard network without authorization.
  • Providing services or running applications that consume excessive bandwidth or impede others' use of the Harvard network is prohibited without authorization.
  • Due to the security risks posed to the network by these devices, users are not permitted to connect wireless printers to the Harvard network.

Electronic Communication

  • Those who make use of online forums and other network communication utilities (e.g., Newsgroups and the Web) do so voluntarily, with the understanding that they may encounter material they deem offensive. Individuals who subscribe, post messages, or simply browse through such utilities must abide by the rules governing each in addition to Harvard's rules governing computing on campus.
  • Although unauthorized commercial work is prohibited on Harvard systems and networks, some online forums allow the posting of job opportunities and personal items for sale. Such activity is permissible within the constraints of policies specific to each forum. Harvard University takes no responsibility for any fraud or misrepresentation users may encounter.

Cases of Misconduct

  • Harvard University reserves the right to terminate access at any time to anyone whose use of its resources violates the law or threatens system or network security, performance, or integrity. This includes the ability to terminate running processes or active connections.
  • In cases of computer misconduct, HUIT may notify the appropriate dean or University official, who in turn will determine the course of any investigation or disciplinary action.

Waiver

  • Users recognize that systems and networks are imperfect and waive any responsibility for lost work or time that may arise from their use. The staff of HUIT cannot compensate users for degradation or loss of personal data, software, or hardware as a result of their use of University-owned systems, software, or networks, or as a result of assistance they may seek from HUIT staff.