NJIT Acceptable and Responsible Use Policy

 I. POLICY STATEMENT

As a public research university, NJIT engages and maintains the information technology necessary to foster the free exchange of ideas and principles of academic freedom, in support of its mission of educational, economic, and technological development. In furtherance of its educational operations, NJIT must maintain the integrity and security of NJIT’s Information Assets and Resources. This policy outlines the standards for acceptable and responsible use by those using or accessing NJIT’s Information Assets and Resources, and applies to those who use or access NJIT’s Information Assets and Resources, whether on-campus or remotely, regardless of their affiliation to NJIT. 

II. DEFINITIONS

Information Assets and Resources: NJIT owned or leased information technologies (IT), and information resources used for conducting NJIT business such as processing, transmission, storage, and communications including, but not limited to computer labs, classroom technologies, computing and end point devices and services, email, networks and infrastructures, internet access through NJIT systems, computer hardware and software, telephones, voice mail, fax, video, multimedia, and any instructional materials. This also includes services that are owned, leased, operated or provided by University or otherwise connected to NJIT resources, such as cloud services and infrastructures, or any other connected and hosted service. The policy’s terms and conditions serve to protect University Data, which is a fundamental part of its Information Assets and Resources.

Data: Any information that has been collected, observed, generated or created for reference or analysis.  Data, as a definition, is very broad and includes information used in teaching, research, and administration, and may be preserved in any medium, including, but not limited to electronic files and paper documents.  Data may include original documents, as well as all backup and duplicate copies.

University Data: Data created or received by Users while acting on behalf of NJIT, or data created or received by NJIT students, faculty, staff, researchers, or any person or group while providing a service to NJIT or to others as part of their education or training.  University Data, as a definition, is very broad and includes information used in teaching, research, and administration, and may be preserved in any medium, including, but not limited to electronic files and paper documents. University Data may include original documents, as well as all backup and duplicate copies. University Data does not include intellectual property which by law or by NJIT’s copyright is owned, licensed, or otherwise legally controlled by a Data User.

User: All members of the NJIT community, including students, faculty and staff employees, student employees, contractors, and affiliates and guests who are granted access by NJIT to NJIT’s Information Assets and Resources.  Users also include persons who are otherwise serving as an agent or working on behalf of NJIT, including any person or any process generated by individual(s) that is authorized by NJIT to access the Information Assets and Resources. The User has the responsibility to (1) comply with federal, state or local laws, as well as University policies, rules and guidelines. (2) use the resource only for the purpose specified by NJIT or the owner (such as software), (3) prevent the unauthorized use of NJIT’s Information Assets and Resources, (4) protect NJIT’s sensitive data, (5) report any non-compliance and violation of this policy.

Data User: University departments or individual university community members who have been granted access to University Data in order to perform assigned duties or in fulfillment of assigned roles or functions within the university.

III. ACCEPTABLE USE

The protection and well-being of NJIT information technology depends on the responsible and appropriate use by all. Information Assets and Resources are provided for conducting NJIT business, scholarly activities, research, and for purposes related to its mission.  As such, all Users are expected to use the Information Assets and Resources for NJIT-related purposes and in a manner that is legal, ethical and consistent with NJIT’s established culture of openness and integrity.   At all times, Users are expected to comply with all applicable laws and NJIT policies, as well as safeguard the security and integrity of Information Assets and Resources while complying with all applicable laws and NJIT policies.
NJIT reserves the right to extend, limit, restrict or remove privileges to Information Assets and Resources.  NJIT may access, monitor and review the Information Assets and Resources for any purpose consistent with NJIT’s duties and/or mission or as otherwise required by law without notice.  All data created, accessed or stored through NJIT’s Information Assets and Resources are the property of  NJIT.
 
Some examples of acceptable use of Information Assets and Resources include the following:

• Authorized scholarly, business, research, and university-related purposes. This includes that of NJIT departments, offices, and laboratories, official student organizations, and affiliates.
• Protecting the User’s account and system from unauthorized use.  Users are responsible for all activities on the User's account or that originate from the User's system.
• Using only legal versions of copyrighted software in compliance with vendor license requirements.
• Any personal use of Information Assets and Resources is permitted only on an incidental basis. Incidental use includes occasional use that has negligible effect on the use of Information Assets and Resources. Incidental use is a use which does not interfere with a User's work as a student or User's assigned responsibilities as a faculty or staff member.

IV. UNACCEPTABLE USE

The use of the University’s Information Assets and Resources is a privilege granted based on the User abiding by federal and state laws, as well as NJIT policies. While use of Information Assets and Resources is intended to be limited to NJIT-related purposes, incidental use may be permitted provided such use doesn’t violate or conflict with any other applicable law, regulation, or NJIT policy. Any Users who have been assigned an NJIT account or granted access to Information Assets and Resources are responsible for the actions performed on their accounts. In accordance with these privileges, some examples of unacceptable use of Information Assets and Resources include the following:

• Usage or disclosure of restricted, sensitive, and internal data as classified by the NJIT Data Classification Policy without appropriate authorization.
• Utilizing Information Assets and Resources to compromise User accounts and credentials, use another user’s name and/or credentials, or distribute other user’s personally identifiable information.
• Engaging in any activity that might be harmful to the network and systems or to any information stored thereon, such as scanning or probing network and systems, creating or propagating viruses, disrupting services, uninstalling or bypassing security settings, installing malicious software, damaging or making unauthorized modifications to university data.
• Utilizing Information Assets and Resources for private commercial purposes, outside political campaigning, or communicating unsolicited messages by sending spam.
• Make or use illegal copies and/or share copyrighted materials or software, store such copies, or transmit them over university networks.
• Harassing, threatening or otherwise harming others by:
  • sending obscene, abusive, or injurious communications,
  • using anonymity to harass, threaten, or deceive others; and/or
  • forging counterfeit communications or identities.

V. PRIVACY

The University reserves its legal right to access, preserve, review and monitor all Information Assets and Resources, as appropriate, and/or as otherwise required by law.  The use of NJIT’s Information Assets and Resources is not completely private, and Users should have no expectation of privacy in their use of the University’s Information Assets and Resources.  
 
The University does not routinely monitor webpage searches or communications for content.  However, the  University may  monitor the activity and accounts of individual users, including individual login sessions, usage and communications, without notice. Such monitoring of individual accounts requests may be required by law or  authorized by University approved personnel: President; Provost & Sr. Executive Vice President; General Counsel and Vice President, Legal Affairs; Vice President of Human Resources, Vice President for Student Affairs and Dean of Students, Chief Information Officer; or their designees. All records of these authorizations will be maintained in a secure file by Information Services & Technology.
 
The University, in its sole discretion, may disclose the results of any monitoring and preservation of University Information Assets and Resources, including the contents and records of individual communications, to appropriate University personnel or law enforcement agencies; such results may be used in appropriate University disciplinary proceedings. Communications, including e-mails, made by means of University Information Assets and Resources may be subject to disclosure to third parties in compliance with a subpoena, court order, or as otherwise required by law, including New Jersey’s Open Public Records Act to the same extent as they would be if made on paper. Further clarification regarding the Open Public Records Act may be obtained at (http://www.njarchives.org/links/pdf/circular-letter-03-10-st.pdf).

VI. WARRANTIES

NJIT makes no warranties of any kind, whether express or implied, with respect to its Information Assets and Resources and any use or access thereof. NJIT is not responsible for the accuracy or quality of information accessed through its Information Assets and Resources, except materials or information considered official NJIT records. NJIT maintains no responsibility for its Information Assets and Resources when used for personal or non-NJIT purposes.

VII. VIOLATIONS

Any misuse of Information Assets and Resources or violations of the Acceptable and Responsible Use Policy should be reported to  abuse@njit.edu.

Any violation of this policy may result in disciplinary action, as well as civil and/or criminal action. NJIT may restrict or suspend a User’s access to Information Assets and Resources while the alleged violations are investigated and/or adjudicated. Disciplinary action shall be taken by the Dean of Students Office relative to student violations, and by the appropriate University officers relative to faculty, staff and/or university affiliate violations.

VIII. ADMINISTRATION

The University Policy Committee, with input from the Office of the Chief Information Officer, will periodically review the Acceptable and Responsible Use policy. As such, this policy may be updated accordingly.

Under the direction of the Office of the Chief Information Officer, this policy will be administered by the Information Services and Technology division with support from the University stakeholders.

EFFECTIVE DATE OF POLICY

9/28/2022

This policy takes effect upon adoption, and supersedes and revokes any former policies governing the subject matter.

REFERENCES

• Data Classification Policy

• Minimum Security Standards