Update 23 June 1994 by ccpaulh@monad.missouri.edu. Subject to change!
At the University of Missouri-Columbia, computing resources areavailable as a privilege to members of the faculty, staff, and studentbody in a manner similar to resources in the library. With theprivilege of access, however, comes responsibility. As with any shared,finite resource, frivolous use of computing resources is unwise andunfair to others. Computer resources on campus are meant to be used astools to enhance educationÐnot to play games or cause mischief.
Three legal concepts lie behind much of the following code. It isunethical and illegal, without proper and valid authorization, to:
Rule #1: Never use the University's computing facilities to gain unauthorized access to a computer system.
Title 18, Section 1030, of the U.S. Code, which was added by the"Counterfeit Access Device and Computer Fraud and Abuse Act of 1984,"outlawed unauthorized access to any computer owned or used by thefederal government, and to records or credit histories held byfinancial institutions. The "Computer Fraud and Abuse Act of 1986," refined Section 1030 to makeit apply to federal government computers and computer systems, computersused to commit a crime across state lines, and computers belonging tomajor financial institutions. According to Section 1030, unauthorized access to classified informationis a felony (Class D), which can carry a fine of $250,000 and a prisonterm of 10 years for a first-time offender. Section 1030 also makes the following actions felonies (Class E), whichcan carry a fine of $250,000 and a prison term of five years for afirst-time offender:
The "Freedom of Information Act of 1966 (FOIA) set guidelines on whatinformation can and cannot be released by the federal government. The"Privacy Act of 1974" (with amendments in 1988 and 1989) added therequirement that the government cannot release information about aperson without written authorization from that person. The Act,codified at Title 5, Section 552a, makes obtaining personal data underfalse pretenses a misdemeanor subject to a $5000 fine.
Unauthorized interception of messages became a crime by way of the"Electronic Communications Privacy Act of 1986." The Act revisedseveral sections, beginning with Section 2510 (Title 18, U.S.C.), alsoknown as the "Omnibus Crime Control and Safe Streets Act of 1968," whichauthorized wiretapping of U.S. telephone lines by government, understringent rules (and with few exceptions). The new 1986 act gave the same protection to electronic communicationthat the 1968 Act had given to verbal and wire communications. Section2511(4) (a) of Title 18 makes unauthorized interception of anelectronic communication a felony with a possible sentence of five yearsin prison and a fine of $250,000. The 1986 Act also:
Rule #3: Never use computing facilities or resources to harass other users or to do mischief: Do not send messages to unwilling recipients. Do not unnecessarily prevent other authorized users from using a terminal or other resource. Do not distribute a program that can damage the user or system environment.
Rule #4: Never use any ID, account or file without proper authorization. Do not use or intentionally seek access to a userid or other resource that is not yours.
Sections 569.093 to 569.099 of the Revised Statutes of Missouri definethree types of illegal computer "tampering":
As of May 1990, three bills responding to recent activities of computer"hackers" are being studied by committees in the U.S. House ofRepresentatives: "H.R. 55" provides penalties for people who use programs that containhidden, harmful commands which interfere with the operations ofcomputers. "H.R. 287" creates penalties for people or entities that intentionallyalter computer hardware or software in order to disable a computerthrough the loss of stored data or interference with its properfunctioning. "H.R. 3524" prohibits the use of interstate communication networks todistribute computer viruses.
Rule #5: Never run a program sent to you unless you know what it does and thoroughly trust its source. This rule applies to both the mainframe and microcomputers. In therecent past, such "gifts" have been known to act like Trojan horsesÐsending obscene messages in the recipient's name to other users,replicating and spreading viruses, or destroying data that may havetaken years to compile. Campus Computing keeps a log of networking, inter-user communications,logon attempts, printing, "links" and other activities. These logs areused to reveal usage trends and to verify complaints. Tape backups ofdisk files are also made, mainly to protect users from accidents, butalso to trace an abuse long after it occurs.
Rule #6: Always carefully protect ID's, accounts, files, printouts and other computer resources from unauthorized users. Never share your password or user ID.
No computer system can protect someone who fails to conceal his or herpassword. Leaving a terminal without logging off is like leaving yourfront door unlocked and open. Using an obvious or easy-to-guesspassword is like hiding the key to your front door under the "welcome"mat. Physically protect your session by logging off the computer,choosing a password at random, and never recording thepassword where someone might find it. If you suspect your password has been compromised, change it. If yoususpect another user's password has been compromised, report it to theuser or the Help Desk. Researchers who need to share data should use individual ID's and linkto each others' disks rather than share one user ID.
When someone is caught sharing a user ID with someone else, both partieslose their computing privileges. There are several reasons for not sharing your password with anyone. Besides the possibility that they could damage your files, they might share your password with yet another person who could damage your files. If they abuse electronic mail or other resources, you are liable. The number of active users may be used by administrators to determine how much money to spend on maintaining or improving computing.
Rule #7: Never copy data or software without proper authorization. Never distribute a copy of a computer program to someone else without proper authorization.
At present, computer programs are protected by federal copyright law,which protects the portion of a computer program that can be written,and only allows the making of backup copies by a purchaser withpermission of the software company. If passed, two related bills being studied by committees in the U.S.House and Senate (1990), "H.R. 2740" and "S. 198," would also makeselling, lending or leasing software without permission from thesoftware company illegal.
Although copyright protection covers only that part of a computerprogram which can be written down, software companies protect theirprograms by designating them to be "trade secrets," which are protectedby tort laws (Section 757, "Restatement of Torts"). A program canreceive trade secret protection if the company can prove that theprogram is a secret (or was a secret before the alleged tort occurred). The following are considered torts (acts of wrongdoing addressed througha civil action by the harmed party):
Rule #8: Never use computing facilities to plagiarize the work of others.
Copying someone else's work is relatively easy, but so is detecting andproving plagiarismÐ and prosecuting those who practice it. Thestandard academic penalties for plagiarism are severe. Guilty studentshave not only lost computing privileges, but have failed courses andhave been placed on probationÐeven students who completed a courseand shared their work with others in a subsequent semester.
Carelessness can encourage plagiarism. Be sure to pick up all yourprinted output and discard it carefully. Report individuals who arerummaging through new or discarded output.
Rule #9: Always conserve resources, such as disk and tape storage, CPU time, memory, paper, plotter supplies, etc. Never use electronic mail or send messages frivolously. Do not spend excessive time playing games on campus computers.
The most common abuse of MU's computing resources is excessivemessage-sending and game-playing. The University allows message-sendingand game-playing because communication programs and games introducepeople to computers and because most users eventually move on to moreproductive use of electronic mail and other computing resources. Unfortunately, some people have become addicted to Bitnet, Relay, andZork. The problem with this compulsion is that, with the finite numberof terminals available, it is sometimes difficult for users withlegitimate needs to find an unoccupied terminal. Anyone who observes such unnecessary usage should not hesitate to askthe user to stop or to report the problem to a User Consultant or theHelp Desk, which will hear and verify specific complaints. Rather thanlimit everyone's use of computing resources, Campus Computing tries toidentify and deal with the worst offenders. To minimize waiting time for terminals, printers, or other resources,Campus Computing may relegate wasteful users to low CPU priority,suspend or revoke the printing privileges of wasteful users, or suspendor revoke access privileges of wasteful users. Unnecessary waste also occurs in another area Ð temporary disk space.
Campus Computing encourages you to explore and use the University'scomputer system for genuine educational pursuits! If you have doubtsabout a course of action, consider whether it is consistent with thespirit of the laws, legal concepts, and ethical guidelines presentedabove. Consider whether the action accords with the standards ofresponsible, polite conduct. When these provide no specific guidancefor your situation, apply this version of the Golden Rule:
Rule #10: Compute unto others as you would have them compute unto you.