Acceptable Use Policy
Jerry Garfunkel

In this report on the adoption of an "Acceptable Use Policy" (AUP),   I identified 3 separate environments each of which requires its own specialized version of an Internet Acceptable Use Policy (IAUP).  These three environments are
a) in schools (which in turn can be further subdivided into K-12, university, private, public, et al) - Student use
b) in the workplace  - Employee use
c) in public facilities (libraries, et al) - Citizen use
In researching AUP's I reviewed several AUP models. Among the best for students was the Monroe County Indiana Schools AUP and for employees, the Department of Interior's Internet Acceptable Use Policy.   I recommend adopting language for an AUP, non-copyrighted taken from a reputable IAUP model, such as MCCSC and the DoI's . 

The Monroe County Indiana model, defines 5 major categories. (paraphrased from the MCCSC  IAUP)
1. Responsibilities: Access is a privilege, not a right. Access entails responsibility.
2. Rights and Privileges: Network services are outlined for educationally-related communication, research and other activities.
3. Restrictions: Some activities are not permitted on MCCSC's electronic resources;  they are presented in detail
4. Sanctions: Disciplinary action related to student misuse and improper access to the school's electronic resources
5. Disclaimers: Legal "mumbo jumbo re: no implied warrantees etc.
Presented below first are the major componentsof a proposed AUP.  This list of componentscontains some issue more relevant to schools and some were more relevant to corporations.
Some of the issues in Internet Acceptable Use Policies (IAUP), common in schools, corporations and in public internet usage:
Acceptable Uses of the Internet:
Communication with others (students/employees, teachers/customers, administration/prospects, community/vendors) relating to school/work
Researching topics relevantto school/job
Other school activities/company business, i.e. authorized postings, web administration
Unacceptable uses of the Internet in school and on the job:
Sexually explicit or any indecent materials
Sexual harassment, (any harassment)
Any illegal activity
Private enterprise (commercial or non-commercial
Poor taste (like reckless driving - a judgmentdecision)
Disrespecting other's privacy and confidentiality
Unacceptable Sites to visit (Some companies/schools ban, some do not:
Sports sites
Personal business
Job Search sites
Entertainment Sites
Gambling sites (local and multi-user)
Games, Humor
Illegal Drug sites
Personals (for personal business)
Political sites
In addition to these uses and sites listed above, school/corporate AUP's often include policies on :
Using excessive IT resources
No Chat or IM unless for school assignments, company business
No Signing guest books, newsgroups, BBS on behalf class, school
No financial or "inside" information
No private email
No copyright infringement or abuse
Downloading/uploading unacceptable material
While these restrictions, and others, are cited in some AUP's, not all will be relavent to every school district or corporation, nor would I recommend the adaption of all restrictions.  Many of these restrictions, under proper conditions, might be quite beneficial to the student/employee - email is one such example. 

Many IAUP's contain provisions for blocking students images from being displayed online without the written permission of the student (and in most cases his/her parents). The following segment from the NYC DoE IAUP says, "Display photographs, videos or other images of any identifiable individual, other than a historical or public figure, without a signed release.  Releases for students under the age of 18 must be signed by their parent or lawful guardian."  This makes many graphics and video projects more complicated (extra red-tape) but it does assure the privacy of every student.

I challenge one aspect of some present day Internet Acceptable Use Policies (IAUP's) and perhaps many other AUPs. The acceptable use policy must be secure enough to protect our children but at the same time must not be so limiting (filtering) as to stifle cognitive searching and critical thinking. Occasionally, in the name of protecting society from improper activities, it is necessary to "step on" the civil liberties of others.  It is always a trade-off.  We face these issues all the time in law enforcement.  In a democratic society it is difficult to balance the security needs of the community with individual rights.  These and other issues of potential infringements on constitutional rights were analyzed in a paper re: Constitutional Analysis of the "Communications Decency Act" (S.314) issued by the Center for Democracy and Technology. Legislation such as the Communications Decency Act (CDA) and the Child Online Protection Act (COPA) are created of course to protect "acceptable use" of the Internet as defined "by society."  It is supposed to be, as are all codified rules and regulations, a reflection of society's morals and ethical values.  But sometimes in the name of protecting decent use of the internet, constitutional liberties are ignored, and the potential for abuse by some to advance a private agenda exists. This case is supported by arguments presented in the CDT's review of the COPA.  COPA fails to deliver on its promise - protecting the children.  There are just too many "leaks in the cistern." In addition, there are valid constitutional questions regarding the conflict between free speach and protection of our children.
I believe that we "can have our cake and eat it too."  We can protect the security of the community as well as the liberties of individuals.  It requires interfering with "automated" systems that shuffle people along according to some classification.  If society had a better way to deal with "special cases" - and a lot more of them  - then we could define rigid systems for 98% of society's needs as long as we are equippedto examine the remaining 2% for "special handling" (i.e. exceptions outside the system).

Resources used for this survey & analysis
 
1. ISTE / JRCE: Journal of Research on Computers in Education
Analyses of Acceptable Use Policies Regarding the Internet in Selected K-12 Schools
Beverly F. Flowers and Glenda C. Rakes University of Louisiana at Monroe
Great References

http://www.iste.org/jrte/32/3/abstracts/flowers.cfm
2. From Now On:  The Educational Technology Journal
Creating Board Policies for Student Use of the Internet
http://www.fno.org/fnomay95.html
3.  Center for Democracy and Technology & People for the American Way 
Constitutional Analysis of "Communications Decency Act" (S.314) 		http://www.cdt.org/
4. MS Office Policy 2005  'Internet Acceptable Use Policy"  application - Product Documentation ($99)
http://www.templatezone.com/pdfs/policy%20pages/Internet-Usage-Policy.pdf
5.  Acceptable Internet Use Policy  Models:
a)  Indiana Department of Education   
b)  Monroe County, Indiana - Students Networked Access Policy & Guidelines 
c)   New York Public Library - Public Internet Use Policy
d) US Department of Interior:  Internet Acceptable Use Policy for employees
e) NYC Department of Education - Internet Acceptable Use Policy

 

Abbreviations used in this paper:

AUP  -  Acceptable Use Policy
IAUP - Internet Acceptable Use Policy
COPA - Children's OnlineProtection Act
CDA - Communications Decency Act
ISTE - International Society for Technology in Education
JRCE - Journal of Research on Computers in Education
IT  - Information Technology
IM  - Internet Messaging
CDT - Center for Democracy and Technology
DoI - Department of Interior
MCCSC - Monroe County Community School Corporation
S.314 - US Senate Bill #314, (Communications Decency Act)

 

 

© 2004, Jerry Garfunkel ..... 172 Tinker Street ..... Woodstock, NY .... 12498 .... Tel/Fax +1 845 679 0121 ..... www.jeromegarfunkel.com ..... jerry@jeromegarfunkel.com