Students Staff

IT Acceptable Use Policy (AUP)

Lasted updated February 2020.


The aim of this policy is to help ensure that the University of Essex's IT facilities can be used safely, lawfully and equitably.

Explanatory notes

The issues covered by this policy are complex and you are strongly urged to read the accompanying explanatory notes (pdf). This gives more detailed information that we hope you will find useful.


1. Scope

This policy applies to anyone using the IT facilities (hardware, software, data, network access, third party services, online services or IT credentials) provided or arranged by the University of Essex.

2. Governance

When using IT, you remain subject to the same laws and regulations as in the physical world.

It is expected that your conduct is lawful. Furthermore, ignorance of the law is not considered to be an adequate defence for unlawful conduct.

When accessing services from another jurisdiction, you must abide by all relevant local laws, as well as those applicable to the location of the service.

You are bound by the University of Essex's ordinances and regulations when using the IT facilities. You are expected to abide by all relevant University policies, including the University's Information Security Policy.

You must abide by the regulations applicable to any other organisation whose services you access such as Janet, Eduserv and Jisc Collections.

When using services via the eduroam roaming service, you are subject to both the regulations and guidelines of the University of Essex and the institution where you are accessing services.

Some licences for software and other IT based resources arranged by the University of Essex will set out obligations for the user – these should be adhered to. If you use any software or resources covered by a Chest agreement, you are deemed to have accepted the Eduserv User Acknowledgement of Third Party Rights.

Breach of any applicable law or third party regulation will be regarded as a breach of this Acceptable Use Policy.

Under the Counter Terrorism and Security Act 2015 the University has a statutory duty to have due regard to the need to prevent people from being drawn into terrorism. IT resources and facilities must not be used in such a way that would breach this or any other terrorism related legislation. Those with concerns about themselves or others, related to extremism, are encouraged to report those concerns.

3. Authority

This policy is issued under the authority of the Director of Innovation and Technology Solutions who is also responsible for their interpretation and enforcement, and who may also delegate such authority to other people.

4. Intended Use

The IT facilities and resources are provided for use in furtherance of the mission of the University of Essex. Use of these facilities for reasonable personal activities (provided that it does not infringe this policy, and does not interfere with others' valid use) is permitted, but this is a privilege that may be withdrawn at any point.

Use of certain licences is only permitted for academic use and where applicable to the user obligations set out in the Eduserv Chest User acknowledgement of third party rights or the Jisc Model Licence Agreements. If you wish to use a license for purposes outside this, you are responsible for checking.

5. Identity

You must take all reasonable precautions to safeguard any IT credentials (for example a username and password, email address, smart card or other identity hardware) issued to you. You must not allow anyone else to use your IT credentials. No-one has the authority to ask you for your password, and you must not disclose it to anyone.

  • You must not attempt to obtain or use anyone else's credentials.
  • You must not impersonate someone else or otherwise disguise your identity when using the IT facilities.

6. Infrastructure

You must not do anything to jeopardise the integrity of the IT infrastructure by, for example, doing any of the following without approval:

  • damaging, reconfiguring or moving equipment
  • loading software on the University of Essex's equipment other than in approved circumstances
  • reconfiguring or connecting equipment to the network other than by approved methods
  • setting up servers or services on the network
  • deliberately or recklessly introducing malware
  • attempting to disrupt or circumvent IT security measures

7. Information

If you handle personal, confidential or sensitive information, you must take all reasonable steps to safeguard it and must observe the University of Essex Data Protection policy and guidance and the Information Security Policy, particularly with regard to removable or portable media, mobile and privately owned devices.

  • You must not infringe copyright, or break the terms of licences for software or other material.
  • You must not attempt to access, delete, modify or disclose information belonging to other people without permission.

You must not create, download, store or transmit unlawful material, or material that is indecent, offensive, threatening, discriminatory, or extremist material that risks drawing people into terrorism. If there are valid academic reasons for doing so explicit permission must be sought from the Director of Innovation and Technology Solutions, and where appropriate ethical approval obtained.

8. Behaviour

Real world standards of behaviour apply online and on social networking platforms, such as Facebook, Blogger and Twitter.

  • You must not use IT to send, circulate, or make available any message that is grossly offensive, or that is indecent, obscene or of a menacing nature.
  • You should also adhere to the University of Essex's guidelines on social media.
  • You must not send spam (unsolicited bulk email).
  • You must not deliberately or recklessly consume excessive IT resources such as processing power, bandwidth or consumables.
  • You must not use the IT facilities in a way that interferes with others' valid use of them.

9. Monitoring

The University of Essex monitors and records the use of its IT facilities for the purposes of:

  • the effective and efficient planning and operation of the IT facilities
  • detection and prevention of infringement of this policy
  • investigation of alleged misconduct

The University of Essex will comply with lawful requests for information from government and law enforcement agencies.

You must not attempt to monitor the use of the IT facilities without explicit authority from the Director of Innovation and Technology Solutions.

10. Concern about use

If you are concerned about your own or others' use of IT facilities you may contact the IT Helpdesk or Student Support Service for advice. Any approach will be treated sympathetically.

11. Infringement

Infringing this policy may result in the University's disciplinary processes being followed under which there are sanctions for students and staff.

Information about infringement may be passed to appropriate law enforcement agencies, and any other organisations whose regulations you have breached.

You must inform the IT Helpdesk if you become aware of any infringement of these regulations.