CHAPTER 521. LDPC ACCEPTABLE USE POLICY

§ 521.1. Scope.

 (a)  General rule. This chapter applies to users.

 (b)  Legislative Intranet access. Members and staff of the General Assembly who do not access the Internet using the service, but who are routed to or otherwise access the Legislative Intranet to send and receive data within the Intranet, are not subject to this chapter.

 (a)  Primary responsibility. The LDPC has primary responsibility for maintaining security for the service. In response to a security attack or exploit or in response to a well-founded threat to the security of the service, the LDPC may take action it deems necessary, including suspension of the service on a user, agency or entity or network-wide basis, to preserve the integrity of the service.

 (b)  Agency and entity responsibility.

   (1)  Each agency or entity that connects to the service shall ensure that its connection to and use of the service does not jeopardize the security of the service.

   (2)  With regard to individual users, each agency or entity shall ensure that only authorized users from its local environment are able to access the service. For accountability purposes in the event of a security threat or breach, the LDPC has the right to trace the route from a user to points within the service. Each agency or entity shall maintain and, upon request, shall make available to the LDPC a secure log of access events. The log shall be in a format and be for a period as the LDPC prescribes.

 (a)  Infringement. Use of copyrighted material in violation of Federal law or treaties or the terms of a license agreement constitutes copyright infringement.

 (b)  Policy under Digital Millenium Copyright Act. Under Title II of the Digital Millenium Copyright Act (17 U.S.C.A. §  512), the LDPC makes the following statement of policy:

   (1)  A user who infringes on a copyright will be warned of the consequences of infringement.

   (2)  The LDPC will terminate service to a user who is a ‘‘repeat offender,’’ as defined in Title II of the Digital Millenium Copyright Act and as the term is interpreted by the judiciary.

   (3)  The LDPC will provide notice of this policy to users.

   (4)  The LDPC will designate an agent to receive notification of claimed acts of copyright infringement and make contact information concerning the designated agent available in a location accessible to the public and in a filing with the United States Copyright Office.

 (a)  Generally. It is acceptable to use the service to access and retrieve data and to communicate for purposes directly related to the mission of an agency or entity and in a manner that is consistent with duties and responsibilities of a user’s official capacity.

 (b)  Skills development. In the interest of acquiring and maintaining electronic information searching skills, users may, unless prohibited by an agency or entity policy, make limited, personal use of the service for data access and retrieval. Personal use may not be excessive and may not interfere with official use under subsection (a).

 (a)  Generally. Except as provided in §  521.7(a)(2) (relating to E-mail), use of the service that is contrary to §  521.5 (relating to acceptable use of service) constitutes unacceptable use.

 (b)  Specific conduct constituting unacceptable use. The following actions constitute unacceptable use of the service and are specifically prohibited:

   (1)  Using the service to violate 18 Pa.C.S. §  3933 (relating to unlawful use of computer) or other Federal or State law.

   (2)  Using the service to commit harassment of a racial or sexual nature or to engage in any other form of harassment prohibited by law.

   (3)  Knowingly undermining or attempting to undermine the security of the service.

   (4)  Knowingly accessing material that would be considered inappropriate for viewing in the workplace applying prevailing community standards for the Harrisburg metropolitan area, except as may be required by the duties and responsibilities of a user’s official capacity.

   (5)  Using the service for private pecuniary benefit.

   (6)  Using the service for partisan political purposes.

   (7)  Using the service to solicit or advocate for a religious cause.

   (8)  Using the service to participate in gambling of any nature.

   (9)  Using the service to transmit chain letters.

   (10)  Using the service to participate in chat room discussions of a personal nature.

   (11)  Deliberately introducing any virus or harmful code to the service or deliberately propagating any virus or harmful code in the service.

   (12)  Using the service to defame another person.

   (13)  Using the service in a manner that tends to tarnish the reputation of the General Assembly or a member of the General Assembly.

 (c)  Other conduct. In addition to the conduct specifically prohibited by subsection (b), the LDPC may, after giving notice to users, prohibit any conduct that the Committee finds to be contrary to the intent of the act or inconsistent with prevailing, generally accepted standards for the provision of Internet access by state governments.

 (a)  Use.

   (1)  Except as provided in paragraph (2), users shall engage E-mail solely to communicate for purposes directly related to the mission of an agency or entity and in furtherance of the duties and responsibilities of a user’s official capacity.

   (2)  In the interest of developing and maintaining electronic communication skills, users may, unless prohibited by an agency or entity policy, make limited, personal use of E-mail. Personal use may not be excessive and may not interfere with official use under subsection (a).

 (b)  Unacceptable use. Section 521.6(b) (relating to unacceptable use of service) applies to E-mail.

 (c)  Right of privacy negated. While Federal and State laws prohibit the interception of electronic communications, a user has no right of privacy regarding electronic communications stored on computers that are components of the service. Stored E-mail may be reviewed, read and otherwise accessed without notice to or the consent of a user.

 (d)  Insecure means of communication. Unless it is properly encrypted, E-mail is not a secure means for the transmission or receipt of confidential information.

 (e)  Communication style. A user shall communicate by E-mail in a professional, courteous manner that is consistent with the duties and responsibilities of a user’s official capacity.

 (a)  Suspension or revocation of service. The Executive Director may suspend or revoke service to an agency or entity or user who fails to comply with this chapter.

 (b)  Violation of law. The Executive Director will report suspected violations of State and Federal laws by users and will cooperate with and assist appropriate authorities in investigating suspected violations.