Acceptable Use Policies

Posted by on Jul 2, 2016 in Edtech 541 | One Comment
  • RSS
    Follow by Email
    Facebook
    Google+
    https://www.edtechtales.com/acceptable-use-policies">
    Twitter
  • Acceptable Use Policies

    Acceptable Use Policies

    Acceptable Use Policies (AUPs) are increasingly common on the corporate and educational landscapes. While there are striking differences between AUPs, most seek to define how technology should be used by the individual based on communal standards while outlining enforcement and consequences. The National Center for Education Statistics defines an AUP as:

    “An acceptable use policy (AUP) is a policy that outlines, in writing, how a school or district expects its community members to behave with technology. Similar to a Terms of Service document, an AUP should define publicly what is deemed acceptable behavior from users of hardware and information systems such as the Internet and any applicable networks” (NCES, 2016).

    Some policies go further and seek to define the institutions responsibilities towards the individual as well. Despite the differences the need for an AUP in any educational environment is self evident. Without such policies no one knows what should and should not be tolerated when using online (or other technological) assets. Lets take a moment and explore how AUPs are created, what should be included in an AUP, and what function they serve using real world examples from:

    Stakeholders Philosophy & Justification

    vampires

    Image attribution: Click HERE

    “Ok now that all the primary stake holders are here…haha…
    but seriously, who invited Mr. Sparkles?!”

    One of the first steps in creating an Acceptable Use Policy is to form a group of stakeholders from the community. A stakeholder is anyone that could be affected by the eventual policy. In a school setting stakeholders might include representatives from the student body, the faculty, the support staff, and the administration. It’s important that everyone has a voice because the primary means of adoption and enforcement is the community of learners the policy will serve. This understanding is exemplified by an example from Saigon International School, Kenosha Public School District, and Boise State University.

    Most policies begin with some statement about what the policy is intended to accomplish or what resources the policy is meant to help administer and protect. Kenosha Unified School Districts’ AUP states that;

    “Technology includes, but is not limited to, electronic devices, private and public networks, and electronic communication systems managed within KUSD”(KUSD, 2016).

    These definitions help ensure that the community understands exactly what actions or equipment the AUP is intended to regulate.The opening statement of an AUP can also reflect the philosophy behind the policy. All of these aspects are present in the opening of Saigon South International School’s AUP which states;

    “Saigon South International School believes that all students should have access to technology when they act in a responsible, efficient, courteous and legal manner. Furthermore, Internet access and other online services, available to students and teachers, offer a multitude of global resources. Our goal in providing these services is to enhance the educational development of our students”(SSIS, 2016).

    After defining what technology is covered in the AUP and setting the tone of the document by aligning it with the institutional philosophy, we then attempt to match it with existing codes of conduct or laws that can lend credibility to finished work. Boise State University includes a section called ‘Additional Authority’ which cites several university policies by number and lists state and federal laws that align with their AUP.

    Acceptable and Unacceptable Use

    wifi_lost

    Image attribution: Click HERE

    “Thou shalt no longer be allowed upon the network”~ Admin 4:03

    With the groundwork in place its now time to define exactly who is covered by the Acceptable Use Policy and what constitutes acceptable and unacceptable use. Boise State makes the explicit who the policy is meant to cover under its ’Scope’ heading whereas the Kenosha Unified School District and Saigon South International School are not clear with the provisions directed mainly at students. Even the exemplar template found on the National Center for Education Statistics directs the majority of its language towards students.

    After identifying who the policy is meant to cover its time to get down to the brass tacks of what will and will not be allowed as outlined in your AUP. Its important to make two separate lists; one of acceptable usage and one of unacceptable usage. Saigon South International school fails to do this which makes for a document of limited effectiveness and Kenosha Unified School District’s policy does have a bulleted list of Do-Nots but fails to list acceptable behavior. Only the example provided by the National Center for Education Statistics provides clear bulleted lists entitled ‘Acceptable’ and ‘Unacceptable’ usage. Some of their bulleted points include:

    Acceptable Use:

    1. All use of the Internet must be in support of educational and research objectives consistent with the mission and objectives of the [Name of Organization].
    2. Proper codes of conduct in electronic communication must be used. In news groups, giving out personal information is inappropriate. When using e-mail, extreme caution must always be taken in revealing any information of a personal nature.
    3. Network accounts are to be used only by the authorized owner of the account for the authorized purpose.

    Unacceptable Use:

    1. Giving out personal information about another person, including home address and phone number, is strictly prohibited.
    2. Any use of the network for commercial or for-profit purposes is prohibited.
    3. Excessive use of the network for personal business shall be cause for disciplinary action.

    (NCES, 2016)

    Boise State’s AUP takes an interesting approach by stating acceptable and unacceptable use along with the responsibilities of the institution towards the user. For example BSU’s policy states under Problem Resolution:

    “The responsibility of connectivity to the Data Network and the services it provides is shared equally by all Boise State University members. In the event of an incident that affects the ability of end-users to access the Data Backbone, OIT will take whatever steps necessary to fix the problem. In the event that an incident occurs off-hours, the senior person in Technology Services will follow the emergency response plan, which may result in the disconnection of a building or the re-routing of fiber” (BSU, 2015).

    Here it is clearly stated that all BSU community members share responsibility for the Network but OIT (Office of Information Technology) is responsible for resolving any problems. In this way the BSU document comes across as an agreement supported by the community rather than a dictum from on high.

    In addition to do’s and do not’s an Acceptable Use Police occasionally cites enforcement mechanisms to deal with rule breakers. Both KUSD and BSU’s policies deal with enforcement through a separate student behavior policy while the NCES and SSIS AUPs make no mention of how enforcement occurs. Only BSU states consequences for non compliance which can include:

    • A. Exclusion or expulsion, in the case of students as outlined in the Student Code of Conduct, or
    • B. Exclusion or dismissal from employment, in the case of faculty and staff, or
    • C. Exclusion from campus, in the case of the public.

    (BSU, 2016)

    Finally, Privacy is also a topic to address under this section with some AUP’s taking a slightly draconian stance like KUSD’s statement that:

    “The District’s technology resources are District assets. While the District respects the privacy and security needs of all individuals, authorized District representatives may review, audit, intercept, access and/or disclose all communications created, received or sent using District technology” (KUSD, 2016).

    BSU’s policy takes a somewhat softer approach by stating that:

    “Users are responsible for taking reasonable measures to ensure their own privacy on the wireless network”(BSU, 2015).

    Saigon South International School takes a unique approach in their privacy section by offering advice on how to maintain your own privacy rather than outlining who is responsible for privacy. They do go onto state that, much like KUDS, SSIS can and will intercept your communications on their network for use in supporting disciplinary action.

    Legal Disclaimers & Revisions

    sign_penguins

    Image attribution: Click HERE

    “If you could just sign here we’ll get you online”

    Legal Disclaimers are included in Acceptable Use Policies to absolve the institution of any wrongdoing should a member of the community use the network for unlawful purposes. For example, KUDS lists several state statues that align with their policy including:

    Wisconsin Statutes Sections

    • 120.12(1) [School Board duties]
    • 120.13 [School Board powers]
    • 943.70 [Computer crimes]
    • 947.0125 [Unlawful use of computerized communication systems]

    (KUSD,2016)

    Saigon South International School is the only AUP examined that doesn’t explicitly have a disclaimer but since it operates in Vietnam there are bound to be different rules governing the lawful and unlawful use of the internet.

    One oftentimes overlooked parts of an AUP is a schedule to revise and make changes to it. AUP’s exist in a technological world so they must be revisited and adapted to current conditions. Kenosha Unified School District and Boise State University list revision dates for their documents while Saigon South International School and the example AUP found on the National Center for Education Statistics do not indicate revision dates.

    Round Up

    At their core Acceptable Use Policies are statements about what type of community we wish to have in our schools. Approaching this process with trust in the people that make up your school is essential to the success of any policy. When everyone understands not only what but why then everyone can feels empowered to take part in the group. Hopefully more schools will adopt the BSU approach of making these documents as much about the institution’s obligations to the individual as they are a list of Do’s and Do-Nots. As we head into the future the movement of information and how students use it will change rapidly and Acceptable Use Policies will have to change with them.

    Citations

    Acceptable Use Policy. (2016, March 22). Retrieved July 2, 2016, from http://www.kusd.edu/sites/default/files/document-library/english/6633.pdf

    Policy Title: Network Standards – Policy Manual. (2015, March). Retrieved July 02, 2016, from https://policy.boisestate.edu/information-technology/network/

    Acceptable Use Policy. (n.d.). Retrieved July 02, 2016, from http://www.ssis.edu.vn/learning/AUP/

    Appendix A: Sample Acceptable Use Agreements and Policies, Forum Unified Education Technology Suite. (n.d.). Retrieved July 02, 2016, from http://nces.ed.gov/pubs2005/tech_suite/app_a.asp

    1 Comment

    1. Jenny Incelli
      July 4, 2016

      Hi Karl. I think you did a really good job of livening this topic up; Honestly, your graphics were what made me decide to read your blog post in the first place! Your comparative approach to discussing the four example AUPs was similar to how I processed this week’s topic. I also talked about the language used in AUPs. I personally felt that the more effective examples were ones that had very student-friendly language. Especially with younger people, I think the AUP should direct the majority of its language towards them, as you saw in the “exemplar template” found on the National Center for Education Statistics. While the BSU document is very appropriate for college-age students (and all stake-holders), I think that elementary and secondary students are a slightly different audience. I definitely agree, though, that long lists of “dos” and “don’ts” should be avoided, with the priority on what can be accomplished TOGETHER with responsible use of technology.
      Thanks for sharing, and for the graphics! 🙂
      -Jenny

    Contact