Broadband Acceptable Use Policy
Last Modified: 11/5/2012
The City of Ottawa (“Ottawa”) provides to users a variety of information technology related products and services, including such service as internet access, connectivity and content delivery services, various electronic mail (email) packages and services, world wide web hosting arrangements, voice and other data, online, internet-related and network services (each, a “Service” and collectively the “Services”).
This Acceptable Use Policy (“AUP”) defines the Acceptable Use of the Services with a view of ensuring the integrity, security, reliability and privacy of the City of Ottawa’s network, systems, products, services, server hosting facilities and data contained therein (collectively, the “Ottawa Infrastructure”). All users of the Ottawa Infrastructure are required to comply with this policy and all applicable laws and regulations in full, in addition to all terms and conditions of applicable agreements, and any additional policies that may be applicable to a specific service offered by Ottawa, as well as for providing assistance to the City of Ottawa in investigating and resolving any issue. Customers of the City are responsible for immediately reporting to the City of Ottawa any issue that could compromise the stability, service or security of any user or system connected to the Ottawa Infrastructure.
All users of the Ottawa Infrastructure are solely responsible for the content and messages that they post, distribute or otherwise make available using the Ottawa Infrastructure and Services. Ottawa encourages its Customers to self-rate their websites using a major rating agency such as the Internet Content Rating Association (ICRA) (http://www.icra.org)
Users of the Ottawa Infrastructure are encouraged to review this AUP often for changes or new information. Please send questions, comments, or complaints regarding this AUP to: mailto: firstname.lastname@example.org.
For the purposes of this policy, a Customer is defined as any party who purchases a Service from the City of Ottawa.
ANY INDIRECT OR ATTEMPTED VIOLATION OF THIS POLICY BY OR ON BEHALF OF A CUSTOMER OR A CUSTOMER'S END USER, AND ANY ACTUAL OR ATTEMPTED VIOLATION BY A THIRD PARTY ON BEHALF OF A CUSTOMER OR A CUSTOMER’S END USER, SHALL BE CONSIDERED A VIOLATION OF THE POLICY BY SUCH CUSTOMER OR CUSTOMER’S END USER AND CUSTOMER SHALL BE HELD DIRECTLY ACCOUNTABLE THEREFORE.
B. Prohibited Activities
It is contrary to Ottawa’s policy for any of its Customers or other user(s) of a Service to effect or participate in any of the activities listed below (whether actual or attempted and whether directly or indirectly) through a Service. Each of the below practices (each, a “Prohibited Activity”) constitutes abuse of Ottawa’s Services, the Ottawa Infrastructure and facilities and/or interferes with other Service users. Accordingly, the below practices are prohibited:
1. E-Mail Abuse
A. Users are prohibited from engaging in improper use or distribution of electronic mail ("e-mail"). Users are strictly prohibited from engaging in any of the following activities:
· Sending unsolicited mass or commercial e-mail ("spamming") for any purpose whatsoever.
· Having third parties send out commercial emails on any user's behalf. Using Ottawa facilities to receive replies from unsolicited emails (commonly referred to as "drop-box" accounts).
· Configuring any email server in such a way that it will accept third party emails for forwarding (commonly known as an "open mail relay"). If a site has roaming users who wish to use a common mail server, the mail server must be configured to require some form of user identification and authorization.
B. Mass or commercial email may be sent only to recipients who have expressly requested receipt of such e-mails, by the sending of an email request to the person performing the mass or commercial mailings. This exchanging of requests, acknowledgements, and final confirmations (commonly referred to as a "verifiable opt-in" process) must be adhered to in its entirety for any mass or commercial email to be considered "solicited" by the City of Ottawa.
C. Users that send mass or commercial e-mail are required to maintain complete and accurate records of all e-mail subscription requests, specifically including the email and associated headers sent by every subscriber, and to immediately provide the City of Ottawa with such records upon request of the City. Subscriptions that do not have a specific recipient generated email request associated with them are invalid, and are strictly prohibited.
D. In the absence of positive, verifiable proof to the contrary, the City of Ottawa considers complaints by recipients of e-mails to be de-facto proof that the recipient did not subscribe or otherwise request the e-mail(s) about which a complaint was generated.
2. Usenet (also known as Netnews or Newsgroups) Abuse
A. Ottawa recommends that users not post to any newsgroup until they have familiarized themselves with the subjects, established guidelines, and restrictions of such newsgroups. All Usenet guidelines and restrictions are incorporated herein by reference, and users of Ottawa’s network agree to adhere to such guidelines unconditionally.
B. Without limitation of the foregoing, it is strictly prohibited to engage in any of the following activities:
· Making any posting for commercial purposes (including without limitation the pointing to specific URLs for commercial purposes), except where such postings are expressly permitted under the charter and/or Frequently Asked Questions (FAQ) of an applicable newsgroup.
· Posting binary files to newsgroups whose charter or name does not include allowances for such files.
· Canceling newsgroup postings other than your own, or using auto-responders or cancel-bots (except in cases of official newsgroup moderators performing their duties).
· "Excessive Cross-Posting" (ECP) or "Excessive Multi-Posting" (EMP), or "Usenet spam": the City of Ottawa retains the exclusive right to define these and other terms, however, we generally defer to the definitions found at http://www.cybernothing.org/faqs/net-abuse-faq.html
· Disrupting newsgroups with materials, postings, or activities that are (as determined by the City in its sole discretion), excessive, or repetitious, unless such materials or activities are expressly allowed or encouraged under the newsgroup's name, FAQ, or charter.
· Performing any unauthorized creation, cancellation, or removal of newsgroups.
C. The legitimacy of a given post or cancellation is generally determined by the official newsgroup or mailing-list moderator, therefore, Ottawa usually defers to their judgment on these issues, however, the City of Ottawa retains the exclusive right to make these determinations.
3. Other Forms of Abuse
A. Violating a law or regulation (including, but not limited to, libel, slander, invasion of privacy, harassment, obscenity, child pornography, terrorist activity, export laws and regulations, and infringement or misappropriation of another party’s copyrights, trademarks, patents, trade secrets or other intellectual property rights);
B. Threatening the integrity and/or security of any network or computer system including, but not limited to, Denial of Service Attacks (whether intentionally or through neglect, of any other user, host, or network), transmission of worms, viruses and other malicious codes and accessing any device or data without proper authorization;
C. Injecting, intentionally or negligently, false or unauthorized network control data into Ottawa’s network, for instance in the form of incorrect routing or DNS information.
D. Attempting to use the Service in such a manner so as to avoid incurring charges for or otherwise being required to pay for such usage;
E. Otherwise degrading or interfering with other users’ use of a Service;
F. Breaching a third party non-disclosure agreement or other obligation of confidentiality;
G. Violating generally accepted standards of Internet usage, which are published from time to time by the Internet Engineering Task Force (http://www.ietf.org), including, but not limited to, web page defacement, port and network scanning, and unauthorized system penetrations. The City of Ottawa reserves the right, in its sole discretion, to make a determination whether any particular conduct violates such norms and expectations;
H. Violating public policy or an international norm;
I. Violating the acceptable use policy(s) of a network to which a Customer connects; or
J. Engaging in any of the activities listed in B1, 2, 3 above by using another provider’s service, by channeling the activity through a Ottawa account, remailer, or otherwise through a Service.
C. Customer Duties and Reporting Obligations
Each Customer is responsible for providing assistance to the City in investigating and resolving any issue, as Ottawa may request from time to time.
Customers of the City of Ottawa are responsible for immediately reporting to the City any issue which could compromise the stability, service or security of any user or system connected to Ottawa’s network.
Should a user's system be exploited by unauthorized persons, the user is responsible for both reporting the violation (where applicable), and then fixing the exploited system.
The prevention of "unintentional attacks", such as infection and subsequent propagation of computer viruses, is the responsibility of every user. Anti-virus software should be installed on every system which connects to Ottawa’s network.
Users are responsible for protecting their password and for any authorized or unauthorized use made of their password. Customer will not use or permit anyone to use the City’s Service to guess passwords or access other systems or networks without written authorization. In the event a network or network device becomes compromised, Ottawa will assist in the tracking and/or expulsion of said offender on the network level to the extent Ottawa finds reasonable, at its sole and absolute discretion.
D. The City of Ottawa’s Rights and Remedies
Ottawa may suspend and/or terminate, without liability, a Customer’s Service at any time for any failure of Customer, its representatives or its users to comply with this policy or for engaging (or permitting others to engage) in a Prohibited Activity (as determined by Ottawa, in its reasonable discretion).
Ottawa may deny all traffic from known IP address blocks that support indiscriminate port scanning programs such as ProxyHunter, or other unlawful activity, for the purpose of preserving Customer’s system and network resources.
Ottawa reserves the right to charge the Customer and Customer agrees to pay to the City any and all third party costs, fines, fees or levies Ottawa incurs as a result of Customer or an end user engaging in a Prohibited Act.
Ottawa reserves the right to, where feasible; implement technical mechanisms to prevent a Prohibited Activity. Nothing in this Acceptable Use Policy limits the City’s rights and remedies (available at law or in equity) in any way with respect to any Prohibited Activity.
All systems which are managed by the City of Ottawa, and connected to the Ottawa Infrastructure shall be configured in accordance with industry standards, applicable laws and regulations, specifically to conform with approved “Request For Comments” standards documents which are published from time to time by the Internet Engineering Task Force (http://ietf.org) and shall be kept up to current patch levels as set by the vendor. Systems connected to the Ottawa Infrastructure shall not be configured in any way that obscures system-identity information.
F. Access to Internet Data Centers
For Customers accessing Internet Data Centers (IDCs), in addition to, and to the extent not in conflict with, the rules of the individual IDC, only those individuals identified in writing by the City or by Customer on the Customer Registration Form (“Authorized Personnel”) may access the IDCs. Customer shall deliver prior written notice to the City of any changes to the Customer Registration Form and the list of Authorized Personnel. Customer and its representatives shall not allow any unauthorized persons to have access to or enter any IDC. Customer and its representatives may only access that portion of an IDC made available by Ottawa to Customer for the placement of Customer's equipment and use of the IDC Services (the “Customer Area”), unless otherwise approved and accompanied by an authorized Ottawa representative.
G. Use of Internet Data Center Facility
Conduct at Internet Data Centers. For Customers accessing IDCs, in addition to, and to the extent not in conflict with, the rules of the individual IDC, Customer and its representatives agree to adhere to and abide by all security and safety measures established by the City and set forth in the Customer Guide provided by the City to Customer.
Customer and its representatives shall also not do or participate in any of the following:
1. misuse or abuse any City property or equipment or any third party property or equipment;
2. make any unauthorized use of or interfere with any property or equipment of any other Ottawa Customer;
3. harass any individual, including City personnel and representatives of other Ottawa Customers;
4. engage in any activity that is in violation of the law or aids or assists any unlawful activity while on City property or in connection with the IDC Services.
Prohibited Items. For Customers accessing IDCs, in addition to, and to the extent not in conflict with, the rules of the individual IDC, Customer and its representatives shall keep each Customer Area clean, free and clear of debris and refuse. Customer shall not, except as otherwise agreed to in writing by the City of Ottawa, (1) place any computer hardware or other equipment in the Customer Area that has not been identified in writing to the City of Ottawa; (2) store any paper products or other combustible materials of any kind in the Customer Area (other than equipment manuals); and (3) bring any Prohibited Materials (as defined below) into any IDC. “Prohibited Materials” shall include, but not be limited to, the following and any similar items:
1. food and drink;
2. tobacco products;
3. explosives and weapons;
4. hazardous materials;
5. alcohol, illegal drugs and other intoxicants;
6. electro-magnetic devices which could unreasonably interfere with computer and telecommunications equipment;
7. radioactive materials;
8. photographic or recording equipment of any kind (other than tape back-up equipment).
H. Equipment and Connections
Customer Equipment. For Customers accessing IDCs, in addition to, and to the extent not in conflict with, the rules of the individual IDC, each piece of equipment installed in a Customer Area (the “Customer Equipment”) must be clearly labeled with Customer’s name (or code name provided in writing to the City) and individual component identification. Each connection to and from a piece of Customer Equipment shall be clearly labeled with Customer’s name (or code name provided in writing to the City of Ottawa) and the starting and ending point of the connection. Customer Equipment must be configured and run at all times in compliance with the manufacturer's specifications, including power outlet, power consumption and clearance requirements. Customer must use its best efforts to provide Ottawa with at least 48 hours prior notice any time Customer intends to connect or disconnect any Customer Equipment or other equipment.
I. Modification of This Policy
The City of Ottawa reserves the right to change this policy from time to time.
J. Scheduled Maintenance
Customers will be notified in writing (e-mail) on scheduled maintenance times. Typically appropriate times will be worked out with the customer(s) and several days notice will be provided.