REGULATIONS GOVERNING USE OF INTERNET AND IT FACILITIES FOR STUDENTS AT ERASMUS UNIVERSITY ROTTERDAM (2015)

Erasmus University Rotterdam (hereinafter: “EUR”) provides Students with the opportunity to use EUR’s Internet and IT facilities for their studies. In this connection, EUR places an institution-related mailbox and options for saving files and personal study data for their own use at the students’ disposal.

The use of these facilities provided by EUR is governed by regulations.

These Regulations will take effect on 1 September 2015, after the University Council has issued a recommendation thereon dated July 14th.

Article 1 - Definitions

In these Regulations, the following definitions are used for the following capitalised terms.
These definitions shall be interpreted as follows:

Administrator The dean, director or head of the relevant part of the organisation at EUR.
Executive Board The Executive Board of Erasmus University Rotterdam.
EUR Erasmus University Rotterdam.
Hospitality Agreement An Agreement in Writing between EUR and a natural person given the opportunity (under certain conditions) to perform work at EUR that is exclusively or to a predominant extent in their own interests, without any employment contract being concluded in this respect.
IT Facilities Communications, computer and networking facilities at EUR, including telephone facilities, EURnet facilities together with all the relevant equipment and software, connections with other networks such as the Internet, computer and audiovisual facilities - either linked to EURnet or otherwise - in halls and rooms at EUR, and services offered to the Staff which enable them to communicate on EURnet and networks connected to it.
Regulations The ‘Regulations governing use of Internet and IT facilities for students at Erasmus University Rotterdam (2015)’.
In Writing Laid down in writing on paper or “by electronic means” as referred to in Book 6 Article 227a of the Dutch Civil Code.
Student A natural person who is or was enrolled for a programme at EUR and who pays or paid tuition fees to EUR for this. With respect to the scope of these Regulations, the Students category will include all other natural persons who use EUR’s Internet or IT facilities and who have not signed a Hospitality Agreement, including guest students and guest lecturers.
System Manager A staff member possessing extensive powers in IT systems in connection with their administrative duties and their position.
Access Code The system comprising a user name or log-in name and the relevant (secret) authorisation code or password.

Article 2 - Starting points

  1. The Regulations contain provisions concerning use of the Internet and IT facilities for Students. The purpose of these Regulations is to establish a proper procedure in respect of the following:

    • system and network protection, including protection against damage and improper use;
    • combating sexual harassment, discrimination and other offences;
    • protecting personal data processed at EUR, e.g. that of EUR staff, Students and parents;
    • protecting confidential information, i.e. that of EUR, EUR staff or Students;
    • protecting the intellectual property rights of EUR and third parties, including the respecting of licence agreements that apply at EUR;
    • cost and capacity control.

  2. Limited personal use of Internet and IT facilities is permitted. Such use - whether personal or for study purposes - may not disrupt the proper state of affairs at EUR, nor may it cause annoyance to others, infringe rights of EUR or third parties or have a disruptive influence on the proper functioning - including availability - of the network or other IT facilities at EUR.
  3. These Regulations apply to all persons in the ‘Student’ category as laid down in Article 1 of these Regulations. These Regulations do not apply to natural persons to whom the ‘Regulations governing use of Internet and IT facilities for staff at Erasmus University Rotterdam (2015)’ apply.
  4. These Regulations likewise apply if use is made of other institutions’ network facilities, whereby the EUR log-in data is used to access such facilities (eduroam).
  5. In connection with enforcing these Regulations, EUR endeavours to take measures that restrict access to individual Students’ personal data as much as possible. Wherever possible, EUR will only carry out computerised checks or filters on data without allowing itself or others access to individual persons’ behaviour.

Article 3 - Intellectual property and handling confidential data and information

  1. Students may not infringe the intellectual property rights of EUR and third parties, and must respect the licence agreements that apply at EUR.
  2. EUR has control over all information of EUR. No Student has independent control over this information unless EUR has explicitly assigned such control to them in Writing.
  3. If, in connection with their studies or performance of duties for EUR, a Student gains access to confidential information including personal data, the Student must treat such information in the strictest confidence.
  4. Students must devote particular attention to taking measures as referred to in these Regulations if, in connection with performance of such duties, it is necessary to process confidential information, including research data and/or personal data, outside EUR such as in an e-mail, in non-institution-related cloud applications, on external storage devices or personal equipment or storage devices such as USB sticks or tablets. EUR may set additional conditions regarding the admissibility and/or the way in which messages and files are stored, sent or shared. Students must observe such additional conditions.
  5. Students must strictly comply with all regulations drawn up by EUR concerning the safeguarding of confidentiality and intellectual property rights.

Article 4 - Use of communications, computer and network facilities

  1. Communications, computer and network facilities such as public computers, wireless and wired network connections, e-mail and Internet access, storage capacity, printers and electronic learning environments are placed at the Students’ disposal for study-related purposes such as assignments, reports and theses, updating their study progress, consulting sources and communicating with lecturers and other students.
  2. Students may connect their equipment and applications to the EUR facilities provided that such actions comply with the provisions of these Regulations. Students may only alter settings in EUR’s equipment and applications after consultation with the System Manager and obtaining his/her personal consent and after consultation with the Administrator responsible for the IT facilities at EUR. EUR may set additional conditions to such consent. Students must observe such additional conditions. Connecting personal network equipment whereby the connection can be shared with third parties on wired or wireless network connections, such as adding a routing function, is prohibited at all times except in Students’ own living accommodation.
  3. If certain facilities can only be accessed with a user name and a password, Students may use these.
  4. The personal Access Code and any means of authentication assigned to Students, such as smart cards and tokens, are strictly personal and may not be shared with others. Students must treat the Access Code and any means of authentication with the utmost care at all times, and they are responsible for any use or further use made of these. Students must take all reasonable measures to safeguard their Access Codes and any means of authentication. If a Student discovers that these have been improperly used, they must immediately notify the System Manager thereof.
  5. If improper use is suspected, the System Manager may decide to render the relevant account inaccessible with immediate effect.
  6. In particular, Students are not permitted to perform the following acts in respect of using the communications, computer and network facilities:

    1. gaining access or attempting to gain access to other users’ data and to programme files of computer systems, or altering or deleting these, unless consent in Writing thereto has explicitly been given;
    2. gaining access or attempting to gain access to computer systems, insofar as such systems have not been created with explicit access options for Students;
    3. performing any acts that undermine the facilities’ integrity and continuity;
    4. attempting to obtain greater privileges for the facilities than those assigned;
    5. attempting to obtain system or user authorisation codes such as passwords, in any way or in any form;
    6. reading, copying, altering or deleting messages intended for others, such as e-mails;
    7. copying the programmes, databases and documentation provided by EUR or placing these at the disposal of third parties, unless consent thereto has been given in Writing;
    8. introducing computer “viruses” on and through the IT facilities, either deliberately or by attributable acts and omissions.
  1. Students must comply with all general instructions for use of the IT facilities issued by or on behalf of EUR. Students must immediately comply with all instructions given by the responsible Administrator of the IT facilities at EUR during the use of these facilities.

  2. EUR may set additional conditions and rules for use of the communications, computer and network facilities, e.g. relating to the quality of passwords and other security aspects. Students must observe such additional conditions.

 Article 5 - Safeguarding by EUR and by Students

  1. EUR maintains a stringent information safeguarding policy and takes sufficient technical and organisational measures to protect the infrastructure against loss, theft, criminal activity, loss of confidentiality, infringement of privacy rights and infringement of intellectual property rights.
  2. EUR also expects Students to adopt a responsible and proactive attitude in respect of ensuring sufficient protection of their own computers and other equipment such as smart phones or tablets. Students are at all times personally responsible for use of their own equipment and the data stored on it.

    In this connection, Students must perform the following acts if they use the EUR IT facilities with their own equipment:

    • install a proper virus scanner and firewall on this equipment;
    • keep the equipment’s software up to date;
    • make backups of the relevant data at regular intervals.

Article 6 - Personal use and nuisance

  1. Personal use of the Internet and IT facilities is only permitted in accordance with the provisions of Article 2 paragraph 2 of these Regulations.
  2. Disruptive use and/or causing a nuisance as referred to in Article 2 paragraph 2 of these Regulations shall in any event be taken to mean the following:

    • when in public: visiting Internet sites of a pornographic, racist, discriminating, insulting or offensive nature, or sending messages with a similar content;
    • sending messages that cause harassment or sexual harassment, or messages that might or would incite discrimination, hate and/or violence;
    • sending unsolicited messages to large numbers of people simultaneously, or sending chain messages or distributing malicious software (malware);
    • using file sharing or streaming services if this generates a disproportionate amount of data traffic and thereby has a disruptive effect on the proper functioning of the network or other of the EUR IT facilities, including accessibility;
    • downloading films, music, software and other copyrighted material from any illegal source, or if a Student is aware or ought to be aware that this is a copyright infringement;
    • disseminating films, music, software and other copyrighted material among third parties or placing such material at their disposal without the copyright owners’ consent.

  3. Students using one of the EUR Internet or IT facilities at their living accommodation are not subject to any restrictions in respect of such use, except insofar as these are necessary for safeguarding the technical integrity and security of the network, or restricting the effects of congestion. If EUR intervenes for the purpose of restricting the effects of congestion, equal types of traffic will receive equal treatment. The other provisions in these Regulations will apply in full to Students using one of the EUR network facilities at their own living accommodation.
  4. Students are only permitted to use the facilities for commercial purposes other than those assigned by or for the benefit of EUR on condition that they have obtained the System Manager’s consent. EUR may set additional conditions to such consent. Students must observe such additional conditions.

Article 7 - Monitoring and checking

  1. Use of the facilities will only be checked in connection with maintaining the provisions of these Regulations in order to ensure a proper procedure at EUR and safeguard technical integrity, as well as the security of the network and the EUR computer facilities. Any prohibited use of the facilities will be prevented by technical means as much as possible.
  2. Computerised data may be compiled for checks as referred to in paragraph 1 of this Article. This data is only accessible to the System Manager directly responsible, and in principle, it will only be placed at the disposal of other Administrators and similar responsible persons in anonymous form so that they can decide on additional technical measures.
  3. In the event of nuisance caused by Students’ equipment in particular, the Administrators may decide to disconnect access to the network. If possible, the relevant Student will be warned in advance so that they have the opportunity to stop the nuisance. If, due to the necessary haste, it is impossible to do this prior to taking appropriate measures, such measures will be announced as soon as possible.
  4. In the event of suspicion of breach of the regulations, checks may be carried out at individual traffic data level respecting the use of the Internet and IT facilities. The actual content will only be inspected if there is serious cause to do so.

Article 8 - Procedure for targeted investigations

  1. Targeted investigations may be said to exist if traffic data or other personal information concerning a specific Student are recorded in connection with an inquiry resulting from a serious suspicion of breach of the conditions and/or basic principles as laid down in these Regulations by this specific Student.
  2. Targeted investigations will only be carried out after the Administrator has given instructions for this in Writing. These instructions give the reasons for the Administrator’s consent. The Executive Board will receive a copy of the instructions for the investigations and a report of the results thereof.
  3. In the first instance, targeted investigations are limited to traffic data concerning use of Internet and IT facilities. If targeted investigations result in additional proof, EUR may decide to inspect the content of communications or saved files after having obtained consent from the Executive Board. Such consent must be substantiated and in Writing. If the investigations do not justify additional measures, the report will be destroyed.
  4. As a departure from the preceding paragraph, targeted investigations into the safeguarding or integrity of peripherals may be carried out by the System Manager on the basis of specific indications without separate consent from the Executive Board. The relevant Student will only be informed of the results of these investigations for the purpose of improving the safeguarding or integrity of peripherals. If the Student repeats the offence, the procedure referred to in paragraph 2 of this Article will be followed.
  5. The dean of the faculty concerned will inform the relevant Student - in Writing and as soon as possible - of the reasons for the investigations, the fact that they have been carried out, and the results thereof. The Student will be given the opportunity to explain the information revealed by the investigations. Informing the Student may only be postponed if this would actually be deleterious to the investigations.
  6. System Managers may only access the Student’s computer accounts on condition that the Student has consented thereto. Accessing these accounts without such consent is only permissible in urgent cases, or if there is a clear suspicion that the Student has breached these Regulations as stipulated further in this Article. In such cases, the Student will be informed afterwards.

Article 9 - Consequences of infringement

  1. In the event of failure to follow instructions or directions on the basis of these Regulations and/or acting contrary to these Regulations or the generally applicable statutory regulations, the Executive Board may take disciplinary measures depending on the nature and gravity of the relevant offence. Such measures include warnings, rebukes, temporary disconnection or limitation of use of EUR’s IT facilities and applications for a maximum period of one year, and termination of the Student’s enrolment in extreme cases. No disciplinary measures will be taken without first allowing the Student the opportunity to put their own views forward.
  2. Except for a warning, no disciplinary measures may be imposed if the investigations were only carried out on the basis of computerised processing of personal data, such as a discovery based on an automatic filter or blockade.
  3. As a supplement to the preceding paragraphs, it is possible for EUR to implement a temporary blockade of the relevant facility in the event of any computerised or non-computerised discovery of nuisance. This blockade will be imposed for no more than one week, or less if the System Manager is satisfied that the cause has been eliminated. If, after one week, the System Manager sees no improvement, he may decide to extend the blockade. If the cause is repeated, disciplinary measures may be taken.

Article 10 - Revoking of the former Regulations

These Regulations replace the ‘Regulations governing use of computer and network facilities at Erasmus University Rotterdam (EUR)’.

Article 11 - Final provisions

  1. These Regulations will come into force on 1 September 2015.
  2. The Executive Board may amend these Regulations. Amendments may only be implemented at the start of an academic year, except in urgent cases or if external circumstances oblige EUR to implement them at an earlier date.
  3. Amendments may only be implemented after obtaining a prior recommendation from the University Council (U-Council). The Executive Board will take feedback from Students into consideration before implementing amendments.
  4. The decision rests with the Executive Board in cases not provided for in these Regulations.
  5. These terms are available in English. In the event of any conflicts, the Dutch text shall prevail.