Skip to main content
IT Services

Breadcrumb

  1. IT Services
  2. About ITS
  3. Governance & Committees
  4. Governance
  5. Policies
  6. IT regulation
  7. Guidance on the Council Regulation

Guidance on the Council Regulation

Council approved a revised Regulation concerning Information Technology (IT) on 18 December 2001. It applies to all staff, students and visitors. Breach of the Regulation may lead to disciplinary action.
The following notes relate to the general use of IT and telephone facilities, to some of the relevant Acts of Parliament, and to the JANET Acceptable Use Policy.

The notes are meant for guidance; they do not describe the legislation in full, or amount to legal advice. Other Acts of Parliament may also be relevant to users of IT facilities and it is the responsibility of users to ensure that they are complying with the law. The College's general regulations, procedures and codes of conduct and student discipline also apply in the use of IT facilities.

General use of IT facilities

Network and monitoring

Data Protection

Copyright

Computer Misuse

JANET acceptable use policy

Use of Java in QMUL

College Web Policy

 

1. General use of IT facilities

The Regulation states that “The information technology resources provided by the College are for use in connection with the work of the College”. This includes:

  • Use for teaching and learning purposes
  • Use in support of research activities
  • Use in connection with the administration of the College
  • Use in connection with the work of recognised groups or units within the College
  • The support of professional activities that relate to the work of the College

Charges may apply in respect of any personal use.

The following are expressly forbidden and will, if detected, lead to disciplinary proceedings:

  • Use which is indecent, offensive or threatening or which harasses another person or persons on or off the campus
  • The promotion of views likely to incite political, racial, religious or sexual intolerance
  • Use for private commercial purposes
  • The use of services and facilities purely for recreational purposes
  • The sending of frivolous email messages to large numbers of users
  • Other use within the College that would contravene the JANET Acceptable Use Policy  if carried out over the academic network (see section 6).

2. Network and monitoring

Staff and students should only connect to network/telephone points that have been installed and enabled for use on the authority of a Head of Department. The College routinely monitors and analyses electronic communications traffic for such purposes as improving performance of the network, predicting trends, optimising computer systems and investigating faults and anomalous functioning. Accordingly it keeps a temporary log of such communications activity within the College and between the College and external hosts. The College will act in accordance with the Regulation of Investigatory Powers Act 2000. The College will only monitor the content of this activity if prima facie evidence of a breach in the IT Regulation exists.

Similarly the College will only search the content of the data files of staff and students if a prima facie breach of the IT Regulation exists, or if necessary during the investigation of a fault or anomalous functioning of the network or computer systems. On suspicion of a breach of the Regulation the College reserves the right to remove or delete offending files, to impound a computer workstation or fileserver for investigation, and to suspend the person’s access to some or all of the IT facilities. Users should be aware that College staff have to investigate breaches of law or regulation howsoever such breaches become apparent.

3. Data Protection

Anyone processing personal data must comply with the eight enforceable principles of good practice of the Data Protection Act 1998. These require that data must be:

  • fairly and lawfully processed
  • processed for limited purposes
  • adequate, relevant and not excessive
  • accurate
  • not kept longer than necessary
  • processed in accordance with the data subject’s rights
  • secure
  • not transferred to countries without adequate protection.

The College has notified the Information Commissioner of the purposes for which it holds personal data. The College's entry on the register may be seen on the web at: https://ico.org.uk. For further information about data protection contact the College's Records & Information Compliance Manager, tel. +44(0) 20 7882 7596 (or 13 7596 internal), email data-protection@qmul.ac.uk.

4. Copyright

Members of College may only use software that is properly licensed.

Nearly all software, databases and datasets are protected by copyright and must not be altered, copied or part-copied unless there is clear permission to do so; illegal copying can constitute a criminal offence.
Heads of Departments are responsible for ensuring that all software on departmental computers is properly licensed. A software audit must be carried out by departments at least annually. Some software is deemed to be 'in the public domain'. In such cases software may be copied without authorisation but great care must be exercised in adhering to the terms under which copying is permitted. Much of the information available via the Web or from other sources is copyright and should not be copied without permission.

5. Computer Misuse

Under the Computer Misuse Act 1990 it is a criminal offence to use a computer to access any computer systems, program or data which you are not authorised to access. ‘Hacking’ is a criminal offence and there are severe penalties for those convicted.
Systems software may be copied or altered only by authorised staff of the College.
Data or programs belonging to another user may not be copied or altered without permission.
Use of another person’s identity or password is not permitted - even if the identity or password has been voluntarily passed on.
Attempts to guess another user’s password will be interpreted as contravention of the College’s IT regulation.
In College, computer accounts are to be used only by those registered to use them and authorised systems staff. It is a contravention of the Regulation to permit use by others.

 6. JANET acceptable use policy

JANET, the Joint Academic Network, is a network funded by the higher education funding councils that interconnects all UK higher education institutions. JANET is maintained to support teaching, learning and research. JANET may be used for any legal activity that is in furtherance of the aims and policies of the College.

The JANET acceptable use policy that is given below applies to use of JANET itself. Members of the College are also required to observe it when using the College's IT facilities and network.
JANET may not be used for any of the following:

  • the creation or transmission (other than for properly supervised and lawful research purposes) of any offensive, obscene or indecent images, data or other material, or any data capable of being resolved into obscene or indecent images or material
  • the creation or transmission of material which is designed or likely to cause annoyance, inconvenience or needless anxiety
  • the creation or transmission of defamatory material
  • the transmission of material such that this infringes the copyright of another person
  • the transmission of unsolicited commercial or advertising material to other organisations
  • deliberate unauthorised access to facilities or services accessible via JANET
  • deliberate activities with any of the following characteristics:
    • wasting staff effort or networked resources, including time on end systems accessible via JANET and the effort of staff involved in the support of those systems
    • corrupting or destroying other users' data
    • violating the privacy of other users
    • disrupting the work of other users
    • using JANET in a way that denies service to other users (for example, deliberate or reckless overloading of access links or of switching equipment)
    • continuing to use an item of networking software or hardware after UKERNA has requested that use cease because it is causing disruption to the correct functioning of JANET
  • other misuse of JANET or networked resources, such as the introduction of "viruses"

It is not permitted to provide access to JANET for third parties without the prior agreement of the College.

7. Use of Java in QMUL

Java is a programming environment that is available for many platforms. It is available as a runtime environment (JRE) used to execute applications and a development environment (JDK). Java is provided by a number of suppliers, both commercial and open source with differing license terms. 

Oracle Java is a commercial implementation with a complex licensing model. We have been informed that Oracle wish to start charging an institutional licensing fee where it is used on QMUL-owned devices. Their charging model makes it impossible to continue the use of older versions of Oracle Java and therefore we need to remove the affected versions from our devices and advise staff and students on alternatives. 

OpenJDK is a free and open implementation of Java and should be preferred over Oracle Java. However, the latest version of Oracle Java would be acceptable if OpenJDK is not suitable. 

IT Services will remove from devices managed by them any affected versions of Oracle Java where the licensing will expose the university to additional charges. IT staff managing devices outside of IT Services will be conducting a similar exercise. 

 

Is my device is affected? 

The Oracle licensing changes only relates to devices owned by the university. That is typically laptops, personal computers, servers and tablets. 

Personally owned devices i.e. those bought with personal funds and that weren’t claimed for by expenses etc. would be out of scope. However, if you use them on-campus, we’d advise that you don’t use Oracle Java as it complicates our ability to demonstrate our compliance to their licensing terms. 

 

I use an IT Services managed laptop, what do I need to do? 

If you have a managed laptop, IT Services will ensure that no Oracle Java is installed and will audit to ensure compliance. This will happen without contacting users. 

If you notice that an application no longer works, please contact our IT Service Desk. 

 

I use a managed Research Desktop Service (mRDS) device, what do I need to do? 

Whilst IT Services can audit the host operating system, responsibility for compliance of virtual machines or guests lies with the user. Therefore, please follow the advice below. 

 

I use a self-managed device, what do I need to do? 

You should only install these implementations of Java: 

 

  • Oracle Java v17 onwards 
  • OpenJDK 
     

If you have installed an earlier version of Oracle Java, you should remove it now and install OpenJDK.from https://openjdk.org/. Oracle Java v17 onwards can be installed if you encounter an issues with the OpenJDK implementation. 

 

Please contact the IT service desk if you require assistance with this via the usual contact channels. 

 

How can I check whether if I have Java installed? 

 

  • Mac 
     

Start a Terminal and enter the following: 

 
/usr/libexec/java_home -V 
 

Any references to OpenJDK are fine. References to Oracle Java other than v17 should be removed. 

 

If the command fails with “Command not found”, then no Java is installed, and no further action is required. 

 

 

I use a lot of applications that use Java internally. What do I do with them? 

It is not uncommon that applications are built and distributed with a JRE. e.g. Vivado, MATLAB. We think that for a commercial application, it is the vendor’s responsibility to ensure license compliance if they have bundled the JRE in the installer. 

For example, MATLAB 2023a includes Oracle JRE 1.8.0.202 which was the last freely redistributable version. 

IT Services will continue monitoring vendors bundling of JREs to maintain compliance. 

8. College Web Policy

The College's Web Policy is published as a separate document: Web Policy [PDF 316KB].

 

Back to top