Council approved a revised Regulation concerning Information Technology (IT) on 18 December 2001. It applies to all staff, students and visitors. Breach of the Regulation may lead to disciplinary action.The following notes relate to the general use of IT and telephone facilities, to some of the relevant Acts of Parliament, and to the JANET Acceptable Use Policy.
The notes are meant for guidance; they do not describe the legislation in full, or amount to legal advice. Other Acts of Parliament may also be relevant to users of IT facilities and it is the responsibility of users to ensure that they are complying with the law. The College's general regulations, procedures and codes of conduct and student discipline also apply in the use of IT facilities.
General use of IT facilities
Network and monitoring
Data Protection
Copyright
Computer Misuse
JANET acceptable use policy
Use of Java in QMUL
College Web Policy
The Regulation states that “The information technology resources provided by the College are for use in connection with the work of the College”. This includes:
Charges may apply in respect of any personal use.
The following are expressly forbidden and will, if detected, lead to disciplinary proceedings:
Staff and students should only connect to network/telephone points that have been installed and enabled for use on the authority of a Head of Department. The College routinely monitors and analyses electronic communications traffic for such purposes as improving performance of the network, predicting trends, optimising computer systems and investigating faults and anomalous functioning. Accordingly it keeps a temporary log of such communications activity within the College and between the College and external hosts. The College will act in accordance with the Regulation of Investigatory Powers Act 2000. The College will only monitor the content of this activity if prima facie evidence of a breach in the IT Regulation exists.
Similarly the College will only search the content of the data files of staff and students if a prima facie breach of the IT Regulation exists, or if necessary during the investigation of a fault or anomalous functioning of the network or computer systems. On suspicion of a breach of the Regulation the College reserves the right to remove or delete offending files, to impound a computer workstation or fileserver for investigation, and to suspend the person’s access to some or all of the IT facilities. Users should be aware that College staff have to investigate breaches of law or regulation howsoever such breaches become apparent.
Anyone processing personal data must comply with the eight enforceable principles of good practice of the Data Protection Act 1998. These require that data must be:
The College has notified the Information Commissioner of the purposes for which it holds personal data. The College's entry on the register may be seen on the web at: https://ico.org.uk. For further information about data protection contact the College's Records & Information Compliance Manager, tel. +44(0) 20 7882 7596 (or 13 7596 internal), email data-protection@qmul.ac.uk.
Members of College may only use software that is properly licensed.
Nearly all software, databases and datasets are protected by copyright and must not be altered, copied or part-copied unless there is clear permission to do so; illegal copying can constitute a criminal offence.Heads of Departments are responsible for ensuring that all software on departmental computers is properly licensed. A software audit must be carried out by departments at least annually. Some software is deemed to be 'in the public domain'. In such cases software may be copied without authorisation but great care must be exercised in adhering to the terms under which copying is permitted. Much of the information available via the Web or from other sources is copyright and should not be copied without permission.
Under the Computer Misuse Act 1990 it is a criminal offence to use a computer to access any computer systems, program or data which you are not authorised to access. ‘Hacking’ is a criminal offence and there are severe penalties for those convicted.Systems software may be copied or altered only by authorised staff of the College.Data or programs belonging to another user may not be copied or altered without permission.Use of another person’s identity or password is not permitted - even if the identity or password has been voluntarily passed on.Attempts to guess another user’s password will be interpreted as contravention of the College’s IT regulation.In College, computer accounts are to be used only by those registered to use them and authorised systems staff. It is a contravention of the Regulation to permit use by others.
JANET, the Joint Academic Network, is a network funded by the higher education funding councils that interconnects all UK higher education institutions. JANET is maintained to support teaching, learning and research. JANET may be used for any legal activity that is in furtherance of the aims and policies of the College.
The JANET acceptable use policy that is given below applies to use of JANET itself. Members of the College are also required to observe it when using the College's IT facilities and network.JANET may not be used for any of the following:
It is not permitted to provide access to JANET for third parties without the prior agreement of the College.
Java is a programming environment that is available for many platforms. It is available as a runtime environment (JRE) used to execute applications and a development environment (JDK). Java is provided by a number of suppliers, both commercial and open source with differing license terms.
Oracle Java is a commercial implementation with a complex licensing model. We have been informed that Oracle wish to start charging an institutional licensing fee where it is used on QMUL-owned devices. Their charging model makes it impossible to continue the use of older versions of Oracle Java and therefore we need to remove the affected versions from our devices and advise staff and students on alternatives.
OpenJDK is a free and open implementation of Java and should be preferred over Oracle Java. However, the latest version of Oracle Java would be acceptable if OpenJDK is not suitable.
IT Services will remove from devices managed by them any affected versions of Oracle Java where the licensing will expose the university to additional charges. IT staff managing devices outside of IT Services will be conducting a similar exercise.
Is my device is affected?
The Oracle licensing changes only relates to devices owned by the university. That is typically laptops, personal computers, servers and tablets.
Personally owned devices i.e. those bought with personal funds and that weren’t claimed for by expenses etc. would be out of scope. However, if you use them on-campus, we’d advise that you don’t use Oracle Java as it complicates our ability to demonstrate our compliance to their licensing terms.
I use an IT Services managed laptop, what do I need to do?
If you have a managed laptop, IT Services will ensure that no Oracle Java is installed and will audit to ensure compliance. This will happen without contacting users.
If you notice that an application no longer works, please contact our IT Service Desk.
I use a managed Research Desktop Service (mRDS) device, what do I need to do?
Whilst IT Services can audit the host operating system, responsibility for compliance of virtual machines or guests lies with the user. Therefore, please follow the advice below.
I use a self-managed device, what do I need to do?
You should only install these implementations of Java:
If you have installed an earlier version of Oracle Java, you should remove it now and install OpenJDK.from https://openjdk.org/. Oracle Java v17 onwards can be installed if you encounter an issues with the OpenJDK implementation.
Please contact the IT service desk if you require assistance with this via the usual contact channels.
How can I check whether if I have Java installed?
Start a Terminal and enter the following:
/usr/libexec/java_home -V
Any references to OpenJDK are fine. References to Oracle Java other than v17 should be removed.
If the command fails with “Command not found”, then no Java is installed, and no further action is required.
I use a lot of applications that use Java internally. What do I do with them?
It is not uncommon that applications are built and distributed with a JRE. e.g. Vivado, MATLAB. We think that for a commercial application, it is the vendor’s responsibility to ensure license compliance if they have bundled the JRE in the installer.
For example, MATLAB 2023a includes Oracle JRE 1.8.0.202 which was the last freely redistributable version.
IT Services will continue monitoring vendors bundling of JREs to maintain compliance.
The College's Web Policy is published as a separate document: Web Policy [PDF 316KB].