Acceptable Use Policy

This Acceptable Use Policy was last updated with effect from 13th April 2022.

PART A: GENERAL

1. Introduction

1.1 It is important to N4L that all eligible Schools and End Users (you) are able to access our Services. For this reason, and to ensure the provision of a quality service, our Acceptable Use Policy applies to use of our Services. Our ‘Part B: Community Wireless Networks’ (set out below) also applies to wireless services.
1.2 You and Your Users must use our Services in a responsible manner. While we won’t normally intervene in your use of our Services, certain types of use are considered to be unacceptable, or can affect our ability to provide Services to our other Customers. For example, if a user on the network was to transmit spam, the ability of other users to send email could be adversely impacted.
1.3 The examples included in this Acceptable Use Policy are illustrative only and do not limit the scope of this Policy.
1.4 Please be aware that this Acceptable Use Policy also applies to unauthorised or unidentified Users accessing our Services via your device, account or infrastructure (e.g., a Cybersecurity Event).
1.5 Capitalised terms used, and not defined, in this Policy have the meaning given to them in the Glossary.

2. Responsible Use

2.1 Using our Services in a responsible manner means that you and Your Users must:
  • not interfere with the availability of any Services to others (whether those Services are provided by us or anyone else);
  • not otherwise negatively impact on any networks, equipment or other parties;
  • use our Services in a manner consistent with the delivery of educational outcomes; and
  • only use our Services for the purpose for which they are provided to you.

3. Prohibited Use

3.1 We prohibit certain kinds of use of our Services. In particular, you and Your Users must not:
  • use our Services in ways that may be a criminal or civil breach of any statute, regulations, government requirements or any other law of any country (Illegal Uses). For example, any breach of intellectual property rights (such as copyright, trade marks, patents, trade secrets and confidential information), defamation, breach of obscenity laws and laws as to objectionable publications, fraud, theft, misappropriation of money, credit card details or personal information, breaches of privacy obligations and breaches of trade practices legislation (such as the Fair Trading).
  • use our Services to breach, to attempt to breach, or in ways that may breach, the security and operation of any network, equipment or any other system (Security Breaches). For example, hacking, cracking into, monitoring, or using systems without authority, scanning ports (including scanning for open relays), improper configuration of mail servers and FTP servers enabling distribution of spam or unlicensed material by others, interference of service to any user or network (or activities that might encourage such interference by others) including mail bombing, flooding, deliberate attempts to overload a system and broadcast attacks, denial of service attacks or activities which might encourage denial of service attacks by others, unnecessarily excessive traffic (including excessive pings), distributing viruses, or other Disabling Code, any communications across our network which do not accurately identify (or disclose in a manner that is misleading) addresses, headers, names and other relevant details and using our network in any way as a staging ground for any of those breaches or to disable or “crack” other systems.
  • use our Services to transmit content that may be of a harmful or threatening nature. For example, any material that includes:
    • threats of death or physical harm;
    • sexually explicit or pornographic material;
    • content that creates a risk of:
      • harm, loss, physical or mental injury, or emotional distress to anyone or any animal;
      • loss or damage to property; and/or
      • exploitation of children;
    • content we deem to be hateful, violent, harmful, abusive, racially or ethnically offensive, defamatory, invasive of personal privacy or publicity rights, harassing, humiliating to other people (publicly or otherwise), threatening, profane, or otherwise objectionable; and
    • content we consider fraudulent, false, misleading or deceptive.
  • use our Services to transmit spam (Spam). For example, sending unsolicited electronic messages without the recipient’s actual or implied consent, messages that could reasonably be expected to provoke complaints, chain letters, pyramid schemes or hoaxes and emails and messages that do not accurately identify the sender’s return address, header or domain name.

4. Detecting Breaches

4.1 We monitor the flow of traffic across our network in order to optimise the performance of the network and to enable us to respond to any issues, including Cybersecurity Events. We also receive network performance statistics from each of our routers on School premises to ensure the connection is performing as expected. As part of these processes, activity that might indicate unacceptable use may come to our attention.
4.2 You must inform us of any breaches of this policy that come to their attention by contacting our Helpdesk. If you are a School, you must ensure that Your Users inform us of any breaches of this policy by contacting your School, and your School should then contact our Helpdesk.

5. Breaches – What Will Happen

5.1 If a possible instance of unacceptable use comes to our attention, we will generally notify and/or work with you (or your School) to investigate the use and, if it is unacceptable, try to agree a suitable remedy. In the most serious cases, we may notify law enforcement agencies in accordance with our Privacy Statement.
5.2 If you are a provider of products or services to Schools, we may also inform:
  • Schools of your unacceptable use, if it has, or is likely to, impact the School, their users, or their use of our Services; and
  • the Ministry of Education of your unacceptable use, in some circumstances.
5.3 N4L takes any breach of our Acceptable Use Policy seriously. While any instance of unacceptable use is being investigated, we may disable the End User’s or the School’s access to any of our Services. If we find an End User has seriously breached this policy we may permanently revoke their and/or the School’s access to any of our Services.
5.4 If the unacceptable use remains unremedied, then we may, without further notice, suspend, modify, restrict or terminate your access to our Services, either in part or in full.

PART B: COMMUNITY WIRELESS NETWORKS

1. Introduction

1.1 This Acceptable Use Policy also applies if you use wireless networks.
1.2 Schools may use community wireless networks that we consider acceptable with our Services (Community Wireless Networks). A Community Wireless Network is a wireless network that extends access to our Managed Network - Internet service to beyond the school’s boundary.
1.3 Schools may use our Managed Network - Internet service in conjunction with a community wireless deployment, but only in a manner consistent with activities of your School and in relation to the delivery of educational outcomes. Our Managed Network - Internet service cannot be used in conjunction with Community Wireless Networks for any other purpose.

2. Community Wireless Requirements

2.1 Schools are responsible for adhering to the following guidelines when using our network to provide community wireless access:
  • Ensure the community wireless service can only be used by staff and students of your School, using authentication that can identify Your Users.
  • Keep filtering and firewalling configurations for community wireless access, the same as the configurations for general School use (in other words, filtering and firewalling policies must not be relaxed for community based access).
  • Never use our network to provide or support a commercial wireless service (in other words, never resell, transfer, sub-license or otherwise commercially exploit or commercially make available to a Third Party all or any part of our Services) without first obtaining our written approval.

Acceptable Authentication Examples:

  • IEEE 802.1x Port-based Network Access Control
  • Device control via MAC address
  • Installation of a digital certificate on the device.

Unacceptable Authentication Examples:

The following are unacceptable authentication examples:

  • Pre-Shared Keys
  • Open wireless.