Acceptable Use Policy

This Acceptable Use Policy was last updated on 10th February 2020.

PART A: GENERAL

1. Introduction

1.1 It is important to N4L that all eligible Schools (“you”) and Your Users are able to access our Products and Services. For this reason, and to ensure the provision of a quality service, our Acceptable Use Policy applies to use of our Products and Services. Our ‘Part B: Community Wireless Networks’ (set out below) also applies to wireless services.
1.2 You and Your Users must use our Products and Services in a responsible manner. While we won’t normally intervene in your use of our Products and Services, certain types of use are considered to be unacceptable, or can affect our ability to provide Products and Services to our other customers. For example, if a user on the network was to transmit spam, the ability of other users to send email could be adversely impacted.
1.3 The examples included in this Acceptable Use Policy are illustrative only and do not limit the scope of this Policy.
1.4 Capitalised terms used, and not defined, in this Policy have the meaning given to them in the Glossary.

2. Managed Network Responsible Use

2.1 Using our Products and Services in a responsible manner means that you and Your Users must:
  • not interfere with the availability of any Products and Services to others (whether those Products and Services are provided by us or anyone else);
  • not otherwise negatively impact on any networks, equipment or other parties;
  • use our Products and Services in a manner consistent with the delivery of educational outcomes; and
  • only use our Products and Services for the purpose for which they are provided to you.

3. Prohibited Use

3.1 We prohibit certain kinds of use of our Products and Services. In particular, you and Your Users must not:
  • use our Products and Services in ways that may be a criminal or civil breach of any statute, regulations, government requirements or any other law of any country (Illegal Uses). For example, any breach of intellectual property rights (such as copyright, trade marks, patents, trade secrets and confidential information), defamation, breach of obscenity laws and laws as to objectionable publications, fraud, theft, misappropriation of money, credit card details or personal information, breaches of privacy obligations and breaches of trade practices legislation (such as the Fair Trading).
  • use our Products and Services to breach, to attempt to breach, or in ways that may breach, the security and operation of any network, equipment or any other system (Security Breaches). For example, hacking, cracking into, monitoring, or using systems without authority, scanning ports (including scanning for open relays), improper configuration of mail servers and FTP servers enabling distribution of spam or unlicensed material by others, interference of service to any user or network (or activities that might encourage such interference by others) including mail bombing, flooding, deliberate attempts to overload a system and broadcast attacks, denial of service attacks or activities which might encourage denial of service attacks by others, unnecessarily excessive traffic (including excessive pings), distributing viruses, or other Disabling Code, any communications across our network which do not accurately identify (or disclose in a manner that is misleading) addresses, headers, names and other relevant details and using our network in any way as a staging ground for any of those breaches or to disable or “crack” other systems.
  • use our Products and Services to transmit content that may be of a harmful or threatening nature. For example, any material that includes:
    • threats of death or physical harm;
    • sexually explicit or pornographic material;
    • content that creates a risk of:
      • harm, loss, physical or mental injury, or emotional distress to anyone or any animal;
      • loss or damage to property; and/or
      • exploitation of children;
    • content we deem to be hateful, violent, harmful, abusive, racially or ethnically offensive, defamatory, invasive of personal privacy or publicity rights, harassing, humiliating to other people (publicly or otherwise), threatening, profane, or otherwise objectionable; and
    • content we consider fraudulent, false, misleading or deceptive.
  • use our Products and Services to transmit spam (Spam). For example, sending unsolicited electronic messages without the recipient’s actual or implied consent, messages that could reasonably be expected to provoke complaints, chain letters, pyramid schemes or hoaxes and emails and messages that do not accurately identify the sender’s return address, header or domain name.

4. Detecting Breaches

4.1 We monitor the flow of traffic across our network in order to optimise the performance of the network and to enable us to respond to any issues. We also receive network performance statistics from each of our routers on your premises to ensure your connection is performing as expected. As part of these processes, activity that might indicate unacceptable use may come to our attention.
4.2 You must (and you must ensure that Your Users) inform us of any breaches of this policy that come to their attention. Your Users should do so by contacting you, and you should do so by contacting our Helpdesk.

5. Breaches – What Will Happen

5.1 If a possible instance of unacceptable use comes to our attention, we will generally notify and/or work with you to investigate the use and, if it is unacceptable, try to agree a suitable remedy. In the most serious cases, we may notify law enforcement agencies in accordance with our Privacy Statement.
5.2 If you are a provider of products or services to Schools, we may also inform:
  • Schools of your unacceptable use, if it has, or is likely to, impact the School, their users, or their use of our Products and Services; and
  • the Ministry of Education of your unacceptable use, in some circumstances.
5.3 N4L takes any breach of our Acceptable Use Policy seriously. While any instance of unacceptable use is being investigated, we may disable the user’s or the customer’s access to any of our Products and Services. If we find a user has seriously breached this policy we may permanently revoke their and/or the School’s access to any of our Products and Services.
5.4 If the unacceptable use remains unremedied, then we may, without further notice, suspend, modify, restrict or terminate your and/or Your User’s access to our Products and Services, either in part or in full.

PART B: COMMUNITY WIRELESS NETWORKS

1. Introduction

1.1 This Acceptable Use Policy also applies if you use wireless networks.
1.2 You may use community wireless networks that we consider acceptable with our Products and Services (Community Wireless Networks). A Community Wireless Network is a wireless network that extends access to our Managed Network to the School service to beyond the school’s boundary.
1.3 You may use our Managed Network to the School service in conjunction with a community wireless deployment, but only in a manner consistent with activities of your School and in relation to the delivery of educational outcomes. Our Managed Network to the School service cannot be used in conjunction with Community Wireless Networks for any other purpose.

2. Community Wireless Requirements

2.1 You are responsible for adhering to the following guidelines when using our network to provide community wireless access.
  • Ensure the community wireless service can only be used by staff and students of your School, using authentication that can identify Your Users.
  • Keep filtering and firewalling configurations for community wireless access, the same as the configurations for general School use (in other words, filtering and firewalling policies must not be relaxed for community based access).
  • Never use our network to provide or support a commercial wireless service (in other words, never resell, transfer, sub-license or otherwise commercially exploit or commercially make available to a Third Party all or any part of our Products and Services) without first obtaining our written approval.

Acceptable Authentication Examples:

  • IEEE 802.1x Port-based Network Access Control
  • Device control via MAC address
  • Installation of a digital certificate on the device.

Unacceptable Authentication Examples:

The following are unacceptable authentication examples:

  • Pre-Shared Keys
  • Open wireless.