On this page:
Students who receive access to University computer facilities and to the campus-wide communication network assume responsibility for their appropriate use and are expected to be careful, honest, responsible, and civil in their use. Students who use wide-area networks (such as the internet) to communicate with individuals or to connect to computers at other institutions must abide by the rules for the remote systems and networks as well as those for Harvard’s systems.
In addition to violating University rules, certain computer misconduct is prohibited by federal and state law and is, therefore, subject to criminal and civil penalties. Such misconduct includes:
- knowingly gaining unauthorized access to a computer system or database, falsely obtaining electronic services or data without payment of required charges
- intentionally intercepting electronic communications
- obtaining, altering, or destroying others’ electronic information
- using Harvard’s computers or network to violate copyright laws, as is possible with the use of peer-to-peer file-sharing programs.
Students may be held responsible for misuse that occurs by allowing third-party access to their computer, account, or network connection.
Harvard University provides computer and network facilities to students primarily for educational use. These facilities have tangible value, consequently, attempts to circumvent accounting systems or to use the computer accounts of others will be treated as forms of attempted theft.
Students may not:
- attempt to damage or to degrade the performance of Harvard’s computers and networks or disrupt the work of other users
- attempt to circumvent security systems or to exploit or probe for security holes in any Harvard network or system or any other systems accessed through Harvard’s facilities
- execute or compile programs designed to breach system security, unless authorized in advance.
Students assume personal responsibility for the use of their accounts. Students may not:
- disclose their passwords or otherwise make Harvard’s facilities available to unauthorized individuals (including family or friends)
- possess or collect the passwords, personal identification numbers (PINs), private digital certificates, or other secure identification information belonging to others
- use Harvard’s computers and networks for business-related purposes without authorization.
Additional rules and policies concerning use of University computer facilities and systems are available on the Harvard University Information Technology website. Students are expected to abide by these rules and policies and must alert an official of Harvard University Information Technology prior to any activity that would appear to threaten the security or performance of University computers and networks. In cases of computer misconduct, Harvard may notify the appropriate dean or University official, who in turn will determine the course of any investigation or disciplinary action.
Copyrighted Material and the Digital Millennium Copyright Act (DMCA)
Using Harvard’s network to download or share copyrighted music, movies, television shows, or games without the permission of the copyright owner may result in legal sanctions, network termination, or both.
Some versions of BitTorrent or other file sharing programs can transmit files on your computer to others in violation of copyright laws, with or without your knowledge. If these programs are on your computer, you will be held responsible for any copyright violations that may result.
Read more on the Harvard DMCA page.
Harvard neither sanctions nor censors individual expression of opinion on its systems.
The same standards of behavior, however, are expected in the use of email, social media, and web applications, as in the use of telephones and written and oral communication. Therefore email, like telephone messages, must be neither obscene nor harassing (see Public and Personal Safety). Similarly, messages must not misrepresent the identity of the sender and should not be sent as chain letters or broadcast indiscriminately to large numbers of individuals. This prohibition includes unauthorized mass electronic mailings. For example, email on a given topic that is sent to large numbers of recipients should in general be directed only to those who have indicated a willingness to receive such email.
GSAS Student Email Accounts
Through my.harvard or another directory service provided by Harvard University Information Technology, GSAS students must designate and keep updated an email account to receive official information and notifications from GSAS and Harvard.
Student email accounts ordinarily will be made inoperable and deleted for GSAS students who have been unenrolled for a period exceeding six consecutive terms. Students will be sent a notice to the email account one month prior to the closure, and again ten and five days prior to the closure, so that students may take steps to save any material they want to preserve elsewhere. If a student re-enrolls at a later period, a new student email account will be made available.
Privacy of Electronic Information
Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Examination, collection, or dissemination of that information without authorization from the owner is a violation of the owner’s rights to control his or her own property. Information technology personnel, however, may gain access to users’ data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules.
Computer systems and networks provide mechanisms for the protection of private information from examination. These mechanisms are necessarily imperfect and any attempt to circumvent them or to gain unauthorized access to private information (including both stored computer files and messages transmitted over a network) will be treated as a violation of privacy and will be cause for disciplinary action.
In general, information that the owner would reasonably regard as private must be treated as private by other users. Examples include the contents of email boxes, the private file storage areas of individual users, and information stored in other areas that are not public. That measures have not been taken to protect such information does not make it permissible for others to inspect it.