Columbia Law School IT Policy

Policy on the Use of Information Technology at Columbia Law School

(NOTE: Use of CLS IT's network and facilities constitutes acceptance of this policy.)

The Columbia Law School Information Technology (CLS IT) department maintains policies about the use and security of its systems in the interests of protecting its users and ensuring the reliability of mission critical systems. All users of our facilities are expected to be familiar with these policies.Violations of CLS IT policies can lead to the suspension of computer account(s)pending investigation of circumstances. Serious violations CLS IT policy will be referred directly to the appropriate academic or outside authorities.Unauthorized use of University computing facilities can be a criminal offense.The penalties may be as severe as suspension or dismissal of enrollment,termination of employment from the University, and/or criminal prosecution by appropriate law enforcement agencies. Use of CLS IT's network and facilities constitutes acceptance of this policy.

Back to top

Access & User Responsibilities

It is every user's Responsibility to be aware of this Policy.

Any user who finds a possible security lapse on any CLS IT system is obligated to report it to CLS IT. Don't attempt to use the system under these conditions until the system administrator has investigated and resolved the problem.  The user agrees to remain entirely liable for any and all activities conducted via the user's account.  Each user is responsible for all matters pertaining to the proper use of their account.  This includes choosing safe passwords, (e.g., passwords that are at least six characters long, are not found in any dictionary, and contain a combination of numbers and letters) and ensuring that file protections are set correctly (where applicable).

The CLS IT permits access to systems on the understanding that the information in those systems is confidential.  Each user must take appropriate measure to preserve the confidentiality of that information.  In addition, system and security administrators conduct regular reviews of file system security and  login names, including password checks.  Users found to have easily guessed passwords may be required to change them the next time they log on.  Users may not  share passwords and login accounts. Every user is provided with an account in his/her own name, accessible with a private password to access specific computer systems/resources maintained by CLS IT. These accounts are to be used solely for the performance of assigned faculty/student/administrator functions within CLS IT. 

Individual CLS IT login names and/or passwords cannot be transferred to or used by another individual.  It is the responsibility of Departmental Supervisors to advise CLS IT when employees leave unexpectedly and/or with short notice so that the data in their accounts can be protected/deactivated/deleted.  Unauthorized attempts to gain access to another person's CLS IT login name and/or password or to gain privileged access or access to any account, applications, and/or data not belonging to you on any CLS IT system is not permitted.  No CLS IT system may be used to gain unauthorized access to other systems. 

No CLS IT system may be used for unethical, illegal, or criminal purposes, or to damage any part of the CLS IT network or accounts on CLS IT network, as well as other networks or accounts on other networks.  Use of CLS IT facilities by outside individuals or organizations requires special permission from CLS IT and to the appropriate software vendors where applicable.  Use of any Columbia University or administrative system by individuals or organizations outside Columbia University requires explicit authorization from AIS/AcIS and all appropriate data custodians.  Use of CLS IT systems for commercial uses, except by approved outside organizations, is strictly prohibited. Such prohibited uses include, but are not limited to, development of programs, data processing or computations for commercial use and preparation and presentation of advertising material.  CLS IT reserves the right to prevent other Internet users from accessing its network, either in part or in whole, for any reason deemed detrimental to the CLS IT network or computer facilities. 

Back to top

Email Usage & Retention Policy

Electronic mail on all our systems is as private as we can make it. Attempts to read another person's electronic mail or other protected files is prohibited and will be treated with the utmost seriousness. The system administrators will not read mail or non-world-readable files unless absolutely necessary in the course of their duties, and will treat the contents of those files as private information at all times.

User's cannot use the CLS IT network to distribute unsolicited bulkelectronic mail (UBE) or inappropriate commercial postings (spam) to Usenet newsgroups. UBE or spam directing recipients to a site served by CLS IT network is prohibited. No CLS IT system may be used for sending nuisance messages such as chain letters and obscene or harassing messages. Users are not allowed to "impersonate" other users or user groups, real or fabricated, by modifying email header information in an effort to deceive their recipient(s); i.e., email spoofing is specifically prohibited. University policy prohibits the use of University resources to solicit contributions or support for any charity, except those authorized by the University.

Retention Policy
Email boxes that are hosted on Columbia Law School servers are backed up regularly  and retained for up to five weeks. Deleted and purged email, if available in a backup copy, may be recoverable if the request is not longer than five weeks from the date of deletion. Email forwarded (i.e., redirected) to a personal email account (e.g., Gmail, Yahoo, Hotmail) that is not under Columbia Law School's control is excluded from the email backup.

Back to top


Frivolous, disruptive, or inconsiderate conduct in the computer labs or terminal areas is not permitted.  Users are prohibited from using the CLS IT network or computer facilities for the purpose of harassing or threatening other people. No CLS IT system may be used for playing computer games. 

Back to top


The user is responsible for providing and maintaining the necessary cabling, hardware and software used for dial-up service at the user's site.  All telephone company installation and recurring charges are the user's responsibility.  It is understood that CLS IT does not own or control the telecommunications facilities used to access its network, except those specifically identified as belonging to CLS IT.  Dial-up accounts are not to be used for permanent network connectivity or nailed connections (connections that remain up even though no interactive usage occurs).

Back to top


CLS IT exercises no control whatsoever over the content of the information passing through its network.  The user cannot use the CLS IT network to transmit certain kinds of information which violates export control laws and regulations of the United States, whether that information is received abroad or by foreign nationals within the United States. 

Since CLS IT exercises no control whatsoever over the content of information passing through its network,the entire burden of complying with such laws and regulations rests with the user. The user agrees to comply with such laws and regulations and to indemnify and hold CLS IT harmless from any damages it may suffer resulting from any violation of the export control laws of the United States. In short,transmission of any material in violation of any local, state, federal or international regulation(s) is prohibited.  This includes, but is not limited to, copyrighted material, material legally judged to be threatening or obscene, or material protected by trade secret. 

Copying, storing, displaying, or distributing copyrighted material using University systems or networks without the express permission of the copyright owner, except as otherwise allowed under the copyright law, is prohibited. Under the Federal Digital Millennium Copyright Act of 1998, repeat infringements of copyright by a user can result in termination of the user's access to University systems and networks. See information on copyright at

Back to top


CLS IT will not be responsible for any damage the user suffers from use of CLSIT network. This includes, but is not limited to, loss of data resulting from delays or service interruptions caused by CLS IT's own negligence, CLS IT'svendors, other third parties, or the user's errors or omissions. Use of any information obtained via CLS IT's network is at the user's own risk. CLS IT specifically denies any responsibility for the accuracy or quality of information obtained through its network. The user agrees to indemnify andhold harmless CLS IT from any claims resulting from the user's use of theservice which damages the user or another party.

Back to top

Data Integrity/Ownership

All data archived by CLS IT for recovery purposes is the property of CLS IT. 

Back to top


All users of CLS IT login names and administrative systems should be aware that these systems are CLS IT resources.  Many people use the CLS IT systems for daily work. Obstructing this work by consuming gratuitously large amounts of system resources or by deliberately crashing the machine(s) will not be tolerated.  It is the user's responsibility to comply with this policy by running large jobs at off-peak hours.  At no time may the user consume excessive network resources, including but not limited to, disk space, RAM, processor time, network bandwidth, etc., that could cause denial of service to other users of CLS IT resources. 


Back to top

System Monitoring & Legal Action

All access, access attempts, and use are recorded in various system logs.  System and security administrators review the logs routinely in the course of their work.  Formal security audits including the review of system logs will occur at least twice yearly, and are subject to increase in frequency when abnormal and/or suspicious data is discovered during the course of regular system maintenance and/or monitoring. 

CLS IT facilities and computersystems are for the use of authorized users only.  Individuals using CLS IT computer systems without authority, or in excess of their authority, are subject to having all of their activities on CLS IT computer systems monitored and recorded by system personnel.  In the course of monitoring individuals improperly using CLS IT computer systems, or in the course of systemmaintenance, the activities of authorized users may also be monitored. 

Anyone using CLS IT computer systems implicitly consents to such monitoringand is advised that if such monitoring reveals evidence of criminal activity,system personnel may provide the evidence of such monitoring to law enforcementofficials.  CLS IT reserves the right to cooperate with law enforcement to the extent permissible by law.  CLS IT's network may only be used for lawful purposes and in accordance with this policy. 

This policy may be modified by CLS IT at any time. Continued use of CLSIT's network following such modifications constitutes acceptance of this policy,as modified.  If any provision of this policy is held by a court of competent jurisdiction to be contrary to law, the remaining provisions of this policy will remain in full force and effect. 

This policy supersedes all previous representations, understandings, or agreements and shall prevail notwithstanding any variance with terms and conditions of any order submitted. This policy shall be deemed to have been made in the city of New York, NewYork, and shall be construed in accordance with the laws of the State of NewYork. All actions or proceedings relating, directly or indirectly, to this policy shall be litigated only in courts located within the city of New York,New York.

Back to top