THE GENERAL ASSEMBLY
Title 101--GENERAL ASSEMBLY
LEGISLATIVE DATA PROCESSING COMMITTEE
[101 PA. CODE CHS. 501, 521 AND 551]
Use of Legislative Internet
[30 Pa.B. 3152] Nature and Purpose of Regulations
The Legislative Data Processing Committee (Committee) is adopting regulations relating to:
(1) The use of Internet service by Legislative service agencies.
(2) The Legislative Intranet, a private, protected network maintained by the Legislative Data Processing Center (LDPC).
The purpose of the regulations is to establish an acceptable use policy for employes of legislative service agencies who access the Internet through the service provided by the LDPC, and to ensure the integrity of the Legislative Intranet.
Statutory Authority
The regulations are adopted under the act of December 10, 1968 (P. L. 1158, No. 365) (46 P. S. §§ 71.1--71.6).
Contact Person
For further information, contact Kathy A. Sullivan, Executive Director, Legislative Data Processing Committee, G-27 North Office Building, Harrisburg, PA 17120, (717) 787-7358, ksullivan@legis.state.pa.us.
Order
The Committee orders that:
(a) Title 101 of the Pa. Code is amended by adding §§ 501.1, 501.2, 521.1--521.10 and 551.1--551.4 to read as set forth in Annex A.
(b) The Executive Director of the Committee shall certify this order and Annex A and deposit them with the Legislative Reference Bureau for publication.
(c) The regulations shall become effective upon publication in the Pennsylvania Bulletin.
REPRESENTATIVE LYNN B. HERMAN,
Chairperson
Annex A
TITLE 101. GENERAL ASSEMBLY
PART V. LEGISLATIVE DATA PROCESSING COMMITTEE
Subpart A. PRELIMINARY PROVISIONS
CHAPTER 501. GENERAL PROVISIONS Sec.
501.1. Scope. 501.2. Definitions. § 501.1. Scope.
This part applies to all computer systems established and maintained by the LDPC under the act.
§ 501.2. Definitions.
The following words and terms, when used in this part, have the following meanings, unless the context clearly indicates otherwise:
Act--The act of December 10, 1968 (P. L. 1158, No. 365) (46 P. S. §§ 71.1--71.6).
Address--A unique, assigned location of a server or file on an intranet or the Internet.
Agency or entity--A body or office that contains users.
Bipartisan Management Committee--The Bipartisan Management Committee created under the act of January 10, 1968 (P. L. 925 (1967), No. 417) (46 P. S. §§ 42.101--42.163), referred to as the Legislative Officers and Employes Law.
Committee--The Legislative Data Processing Committee created under the act.
Executive Director--The Executive Director of the LDPC.
Internet--A global system of interconnected computer networks based upon TCP/IP networking protocols.
Knowingly--Acting with respect to conduct when the person is aware of the true nature and circumstances of an event and is further aware that a certain result will be caused by the person's conduct.
LDPC--The Legislative Data Processing Center created under the act.
Legislative Intranet--The private, protected network maintained by the LDPC to share legislative and related information and computing resources among members, staff and legislative service agencies of the General Assembly and other persons the Committee with the approval of the Senate Committee on Management Operations and the Bipartisan Management Committee deems appropriate. The term includes the part of the private, protected network that is accessed by offices of State government under section 2(1.1) of the act (46 P. S. § 71.2(1.1)).
Legislative service agency--A nonpartisan body or office created by statute or otherwise to provide services to the General Assembly.
Link--An element of the HyperText Transfer Protocol (http), or a successor protocol, that enables rapid navigation from one file or address to another file or address.
Network--A series of computers interconnected by communication paths.
Senate Committee on Management Operations--The Senate Committee on Management Operations created under the act of January 10, 1968 (P. L. 925 (1967), No. 417), referred to as the Legislative Officers and Employes Law.
Server--A computer that provides network and file sharing services.
Service--Deployment and maintenance of computer hardware and software by the LDPC through which a user connects to the Internet.
User--A person who connects to the Internet using the service.
World Wide Web--A part of the Internet based on http, or a successor protocol, through which clients and servers communicate.
Subpart B. COMPUTER SYSTEMS Chap.
521. LDPC ACCEPTABLE USE POLICY 551. LEGISLATIVE INTRANET
CHAPTER 521. LDPC ACCEPTABLE USE POLICY Sec.
521.1. Scope. 521.2. Application. 521.3. Security. 521.4. Copyright. 521.5. Acceptable use of service. 521.6. Unacceptable use of service. 521.7. E-mail. 521.8. Training. 521.9. Disclaimer of warranties. 521.10. Enforcement. § 521.1. Scope.
This chapter relates to use of Internet service.
§ 521.2. Application.
(a) General rule. This chapter applies to users.
(b) Legislative Intranet access. Members and staff of the General Assembly who do not access the Internet using the service, but who are routed to or otherwise access the Legislative Intranet to send and receive data within the Intranet, are not subject to this chapter.
(c) Agency and entity policies. Agencies and entities may establish, consistent with this chapter, Internet use policies applicable to users within their respective local environments.
§ 521.3. Security.
(a) Primary responsibility. The LDPC has primary responsibility for maintaining security for the service. In response to a security attack or exploit or in response to a well-founded threat to the security of the service, the LDPC may take action it deems necessary, including suspension of the service on a user, agency or entity or network-wide basis, to preserve the integrity of the service.
(b) Agency and entity responsibility.
(1) Each agency or entity that connects to the service shall ensure that its connection to and use of the service does not jeopardize the security of the service.
(2) With regard to individual users, each agency or entity shall ensure that only authorized users from its local environment are able to access the service. For accountability purposes in the event of a security threat or breach, the LDPC has the right to trace the route from a user to points within the service. Each agency or entity shall maintain and, upon request, shall make available to the LDPC a secure log of access events. The log shall be in a format and be for a period as the LDPC prescribes.
(c) User responsibility. A user may not knowingly engage in an action that undermines the security of the service or interferes with use of the service by another user.
§ 521.4. Copyright.
(a) Infringement. Use of copyrighted material in violation of Federal law or treaties or the terms of a license agreement constitutes copyright infringement.
(b) Policy under Digital Millenium Copyright Act. Under Title II of the Digital Millenium Copyright Act (17 U.S.C.A. § 512), the LDPC makes the following statement of policy:
(1) A user who infringes on a copyright will be warned of the consequences of infringement.
(2) The LDPC will terminate service to a user who is a ''repeat offender,'' as defined in Title II of the Digital Millenium Copyright Act and as the term is interpreted by the judiciary.
(3) The LDPC will provide notice of this policy to users.
(4) The LDPC will designate an agent to receive notification of claimed acts of copyright infringement and make contact information concerning the designated agent available in a location accessible to the public and in a filing with the United States Copyright Office.
(5) The LDPC will modify its policy in response to applicable amendments to the Digital Millenium Copyright Act and applicable judicial interpretations of the Digital Millenium Copyright Act.
§ 521.5. Acceptable use of service.
(a) Generally. It is acceptable to use the service to access and retrieve data and to communicate for purposes directly related to the mission of an agency or entity and in a manner that is consistent with duties and responsibilities of a user's official capacity.
(b) Skills development. In the interest of acquiring and maintaining electronic information searching skills, users may, unless prohibited by an agency or entity policy, make limited, personal use of the service for data access and retrieval. Personal use may not be excessive and may not interfere with official use under subsection (a).
§ 521.6. Unacceptable use of service.
(a) Generally. Except as provided in § 521.7(a)(2) (relating to E-mail), use of the service that is contrary to § 521.5 (relating to acceptable use of service) constitutes unacceptable use.
(b) Specific conduct constituting unacceptable use. The following actions constitute unacceptable use of the service and are specifically prohibited:
(1) Using the service to violate 18 Pa.C.S. § 3933 (relating to unlawful use of computer) or other Federal or State law.
(2) Using the service to commit harassment of a racial or sexual nature or to engage in any other form of harassment prohibited by law.
(3) Knowingly undermining or attempting to undermine the security of the service.
(4) Knowingly accessing material that would be considered inappropriate for viewing in the workplace applying prevailing community standards for the Harrisburg metropolitan area, except as may be required by the duties and responsibilities of a user's official capacity.
(5) Using the service for private pecuniary benefit.
(6) Using the service for partisan political purposes.
(7) Using the service to solicit or advocate for a religious cause.
(8) Using the service to participate in gambling of any nature.
(9) Using the service to transmit chain letters.
(10) Using the service to participate in chat room discussions of a personal nature.
(11) Deliberately introducing any virus or harmful code to the service or deliberately propagating any virus or harmful code in the service.
(12) Using the service to defame another person.
(13) Using the service in a manner that tends to tarnish the reputation of the General Assembly or a member of the General Assembly.
(c) Other conduct. In addition to the conduct specifically prohibited by subsection (b), the LDPC may, after giving notice to users, prohibit any conduct that the Committee finds to be contrary to the intent of the act or inconsistent with prevailing, generally accepted standards for the provision of Internet access by state governments.
§ 521.7. E-mail.
(a) Use.
(1) Except as provided in paragraph (2), users shall engage E-mail solely to communicate for purposes directly related to the mission of an agency or entity and in furtherance of the duties and responsibilities of a user's official capacity.
(2) In the interest of developing and maintaining electronic communication skills, users may, unless prohibited by an agency or entity policy, make limited, personal use of E-mail. Personal use may not be excessive and may not interfere with official use under subsection (a).
(b) Unacceptable use. Section 521.6(b) (relating to unacceptable use of service) applies to E-mail.
(c) Right of privacy negated. While Federal and State laws prohibit the interception of electronic communications, a user has no right of privacy regarding electronic communications stored on computers that are components of the service. Stored E-mail may be reviewed, read and otherwise accessed without notice to or the consent of a user.
(d) Insecure means of communication. Unless it is properly encrypted, E-mail is not a secure means for the transmission or receipt of confidential information.
(e) Communication style. A user shall communicate by E-mail in a professional, courteous manner that is consistent with the duties and responsibilities of a user's official capacity.
§ 521.8. Training.
Upon request of the head of an agency or entity, the Executive Director may arrange basic instruction as may be required to familiarize a user with the operation of a computer as it relates to this chapter.
§ 521.9. Disclaimer of warranties.
The Committee and the LDPC make no warranties of any kind, whether express or implied, for the service. Utilization of information obtained using the service is at the user's own risk. The Committee and the LDPC make no representation as to the accuracy or quality of information obtained through the service.
§ 521.10. Enforcement.
(a) Suspension or revocation of service. The Executive Director may suspend or revoke service to an agency or entity or user who fails to comply with this chapter.
(b) Violation of law. The Executive Director will report suspected violations of State and Federal laws by users and will cooperate with and assist appropriate authorities in investigating suspected violations.
CHAPTER 551. LEGISLATIVE INTRANET Sec.
551.1. Statement of purpose. 551.2. Limitation on access. 551.3. Links to sites outside the Legislative Intranet. 551.4. Enforcement. § 551.1. Statement of purpose.
The Legislative Intranet was created and exists to serve the information needs of a specific group, rather than the general public. To preserve the integrity of the Legislative Intranet and to further its purposes, certain conditions on access and use are necessary.
§ 551.2. Limitation on access.
Only offices of members and staff of the General Assembly, legislative service agencies, offices of State government under section 2(1.2) of the act (46 P. S. § 71.2(1.2)) and other persons the Committee with the approval of the Senate Committee on Management Operations and the Bipartisan Management Committee deems appropriate may access the Legislative Intranet.
§ 551.3. Links to sites outside the Legislative Intranet.
A site on the Legislative Intranet may link to a site outside the Legislative Intranet if all of the following criteria are met:
(1) Information on the site is relevant to the legislative process.
(2) The site does not contain information that is political or partisan in nature.
(3) The site does not contain information of a predominantly religious nature.
(4) The site cannot reasonably be construed to endorse a commercial product or service.
(5) The operator of the site on the Legislative Intranet regularly monitors the other site to ensure that requirements of paragraphs (1)--(4) are met.
§ 551.4. Enforcement.
(a) Notice of noncompliance. The Executive Director will provide written notice to the office of a member or staff member of the General Assembly, legislative service agency or other person who fails to comply with this chapter.
(b) Suspension or revocation of access. The Executive Director may, with the approval of the Committee, the Senate Committee on Management Operations and the Bipartisan Management Committee, suspend or revoke access to the Legislative Intranet to the office of a member or staff member of the General Assembly, legislative service agency or other person who fails, after receipt of notice by the Executive Director under subsection (a), to comply with this chapter.
[Pa.B. Doc. No. 00-1075. Filed for public inspection June 23, 2000, 9:00 a.m.]
No part of the information on this site may be reproduced for profit or sold for profit.This material has been drawn directly from the official Pennsylvania Bulletin full text database. Due to the limitations of HTML or differences in display capabilities of different browsers, this version may differ slightly from the official printed version.