(In case of any divergence of the translation, the Chinese text shall prevail.) 

This "Acceptable Use Policy" ("this Policy") outlines the guidelines that users ("you") must adhere to when accessing and using various IT services and resources provided by The Hong Kong University of Science and Technology (Guangzhou) ("University" or "we"). The Policy aims to ensure that every user can enjoy a safe and efficient working environment. The examples and restrictions listed in the Policy do not exhaust all possibilities. We may update this policy from time to time, and the updated policy will be published on the Information Technology Department (ITD) website. Continuing to use the University's IT services and resources indicates your agreement to comply with the latest version of this policy.

If you have any questions about the policy or need assistance, you may contact ITD via email, and they will respond within two working days.

For the purposes of this policy, "user" also refers to "campus user," including but not limited to students, faculty members, staff, visitors, and other individuals or organizations authorized by the University; The IT services and resources provided by the University include, but are not limited to, computer networks, software, programs, email, information systems, media equipment (such as printers, campus cards, servers, office computers), etc.

This policy includes the following content:

1.Campus account and password management

2.Network security

3.Information security and privacy protection

4.Media equipment or resource management

5.Prohibition of inappropriate/irrelevant content

6.Supervision and enforcement

7.Disclaimer

8.Updates and effectiveness

Attachments: Relevant Laws and Regulations

The campus account refers to the unified identity authentication account for users to access and use various IT services and resources, provided only to legitimate users approved by the University (such as those who have gone through the special email account application process). The campus account is for the sole use of the user. Users are not allowed to misuse or transfer related permissions to others without the approval of the University.

1.Users must not allow unauthorized personnel to access the network through their computers.

2.Users must not copy or transfer software or data files to others via the campus network.

3.Users should be particularly careful when transmitting/receiving large files (e.g., multimedia files) over the internet, and should try to find files locally and perform transfers during non-working hours to avoid affecting other users.

4.Users must not use campus network resources for activities unrelated to the University (e.g., commercial and private activities).

5.Users must not arbitrarily change, delete, or manipulate data, programs, information, etc., within the campus network, including those that are not specifically locked or protected by the system.

6.Users must not use campus email or other email accounts to send false and/or anonymous emails. Sending emails in someone else's name (false emails) and/or using anonymous emails is considered dishonest behavior and may lead to serious disciplinary action.

7.Users are responsible for maintaining password security and changing passwords regularly. Sharing campus accounts and passwords with others without the approval of the University is prohibited.

In the event of any violation or suspected violation of this policy by a user or in emergency situations, the University reserves the right to temporarily suspend the campus account's access to IT services and resources.

Users should understand and comply with the "Cybersecurity Law of the People's Republic of China“, the "Regulations on the Protection of Computer Information Systems Security of the People's Republic of China“, the "Measures for the Administration of International Networking Security Protection of Computer Information Networks“, and other laws and regulations related to network security, especially:

1.Users must not use the network to endanger national security, disclose state secrets, infringe upon the legitimate rights and interests of the state, society, collectives, and third parties, or engage in illegal and criminal activities.

2.Users must strictly comply with relevant national laws and regulations and manage their own information security.

3.Users must not create, copy, access, or disseminate the following information as well as websites containing such information:

a) Opposing the basic principles established by the Constitution;

b) Endangering national security, leaking state secrets, subverting state power, undermining national unity;

c) Harming national honor and interests;

d) Inciting national hatred, discrimination, and undermining national unity;

e) Undermining national religious policies, promoting cults and feudal superstitions;

f) Spreading rumors, disrupting social order, and undermining social stability;

g) Spreading obscenity, pornography, gambling, violence, murder, terror, or inciting crime;

h) Insulting or defaming others, infringing upon the legitimate rights and interests of others;

i) Containing other content prohibited by laws and administrative regulations.

4.Users must not engage in the following activities that endanger computer information network security:

a) Accessing restricted computer information networks or using restricted computer information network resources without permission;

b) Deleting, modifying, or adding functions of computer information networks without permission;

c) Deleting, modifying, or adding data and applications stored or transmitted in computer information networks without permission;

d) Intentionally creating and spreading destructive programs such as computer viruses;

e) Other activities that endanger computer information network security.

Users must immediately take emergency measures and retain relevant original records in the event of a major security incident involving the computer information system they use, and report to ITD via email or DingTalk within 4 hours, and notify their supervisor or relevant department heads.

Users who violate the requirements of this section may be involved in serious legal liabilities, including administrative penalties, civil liability, and criminal responsibility. Users may further refer to the content under "Attachment: Relevant Laws and Regulations" in this policy.

Users should pay attention to information security and privacy protection. For example:

1.Without special approval from the University, sharing accounts and passwords with others is prohibited.

2.Be wary of phishing attacks. Do not click on unknown links or attachments, and ensure information is obtained from trusted sources.

3.Encrypt data. Use encryption tools to protect information security when transmitting or storing sensitive data.

4.Ensure device security. Make sure all devices have the latest security patches installed and antivirus software enabled.

5.Adopt privacy settings: Regularly check and adjust the privacy settings of personal accounts to limit the scope of information sharing.

6.Use artificial intelligence in a responsible and ethical manner. When using tools like GPT, be especially careful not to input or disclose private information, including but not limited to names, addresses, contact information, student IDs, financial information, facial information, and any other sensitive data. Although these tools can be helpful, inputting private information may lead to data breaches or privacy risks. Users must ensure that privacy information is protected when using such tools.

When using various media equipment or resources provided by the University, such as office computers, servers, campus cards (physical and digital campus cards), cloud desktops, etc., users must adhere to the following requirements:

1.Users must properly manage equipment or resources and are strictly prohibited from lending, transferring, mortgaging, altering, or otherwise illegally using them. Users are responsible for all consequences resulting from violating the regulations for using equipment or resources.

2.Upon graduation, suspension, leaving the school, or leaving employment, users must follow the procedures and timelines determined by the relevant departments of the University for function termination.

3.Users must not install software unrelated to work/study or of unknown origin on office computers/servers without authorization.

4.Users must not use office computers/servers for matters unrelated to work/study.

5.Users must not download and install software from unknown online sources, as such software may contain viruses, leading to data leaks or other significant losses, affecting both users and the University’s interests. If non-university-procured software is needed, it should be downloaded and installed through official channels and in accordance with the software user agreement. If in doubt, consult the Information Technology Office.

6.The production and distribution of campus cards are managed by the University. Unauthorized third parties are prohibited from producing or distributing cards with campus card functions. Cracking, counterfeiting, or forging campus cards is strictly prohibited.

7.When using the digital campus card QR code, do not take screenshots, project, or record screens on mobile devices, nor forward it to others. Failure to comply will result in the QR code being frozen, and the individual will bear the associated responsibilities and any potential losses.

The University encourages users to publish content in a civilized manner. For example:

1.Do not send mass irrelevant emails. Sending inappropriate or unrelated emails (such as advertisements, promotions of activities unrelated to the University, or surveys) to a large number of recipients not only wastes recipients' time and disk space but also disrupts the normal operation of servers and networks.

2.Do not send false and/or anonymous emails: Emails should be sent using the university-assigned email addresses. Sending emails on behalf of others (false emails) and/or using anonymous emails is considered dishonest behavior and may result in severe disciplinary action.

3.Do not send obscene emails: Emails should always be written in appropriate language and adhere to common etiquette. Users must not use vulgar language or harass recipients.

4.Do not store or publish pornographic resources: Users must not store or publish pornographic resources (including electronically stored files). Illegal storage and distribution of pornographic resources may constitute a criminal offense.

5.Do not publish any form of inappropriate and/or irrelevant content through public screen devices: Public screen devices include but are not limited to information display screens, conference all-in-one machines, classroom smart interactive panels, etc. Users are strictly prohibited from publishing any form of inappropriate and/or irrelevant content, including but not limited to pornography, violence, discrimination, or other content unrelated to work/study. Upon discovering such content, it should be immediately discontinued, and the Information Technology Office should be notified for follow-up action.

Respecting and protecting the intellectual property rights of others is a legal obligation for every user. Infringing on others' intellectual property rights can lead to serious legal consequences, including administrative penalties, civil liability, and criminal liability. Users must ensure that accessing any software, data, or other users' confidential information, as well as copyrighted or patent-protected materials, does not violate intellectual property protection laws and regulations. Users should pay attention to the following points:

1.All software installed on personal computers must have valid and appropriate licenses. This applies not only to offices but also to laboratories, open areas, and student dormitories.

2.Software or copyrighted materials must not be copied from the campus network and installed on other machines, unless appropriate licenses or consent have been obtained.

3.Copyrighted software must not be uploaded to networks (including campus and external networks) to provide download services, such as via FTP, file sharing, etc.

4.Users are responsible for ensuring that their contributions to the campus network do not infringe on third-party intellectual property rights. The Hong Kong University of Science and Technology (Guangzhou) does not tolerate or approve any infringement behavior.

5.Users are required to install the Software Authenticity Check Tool on personal computers to prepare for regular sampling checks of the valid use of licensed software and to promptly uninstall any unlicensed software.

If the University discovers any user engaging in intellectual property infringement, it reserves the right to suspend their campus account access to various resources and may delete infringing materials as appropriate. Users will bear the corresponding adverse consequences themselves.

The Information Technology Department is responsible for the execution and supervision of this policy. If the The Information Technology Department believes that a campus user has violated or is about to violate this policy in any way, the Department may take any one or more of the following measures at its discretion without assuming any liability to the user:

1.Issue a warning to the user.

2.Stop or remove problematic programs/processes.

3.Isolate the problematic machine/server from the network until the issue is resolved.

4.Temporarily or permanently remove infringing content, including removing or blocking access to infringing materials loaded or shared on the campus network.

5.Temporarily or permanently prohibit the user's account and computer from accessing the network, with the specific duration determined by the Technology and Information Services Department.

The Technology and Information Services Department will report the user's violations to the relevant functional departments of the school (such as the Student Disciplinary Committee, Human Resources Department), which will then suspend the user's access to other non-IT facilities or resources. The relevant functional departments will also further process the user's violations according to the applicable disciplinary system.

For suspected illegal activities, the school will report to the relevant government departments in accordance with the law.

Users shall use IT services and resources responsibly and bear their own responsibilities. The University shall not be liable for any losses incurred by users due to the use of IT services and resources.

The University may update this policy from time to time, and the updated policy will be published on the website of the Information Technology Department. Continuing to access or use the school's IT services and resources indicates that users agree to comply with the latest version of this policy.

1."Criminal Law of the People's Republic of China"

Article 291-1: Whoever fabricates false information about danger, epidemic, disaster, or police situations and spreads it on information networks or other media, or knowingly spreads such false information on information networks or other media, thereby seriously disrupting social order, shall be sentenced to fixed-term imprisonment of not more than three years, criminal detention, or public surveillance; if the consequences are serious, the person shall be sentenced to fixed-term imprisonment of not less than three years but not more than seven years.

Article 246: Whoever openly insults another person by violence or other methods or fabricates facts to defame another person, if the circumstances are serious, shall be sentenced to fixed-term imprisonment of not more than three years, criminal detention, public surveillance, or deprivation of political rights.

2."Public Security Administration Punishments Law of the People's Republic of China"

Article 25: Whoever commits one of the following acts shall be detained for not less than five days but not more than ten days and may also be fined not more than 500 yuan; if the circumstances are minor, the person shall be detained for not more than five days or fined not more than 500 yuan:
(i) spreading rumors, falsely reporting danger, epidemic, police situations, or otherwise deliberately disturbing public order;
(ii) throwing false explosive, poisonous, radioactive, corrosive substances or pathogens of infectious diseases and other dangerous substances to disturb public order;
(iii) threatening to commit arson, explosion, or throw dangerous substances to disturb public order.

Article 42: Whoever commits one of the following acts shall be detained for not more than five days or fined not more than 500 yuan; if the circumstances are serious, the person shall be detained for not less than five days but not more than ten days and may also be fined not more than 500 yuan:

(i) Writing threatening letters or using other methods to threaten the personal safety of others;

(ii) Publicly insulting others or fabricating facts to defame others;

(iii) Fabricating facts to falsely accuse and frame others, attempting to subject them to criminal prosecution or public security administration punishment;

(iv) Threatening, insulting, beating, or retaliating against witnesses and their close relatives;

(v) Repeatedly sending obscene, insulting, threatening, or other messages to interfere with others' normal lives;

(vi) Peeping, taking secret photographs or videos, eavesdropping, or spreading the privacy of others.

3."Civil Code of the People's Republic of China"

Article 1194: Network users and network service providers who infringe upon the civil rights and interests of others through the use of the network shall bear tort liability. Where the laws provide otherwise, such provisions shall prevail.

Article 1195: Where a network user infringes upon the rights of others through the use of network services, the right holder has the right to notify the network service provider to take necessary measures such as deletion, blocking, or disconnection of links. The notice shall include preliminary evidence of the infringement and the true identity information of the right holder. Upon receiving the notice, the network service provider shall promptly forward the notice to the relevant network user and take necessary measures based on the preliminary evidence of infringement and the type of service; if the network service provider fails to take necessary measures in a timely manner, it shall bear joint and several liability with the network user for the expanded part of the damage. If the right holder causes damage to the network user or network service provider due to an erroneous notice, the right holder shall bear tort liability. Where the laws provide otherwise, such provisions shall prevail.

Article 1197: If a network service provider knows or should know that a network user is using its network service to infringe upon the civil rights and interests of others and fails to take necessary measures, it shall bear joint and several liability with the network user.

4."Cybersecurity Law of the People's Republic of China"

Article 12, Paragraph 2: Any individual or organization using the network shall abide by the Constitution and laws, observe public order, respect social ethics, and shall not endanger network security. They shall not use the network to engage in activities that endanger national security, honor, and interests, incite the subversion of state power, overthrow the socialist system, incite national separatism, undermine national unity, promote terrorism, extremism, promote national hatred, discrimination, spread violence, obscenity, and pornography information, fabricate and spread false information to disrupt economic order and social order, as well as infringe upon others' reputation, privacy, intellectual property rights, and other legitimate rights and interests.

Article 47: Network operators shall strengthen the management of information published by their users. Upon discovering information that is prohibited by laws and administrative regulations from being published or transmitted, they shall immediately stop the transmission of such information, take measures such as removal to prevent the spread of information, preserve relevant records, and report to the relevant competent authorities.

5."Administrative Measures for Internet Information Services"

Article 15 ("Nine Prohibitions"): Internet information service providers shall not produce, replicate, publish, or disseminate information containing the following contents:

(i) Opposing the basic principles determined by the Constitution;

(ii) Endangering national security, leaking state secrets, subverting state power, or undermining national unity;

(iii) Harming national honor and interests;

(iv) Inciting national hatred, discrimination, or undermining national unity;

(v) Undermining national religious policies, promoting cults and feudal superstitions;

(vi) Spreading rumors, disrupting social order, or undermining social stability;

(vii) Disseminating obscenity, pornography, gambling, violence, murder, terror, or inciting crime;

(viii) Insulting or slandering others, infringing upon others' legitimate rights and interests;

(ix) Containing other contents prohibited by laws and administrative regulations.

6."Regulations on the Ecological Governance of Network Information Content"

Article 21: Users of network information content services, producers of network information content, and platforms for network information content services shall not use the network and related information technologies to commit illegal acts such as insult, slander, threat, spreading rumors, and infringing upon others' privacy, which damage others' legitimate rights and interests.