by Traverse Legal, reviewed by Enrico Schaefer - May 1, 2022 - Internet Law, Internet Lawyer
An Acceptable Use Policy (AUP) (also known as a Fair Use Policy) is a set of rules applied by the owner, creator or administrator of a network, website, or service that restricts the ways in which the network, website, or service may be used and sets guidelines as to how it should be used. Similar to a Terms of Use Agreement, AUPs are legal documents that help protect organizations from users taking potential legal actions against them.
Entities that typically utilize AUPs include schools/universities, corporations/businesses, internet service providers, and website owners. It is commonplace for organizations such as these to require that users sign an AUP prior to being granted access to the network. With the internet growing in complexity, it is essential to have users sign an AUP so that they are explicitly aware of what they are and are not allowed to do while connected to an organization’s network.
AUP’s can: help to prevent cyber security threats, ensure that users are avoiding illegal activity and help users focus on productivity.
Included in a standard AUP are clauses specifying the purpose and scope of the policy, the user’s rights and responsibilities, acceptable uses, prohibited uses, and privacy standards. This will help ensure users are only using internet access for appropriate tasks. Having a good AUP in place will help bolster your organization’s reputation and productivity all while shielding you from lawsuits brought by users (i.e. an unfair dismissal lawsuit from firing an employee for misuse of the company internet can be avoided with a clearly written AUP).
Internet use policies can help ensure your employees are staying on task during working hours. The level of access employees have should be determined by their role and job scope. For example, creative teams and marketing teams may need greater access to certain social media websites to look for trends. Some websites that companies tend to restrict are :
One of the biggest aspects of AUP’s is cybersecurity. It is imperative to clarify at risk behaviors that employees should avoid when using your network. Data breaches cost your business time and money. Common security policies include:
Confidential information needs to be sent to one another securely. Your AUP should outline how team members can safely send, view, and store company data. Your AUP should also detail how team members should handle any data breaches that may occur. How should they report an incident, who to report it to, and any other important protocols.
Most businesses have a separate guest network that is just for guests to use. This network should have less access ensuring guests can not access internal files or internal information. You should also have guest users sign an AUP prior to use.
Content of AUP’s are assembled through the collaboration of owners, creators, administrators, human resource executives and lawyers. You may also want to consider getting feedback from both managers and employees at every level. They can assist with items that may have been forgotten or even have better ideas for the AUP. There could also be cases where something in the proposed AUP prevents a team member from doing their job. Transparency and collaboration throughout your business is key. Before introducing your AUP to employees, you’ll want to review it with human resources and your lawyer to prevent breaking employment or state/federal laws.
If you are an organization in need of an AUP, contact Traverse Legal today so that one of our skilled Attorneys can assist you in drafting an AUP that fits your particular needs.
*Article updated May 2022
Founding attorney Enrico is a seasoned consultant who guides companies, including law firms, in effectively integrating artificial intelligence (AI). With a wide range of consulting services, Enrico assists clients in harnessing the power of AI while ensuring ethical and responsible implementation.
Years of experience: 35+ years
This page has been written, edited, and reviewed by a team of legal writers following our comprehensive editorial guidelines. This page was approved by attorney Enrico Schaefer, who has more than 20 years of legal experience as a practicing Business, IP, and Technology Law litigation attorney.