Printer-friendly version
Body

1. Purpose and Objectives

This procedure informs all UQ staff of their rights and responsibilities when using software at the University and is designed to minimise the risks of a copyright infringement by the University and possible breaches of software licence terms.

This procedure must be read in conjunction with the Policy for Acceptable use of UQ ICT Resources and the associated procedures and guidelines related to specific ICT‑related hardware, software and applications.

2. Definitions, Terms, Acronyms

Information Communication Technology (ICT) products and services - all types of technology (data, voice, video etc) and associated resources which relate to the capture, storage, retrieval, transfer, communication or dissemination of information through the use of electronic media.

Enterprise Agreement - The University of Queensland Enterprise Agreement 2014 - 2017

SIMC - Strategic Information Management Committee

Software - includes, but is not limited to, purchased or commercial software, sound, graphics, images, or datasets; shareware; freeware; and electronically stored documentation and the media that holds it. Not included in this definition are non-copyrighted computer data files that have no significance beyond the individual or organisational unit.

Software Licence/Licence Agreement/End-User Licence Agreement (EULA) - A legal instrument (usually by way of contract law) governing the usage or redistribution of software. All software is copyright protected, except material in the public domain. A typical software license grants an end-user permission to use one or more copies of software in ways where such a use would otherwise potentially constitute copyright infringement of the software owner's exclusive rights under copyright law.

Software Piracy - unauthorised copying or distribution of copyrighted software. This can be done by copying, downloading, sharing, selling, or installing multiple copies onto personal or work computers.

Software Audit - A process that identifies what software is installed, where it is installed, its usage, and provides a reconciliation of this discovery against usage. From time to time internal (driven by UQ) or external (vendor driven) audits may take a forensic approach to establish what is installed on the computers in an organisation with the purpose of ensuring that it is all legal and authorised and to ensure that the process of processing transactions or events is correct.

Software Licence Compliance - Clear documentation that the number of legally obtained and genuine software licences matches the number of installed instances of a given software product on the University’s systems or devices.

Software Licensing Points of Contact (POC) - A staff member within each organisational unit who is responsible for:

  • Tracking all software orders and provide purchasing support for their organisational unit
  • Maintaining the unit’s software licence repository as required by the UQ Software Policy
  • Tracking all software installs and changes to installs.
  • Ensuring the unit is accountable and audit‑ready
  • Acting as a liaison between the organisational unit and ITS Procurement for all software licensing related issues.

UQ ITAM - Central IT hardware and software management system

3. Procedures Scope/Coverage

The diverse and geographically dispersed framework of the University increases the risk of exposure to non-compliance of the Copyright Act and software license agreements.

The following procedure will therefore apply to the use of software within The University of Queensland and its affiliates.

4. Procedures Statement

This procedure provides additional detail on software in respect of procurement, licence compliance, responsible use, audits and penalties for non-compliance. Details on each of these aspects are outlined in sections 5 – 9 below.

5. Software Procurement

5.1 All software in use within The University of Queensland must be for legitimate work purposes, approved by management prior to installation and appropriately purchased according to the licence terms and conditions and the University’s financial management policies and procedures.

5.2 Where the University's licensing agreements do not allow use of the software on personally owned equipment staff must purchase their own legally licensed copies of the software.

5.3 Software that is not otherwise available for free under the terms of its accompanying licence (for example: commercial software) must be purchased through ITS Procurement or nominated POC of the organisational unit.

5.4 Software purchased through ITS Procurement will be automatically recorded for compliance purposes in the ITAM system.

5.5 The same purchasing rules apply to online software purchases as purchases using traditional mechanisms.

5.6 Software purchases must take advantage of existing volume discounts, site licences, preferred supplier agreements or any other mechanism to reduce costs.

5.7 During the process of purchasing software, nominated POCs of organisational units are required to check within the ITAM tool for the existence of current agreements, and with ITS Procurement for planned agreements and intended software purchases.

5.8 Acquisition of new site and volume licence agreements must be coordinated by ITS Procurement to ensure that correct University procedures for negotiating and signing new legal agreements are followed.

5.9 All University-wide software licensing agreements that the University or its affiliates may enter into must be first reviewed by the UQ Legal Office prior to acceptance and must be signed by the Chief Operating Officer on behalf of The University of Queensland. The Chief Information Officer can also sign selected agreements, for example: renewal of ongoing licence agreements.

5.10 Where software must be registered with the author(s) or vendor(s) of the software, “The University of Queensland” must be used as the licensee Name where possible.

5.11 Staff must follow any additional applicable procedures and guidelines that the University may from time to time issue through an authorised organisational unit.

6. Software Licence Compliance

6.1 All software in use within The University of Queensland must be used in compliance with the accompanying licence terms and conditions.

6.2 Staff obtaining and/or using software must make themselves aware of their obligations regarding the possession and use of the software.

6.3 Heads of organisational units are responsible for nominating a POC within their unit to maintain the Unit’s software register through the ITAM system and to liaise with ITS Procurement for software purchasing.

6.4 An appropriate number of licences must be purchased to reflect the level of usage of the software within the organisational unit.

6.5 The type of licences purchased must reflect the use to which the software will be put and the manner of deployment being employed by the organisational unit.

ITS Procurement can provide advice on these issues.

6.6 Staff will not unlawfully copy software installation media or use copies of illegal software.

6.7 ITS Procurement will update the ITAM system with licence records for any site licences or software that has been purchased through ITS Procurement. POCs will create licence records for any software purchased directly from suppliers.

6.8 POCs will periodically liaise with ITS Procurement for validating the register of software licences for their Organisational Unit.

6.9 If any system or device is found to be running software that is either unlicensed, or unregistered with ITS Procurement or the Software Licensing POC person within the organisational unit, the Chief Information Officer may immediately remove network access from such a device until satisfied that the software has either been licensed and registered or removed.

6.10 Use of software covered under University licence agreements on personally owned hardware is not allowed except where expressly covered under the terms and conditions of the licensing agreement for that software.

6.11 In cases where use of licensed software by staff on personally owned systems is allowed, the software must be used in accordance with the stated terms and conditions of the licence agreement and it is the staff member's responsibility to make themselves familiar and comply with those terms and conditions.

7. Responsible Use of Software

7.1 Software master media (where applicable) must be securely stored in order to avoid theft and/or unauthorised use or copying.

7.2 Any software no longer required (for example: surplus, obsolete) should be uninstalled, redeployed, disposed of or returned in accordance with the agreed licence terms and conditions.

8. Software Audits

8.1 Copyright owners can obtain the right, through an Anton Piller order, to enter business premises, unannounced, and search for evidence of illegal copying of software.

8.2 Additionally, many of the licence agreements agreed to by the University give the copyright owner the right to audit, with notice, the University’s systems for evidence of non-compliance with contract terms.

8.3 Heads of organisational units may request the Chief Information Officer to undertake a software audit as part of an agreed Services Portfolio for ITS support of their systems. This service may incur an additional charge and Heads should contact ITS to discuss this.

8.4 The Chief Information Officer is not obliged to report on software which has been purchased outside of ITS Procurement but may choose to do so.

8.5 Where Heads of organisational units have no agreed services portfolio with ITS, they remain responsible for using the ITAM system to produce a software audit report of their Unit’s systems and devices when required.

8.6 Any software discovered during these audits which is not recorded in the ITAM system should have an appropriate licence purchased as needed, should be removed immediately, or if purchase records can be found it should be added to the ITAM system.

8.7 Organisational unit POC’s will ensure that the ITAM system is maintained accurately and that the inventory agent is deployed so that the system can produce compliance information showing a comparison of actual use against licences held when requested by SIMC or the Chief Information Officer to fulfil an auditing request.

8.8 Staff are required to notify their supervisor or their organisational unit Head of any illegal copies of software or related documentation of which they become aware. As necessary/appropriate such issues may be reported under the Public Interest Disclosure Act as outlined in PPL 1.60.03 Public Interest Disclosure Policy.

8.9 If staff receive an audit letter, this should be passed onto the Legal Office and under no circumstances should discussions be entered into with the author/vendor by other than the Legal Office.

9. Penalties for Non-Compliance

9.1 University

Disciplinary action may be taken against staff engaged in the unlawful copying, use or distribution of software, as per the Misconduct/Serious Misconduct clauses in the Enterprise Agreement.

9.2 Criminal penalties as per the Copyright Act 1968 (Cth)

  • Fines up to $93,500 and /or up to five years imprisonment for individuals
  • Fines up to $467,500 and/or up to five years imprisonment for companies.

9.3 Civil penalties as per the Copyright Act 1968 (Cth)

Making or using illegal copies of software for your personal use or at work is a civil offence under the Copyright Act and offenders are liable for:

  • Damages of an unlimited amount (determined by the Court)
  • Court costs in many circumstances, which can also be substantial.
Custodians