Know Your Rights
By: Patricia Leboeuf
Posted on Thursday, July 20, 2017
The following paragraphs provide an overview of three key areas regarding the use of DND/CF resources. Employees are strongly encouraged to further educate themselves by reading Defence Administrative Orders and Directives (DAOD) 6001-1 Acceptable Use of the Internet, Defence Intranet and Other Electronic Networks and Computers and reviewing the relevant FAQs.
Defining unlawful or unacceptable activity
As a starting point, employees are asked to “use common sense and good judgment” when using DND/CF Information Technology (IT) resources. However, both Canadian legislation and DND/CF policy clearly identify a range of unlawful or unacceptable activities. As described in DAOD 6001-1, DND/CF IT resources must not be used for political lobbying or commercial activities such as running a personal business. Nor should they be used to circumvent security features that protect DND/CF networks. In addition, the policy clearly states that using DND/CF IT resources for any use that would reflect discredit upon DND or the CF, such as gaining unauthorized access to a computer system, to intercept private communications or electronic mail, or to modify data or passwords, constitutes unacceptable behaviour.
The policy also addresses the issue of accessing or distributing any material whose main focus is pornography, nudity, sexual acts, or the incitement of hatred. Similarly, it inhibits employees from utilizing DND/CF IT resources for any activity that is contrary to the Criminal Code, any other federal statute or regulation, or provincial law, including any non-criminal statute or regulation. The policy also emphasizes that employees shall not engage in any activity that would result in a personal profit.
Balancing system monitoring and individual privacy
In developing and distributing the Acceptable Use of the Internet, Defence Intranet and Other Electronic Networks and Computers, DND/CF has taken a critical step to ensure that employees have access to information on the appropriate us of DND/CF assets and how the use of those assets is monitored. At the same time, the document demonstrates to Treasury Board that DND/CF policy complies with the privacy right of the individual employee. In fact, the section entitled “Expectation of Privacy”; outlines the general system monitoring that constitutes appropriate means to ensure DND/CF assets are well protected. For additional detail on the monitoring of DND/CF IT resources see Chapter 70 of the National Defence Security Instructions. The policy then describes what steps may be taken should an employee be found in contravention of the policy.
Understanding the policy rationale
DND/CF IT resources provide employees with the tools and information to work efficiently, the ability to hone skills through on-line training, and the opportunity for professional and career development. But when used inappropriately these same resources can expose DND/CF to legal risks and productivity issues. The IT resources acceptable use policy has two primary objectives:
• To encourage responsible use of DND/CF IT resources by providing policy direction and other relevant information to authorized users.
• To protect DND/CF from legal liability for unlawful or unauthorized acts involving the use of DND/CF IT resources.
DND/CF asks individuals to recognize that as the owners of the IT resources available to employees,
DND/CF may be implicated in cases of unlawful or unacceptable activity. If an employee is found guilty of an offense involving DND/CF equipment, the department may face criminal charges or fines, be subject to loss of privileges, and suffer loss of face within the government.
Individuals who require additional information or need advice on a specific situation are encouraged to contact their Information Systems Security Officer (ISSO) or Director Information Management Security.