Home Contact Us Help Search
  PSHRI logo

PSHRI*Net Use Policies


1. Purpose

Subscription to PSHRI signifies that users have read and agree with this policy. This policy is based on the Treasury Board of Canada Secretariat's Policy on the Use of Electronic Networks, Industry Canada Industry Canada - Internet Usage Policy and the Solicitor General Canada's Acceptable Use Policy for Electronic Networks.

Because electronic networks permit individuals who use them to inadvertently or deliberately damage a positive work environment, to disclose classified or designated information in an unauthorized fashion, or for unlawful activities, PSHRI is instituting this policy to help users get the most benefit from electronic networks and to provide guidance regarding unacceptable conduct on these networks.

Internet can have many benefits for a virtual countrywide community like PSHRI. However, there are also costs and potential risks if the networks are not used properly. The Appendices to this policy contains non-exhaustive lists of unacceptable uses. Because of the seriousness of problems that could arise from not adhering to the policy, the failure to follow these directions may result in refusing subscription to the service to the organization or individual involved, including sanctions in a court of law if unlawful activities are involved as illustrated in Appendix A.


2. General principles

PSHRI is committed to conducting its business in a way that demonstrates respect for the individual, that provides a stimulating, positive virtual work environment and that rewards cooperation and results. We have taken this approach to heart in developing this document.

As an PSHRI user, you are encouraged to explore and use the service's facilities, to work in support of its mission and to discover new ways to use its resources to improve service delivery.

PSHRI Management has developed this document so that it is clear which behaviors are appropriate and which are not. All PSHRI users are expected to read and understand this document and to use the service in accordance with it. You should know that non-compliance with the Policy defined in this document will be treated as a serious matter.

PSHRI users have an obligation to use their access to the service in a responsible and informed way, and to become familiar with network etiquette, customs, and courtesies. Because using PSHRI is a privilege, not a right, your access may be revoked at any time for conduct that does not conform to the policies set out in this document or in other established Canadian laws and regulations related to Internet use.

You should also bear in mind that all the laws of Canada, including the Criminal Code, apply to the use of the Internet by Canadians within Canada. This policy is intended to highlight the application of a few of those laws as well as to describe the additional standards of conduct that apply to your use of this valuable tool.


3. Appropriate use: General guidelines

The following guidelines must be used for posting email and other forms of messaging (e.g., newsgroups, listservers, Compendium of Initiatives, etc.).

  • In all cases, please use polite and respectful language. Users also have an obligation to learn about network etiquette (netiquette), customs, and courtesies.

  • Users of mailing lists should retain initial welcome messages/information received when first subscribing in order to know how to properly send messages and unsubscribe later if necessary.

  • Before starting to use PSHRI, read appropriate FAQs (Frequently Asked Questions) for mailing lists and newsgroups.

  • When posting materials on PSHRI, as a matter of courtesy to fellow participants always use first up-to-date virus scanning software to make sure that your message or attachment does not contain any viruses. Any willful negligence to adhere to sound antivirus practices will result in immediate termination of services. PSHRI management should be informed immediately if a virus is detected. Infected files should not be used.

  • To avert slowing access for others, please avoid transferring large files during peak business hours.


4. Authorized uses of PSHRI
  • As defined in its mission statement described on page http://www.arraydev.com/PSHRI/english/about.asp, the use of PSHRI is restricted to the aim to promote a safer Canada through better information sharing among the criminal justice partners -- including federal, provincial/territorial and municipal governments.

  • Users must not post personal messages.

  • In all their postings and submitted materials, users must exercise due care to provide factual descriptive information only.


5. Privacy Policy
  • Users should be aware that Internet email systems and discussion forums are not secure, and therefore must not be used to convey sensitive or classified information. They are to be used for transmitting unclassified information only.

  • Users must not post information disclosure of which is specifically prohibited by law (e.g., information protected under Access to Information or Privacy laws). Posted information must respect the privacy of individuals as set out in the corresponding Access to Information or Privacy laws.

  • Financial information such as Mastercard number must not be conveyed.

  • Users must not post pornographic or other offensive materials that may be considered harassing or illegal. A more extensive list of examples of unacceptable uses is provided in the Appendix to this Policy.

  • If you encounter anything "suspicious" which could affect the computer security, individual privacy or appropriate use of PSHRI, please promptly notify the Management.


6. Unlawful and unacceptable conduct
  • Unlawful activity is not permitted on PSHRI. Appendix A provides a working definition and a non-exhaustive list of examples of unlawful uses of PSHRI's services.

  • Certain activities that are legal are nonetheless unacceptable and not permitted on PSHRI. Appendix B provides a non-exhaustive list of examples of unacceptable uses of PSHRI's services.


7. Responsibilities of users Examples of responsibilities of users include the following:
  • Users must take reasonable steps to ensure their communications about policies, programs and service are accurate and clear, and that these communications comply with PSHRI's Policies.

  • Users must take reasonable measures to control the use of their password, user identification or computer accounts, which includes being responsible for any actions or costs arising from the unauthorized use of PSHRI.

  • Users must follow PSHRI's instructions for ensuring the security of its electronic information.

  • Users must become aware of information technology security issues and privacy concerns, using the information technology security features provided by PSHRI, and taking precautions to avoid transferring computer viruses into the network.

  • Users are encouraged to add a disclaimer to the signature block when not officially representing their organization if the message could be perceived as their employers opinion. An example of a disclaimer is: "The opinions expressed here are my own and do not necessarily represent those of my employer."

  • When in doubt about the intended use of PSHRI, users should ask PSHRI Management to clarify whether the intended use is unlawful or unacceptable within the terms of this Policy.


8. PSHRI Management rights and responsibilities
  • PSHRI Management reserves the right to remove any material from PSHRI posted by the users without explanation.

  • PSHRI Management reserves the right to investigate all reports of unlawful or unacceptable use by the users.

  • PSHRI Management will designate individuals who are authorized to analyze logs that show the use of PSHRI services, the content of posted files or electronic mail as fell within the scope of this Policy.


9. Disciplinary measures
  • PSHRI Management will report any suspected illegal activity to law-enforcement authorities, unless legal advisors consider the matter too minor.

  • Failure to follow the policies outlined in this document might result in suspension of the user from PSHRI.

  • PSHRI Management reserves the right to suspend the offending organization or individual, even where a formal criminal charge or civil lawsuit is not pursued.


10. PSHRI monitoring of logs and postings
  • Users should be aware that PSHRI's network logs permit automatic recording of various kinds of service's usage. Under the direction of PSHRI Management, PSHRI reserves the right to monitor these logs to ensure compliance with this policy. Users also need to be aware that the public could get access to these records under the Access to Information Act and the Privacy Act.

  • Users should also be aware that their Internet address is also automatically recorded by the logging systems of PSHRI.

  • PSHRI Management will strive to regularly monitor PSHRI and to remove the materials which it finds not in accordance with the service's intent, unlawful or unauthorized.

  • PSHRI Management reserves the right to audit and special monitoring without notice in instances where it is reasonable to suspect unlawful or unacceptable activity.

For additional information or clarification on this policy, please contact PSHRI's Management.


Appendix A. Examples of Unacceptable Uses

Unlawful Activity: Definition and Non-Exhaustive List of Examples

Treasury Board and the Department of Justice have provided this non-exhaustive list.

The term "unlawful activity" can have a number of meanings. For the purposes of this Policy, "unlawful activity" is interpreted broadly to include actions that could result in sanctions of different kinds in a court of law.

Some activity gives rise to criminal offences, but unlawful activity includes more than just what is criminal. It also includes activity that violates non-criminal, regulatory statutes (only a small proportion of statutes provides for criminal offences). Some regulatory statutes state that anyone who violates their provisions has committed an offence, but other statutes do not create specific offences. However, whether or not an offence is set out in a specific regulatory statute, it is still unlawful to fail to observe statutory requirements.

Further, section 126 of the Criminal Code states that anyone who willfully violates an Act of Parliament for which no offence is specified has committed an offence. Provincial laws have similar provisions.

Finally, some activities are neither criminal nor violations of specific regulatory statutes, but they can result in lawsuits brought by persons who are harmed by those acts. In such cases, the courts can find that a defendant is in breach of the laws applicable in a province and can penalize the person with an enforceable monetary award of damages to be paid to the plaintiff. These are known as civil actions. Where there is civil liability of an employee, and when the employee's activity falls within the scope of his or her duties, the employer can also be liable for monetary damages.


Criminal offences

The following are examples of criminal activity that could take place on electronic networks:

  • Child pornography: possessing, downloading or distributing any child pornography (see section 163.1 of the Criminal Code).

  • Copyright: infringing on another person's copyright without lawful excuse -- the Copyright Act provides for criminal prosecutions and civil actions in such cases (see also "copyright" under violations of federal and provincial statutes).

  • Defamation: causing a statement to be read by others that is likely to injure the reputation of any person by exposing that person to hatred, contempt or ridicule, or that is designed to insult the person (see sections 296-317 of the Criminal Code). There are a number of defenses for this offence. For instance, the maker of the statement may believe, on reasonable grounds, that the statement is true and that the statement is relevant to a subject of public interest whose public discussion benefits the public.


Hacking and other crimes related to computer security
  • Gaining unauthorized access to a computer system: using someone else's password or encryption keys to engage in fraud or obtaining money, goods or services through false representations made on a computer system. See the following Criminal Code provisions: section 122 (breach of trust by public officer); section 380 (fraud); section 361 (false pretences); section 403 (fraudulent personation); section 342.1 (unauthorized use of computer systems and obtaining computer services).

  • Trying to defeat the security features of the electronic networks. See the following Criminal Code provisions: section 342.1 (unauthorized use of computer systems and obtaining computer services); section 342.1(d) (using, possessing or trafficking in stolen computer passwords or stolen credit card information); section 342.2 (making, possessing or distributing computer programs that are designed to assist in obtaining unlawful access to computer systems); sections 429 and 430 (mischief in relation to data).

  • Spreading viruses with intent to cause harm. See the following Criminal Code provisions: sections 429 and 430 (mischief in relation to data); section 342.1 (unauthorized use of computer systems and obtaining computer services).

  • Destroying, altering or encrypting data without authorization and with the intent of making it inaccessible to others with a lawful need to access it. See the following Criminal Code provisions sections 429 and 430 (mischief in relation to data); section 342.1 (unauthorized use of computer systems and obtaining computer services); section s 129 and 139(2) (destroying or falsifying evidence to obstruct a criminal investigation).

  • Interfering with others' lawful use of data and computers. See the following Criminal Code provisions: sections 429 and 430 (mischief in relation to data); section 326 (theft of telecommunication services); section 322 (theft of computer equipment); section 342.1 (unauthorized use of computer systems and obtaining computer services).

  • Harassment: sending electronic messages, without lawful authority, that cause people to fear for their safety or the safety of anyone known to them (see section 264 of the Criminal Code). Section 264.1 of the Criminal Code makes it an offence to send threats to cause serious bodily harm, damage personal property or injure a person's animal.

  • Hate propaganda: disseminating messages that promote hatred or incite violence against identifiable groups in statements outside of private conversations (see section 319 of the Criminal Code).

  • Interception of private communications or electronic mail (in transit): unlawfully intercepting someone's private communications or unlawfully intercepting someone's electronic mail (see section 184 and section 342.1 of the Criminal Code, respectively).

  • Obscenity: distributing, publishing or possessing for the purpose of distributing or publicly displaying any obscene material (e.g. material showing explicit sex where there is undue exploitation of sex, where violence or children are present, or where the sex is degrading or dehumanizing and there is a substantial risk that the material could lead others to engage in anti-social acts). See section 163 of the Criminal Code.

  • Various other offences: the Criminal Code (and a few other statutes) provide for a range of other offences that can take place in whole or in part using electronic networks. For example, fraud, extortion, blackmail, bribery, illegal gambling, and dealing in illegal drugs can all occur, at least in part, over electronic networks and are criminal acts.


Violations of federal and provincial statutes

The following are examples of unlawful (though not criminal) activity that can take place on electronic networks.

  • Users must respect copyright and licensing agreements of any uploaded and downloaded files. Copyright and intellectual property: violating another person's copyright (the Copyright Act provides for criminal prosecutions and civil actions in such cases). Unauthorized use of trademarks and patents can also occur on electronic networks and these acts are proscribed in the Trademarks Act.

  • Defamation: spreading false allegations or rumors that would harm a person's reputation. In addition to criminal libel, defamation is contrary to provincial statutes dealing with this subject.

  • Destroying or altering data without authorization: unlawfully destroying, altering or falsifying electronic records. See the following provisions: section 5 of the National Archives of Canada Act; sections 6 and 12 of the Privacy Act; section 4 of the Access to Information Act; section 5 of the Official Secrets Act.


Disclosing sensitive information without authorization

  • Disclosing personal information: failing to respect the privacy and dignity of every person. The obligation to respect a person's privacy is expressed in a number of statutory provisions, such as sections 4, 5, 7 and 8 of the Privacy Act and section 19(1) of the Access to Information Act. Many federal statutes have non-disclosure provisions, often designed to protect the privacy of citizens who provide information to the government (see list of provisions in Schedule II of the Access to Information Act). In addition, Quebec has a number of privacy provisions in its Civil Code (see articles 3, 35-41) and in its Human Rights Charter (see articles 4, 5 and 49). British Columbia, Saskatchewan, Manitoba and Newfoundland also have statutes that provide for civil actions where there is an undue invasion of privacy.

  • Disclosing business trade secrets: revealing business trade secrets without authorization or in response to a formal request under the Access to Information Act, business trade secrets or confidential commercial information supplied in confidence by a third party and consistently treated as confidential by the third party. See section 20(1)(a) and (b) of the Access to Information Act.

  • Disclosing sensitive government information: revealing sensitive government information without authorization. See sections 3 and 4 of the Official Secrets Act. As well, when responding to formal requests under the Access to Information Act, institutions must not disclose information obtained in confidence from other governments (see section 13 of the Access to Information Act; the other exemptions in the Act relating to government information are discretionary).

  • Note that employees and other authorized individuals and the government are immune from legal actions with respect to disclosures made in good faith under either the Privacy Act or Access to Information Act.

  • Harassment: Sending abusive, sexist or racist messages to employees and other individuals (harassment in the workplace). It is a discriminatory practice "(a) in the provision of …services… available to the general public…or (c) in matters related to employment to harass an individual on a prohibited ground of discrimination". The prohibited grounds are race, national or ethnic origin, colour, religion, age, sexual orientation, marital status, family status, disability and conviction for which a pardon has been granted. Thus, in some circumstances, displaying unwelcome sexist, pornographic, racist or homophobic images or text on a screen at work can be unlawful harassment. See section 14 of the Canadian Human Rights Act.

  • Use of public money without proper authority: See the following provisions of the Financial Administration Act: section 33 (making a requisition without authority); section 34 (certifying receipt of goods or services without authority); section 78 (liability for losses caused by malfeasance or negligence); and section 80 (taking bribes or participating in corrupt practices).


Activity that can expose authorized individuals or the employer to civil liability

  • Various kinds of conduct can expose a person or an employer to civil liability. The employer's liability will be triggered when a Public Service employee performs the unlawful activity in the course of his or her employment. The Public Service employee remains personally liable for these actions, even when the federal government is also liable. (The government's policy on indemnifying authorized individuals - Policy on the Indemnification of Servants of the Crown - is relevant to such actions.) The following are examples of civil wrongs that can take place on electronic networks.

  • Disclosing or collection of sensitive data: revealing or obtaining such information without authorization. In addition to the statutory provisions mentioned above, an unauthorized disclosure or collection of personal information can result, in some circumstances, in a civil action for invasion of privacy, nuisance or trespass under common law, and similar actions under the Civil Code of Quebec (articles 3, 15-41); for breach of contract and for breach of trust or breach of confidence (e.g.: if confidential commercial information is disclosed).

  • Defamation: spreading false allegations or rumors that would harm a person's reputation. In addition to criminal libel, publishing defamatory statements without a lawful Defence can result in a civil action.

  • Inaccurate information: posting inaccurate information, whether negligently or intentionally. This can lead to civil lawsuits for negligent misrepresentation if it can be shown that (a) the posting caused harm and resulted in damages to the person who (b) reasonably relied on the information, that (c) the person or institution that made the posting owed a duty of care to the person who was harmed by inaccurate information; and (d) the inaccuracy was due to negligence (conduct that falls below what is reasonable in the circumstances).


Appendix B. Unacceptable Activities

Activities that are not necessarily unlawful but that violate PSHRI policies (non-exhaustive list of examples)

Users of PSHRI are prohibited from conducting any of the unlawful or unacceptable activities listed in this Appendix. Doing so might result in suspension of services. Treasury Board and the Department of Justice have provided this non-exhaustive list.

  • Causing congestion and disruption of networks and systems, through such means as sending chain letters and receiving list server electronic mail unrelated to a work purpose. These are examples of excessive use of resources for non-work related purposes.

  • Using PSHRI for private business, personal gain or profit or political activity.

  • Representing personal opinions as those of the institution, or otherwise failing to comply with institutional procedures concerning public statements about the government's positions.

  • Users must not breach the security measures in place within PSHRI to control Internet access. Any willful negligence to adhere to security and acceptable use policies will result in immediate termination of services.

  • PSHRI's facilities must not be used to gain unauthorized access to computing facilities of other institutions, organizations or individuals on the Internet.

  • Users should never post any information unless it is from a reputable site and they know exactly what is being uploaded.

  • Posting documents whose main focus is pornography, nudity and sexual unless such information is provided for valid work-related purposes in the context of serious discussions of sexual orientation issues.