STAFF NOTICE

ACCEPTABLE USE OF THE COMMISSION’S ICT⁽¹⁾ SERVICES (PC EQUIPMENT, E-MAIL AND INTERNET ACCESS SYSTEMS, TELEPHONE, FAX AND MOBILE PHONES)

Staff are reminded that computer equipment, e-mail and internet access, telephones, mobile phones and fax equipment have been installed by the Commission for official use. However, this equipment may be used for private purposes as long as it is on a purely occasional basis and does not amount to extensive use of the equipment for private purposes.

As regards telephones and mobile phones, occasional personal use is permitted at the user’s expense. A personalised access code has to be used for each private communication by telephone. This code is provided on request and the cost of private calls is withheld from the user's salary. As access codes for private communications on mobile phones are not yet generally available, users of Commission mobile phones have to indicate their private calls on the monthly statements.

With respect to the utilization of the email system, all Commission staff should refrain from disseminating email messages that are of a non-official character to a wide or even indiscriminate number of addressees or request the addressee(s) to distribute the message widely. This limitation applies regardless of the content of such messages (e.g. entertainment, charity, political campaigns or commercial ends etc) and is intended to safeguard server capacity and maintain the proper functioning of the service.

As the servers of the Commission are used by staff both directly from office premises and via remote access from other places, attention is drawn to the fact that normally emails or other messages that are sent through the server of the Commission will indicate the sender’s Commission email address with the cec.eu.int / ec.europa.eu suffix and thereby establish a link to the Commission.

The Commission’s ICT services may not be used for illegal or irregular purposes, in any way that might disrupt the functioning of the service itself or in any manner contrary to the interests of the Communities.

Staff are reminded in particular of:

• the obligations set out in the Staff Regulations of officials and the conditions of employment of other servants of the European Communities, and in particular Article 12, which states that an official “shall refrain from any action or behaviour which might reflect adversely upon his position”. Therefore, any abuse linked to personal use of the ICT services made available to staff is prohibited (see Report on the work of the Investigation and Disciplinary Office (IDOC)⁽²⁾and relevant case law);
   
• the specific rules laid down in Commission Decision 2001/844/EC (Commission provisions on security) on the creation, handling and distribution of EU classified information;⁽³⁾
   
• Article 5 of the Commission Decision on the Protection of Information Systems⁽⁴⁾;
   
• the 15 Optim@il Top Guidelines for an effective e-mail use at the European Commission⁽⁵⁾.

The Commission will monitor the use of ICT services as follows:

DG DIGIT provides each Directorate-General with statistics on the use of the following ICT services: internet access, telephone and mobile phones. These statistics are anonymous.

Each Director-General designates a contact person(s) responsible for the handling of questions relating to the use of telephones, fax, mobile phones and the internet in his/her department(s) and informs his staff accordingly. The above-mentioned person(s) examines the statistics.

In case of suspected abuse of ICT services, the Director-General concerned may submit a reasoned request to the Director-General of DG ADMIN to open an investigation into the use of ICT by a particular member of staff.

Pursuant to Commission Decision of 16 June 2005 on the exercise of powers conferred by the Staff Regulations on the Appointing Authority, the Director-General of DG ADMIN, in agreement with the Secretary-General, will, where appropriate, give the necessary instructions to carry out the requested investigation, after consulting the Data Protection Officer. In urgent cases, this consultation must be as soon as possible after the opening of the investigation. The investigation is carried out by the IDOC, if necessary, with the support of the Security Directorate of DG ADMIN (ADMIN/DS) and DG DIGIT, in conformity both with existing investigative and disciplinary procedures⁽⁶⁾and with Regulation (EC) No 45/2001 on the protection of individuals with regard to the processing of personal data.⁽⁷⁾

Within the framework of its investigation, the IDOC may lift the anonymity of specific and limited data (traffic and/or content of an electronic mailbox, access to web pages, telephone/mobile phone calls, fax transmissions, etc.).

Any investigation into abuse of ICT services may lead, when appropriate, to disciplinary action, without prejudice to the other provisions relating to the European Anti-Fraud Office (OLAF).

The staff are reminded that the Appointing Authority intends to follow-up more strictly infringements of the above rules and guidelines on the use of IT equipment.

This notice replaces the ones published in administrative notice No 88-2002 on the acceptable use of the Commission e-mail system and in the administrative notice No 32-2006 on the use of the internet and electronic mail.
 

___________________
FOOTNOTES

⁽¹⁾ Information and Communication Technologies

⁽²⁾ http://www.cc.cec/guide/publications/infoadm/2004/ia04027_en.html

⁽³⁾ http://www.cc.cec/security/references_and_library/legislation_en.html 

⁽⁴⁾ Commission Decision on the Protection of Information Systems – C(95) 1510 (EN):http://www.cc.cec/softline/u/services/security/dssi/decisions/home.htm 

⁽⁵⁾ http://www.cc.cec/home/dgserv/digit/everybody/e_mail/use_email/brochure/index_en.htm

⁽⁶⁾ Commission Decision on the conduct of administrative inquiries and disciplinary procedures: http://www.cc.cec/sg_vista/cgi-bin/repository/getdoc.cgi?full_file_name=COMM_NATIVE_C_2004_1588_F4_EN_DISCIPLINE.doc   

⁽⁷⁾ Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (OJ L 8, 12.1.2001, p.1).