Eligibility Policy

Download as PDFDownload as PDF

Version: 4

Issued: April 2016

Reference: MF-POL-023

Author: A. Cormack

Last Reviewed Date: 04/04/2016

Background

1. Janet is the name given to an electronic communications network and associated electronic communications networking services and facilities that support the requirements of the UK education and research communities.  Organisations in the UK education and research communities use Janet to fulfil, and to undertake activities supporting, their missions of providing education, research, and business and community engagement.

2. Although Janet is funded, designed and operated primarily to support the needs of education and research, it is also available to other organisations engaged in the delivery of services to education and research and in the delivery of other public services.

3. This Eligibility Policy defines the conditions under which all such organisations are eligible to access and use Janet and its services.  It supersedes the Janet Connection Policy previously in effect.  

4. This Eligibility Policy does not address the question of the use which may be made of Janet services once organisations are connected to Janet, or any charges for services that may be levied by Jisc, as operator of the network, on behalf of those who fund Janet.  For the former, please refer to the Janet Acceptable Use Policy, the Janet Security Policy and the relevant service descriptions.  For the latter please contact the Janet customer service desk (service@ja.net).

5. The connection of Janet to other networks is regulated by the Janet Peering Policy.

Definitions Used in this Policy

6. The following terms are defined within this Eligibility Policy:

“Eligible Organisation”

any organisation eligible to use Janet services (see clause 8);

“Janet CSIRT”

the Computer Security Incident Response Team which manages risks to the security of Janet and assists an Eligible Organisation in managing the security of the network it connects to Janet (see clause 13);

“Janet IP Service”

the Janet service providing Internet Protocol connectivity among Janet customers and to the global Internet (see clause 11);

“Janet Terms”

the terms applying to use of any Janet service (see clause 9);

“Partner Organisation”

any organisation permitted by an Eligible Organisation to use Janet (see clause 11).

Documents Referenced by this Policy

7. The following Janet documents are referenced by this policy. 

Copies may be found on the community web-site at URL: https://community.jisc.ac.uk/library/library

Organisations Eligible to Use Janet Services

8.  Various types of organisation within the UK are eligible to use Janet services (“Eligible Organisations”).  These are as follows:

8.1 Organisations whose primary purpose is the delivery of education and research, whether publicly or privately funded.        This includes, but is not limited to, universities, colleges, schools, academies, private colleges, research council establishments and institutes, museums, learned societies and charities sponsoring education or research.

8.2 Other organisations conducting research and education and which require access to Janet for their research and education collaborations.  This may be because they are collaborating with other organisations connected to Janet, or to national research and education networks in other countries.  It includes, but is not limited to, private or third-sector organisations engaged in collaborative research or education with organisations within category 8.1 above; and Government Departments engaged in such collaborative research or in the administration of publicly funded research or education.  In these cases the organisation may use Janet services solely for the purpose of such activities.

8.3 Other organisations supporting research and education.  In these cases the organisation may use Janet services solely for the purpose of providing such support.  (See Note 1.)

8.4 Other public-sector organisations (including local, central and devolved government) and their delivery partners may utilise Janet services in their delivery of public services and their other activities for the public good.  (See Note 2.)

9. All use of Janet by an Eligible Organisation is subject to Janet’s standard Terms for the Provision of the Janet Service and other terms that may apply to specific Janet services (together, the “Janet Terms”).

10. Through the Janet Terms, all use of Janet by an Eligible Organisation and its members is subject to the Janet Acceptable Use and Security Policies.  An Eligible Organisation is responsible for its, and its members’, compliance with these policies.

Connecting Partner Organisations to Janet

11. Any Eligible Organisation may grant access to the Janet IP Service to another organisation (a “Partner Organisation”) appropriate to its missions.  A Partner Organisation may not have access to other Janet services.  (See Note 3.)

12. An Eligible Organisation that provides a Partner Organisation with access to the Janet IP Service is responsible for compliance of the Partner Organisation with this Janet Eligibility Policy, the Janet Acceptable Use and Security Policies.

13. The Janet CSIRT will work with the Eligible Organisation in resolving any security incident relating to the Partner Organisation’s use of the Janet IP service.  This and other Janet support services are not available directly to the Partner Organisation.

14. A Partner Organisation that receives access to the Janet IP Service may, with the permission of its Eligible Organisation and in accordance with that Eligible Organisation’s missions, itself provide access to further Partner Organisations.  The responsibilities of the Eligible Organisation in respect of the selection and subsequent behaviour of the Partner Organisation will apply also to such further organisations introduced by the Partner Organisation.  (See Note 4.)

Providing Individuals with Access to Janet Services

15. An Eligible Organisation or Partner Organisation may provide access to Janet services to its own members, and to its guests visiting for purposes associated with the Eligible Organisation’s missions.  The Eligible Organisation is responsible for compliance with the Janet Acceptable Use and Security Policies by guests using Janet in this manner.

16. An Eligible Organisation or Partner Organisation may choose to provide access to Janet services to guests from other education and research organisations in accordance with the Janet eduroam Policy.  In this case the provisions of that policy will apply.

17. An Eligible Organisation or Partner Organisation may use the Janet IP Service to carry traffic to other networks for members of the public (i.e. individuals who are not covered by either paragraph 15 or 16 above), but only in a way that segregates their traffic and does not create risks to Janet’s private network status (see paragraph 23 below) or reputation. In particular:

18. Network access for members of the public may only be provided under an agreement with a Public Network Provider (e.g. a commercial ISP). That agreement, and the technical measures for routing traffic, must ensure that:

  • All members of the public are authenticated either by the Eligible Organisation or the Public Network Provider;
  • All traffic from members of the public is carried through an encrypted tunnel across Janet to the Public Network Provider;
  • All traffic from members of the public is identified as originating from the Public Network Provider, not from Janet, Jisc or the Eligible Organisation (See Note 7); and
  • The Eligible Organisation and Public Network Provider, not Jisc, are responsible for compliance with laws applicable to public network access (See Note 6).

19. Individuals must not be given access to Janet Services other than in accordance with paragraphs 15-18 above.

Responsibility for Regulatory Compliance

20. An Eligible Organisation is responsible for ensuring that both its use of Janet services and that of its Partner Organisations complies with applicable regulations. In particular:

State Aid Regulations

21. Janet is a publicly-funded network and most Eligible Organisations are also publicly-funded in whole or large part.  There is therefore a risk that providing Janet services to a Partner Organisation, particularly those acting as “economic undertakings”, or providing Internet access to members of the public might contravene state aid regulations.  Each Eligible Organisation is responsible for its own compliance with these regulations and owns the risks associated with non-compliance.

22. Since state aid compliance often requires that facilities be charged for at the prevailing market rate, an Eligible Organisation is both permitted and encouraged to charge any Partner Organisation for Janet access.  (See Note 5.)

Janet’s Private Network Status

23. The Janet IP Service is classed as a private electronic communications service under the Communications Act 2003 on the basis that it does not provide communications services to members of the public.  This exempts it from some of the regulatory requirements imposed on public networks, which could be costly to implement and could curtail some activities of Janet users.  For these reasons this Janet Eligibility Policy and the Janet Acceptable Use Policy prohibit activities which could endanger this status.

24. Should the activities of an Eligible Organisation or any of its Partner Organisations result in its own network being classed as a public network, the Eligible Organisation is responsible for ensuring that no additional regulatory requirements fall upon Janet or Jisc.  (See Note 6.)

Explanatory Notes

Note 1: This includes those organisations who are delivering services to organisations connected to Janet, and organisations that need to use Janet to fulfil an outsourcing or similar contract with an organisation connected to Janet.  It also includes private training providers where these are in receipt of public funding to provide training services, for example in the skills sector.

Note 2: It is recognised that many public-sector organisations partner with commercial or third-sector organisations to deliver public services, or commission services from such organisations.  The test to be applied for eligibility of these delivery partners is that the public-sector organisation is exercising such control that it may reasonably be concluded that the delivery organisation is effectively a public-service provider.  This control might be via the governance of the partnership or the contractual terms of the commissioning.

Note 3: There are two main considerations as to what might constitute an “appropriate” partner organisation to which to provide Janet IP Service.  The first concerns behaviour and consequently reputational risk.  Any organisation using Janet must do so within the terms of the Janet Acceptable Use and Security Policies.  Both these policies are designed to protect Janet and its user base from operational, reputational or possibly legal disruption or damage.

It will be incumbent upon the Eligible Organisation to ensure that all of its partners to whom it has provided Janet do act within these policies, as any breach would be treated in the same way as a breach by one of the Eligible Organisation’s own members.  This is best provided for via a legal agreement between the Eligible Organisation and its Partner Organisation and which sets out what will happen if the Partner Organisation is in breach of these policies.

The second consideration is whether the Eligible Organisation would wish to provide Janet services to the partner in the first place.  The test for this should be whether, if Janet was not available for the purpose, the Eligible Organisation would nevertheless provide the services but using a commercial ISP instead.  If the answer is “yes”, then it should be possible to do so using Janet, subject to state aid constraints.

Note 4: The Eligible Organisation is free to set whatever policy it wishes in this respect, and therefore may choose either to allow or to forbid any of its Partner Organisations to extend access in this way.  If extended access is allowed the Eligible Organisation should ensure that it provides to its Partner Organisation clear terms and conditions for doing so, in order that the Eligible Organisation may meet its own responsibilities.  As above, these are best provided via a legal agreement that also sets out what will happen if the Partner Organisation is in breach of these.

Note 5: An Eligible Organisation must make its own decision on the amounts to charge, subject to state aid constraints, since this will include recovery of costs and a margin on the services provided. This would also include provision via a trading subsidiary of the Eligible Organisation: in this case the subsidiary would need to “purchase” the facilities from its parent body at a market rate if it is to avoid an accusation of inappropriate public subsidy.

Jisc maintains advice to Eligible Organisations on practical steps they should take to manage the state aid implications of extending Janet services to their Partner Organisations.  This draws on more general advice provided by Jisc Legal on the state aid implications of higher and further education’s business and community engagement and includes advice on determining a suitable market rate for Janet services.

Note 6: Such requirements may include authenticating users and keeping records of their activity in accordance with the Data Retention and Investigatory Powers Act 2014 as well as protecting the privacy of users and reporting any privacy breaches in accordance with the Regulation of Investigatory Powers Act 2000 and the amended Privacy and Electronic Communications (EC Directive) Regulations 2003.  Breach of these requirements on a public network may constitute a criminal offence.

Note 7: Traffic from members of the public must be kept separate from other Janet traffic to protect the reputation and private network status of the Janet IP service. This can be done, for example, by routing public internet traffic through an encrypted Virtual Private Network to an Internet Access Provider. Source IP addresses belonging to the Internet Access Provider, and with their WHOIS contact details, (not those of Jisc or the Eligible Organisation) must be used, for example using DHCP, a proxy, or Network Address Translation device.  The Jisc Guest and Public Network Access factsheet provides further advice.