The acceptable-use policy was developed by a committee representing many different units of the University, from Legal Affairs and Personnel to academic departments, and was based on an older policy proposed by a group of network managers. The development process is described in Covington, M. A., "Design and Implementation of a Campus Computer Security Policy," _Internet Research_ 5.4:31-41 (1995); see also the _Chronicle of Higher Education_, September 17, 1999.
The committee invited criticism from all possible quarters at an early stage. That made it possible to educate the user community and defuse objections before the policy was promulgated, so that when the policy became official, most of those affected by it felt it was merely a codification of responsibilities that people already had, rather than a new set of restrictions.
The committee felt that the rules needed to be quite explicit even though this resulted in a long document. A shorter policy would not give people the explicit guidance they need and want in unfamiliar situations.
The acceptable-use policy codifies some rights as well as prohibitions. Most importantly, those accused of wrongdoing are entitled to due process; system administrators are not allowed to serve as judge, jury, and executioner. The rationale for using University computers to pursue personal interests (as education, when equipment and time are available) is also addressed briefly.
At the same time, the acceptable-use policy does not contain any entitlements. It does not declare that any set of people are entitled to computer accounts or to access to computers for any purpose. The allocation of computer resources is left entirely to the University units that pay for them.
The University of Georgia's Acceptable use policy can be found at http://www.uga.edu/compsec/use.html
