There are numerous items of external legislation which users must abide by when using IT facilities, whether provided by the University, or elsewhere. Some of the more important ones, which directly relate to IT use are listed below.

• Janet Acceptable Use Policy - governs use of the Joint Academic Network (Janet) by which universities and other organisations connect to the internet and external computing resources.
• Computer Misuse Act 1990 - aimed at combating various forms of deliberate misuse of computer systems (including so-called hacking). Penalties include fines and custodial sentences for unauthorised access.
• Communications Act 2003 - details offences of improper use of a public communications service (s.127) and dishonestly obtaining electronic communications services (s.125).
• Regulation of Investigatory Powers Act 2000 - controls the interception of traffic on networks, and was introduced to ensure the UK could comply with the Human Rights Act 1998 rules on privacy of communications. The Act also creates powers for the police and other investigating authorities to require networks to provide information about their users and their use of networks. Monitoring for business purposes, such as the policing of the University's Conditions of Computer Use, can only be done after users have been notified and for the purposes set out in the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 associated with RIPA.
• Data Protection Act 1998 and General Data Protection Regulation - establishes requirements on anyone holding personal data on a computer or any other organised filing system. 
• Anti-Terrorism, Crime and Security Act 2001 - details a voluntary Code of Practice for retention of communications data by public network providers. As private networks, Janet and its connected organisations are recommended to follow the Best Current Practice published by the London Internet Exchange (LINX).
• Counter-Terrorism and Security Act 2015 - section 26 of this Act places a duty on certain bodies to have 'due regard to the need to prevent people from being drawn into terrorism'. Government guidance clarifies how this might apply to universities.

More information regarding the above, and also links to other legislation which affects IT usage, can be found on the Janet web-site - see link below: https://www.jisc.ac.uk/guides/networking-computers-and-the-law