Acceptable use policy

An acceptable use policy (AUP)—also referred to as an acceptable usage policy or, in certain commercial contexts, a fair use policy (FUP)—is a formal set of guidelines established by the administrator, proprietor, or operator of a computer network, website, digital platform, or information system.^[1] The policy delineates the conditions under which access is granted and specifies the behaviors that are permitted, restricted, or prohibited. AUPs function as regulatory instruments intended to ensure the responsible use of information and communications technology, to mitigate institutional liability, and to safeguard the rights and security of both users and system owners.^[2]

The term “fair use policy,” though occasionally employed in industry settings (e.g., by internet service providers to define usage thresholds), is conceptually distinct from fair use as defined in copyright law.^[3] The latter constitutes a statutory doctrine governing the lawful reproduction and transformation of protected works; the former reflects privately enforced contractual norms.^[4]

AUPs commonly address issues such as unauthorized access, distribution of illicit or harmful content, copyright infringement, violations of information privacy, and misuse of communications infrastructure.^[5] They may also outline the procedural and disciplinary consequences of policy violations. In transnational environments, AUPs are increasingly shaped by regional legal frameworks, including data protection regulations (e.g., the General Data Protection Regulation in the European Union)^[6] and national cybersecurity standards (e.g., NIST guidelines in the United States).^[7]

^ "Acceptable Internet Use Policy | Virginia Department of Education". www.doe.virginia.gov. Archived from the original on 2025-03-06. Retrieved 2025-04-30.
^ "What Is an Acceptable Use Policy (AUP)?". business.com. Retrieved 2025-04-30.
^ Rollins, Alison. "Learning Resource Center: Copyright & Fair Use: Copyright & Fair Use". usuhs.libguides.com. Retrieved 2025-04-30.
^ "17 U.S. Code § 107 - Limitations on exclusive rights: Fair use". LII / Legal Information Institute. Retrieved 2025-04-30.
^ "Policy and Security". EDUCAUSE. Retrieved 2025-04-30.
^ "What is GDPR, the EU's new data protection law?". GDPR.eu. 2018-11-07. Retrieved 2025-04-30.
^ "Publications | CSRC". csrc.nist.gov. Retrieved 2025-04-30.

[1] "Acceptable Internet Use Policy | Virginia Department of Education". www.doe.virginia.gov. Archived from the original on 2025-03-06. Retrieved 2025-04-30.

[2] "What Is an Acceptable Use Policy (AUP)?". business.com. Retrieved 2025-04-30.

[3] Rollins, Alison. "Learning Resource Center: Copyright & Fair Use: Copyright & Fair Use". usuhs.libguides.com. Retrieved 2025-04-30.

[4] "17 U.S. Code § 107 - Limitations on exclusive rights: Fair use". LII / Legal Information Institute. Retrieved 2025-04-30.

[5] "Policy and Security". EDUCAUSE. Retrieved 2025-04-30.

[6] "What is GDPR, the EU's new data protection law?". GDPR.eu. 2018-11-07. Retrieved 2025-04-30.

[7] "Publications | CSRC". csrc.nist.gov. Retrieved 2025-04-30.

[1]

[2]

[3]

[4]

[5]

[6]

[7]