Mayor Vincent C. Gray

Search   OCTO


accordian interface begins

About OCTO


Maps & Apps

Agency Support


Office of the Chief Technology Officer

Office Hours
Monday through Friday, 8:30 am - 5:30 pm

How to Reach Us
200 I Street, SE
5th Floor
Washington, DC 20003

Phone: (202) 727-2277
Fax: (202) 727-6857
TTY: 711

FOIA Information
Agency Performance


DC Digital Inclusion 

Rob Mancini
Chief Technology Officer

Ask the Agency

Text Size: A A A Print-Friendly Version Print   Share Share  

Internet Access and Use Policy 

This policy establishes standards for the proper use of DC government-provided Internet services.

Policy Number: Creation Date/Revisions: Effective Date:
OCTO0001 12.15.03 Rev 2.0 07.15.99



This policy establishes standards for the proper use of DC government-provided Internet services.




This policy applies to:

  • All Internet systems and services provided or owned by the DC Government.
  • All users of DC Government Internet services, including:
  1. Full and part-time employees
  2. Contractors authorized to use DC Government-owned equipment or network resources
  3. Volunteers who have been provided with Internet service and
  4. All other users of DC Government information technology resources.




Internet access is a highly efficient research and communications tool that is provided by the DC Government to its employees, contractors, and volunteers to assist them in supporting DC government functions and conducting the government's business within its own organization, with government and private business partners, and with the public. Appropriate use of DC Government Internet access can enhance the efficiency and quality of government services, but inappropriate use can conflict with DC government policies and compromise availability of the system for all. This policy defines requirements and prohibitions for appropriate use of DC government Internet access.



Allowable Uses

  • Communication and information exchange directly related to the mission, charter, or work tasks of a DC government agency
  • Research and information exchange in support of standards, analysis, advisory, and professional development activities related to the user's DC government duties
  • Announcement of DC government laws, procedures, policies, rules, services, programs, information, or activities, subject to the broadcast email requirements described below
  • Application for, or administration of, contracts or grants for DC government programs or research
  • Other governmental administrative communications not requiring a high level of security
  • Interagency and external broadcast correspondence that:
    • Is limited to 100 recipients or fewer,
    • Is not sent to the group distribution list of any other agency, and
    • Does not constitute or contain (as an attachment or otherwise) any inter-agency or external bulletin, newsletter, announcement, promotional material, manual, guide, brochure, or marketing collateral, all of which must be posted on websites and not sent in group emails outside the sender's agency list.
  • Interagency and external broadcast emails with distribution greater than 100 recipients that are authorized in advance by the Director of Communications of the Executive Office of the Mayor (EOM) or the Chief Technology Officer
  • Mayoral broadcast missives, upon 2 hours' notice to OCTO or with shorter notice to OCTO, in the discretion of the Director of Communications, EOM
  • Incidental personal purposes, provided that such use does not:
    • Directly or indirectly interfere with the DC Government operation of computing facilities or electronic mail services,
    • Burden the DC Government with noticeable incremental cost, or
    • Interfere with the email user's employment or other obligations to the DC Government.



Prohibited Uses

  • Any purpose that violates a federal or DC government law, code or policy, standard or procedure
  • The advertising or other promotion of any private business enterprise or activity
  • Transmission or solicitation of information or statements that contain profane language, pander to bigotry, sexism, or other forms of prohibited discrimination, or can in any way be construed as intending to harass or threaten another individual, sexually or otherwise
  • Any activity with religious or political purposes outside the scope of the user's assigned and authorized governmental duties
  • Any unauthorized purchase
  • Sending email under names or addresses other than the employee's own officially designated DC government email address
  • Adding, removing, or modifying identifying network header information ("spoofing") in an effort to deceive or mislead recipients
  • Opening any "executable" email attachments (e.g., .exe, .bat, .scr, .vbs) from any source
  • Sending or forwarding "chain" letters, i.e., those that ask the receiver to forward the message to multiple recipients
  • Sending any attachment files larger than 10 megabytes (MB)
  • Sharing organized District email lists with any person outside the District, except as required by the Freedom of Information Act, subpoena, or other compulsory process
  • Setting email correspondence to forward automatically to an outside (non-District) address
  • "Broadcast" emails that do not meet the "broadcast" email requirements above
  • Disruption, obstruction, or burden of network resources
  • Unauthorized enhancements or add-on software to Outlook (e.g., animations, backgrounds, pictures)
  • Use of non-District email services such as Yahoo or AOL on the District's computer network
  • The intentional or negligent introduction of computer viruses into any DC Government systems; agencies must prevent the introduction of computer viruses into DC government systems and must install District-standard virus-scanning software to check any software downloaded as email attachments.
  • Transmission of sensitive (e.g., confidential) information unless protected by an approved encryption mode and/or identified as shown below
    • Sensitive information includes medical information, information covered by attorney-client privilege, information subject to the Privacy Act, proprietary information, or other information which must be protected from unauthorized disclosure.
    • Sensitive (e.g., confidential) messages must be clearly identified immediately below the message header (i.e., the Subject, Data, From, and To lines) as "SENSITIVE/CONFIDENTIAL INFORMATION [or ATTORNEY/CLIENT PRIVILEGED INFORMATION] - DO NOT RELEASE TO UNAUTHORIZED PERSONNEL." In such cases, the sender must also be certain that the recipient is properly authorized to receive and view the information.
    • For approved encryption modes, refer to applicable information security policies, standards, and procedures.




Violations of District email policy will result in:

  • Upon notice to the violator, disabling of his/her email account for a period of time consistent with the seriousness of the violation, unless a written request for reinstatement is submitted by the agency Director/designate to the OCTO Director of IT Security.
  • Where an email account is found to be broadcasting a virus or otherwise placing the email system in jeopardy, disabling the account without notice to the violator, with reinstatement as described above
  • Other corrective action in the discretion of the violator's agency Director



Statutory Authority

DC Official Code § 1-1403.



Roles and Responsibilities: All DC Government Email Users

  • Users of DC email must use the service only for the Allowable Uses defined above and refrain from any of the Prohibited Uses defined above.
  • Users must change passwords with regular frequency, in accordance with applicable agency and OCTO standards and recommendations.



Roles and Responsibilities: DC Government Agencies

  • Each agency is responsible for its employees' and contractors' compliance with this policy and is expected to familiarize each user with this policy.
  • Because transmission of email may involve routing over an unsecured network, it is the responsibility of each agency to protect sensitive (i.e., confidential) information from intentional, inappropriate, or accidental disclosure, and to protect the DC government and individual users from loss or harm.
  • Agencies are responsible for the investigation of alleged or suspected violations of this policy, and the referral of violations to OCTO for suspension of service to users.



Roles and Responsibilities: OCTO

  • The OCTO Director of IT Security must develop and update email security policy and maintain awareness of email-related threats, vulnerabilities, and security issues.
  • The Director of IT Security will maintain a content filtering system which scans the contents of messages on the DC Government email system, rejects messages containing content that may violate this policy, and issue the sender a notification advising that the message has been rejected, and why, so that the message can be corrected and resent.
  • However, neither OCTO nor any agency or instrumentality of the DC Government undertakes to protect users from receiving electronic mail they may find offensive, or to guarantee that electronic mail received was in fact sent by the purported sender.
  • Because email is public, not private communication, OCTO may monitor any or all DC Government email traffic to determine compliance with this and related policies.



Disclaimer of Legal Rights

Nothing in this statement of policy shall be deemed to create any legal right on the part of a user of the email system, nor any legal obligation on the part of OCTO or any person having authorized access to search or review email correspondence in the system.