Acceptable Use Policy (Florida)

ACCEPTABLE USE POLICY — FLORIDA

Effective Date: [__/__/____]
Last Updated: [__/__/____]
Company: [________________________________] ("Provider" or "Company")
Website/Service: [________________________________] (the "Service")

TABLE OF CONTENTS

1. Definitions
2. Scope and Applicability
3. Permitted Use
4. Prohibited Conduct
5. Content Standards
6. AI and Automated Systems Usage Restrictions
7. Data Protection and Privacy Compliance (Florida-Specific)
8. Network and System Security
9. Email and Communication Standards
10. Monitoring and Enforcement
11. Violation Consequences
12. Reporting Violations
13. Florida-Specific Legal Provisions
14. Amendments and Updates
15. Acknowledgment and Acceptance
    Exhibit A — Prohibited Content Examples
    Exhibit B — Violation Reporting Form

1. DEFINITIONS

1.1 "Authorized User" means any individual or entity granted access to the Service under a valid agreement.

1.2 "Computer" means an internally programmed, automatic device that performs data processing, as defined in Fla. Stat. § 815.03(3).

1.3 "Computer Contaminant" means any set of computer instructions that are designed to modify, damage, destroy, record, or transmit information within a computer, computer system, or computer network without the intent or permission of the owner, as defined in Fla. Stat. § 815.03(4).

1.4 "Content" means any data, text, images, audio, video, software, code, or other materials uploaded, transmitted, stored, or made available through the Service.

1.5 "Customer" means the entity with a valid agreement for access to the Service.

1.6 "Malicious Code" means viruses, worms, Trojan horses, ransomware, spyware, adware, rootkits, Computer Contaminants, or any other harmful code.

1.7 "Minor" means any individual under the age of 18 for Florida law purposes, or under 13 for COPPA.

1.8 "Personal Information" means information that identifies, relates to, or could be linked to a Florida resident, consistent with Fla. Stat. § 501.171 and § 501.702.

1.9 "Prohibited Content" means Content that violates this AUP, applicable law, or third-party rights.

1.10 "Service" means the SaaS platform, applications, APIs, websites, and related services provided by Provider.

1.11 "Sexually Explicit Image" means any image depicting nudity or depicting a person engaged in sexual conduct, as referenced in Fla. Stat. § 784.049.

1.12 "Spam" means unsolicited commercial electronic communications sent in violation of applicable law.

2. SCOPE AND APPLICABILITY

2.1 Applicability. This AUP applies to all Authorized Users, including Customer's employees, contractors, agents, and end users.

2.2 Customer Responsibility. Customer is responsible for Authorized Users' compliance and shall communicate this AUP to all users.

2.3 Age Restrictions. The Service is not intended for individuals under [____] (default: 18) without verifiable parental consent. Customer shall comply with COPPA for children under 13 and with applicable Florida protections for minors.

2.4 Florida Nexus. This AUP applies Florida-specific requirements to use involving Florida residents, content directed to Florida users, or activities conducted within Florida.

3. PERMITTED USE

3.1 Authorized Purposes. Lawful business purposes within the scope of the applicable agreement.

3.2 Compliance. All use must comply with federal, Florida, and local laws.

3.3 Capacity Limits. Use within published limits and fair use parameters.

4. PROHIBITED CONDUCT

4.1 Illegal Activities. Authorized Users shall not:

• (a) Violate any applicable federal, Florida, or local law;
• (b) Engage in fraud, identity theft, or social engineering;
• (c) Facilitate financial crimes;
• (d) Infringe intellectual property rights; or
• (e) Violate the CFAA (18 U.S.C. § 1030) or the Florida Computer Crimes Act (Fla. Stat. § 815.01 et seq.).

4.2 Florida Computer Crimes Act Violations (Fla. Stat. § 815.01 et seq.). The following are prohibited:

• (a) Unauthorized Access (§ 815.06(1)): Accessing a Computer, computer system, computer network, or electronic device with knowledge that such access is unauthorized, or exceeding authorized access;
• (b) Data Interference (§ 815.06(2)): Disrupting or denying the ability to transmit data to or from an authorized user of a Computer, computer system, or computer network;
• (c) Equipment Destruction (§ 815.06(3)): Destroying, taking, injuring, or damaging equipment used in a Computer, computer system, or computer network;
• (d) Computer Contaminants (§ 815.06(4)): Introducing any Computer Contaminant into any Computer, computer system, or computer network;
• (e) Public Utility Systems (§ 815.06(6)): Unauthorized access to Computers owned, operated, or used by public utilities — a third-degree felony; and
• (f) Unauthorized Copying (§ 815.04): Willful, knowing, and unauthorized modification, destruction, disclosure, or taking of data, programs, or supporting documentation.

Note: Violations range from third-degree felonies (up to 5 years imprisonment, $5,000 fine) to second-degree felonies (up to 15 years, $10,000 fine) for offenses involving public utility systems or causing damage exceeding $5,000.

4.3 Security Violations. Authorized Users shall not:

• (a) Gain unauthorized access to any system, network, or data;
• (b) Conduct vulnerability scanning or penetration testing without authorization;
• (c) Launch DoS or DDoS attacks;
• (d) Introduce Malicious Code or Computer Contaminants;
• (e) Intercept or alter communications;
• (f) Bypass security features or access controls; or
• (g) Forge headers or manipulate identifiers.

4.4 Abuse and Misuse. Authorized Users shall not:

• (a) Resell or sublicense the Service;
• (b) Use the Service to develop competing products;
• (c) Publish unauthorized benchmarks;
• (d) Engage in cryptomining;
• (e) Deliberately consume excessive resources; or
• (f) Scrape or data mine outside documented APIs.

4.5 Harassment and Harmful Conduct. Authorized Users shall not:

• (a) Harass, threaten, or intimidate any individual;
• (b) Disseminate hate speech;
• (c) Engage in sexual cyberharassment in violation of Fla. Stat. § 784.049 — specifically, willfully and maliciously disseminating a Sexually Explicit Image of another person without consent, contrary to the person's reasonable expectation of privacy, for no legitimate purpose, and with intent to cause substantial emotional distress;
• (d) First offense: First-degree misdemeanor (up to 1 year imprisonment, $1,000 fine);
• (e) Subsequent offenses: Third-degree felony (up to 5 years imprisonment, $5,000 fine);
• (f) Civil remedy: Minimum $5,000 in damages plus attorneys' fees under § 784.049(5);
• (g) Distribute deepfake or AI-generated Sexually Explicit Images of real individuals without consent;
• (h) Engage in cyberbullying as defined under Florida law, including the Jeffrey Johnston Stand Up for All Students Act (Fla. Stat. § 1006.147), which requires school districts to adopt anti-bullying policies;
• (i) Dox any individual; or
• (j) File false emergency reports ("swatting").

5. CONTENT STANDARDS

5.1 Prohibited Content. Strictly prohibited:

• (a) Unlawful, fraudulent, or deceptive Content;
• (b) IP-infringing Content;
• (c) CSAM or content exploiting Minors;
• (d) Non-consensual Sexually Explicit Images (real or AI-generated);
• (e) Terrorist or extremist Content;
• (f) Malicious Code or Computer Contaminants;
• (g) Stolen credentials or data;
• (h) Spam and phishing payloads;
• (i) Content violating privacy rights; and
• (j) Content violating Florida's sexual cyberharassment statute.

5.2 DMCA Compliance. Provider maintains a DMCA designated agent. Contact: [________________________________].

• (a) Takedown: Expeditious removal upon valid notice.
• (b) Counter-Notification: Available under 17 U.S.C. § 512(g).
• (c) Repeat Infringers: Terminated.

5.3 Florida Right of Publicity. Content shall not use an individual's name, likeness, or persona for commercial purposes without consent in violation of Florida common law right of publicity.

6. AI AND AUTOMATED SYSTEMS USAGE RESTRICTIONS

6.1 Prohibited AI Uses. Authorized Users shall not:

• (a) Use Service outputs to train competing models without permission;
• (b) Make fully automated decisions with legal or significant effects without human review;
• (c) Generate deceptive synthetic media or deepfakes;
• (d) Create AI-generated Sexually Explicit Images of real individuals;
• (e) Use AI to impersonate individuals without consent;
• (f) Hold out AI outputs as professional advice without disclaimers; or
• (g) Use AI to circumvent content moderation or safety mechanisms.

6.2 Florida-Specific AI Provisions.

• (a) Deepfake Sexually Explicit Content: Creating or distributing AI-generated Sexually Explicit Images of identifiable persons without consent may constitute sexual cyberharassment under § 784.049 and potentially child pornography if the depicted individual is a Minor;
• (b) Automated Decision-Making: Where the Service processes Personal Information of Florida consumers for purposes of profiling under the Florida Digital Bill of Rights, consumers have the right to opt out of profiling in furtherance of automated decisions that produce legal or similarly significant effects; and
• (c) Government Content Moderation: Consistent with Fla. Stat. § 112.23 (enacted as part of SB 262), the Service shall not accept requests from Florida governmental employees to remove or suppress Content based on their governmental position.

6.3 Disclosure. AI-generated Content must be disclosed where required by law or where non-disclosure would be materially misleading.

7. DATA PROTECTION AND PRIVACY COMPLIANCE (FLORIDA-SPECIFIC)

7.1 FIPA Compliance (Fla. Stat. § 501.171). Authorized Users shall:

• (a) Take reasonable measures to protect and secure data in electronic form containing Personal Information;
• (b) Promptly notify Provider of any suspected or confirmed data breach;
• (c) Cooperate in breach investigations; and
• (d) Comply with FIPA notification requirements — notice to affected individuals within 30 days of breach determination.

7.2 Florida Digital Bill of Rights (Fla. Stat. § 501.702 et seq.). If applicable (entities that process Personal Information of 100,000+ Florida consumers, or 25,000+ consumers while deriving 50%+ of revenue from data sales):

• (a) Authorized Users shall respect consumer rights to access, correct, delete, and obtain copies of Personal Information;
• (b) Authorized Users shall not process Personal Information for targeted advertising, sale of data, or certain profiling without enabling consumer opt-out;
• (c) Data protection assessments are required for processing activities that present a heightened risk of harm;
• (d) The Florida Digital Bill of Rights specifically prohibits the processing of sensitive data of a known child without verifiable parental consent; and
• (e) Enforcement: Exclusive to the Florida Attorney General; no private right of action.

7.3 COPPA. For children under 13, verifiable parental consent required per 15 U.S.C. § 6502.

7.4 Children's Online Safety. Authorized Users shall not knowingly collect, process, or store Personal Information of Florida children in a manner that violates applicable law. If the Service is directed to children, additional safeguards are required including prohibition of targeted advertising to children under 18.

7.5 Data Breach Response. In the event of a breach:

• (a) Notify affected individuals within 30 days;
• (b) If 500+ Florida residents affected, notify the Florida Department of Legal Affairs;
• (c) FIPA penalties: Up to $500,000 per breach for knowing violations; $50,000 per 30-day period of failure to notify; and
• (d) Maintain breach records for five (5) years.

8. NETWORK AND SYSTEM SECURITY

8.1 Security Requirements. Authorized Users shall:

• (a) Maintain credential confidentiality and use MFA where available;
• (b) Report compromised credentials immediately;
• (c) Keep client-side software current; and
• (d) Comply with Provider's security policies and API rate limits.

8.2 Vulnerability Testing. Prohibited without written authorization.

8.3 Reverse Engineering. Prohibited except as expressly permitted by applicable law.

8.4 Florida Computer Crimes Act Protections. Provider's security measures are protected under Fla. Stat. § 815.01 et seq. Unauthorized attempts to circumvent, disable, or interfere with such measures may constitute felony offenses.

9. EMAIL AND COMMUNICATION STANDARDS

9.1 Federal CAN-SPAM. Full compliance required per 15 U.S.C. § 7701 et seq.

9.2 Florida Electronic Mail Communications Act (Fla. Stat. § 668.603). In addition to CAN-SPAM:

• (a) It is unlawful to send unsolicited bulk commercial electronic mail through or to a computer network or electronic communication service provider in Florida that has published a policy prohibiting such transmission;
• (b) It is unlawful to falsify routing information in connection with electronic mail;
• (c) It is unlawful to use another person's Internet domain name without authorization in connection with unsolicited commercial email; and
• (d) Violations are actionable under FDUTPA (Fla. Stat. § 501.204).

9.3 TCPA Compliance. Prior express written consent for automated calls and texts per 47 U.S.C. § 227. Florida's mini-TCPA (Fla. Stat. § 501.059) imposes additional restrictions on telephonic sales calls, including a prohibition on calls before 8:00 AM or after 8:00 PM local time.

9.4 Anti-Spam. No Spam through any format using the Service.

10. MONITORING AND ENFORCEMENT

10.1 Monitoring. Provider may monitor for compliance as permitted by law.

10.2 Investigation. Provider may investigate and cooperate with law enforcement.

10.3 Content Removal. Provider may remove violating Content with or without notice.

10.4 Preservation. Content preserved pursuant to valid legal process.

11. VIOLATION CONSEQUENCES

11.1 Graduated Enforcement.

11.2 Immediate Suspension. Without prior notice for imminent threats, criminal activity, or CSAM.

11.3 Customer Liability. Fees continue during violation-caused suspension.

11.4 Florida Attorney General. Violations involving Florida consumers may be referred to the Florida Attorney General.

11.5 FDUTPA Remedies. Customer or third parties harmed by AUP violations that constitute unfair or deceptive practices may seek remedies under FDUTPA, including actual damages, injunctive relief, and attorneys' fees.

12. REPORTING VIOLATIONS

12.1 Contact.

• Email: [________________________________]
• Online: [________________________________]
• DMCA Agent: [________________________________]

12.2 Report Contents. Description, evidence, dates, and user information.

12.3 Response. Acknowledgment within [____] Business Days; assessment within [____] Business Days.

12.4 No Retaliation. Good-faith reporters protected.

12.5 Sexual Cyberharassment Reports. Reports involving potential violations of Fla. Stat. § 784.049 shall be prioritized and, if involving a Minor, immediately escalated and reported to the National Center for Missing and Exploited Children (NCMEC) and local law enforcement.

13. FLORIDA-SPECIFIC LEGAL PROVISIONS

13.1 Governing Law. This AUP is governed by the laws of the State of Florida.

13.2 FDUTPA. This AUP and its enforcement shall be consistent with the Florida Deceptive and Unfair Trade Practices Act. Unfair or deceptive enforcement practices are prohibited.

13.3 Sovereign Immunity. If Customer is a Florida governmental entity, nothing in this AUP waives sovereign immunity beyond the limited waiver in Fla. Stat. § 768.28.

13.4 Florida Constitution. Monitoring and enforcement shall respect the privacy rights of individuals under Article I, Section 23 of the Florida Constitution.

13.5 Forum Selection. Disputes arising from this AUP shall be brought in state or federal courts in [________________________________] County, Florida.

13.6 Section 230. Provider may take good-faith actions to restrict objectionable Content consistent with 47 U.S.C. § 230.

14. AMENDMENTS AND UPDATES

14.1 Right to Amend. Provider may modify this AUP at any time.

14.2 Notice. Not less than [____] days' notice for material changes.

14.3 Continued Use. Continued use after effective date constitutes acceptance.

15. ACKNOWLEDGMENT AND ACCEPTANCE

Customer Acknowledgment:

Organization: [________________________________]
Authorized Representative: [________________________________]
Title: [________________________________]
Signature: [________________________________]
Date: [__/__/____]

☐ I confirm that I have read and understood this Acceptable Use Policy.
☐ I agree to communicate this AUP to all Authorized Users.
☐ I accept responsibility for Authorized User compliance.
☐ I acknowledge the Florida-specific obligations, including the Florida Computer Crimes Act, FIPA, and the Florida Digital Bill of Rights.

EXHIBIT A — PROHIBITED CONTENT EXAMPLES (FLORIDA)

EXHIBIT B — VIOLATION REPORTING FORM

Report Date: [__/__/____]

Reporter Information:
☐ Anonymous report

Name: [________________________________]
Email: [________________________________]
Phone: [________________________________]

Violation Type:
☐ Florida Computer Crimes Act violation
☐ Sexual cyberharassment (§ 784.049)
☐ Deepfake / AI misuse
☐ Spam (Florida Electronic Mail)
☐ FIPA / FDBR privacy violation
☐ CSAM or child exploitation
☐ DMCA / IP infringement
☐ Cyberbullying
☐ Security violation
☐ Other: [________________________________]

Description: [________________________________]

Date/Time: [__/__/____] at [____]

Evidence: ☐ Screenshots ☐ Logs ☐ Email headers ☐ Other

Severity: ☐ Low ☐ Medium ☐ High ☐ Critical

Does this involve a minor? ☐ Yes ☐ No ☐ Unknown

☐ I certify this report is made in good faith.

Signature: [________________________________]
Date: [__/__/____]

This Acceptable Use Policy template is provided for informational purposes only and does not constitute legal advice. Have this document reviewed by a qualified Florida attorney before use.