Online Piracy and Higher Education
Policies to curb copyright infringement in university and college settings
Universities and colleges have a strong interest in addressing the problem of copyright infringement on campus and on their networks. Intellectual
property is essential to their mission; if it is not adequately protected, their own works are devalued, as well as the works that they use and
teach. Moreover, the institution's bandwidth may be abused and its network resources misused to serve up content to downloaders all over the world.
Illegal file-sharing can compromise networks with viruses, spyware and data security threats. It taxes the institution's resources in responding to
infringement notices and engaging in disciplinary proceedings. It presents students with the prospect of facing legal action, and in some
circumstances can even lead to potential liability for the institution itself.
Educational institutions are ideally placed to shape student attitudes toward copyright. There are a number of steps they can and should take to
curb copyright infringement and the associated security problems on their networks. These include education and communication, vigilance in
maintaining a safe and legal online environment, and the effective use of technological tools.
Set up an appropriate copyright policy. Staff and students should understand that unauthorised copying and transmission of someone else's music
or other works is copyright infringement, which will not be tolerated by the university and carries legal and financial penalties. This is best
accomplished through setting a code of conduct and terms and conditions of enrolment. The policy should also illustrate unacceptable behaviour,
including illegal file-sharing, and provide details of the penalties imposed both by the university and by the courts. Students should be in no
doubt that illegal file-sharing on dorm networks is just as unacceptable as on the university's network.
Communicate and implement the policy. Institutions can ensure their policy is well communicated to staff and students by taking simple steps,
Making the policy prominently available beginning at enrolment, both in print and on websites.
Ensuring that staff and students are aware of these terms and sign a document agreeing to them before they are given access to the computer
Sending periodic emails directly from senior staff, with reminders that the university takes copyright infringement very seriously and that
failure to comply with its policy will result in penalties.
2. BEST PRACTICE NETWORK SECURITY
Several key steps are recommended to maintain a safe and legal online environment:
Check what is on the system and delete clearly infringing material. Many institutions already audit their systems for certain types of
copyrighted material, particularly software. Inventories should also include music and other major types of copyrighted works. Commercial
recordings of music are virtually never licensed for multiple copying, network storage or internet distribution, except through a recognised,
legitimate music service or under an explicit agreement with the owners. 'Private copy', 'academic use', 'fair use', 'evaluation copy' or other
such excuses do not permit the storage or transmission of libraries of commercial recordings on academic institutions' systems.
Control wireless access. Wireless use should be subject to the same policy as any other means of access. Universities should be sure that
wireless connections to their network and the internet are secure and encrypted, so that they are not hijacked for illegal purposes. Wireless hub
software lets organisations set access codes and the desired level of security and/or encryption.
Maintain virus and spyware protection. Protective software can screen out rogue files containing viruses, spyware or other damaging material, and
should be installed on every computer. All copies of anti-virus and spyware programmes should be run regularly and kept up to date.
Set firewall rules. Firewalls enforce security policy on traffic flows to and from the external internet, and can be useful tools to restrict
excessive bandwidth usage. Particular internet addresses, ports or protocols on which file-sharing or other infringing activity typically occurs
can be blocked. Best security practice is to lock down all ports at the firewall that are not specifically needed for authorised internet
Designate a compliance officer. Someone within each institution should be responsible for ensuring compliance, particularly protecting against
copyright theft on its systems. The person needs to be sufficiently senior (such as the IT or finance director) to insist on ongoing compliance
with the institution's code of conduct, to remove illicit material promptly and to deal with any notices or disciplinary actions.
3. TECHNOLOGY TO CONTROL FILE-SHARING
The following new technologies are now commercially available and effective in dealing specifically with illegal file-sharing:
Barring use of unauthorised P2P software. Barring unauthorised software installations and file-sharing activity on a university's system is an
easy way of reducing copyright and security problems, stopping the vast majority of piracy before it takes place. One network-based system
developed by Red Lambda is cGrid (http://www.redlambda.com/Products_overview.htm) ,
pioneered by the University of Florida. It can be customised to provide selective or complete blocking and also addresses a full range of other
security management issues.
Network filtering. Another option is to install a network filtering system for specific files. Unlicensed copyright sound recordings can be
identified within peer-to-peer traffic and individually blocked, while leaving other peer-to-peer traffic unaffected. Sophisticated software that
can selectively filter or block copyrighted material as it passes from the internet to an institution's local infrastructure is now available,
such as Audible Magic's "Copysense" (http://www.audiblemagic.com) ). Used in over 60 academic
institutions to date, it claims to be able to find a match over 99 per cent of the time with no false positives.
Traffic shaping. Sometimes known as "throttling", the idea is to put an appliance inline in the network that can selectively slow down all P2P
traffic, using "caps" or at peak times. This does not prevent infringement, but if the "slowdown" is implemented aggressively on the upstream
side, it can stop files that are being shared on the fast university network from feeding massive off-campus P2P activity. Several companies
offer equipment for traffic shaping, including Cisco, Packeteer and Palisade.
Prevent bandwidth abuse. Network monitoring software, which may be supplied with network equipment, allows institutions to check whether users or
devices are hogging bandwidth and may be configured to automatically ban them from a network on a temporary or permanent basis. Technical staff
should check traffic 'hot spots' to see if there is a system problem or illegal activity taking place.
Copyright and Security Guide for Academic Institutions (available from IFPI, with further advice or technical assistance upon request)
Sample university Best Practices (Wolfson College)
JANET (Joint Academic NETwork of UK education), maintained by JISC (Joint Information Systems Committee) http://www.ukerna.ac.uk/services/publications/policy/aup.html
For further information please contact:
Press Office at IFPI London, Tel: +44 (0)20 7878 7900