Colleges and universities reported a surge in copyright infringement notices from the Recording Industry Association of America (RIAA) in spring 2008 amid increasing criticism of the association’s methods of attacking online piracy. Meanwhile, Congress reauthorized a law that will require colleges and universities to take action to prevent students from engaging in illegal file sharing and punish those who do.
According to an April 30, 2008 story in The Chronicle of Higher Education, colleges and universities around the country reported a substantial increase in the number of complaint notices they received from the RIAA claiming that specific songs were being illegally traded by a computer user on campus networks.
The Chronicle reported that information security officials at the University of Cincinnati said their office usually receives 25 to 30 notices per year from the RIAA, but that they had received 13 in the two weeks preceding April 30 alone. The George Washington University saw the number of notices it received climb from an average of 10 per week to 123, The Chronicle reported. According to technology news Web site Ars Technica, St. Cloud State University Information Technology Security Coordinator Darrin Printy said in an April 30 story, “Normally, we only get about a dozen per year; now we are getting about four to six notices a week.”
Ars Technica reported in a Feb. 27, 2008 story that the RIAA launched a campaign to crack down on campus file sharing in February 2007. The Chronicle described in a May 23, 2008 story how the RIAA hired a company called Media Sentry to search the Internet, using popular file sharing programs such as LimeWire, for computers on college networks that are sharing specific songs that appear on a list provided by the RIAA. When Media Sentry finds a computer sharing one of the listed songs, it sends a letter to the college or university, which includes the name of the file and the date and time when Media Sentry investigators saw it available online, requesting that the song be removed from the network.
These letters, or “take down notices,” are based on the Digital Millennium Copyright Act’s (DMCA) requirement at 17 U.S.C. section 512(c)(1) that a party claiming that an Internet service provider is illegally allowing access to copyrighted material notify the service provider and allow it to “respond expeditiously to remove, or disable access to, the material that is claimed to be infringing.”
According to Ars Technica, the group also sends “prelitigation settlement letters” to colleges and universities, addressed to the user of a specific Internet protocol (IP) address. If school information technology workers identify the network user to whom the IP address was assigned at the time the song was shared and pass along the letter, the user has the opportunity to settle with the RIAA for $3,000. If the user does not respond or the school fails to forward the letter, the RIAA files a “John Doe” lawsuit and asks a federal judge to issue an ex parte subpoena for the identity of the user using the IP address.
According to Ars Technica, as of the Feb. 27, 2008 story, the RIAA had sent out 5,404 letters to over 160 colleges and universities, and over 2,300 of those resulted in the targeted students settling with the RIAA.
Universities have had a variety of reactions to the RIAA’s stepped-up campaign against campus network file sharing. The Associated Press (AP) reported on May 30, 2008 that the University of Florida and Ohio University have banned peer-to-peer file sharing. According to Ars Technica, Ohio University became the first university to ban all peer-to-peer file sharing on its campus network after it topped a list of the RIAA’s “top 25 music-pirating schools” in February 2007.
According to University of Minnesota policy, residential students who violate copyright law can have their access to the campus Internet service disabled for two weeks for a first offense. For a second offense, or when a student receives an infringement notice, a student’s access is disabled indefinitely and he or she is “referred to Student Judicial Affairs Office for possible disciplinary action.” The policy is available online at http://www.resnet.umn.edu/policies/policieslist.shtml#copy.
The Missouri University of Science and Technology took a unique approach to limiting illegal file sharing, according to the AP on May 30, 2008. Students there must score perfectly on a random six-question quiz on digital copyright in order to earn six hours of access to the university’s peer-to-peer file-sharing network. The AP reported that the university said notices from the RIAA have dropped from 200 in 2006-2007 to eight in the 2007-2008 academic year.
According to the AP, RIAA spokesman Jonathan Lamy called such measures “a step in the right direction.”
“What we’ve found to be the most effective is a comprehensive approach that employs a combination of tools: innovative educational programs, legal ways to enjoy music and technological tools that prevent the misuse of campus networks in the first place,” Lamy said.
However, some universities have challenged the RIAA’s notices and settlement demands. In October 2007, the University of Oregon and the Oregon state attorney general filed a motion to quash an RIAA subpoena for the identities of 17 network users.
A judge has yet to rule on the Oregon case, Arista v. Does 1-17, Case No. 6:07-CV-6197-HO (D. Ore. 2008), but in two other cases in 2007, Capitol v. Does 1-16, 2007 WL 1893603 (D. N.M. 2007) and Interscope v. Does 1-7, 494 F.Supp. 2d 388 (E. D. Va. 2007), federal judges denied the RIAA’s ex parte subpoenas to universities for the identities of file sharing network users.
In Capitol v. Does 1-16, federal district judge Lorenzo Garcia wrote that the plaintiff record label overstated the irreparable harm that they sought to prevent through ex parte subpoenas. “While the Court does not dispute that infringement of a copyright results in harm, it requires a Coleridgian ‘suspension of disbelief’ to accept that the harm is irreparable, especially when monetary damages can cure any alleged violation,” Garcia wrote.
Moreover, Garcia wrote that the targets of the subpoenas, subscribers to the University of New Mexico network, should be “given a reasonable opportunity to intervene in order to stop the disclosure of sensitive information” such as “name, address, social security numbers, credit card information, purchase histories, as well as road map [sic] of the subscribers’ Internet activities.” The Capitol v. Does 1-16 ruling is available online at http://www.ilrweb.com/viewILRPDF.asp?filename=capitol_does1-16_070524OrderDenyExParteApplication .
In Interscope v. Does 1-7, a federal judge in the Eastern District of Virginia denied the plaintiff record label’s motion for an ex parte subpoena of seven unknown users of the College of William and Mary’s computer network. Judge Walter D. Kelley, Jr. wrote that the federal law on which Interscope based its motion to serve the subpoenas, the Cable Communications Policy Act of 1984 (CCPA), 47 U.S.C. section 551(c)(2)(B), did not support the motion.
Judge Kelley wrote that because the CCPA only authorizes disclosure of information by cable operators to government entities pursuant to court orders, it does not apply to this situation. The College of William and Mary does not qualify as a cable operator nor is the plaintiff, Interscope records, a government entity, Kelley wrote.
In addition to the possible legal flaws at least two federal judges have found in the RIAA’s methods for targeting potential copyright infringers, one academic study, released June 5, 2008 and discussed in a New York Times story the same day, showed that the association’s technical methods might also be flawed.
According to The New York Times, researchers from the University of Washington who were using software to monitor file-sharing networks found that even though they did not download any files, they received more than 400 take-down requests accusing them of participating in illegal downloads. Some of the takedown requests accused printers or network routers of illegal downloads.
The researchers concluded that the RIAA, as well as the Motion Picture Association of America (MPAA) and Entertainment Software Association (ESA), are looking only at IP addresses of participants on these peer-to-peer networks, and not what files are actually downloaded or uploaded, when they determine who to send take down notices or prelitigation letters.
One researcher, assistant professor of Computer Science and Engineering Tadayoshi Kohno said, “Ultimately, we think that our results should provide a wake-up call for more openness on the parts of content enforcers.”
Nevertheless, a bill passed by Congress on July 31 makes a comprehensive approach to copyright monitoring on the part of colleges and universities mandatory.
The College Opportunity and Affordability Act of 2008, H.R. 4137, a law first established in 1965 and last overhauled in 1998 and generally aimed at governing higher education programs, includes a provision at section 488(a)(1)(P) et seq. that would require colleges and universities to annually inform students about copyright infringement and have policies in place to detect, prevent, and punish copyright infringement via campus networks, or risk losing eligibility for some federal student aid.
When the bill was introduced in November 2007, a press release from the MPAA praised it, saying that colleges and universities would benefit from the legislation. “Illegal downloading … can also be harmful to universities as it puts their systems at risk for security purposes, takes up bandwidth, and slows systems that are designed for research and other educational purposes,” said MPAA Chairman and CEO Dan Glickman.
But universities and their advocates roundly criticized the bill. Matt Owens, assistant director of federal relations at the Association of American Universities told The New York Times for a Nov. 13, 2007 story that the copyright enforcement provision of H.R. 4137 “makes no sense.”
Owens said, “You have the federal government requiring a nonprofit educational institution to develop plans to help a for-profit industry to earn more revenue from their students.”
In a March 16, 2008 Los Angeles Times story, Steve Worona, director of policy and networking for Educause, a nonprofit organization focused on information technology in higher education pointed out that “more than 80 percent of students live off campus and use commercial networks,” not campus networks.
In a letter to George Miller (D-Calif.), chairman of the House Committee on Education and Labor, and sponsor of H.R. 4137, officials from the University of Maryland, Stanford University, The Pennsylvania State University, and Yale echoed concerns about singling out universities “which industry leaders admit are responsible for only a small fraction of illegal file sharing” and ignoring “other internet service providers whose networks are associated with most of the problem.” The letter, as well as the November 9, 2007 MPAA press release, can be found via links in a New York Times story available online at http://bits.blogs.nytimes.com/2007/11/13/bill-would-make-colleges-copyright-cops/?ex=1195621200&en=27d611a019a1b75a&ei=5070&emc=eta1.
According to The Chronicle of Higher Education on May 23, 2008, recording and movie industry lobbyists have met with some success in urging state lawmakers to pass laws requiring colleges and universities to implement policies similar to those in H.R. 4137. A Tennessee law that requires private and public colleges and universities in the state to develop and “reasonably implement” policies to deter students from online copyright infringement, State Senate Bill 3974, went into effect in May 2008.
The Chronicle reported that state lawmakers in Illinois are considering HB 4380, a bill that would require any public college that has received 10 or more copyright infringement notices to install anti-piracy software, a provision that universities in Tennessee successfully fought to have removed from that state’s similar bill before it was passed.
– Patrick File
Silha Fellow and Bulletin Editor