Mississippi Valley State University

PDF Document

 

Purpose

Scope

The primary purpose of this policy is to inform, educate and set expectations for the members of the university community of their individual and corporate responsibilities towards the use of Peer-to-Peer applications using the University's network. This policy addresses the issues, impacts and concerns with file sharing aspects of Peer-to-Peer networking applications using the University's network.

Background

This policy intends to make it clear that P2P architecture, itself, is not in question. What is a concern, however, is one of the most prevalent uses of this technology, P2P File Sharing applications used for the distribution of copyrighted content. Morpheus, KaZaA, Aimster, Madster, AudioGalaxy and Gnutella, are examples of the kinds of P2P File Sharing software which can be used inappropriately to share copyrighted content. Note, that some of these applications are not pure peer-too-peer architectures, further reinforcing that the issues with File Sharing applications have more to do with risk of abuses, than in the technology itself. Along with copyright infringement, other concerns of P2P File Sharing applications include network resource utilization, security, and inappropriate content. For a more in-depth definition of peer-to-peer and the various types (hybrid vs. pure) and peer-to-peer's relationship with distributed networks, please refer to the footnotes. 2

For the purposes of this policy, a Peer-to-peer file sharing application is any application that transforms a personal computer into a server that distributes data simultaneously to other computers.

While the definition itself is controversial, generally a peer-to-peer (often referred to as P2P) computer network refers to any network that does not have fixed clients and servers, but a number of peer nodes that function as both clients and servers to the other nodes on the network. This model of network arrangement is contrasted with the client-server model. Any node is able to initiate or complete any supported transaction. Peer nodes may differ in local configuration, processing speed, network bandwidth, and storage quantity. Put simply, peer-topeer computing is the sharing of computer resources and services by direct exchange between systems. Many researchers are looking into the practical uses of this technology.

Issues

Copyright Infringement

Those who obtain or distribute copyrighted material should be aware that if found liable for copyright infringement, the penalties can be severe, depending upon the amount and the willfulness of the infringing activity. In a civil lawsuit, one found liable for copyright infringement can be ordered to pay damages of as much as $30,000 per copyrighted work infringed. This penalty can be increased to $150,000 per infringed work in cases of particularly flagrant infringement. In the most serious and widespread cases of copyright infringement, criminal prosecution is possible.

Additionally, students, faculty and staff who may be in violation of copyright law place not only themselves at risk - they may be exposing Mississippi Valley State University to liability as an institution, for contributory or vicarious infringement, e.g., using the University network resources to obtain the material and/or to store the material on University computers and/or servers (see Appendix A for a sample letter sent by the Recording Industry Association of America (RIAA) to Fortune 1000 companies).

Downloading or distributing copyrighted material, e.g. documents, music, movies, videos, text, etc., without permission from the rightful owner violates the United States Copyright Act and several university policies. While it is true that a number of artists have allowed their creative works to be freely copied, those artists remain very much the exception. It is best to assume that all works are copyright-protected except those that explicitly state otherwise. Copyright laws were enacted to protect the original expression of an idea, whether it is expressed in the form of music, art or written material. A number of rights are given copyright owners by Federal law. These rights include the right to control the reproduction, distribution and adaptation of their work, as well as the public performance or display of their work.

Impact to MVSU’s network

First, running an unauthorized server from a university building is a violation of the Mississippi Valley State University Network Use Policy.

Also, when a user's computer is acting as a server, it can place an enormous burden on MVSU's network(s). If the computer/server is popular and does excessive, high-volume transfers of files, this single computer/server can severely impact the performance of MVSU's network.

Transferring large movie or music files may overload the network and degrade services. Transferring large files can slow the network making it less responsive or even unavailable to users*. Excessive network traffic can be generated, adversely affecting performance for other users*. policy and may result in termination of access to the University network services, and other disciplinary action. In addition, P2P traffic-along with the various worms that infect the Windows OS – consume a huge proportion of network bandwidth. Left unchecked, legitimate users are left with useless connections.

MVSU routinely monitors network usage patterns. Interfering with the ability of others to use the network services violates University

Peer-to-peer file sharing applications typically allow a user to set up their computer so that other people can access specific files on their computer. This process, in effect, converts the user's computer into a server. While this might seem like a nice service to offer, there are some serious drawbacks.

Security

Another serious problem with setting up your computer as a server is that faculty/staff and students could be reducing the security of their system, allowing a cracker (computer criminal) to more easily compromise their entire computer and gain access to private and/or University data. Furthermore, any compromised computer on the University network increases the potential risk to all other devices and systems within that same security context of that network. Peer-to-peer file sharing applications differ in how much security they provide.

Policy

MVSU has placed into effect a limit of 1 megabit per second (Mbps) on the inbound and outbound traffic generated by Peer-to-Peer file-sharing applications. For comparison purposes, the outside Internet connection for the University is 15Mbps between 7AM and 10PM and 25 Mbps between 10PM and 7AM (that bandwidth is used for both incoming and outgoing connections).

This restriction is necessary to support the primary usage of the network: academic and enterprise computing. The data network must be available for MVSU's students, faculty, and staff to use for academic research and essential daily operations. While IMT does have the option to entirely shut off access to Peer-to-Peer applications, that option is not currently being exercised.

MVSU realizes this can result in the delay of downloading files from the internet; however, Peer-to-Peer applications are an incredible consumer of bandwidth and will take as much bandwidth as available, constricting available bandwidth for other applications.

If an artist, author, publisher, the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), or a law enforcement agency notifies the University that a Faculty/Staff member or Student is violating copyright laws, MVSU will provide to the relevant offices within the University information in the form of Internet Protocol (IP) address information and any information from logs to assist in the investigation of the complaint. If appropriate, action will be taken against the violator in accordance with University policy. In some cases, violations of University policy can result in suspension or revocation of network access privileges without refund of network access fees and/or civil or criminal prosecution under state and federal statutes.

It is the policy of MVSU that the university's network connections may not be used to violate copyright laws. The unauthorized reproduction of copyrighted materials is a serious violation of MVSU's Internet Acceptable Use Policy, as well as the U.S. Copyright Laws, as discussed above.

Penalty

MVSU takes a strong stand against unlawful distribution of copyrighted music, movies and software. If a student is found to be distributing copyrighted material using any University computing resources, that person’s network connection will be terminated and the student will be referred to the Office of Community Life. If the user* provides or obtains copyrighted files (music, videos, text, etc.) without permission from the copyright owner or their representative, the user* is in violation of federal and state copyright laws and the Mississippi Valley State University Acceptable Use Policy.

Enforcement of Policy Upon receiving notice from either MVSU’s internal reporting system or from external sources (RIAA, MPAAMPA, or law enforcement agency), the following process will be employed:

  1. Report/log or letter of notification will be given to the Director of Information Technology.
    1. For a 1st Offense:
      1. MVSU user is immediately denied access and notified with a written warning.
      2. Supervisor is advised of the offense. If the offender is a student, Student Affairs is contacted.
      3. IT receives return of the written warning with signature that the offender has acknowledged the warning and is providing signed commitment to refrain from further activity.
      4. MVSU user is given access. If a student, no refund of network access fee will be provided for the amount of time services were denied.

    1. For 2nd Offense:
      1. MVSU user is immediately denied access and notified with a written warning.
      2. Written notice identifies that all network access is denied for one year from date of offense. If a student, no monies paid for network access are refunded.
      3. Supervisor is advised and provided a copy of written notice of network disconnection. If the offender is a student, Student Affairs is provided a copy of written notice.

Appeal can be made through the Office of Vice President of Student Affairs.

Appendix A:

"Your computer network and resources are being used to illegally distribute copyrighted music on the internet. We strongly urge you to take immediate steps to prevent the continued infringement of our members' sound recordings on your corporate network. These acts of infringement could expose your employees and your company to significant legal damages."4

Example of letter sent by the Recording Industry Association of America (RIAA) to Fortune 1000 companies.

 

PDF Document

Information Technology
Peer-To-Peer File Sharing Policy