SU Department of Information Services
Network Procedures for Policy Violations
(P2P and File Sharing)
In 2008 the Higher Education Opportunity Act was signed into law. Several of the Act’s provisions are intended to reduce unauthorized duplication of copyrighted works through peer-to-peer (P2P) file sharing on campus networks. In compliance with that legislation and the Department of Education’s regulations in 34 C.F.R. Part 668 (Subpart D) Schreiner University’s Department of Information Services provides this policy. Notices regarding these policies and procedures are sent to all students, faculty, and staff each academic term and are posted Schreiner University’s Logan Library website. Paper copies of this notice and the information referenced in it are available upon request and are included in all new student and parent information packets, the Schreiner University Staff Manual, and the Schreiner University Faculty Manual.
Schreiner University provides a high speed network and other information technology resources to help you accomplish your educational and instructional goals. When authorized users access our network or when they sign on using confidential Schreiner ID/user names and passwords, they agree to comply with the University’s Responsible Computing Policy. Relevant policy text may be found in the Schreiner University Staff Manual, Responsible Computing Policy (p.62); the Schreiner University Faculty Manual: Copyright Policy (184.108.40.206), Schreiner University Code of Academic Conduct (220.127.116.11) and Intellectual Property Policy (2.10); and the Schreiner University Student Handbook (pages 24 & 37) and are posted on University’s public website and campus intranet.
These policies prohibit the use of University resources for unauthorized duplication, use, or distribution of copyrighted materials, including music and video files. The University considers unauthorized peer-to-peer file sharing of copyrighted music and videos to be an inappropriate use of its network resources. Moreover, such activity is illegal under the Digital Millennium Copyright Act (DMCA) and exposes individuals to serious civil and criminal penalties.
Copyright infringement is the act of exercising, without permission or legal authority, one or more of the exclusive rights granted to the copyright owner under section 106 of the Copyright Act (Title 17 of the United States Code). These rights include the right to reproduce or distribute a copyrighted work. In the file-sharing context, downloading or uploading substantial parts of a copyrighted work without authority constitutes an infringement.
Penalties for copyright infringement include civil and criminal penalties. In general, anyone found liable for civil copyright infringement may be ordered to pay either actual damages or "statutory" damages affixed at not less than $750 and not more than $30,000 per work infringed. For "willful" infringement, a court may award up to $150,000 per work infringed. A court can, in its discretion, also assess costs and attorneys' fees. For details, see Title 17, United States Code, Sections 504, 505.
The DMCA is a federal law that criminalizes production and dissemination of technology, devices, and services intended to circumvent copyright protections. In addition, the DMCA heightens the penalties for copyright infringement on the Internet. Criminal penalties for first-time offenders can include fines of up to $250,000 and incarceration for up to five years. In civil court, damages of up to $150,000 are possible for EACH movie or song that has been illegally acquired or shared. For more information, please see the Web site of the U.S. Copyright Office at http://www.copyright.gov. The FAQ's are particularly informative: www.copyright.gov/help/faq. For information and guidance in using sections of copyrighted materials for teaching and learning, consult the resources linked from Logan Library’s Copyright Resources.
Schreiner University does not routinely monitor the content of network transmissions except as necessary to identify and repel network attacks, viruses, worms, and other malware. However, many P2P networks are used almost exclusively for illegal file sharing and are also favorite channels for spreading malware due to their popularity and pervasiveness. To mitigate these threats, the University employs various methods to block illegitimate P2P network traffic at the perimeter of its network. For example, the University employs traffic/packet shaping which allows the campus to ensure smooth flow of content to and from the Internet with the ability to prioritize traffic based on need or policy. Traffic-shaping technology also allows for dynamic partitioning. Dynamic partitioning gives the network administrator the ability to determine large bandwidth users and abusers. Note, however, that these methods are not 100% effective; all P2P traffic is not blocked at all times. Campus users should assume that P2P file sharing activity on the campus network is visible to the RIAA and other content owners that monitor the Internet for copyright infringement activity.
Copyright Enforcement Activities
The Recording Industry Association of America (RIAA) and other content owners are aggressively trying to stop unauthorized downloading, copying, and sharing of music and video by college communities. They monitor the Internet continually to identify Internet Protocol (IP) addresses involved in these activities, but they require assistance from the Internet Service Provider (ISP) to communicate with an alleged infringer. They generally seek the ISP’s help in communicating DMCA takedown notices, preservation requests, pre-litigation settlement letters, and subpoenas (in connection with law suits). These four communications operate independently and do not necessarily progress from one to another. For example, nothing prevents the initial communication from being a subpoena that seeks the identity of a user connected at a specific IP address at a specific day and time.
DMCA Takedown Notices
When a content owner determines that an IP address has been used to violate its copyright, it sends a Takedown Notice to the applicable Internet Service Provider (ISP) describing the IP address, date, time, and material involved in the alleged infringement. The notice requests that the ISP remove or disable access to the listed material under the terms of the DMCA.
When Schreiner University receives such a Takedown Notice, it reviews its network activity records to independently validate the legitimacy of the complaint. If the complaint appears valid, the University suspends the offending computer’s network access until the infringing material is removed. First offenders regain network access once proof of removal is provided and an acknowledgement is signed. Repeat student offenders are referred to the Dean of Students; repeat employee offenders are referred to the University President. Additional sanctions very by situation and may include termination of enrollment or employment from the University.
The University also notifies the sender of the Notice that a) appropriate removal actions have been taken, or b) the allegation could not be validated through network activity records. The University does not provide any user identifying information to the sender of the Notice unless the Notice is accompanied or followed by a lawfully issued subpoena. Likewise, the University does not forward a copy of the Takedown Notice itself to the alleged infringer.
Preservation Requests are used to notify the ISP that a subpoena may be served on it seeking identifying information about a network user who has allegedly infringed a content owner’s copyrighted material. Like the Takedown Notice, the Preservation Request identifies an alleged infringer's IP address at the time of the alleged infringement. The Preservation Request asks the ISP to preserve the identifying information for the user connected via that IP address at that time.
Schreiner University first determines if the information provided in the Request may be sufficient to implicate a specific user. If not, the University notifies the requesting party of its inability to comply. If a specific user is implicated, the University preserves the information as requested and forwards the Request to that user via email. The cover email explains the nature of the Request, encourages the user to preserve evidence relating to the claims in the Request, and informs them that they may wish to obtain legal advice before taking any other action. Once again, Schreiner University will not release a user’s identifying information in response to a Preservation Request unless and until the Request is accompanied or followed by a lawfully issued subpoena.
Pre-Litigation Settlement Letters
Prior to abandoning the “sue the customer” strategy, the RIAA’s outside legal counsel sent what were known as "Pre-Litigation Settlement Letters" to many universities and other ISP’s. The Settlement Letter was generally sent to the ISP with a request that it be forwarded to the user of a particular IP address. The Letter alleged that the user of that particular IP address had violated copyright laws and presented an opportunity to settle the claim as early as possible at a "significantly reduced amount" compared to the judgment that a court might impose at the end of a lawsuit. The Letter also informed the user to preserve evidence relating to the claims and instructed the user to retain, and not delete, any peer-to-peer programs.
Should the RIAA or another copyright owner resurrect lawsuits and settlement letters, Schreiner University’s practice is, and has always been, to forward a Settlement Letter along with an explanation to the alleged infringer if the University’s network activity logs can establish the identity of the person at the specified IP address with a reasonable degree of certainty. Because network log data can be unavailable or inconclusive, the University cannot guarantee that all Settlement Letters will be forwarded to alleged infringers. Individuals should not expect to receive such a letter prior to being sued for copyright infringement. Based on the wording in recent Settlement Letters, recipients must settle within twenty (20) days of the date of the Settlement Letter or face a lawsuit. Recipients are encouraged to seek legal counsel before taking any action.
Lawsuits and Subpoenas
In cases where no settlement is reached, the RIAA and member companies had been filing lawsuits in Federal District Courts. The suits alleged that unnamed users have infringed copyrights by downloading certain information and, for some, distributing the information to others over the Internet. After filing these "John Doe" lawsuits identifying only IP addresses, the companies served subpoenas on universities seeking the identity of the users associated with those IP addresses.
If and when Schreiner University receives such a subpoena, the University first ensures that the subpoena is valid and lawful. If so, and if the information sought in the subpoenas exists, the University is legally required to provide the desired information. While complying with the subpoena, the University notifies the individuals being identified in the subpoena response. The University has heard but cannot confirm that companies first used the subpoenaed information to try to settle the matter with the identified individuals, and if a settlement was not reached, the companies would amend the lawsuits to name the individual students and proceed in court.
Campus users accused of any copyright violations are encouraged to consult with Schreiner University’s Office of Human Resources and their personal legal counsel.
For further information about copyright and file sharing laws and policies, as well as legal options for downloading music and video, visit: Logan Library’s Copyright Resources.
Other questions about this policy should be directed to
Candice Scott, Chief Information Officer, 830-792-7318 (firstname.lastname@example.org)
Portions of this document are based on policy and procedure statements of Texas State University and are used with permission.
Approved by Schreiner University’s Executive Administrative Council, 2010-11