Re: US Lawmakers Demand That Colleges Crack Down on Illegal File Sharing

[Jim Moore <jhmfa () CIS RIT EDU>]

I see several issues at play.  I think that I can see them more clealy
because of some of the excellent discussion on this list.

1) What Merri Beth points out is consistent with Kohlberg's research in
the area of moral development. (Great summary at
http://www.nd.edu/~rbarger/kohlberg.html ).  Moral development, takes a
long time.  In the light of what Merri Beth has pointed out, learning
after the initial infraction is not just good, it is remarkable.  This
process is also the reason that the SANS Institute, FTC, KidSafeOnline,
Norwich Univ cyberethics programs also have as part of their site a
distinctively young flavor to them (grade school level).

2) What is confusing in moral development is companies like Sony which
owns both a record label, and a movie corporation, but also promote
their CD writers, MP writers, and DVD writers, and their latest Clie PDA
also plays MP3s.  Often the writers come with ripping and encoding
software.  So in that moral development, one segment of the industry
encourages ripping and encoding (because they make money from it) and
another segment is saying that it is wrong.  Sometimes it is the same
company saying both.

3) Then there is the economics / practicality.  Some lawmakers seem to
want to pursue criminal prosecution.  First they should check with
social scientists to see if it is socially deviant.  If it is not,
legislation will have little effect.  Second they should go to business
analysts.  They should look at the real impact on the economics of the
recording inductry, including parent companies.  When you used to be
able to tape things from  radio stations, often people went out to buy
the record or CD later.  Although technology is making taking MP3s and
CDs easier, not many music stores have closed.  Barnes and Noble still
carry CDs.  Lastly, they should ask police chiefs and prosecutors if
they want the cases.  The potential exists for universities to take the
lawmakers literally, and refer all cases to local law enforcement.  How
long would that last?  Would it be the right thing to do to our judicial
system.

4) How good are the copyright enforcement groups at investigation.  I
have heard of false positives.  I have seen timestamps on large volumes
of data, which if it was the retrieved time, would be impossible (notice
that RIAA timestamps aren't as precise as they once were.)  And of all
the copyright enforcement groups contacted, only MPAA was open to the
suggestion that a security firm audit their investigative
procedures/technology.  In at least 3 attempts to contact the RIAA, I
have yet to get to anyone who will even discuss the possibility.  So why
do lawmakers believe them?  They haven't documented their method or had
it audited by anyone who knows anything about security or computer forensics

Jim
--
--
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
Telephone: (585)475-5406
Fax:       (585)475-7950

PGP (jimmoore () mail rit edu): 9C33 0328 CD59 B602 82B8 8521 0DC9 963C D0C0

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.