Educause Security Discussion mailing list archives
Re: RIAA Moves Against College-Network Fileswapping
From: Ken Shaurette <Ken.Shaurette () OMNITECHCORP COM>
Date: Fri, 4 Apr 2003 09:52:58 -0600
It is true that you should never have anything written in policy that you cannot or do not intend to enforce even if only with awareness and reminders that it breaks policy. Having a policy and not consistently enforcing it raises penalties of itself and is loosely identified in Federal Sentencing Guidelines. Not having policy does not protect against the law suit. An organization could still be shown negligent if they had P2P or other violation of copyright laws occuring, were aware of it and did nothing to stop or discourage. The act in and of itself is illegal, promoting (or not stopping) when made aware of the violation could be argued by a good lawyer as particpation in the act of committing the crime. Could it also be argued that you should know your network and this type of use is very common so you should have a policy and enforcement measures to discourage? Your organizaiton is providing the resources to commit the crime whether you have policy against it or not. Lending your car to a person you know is planning to use it to rob a bank does not remove you from liability of having particpated in the commision of the robbery. Definition of a jury: 12 men and women who are your peers and determine who has the best lawyer. Ken Information Security Analyst and Security Solutions Manager Omni Tech Corporation (262) 523-3300 x486 -----Original Message----- From: Bruhn, Mark S. [mailto:mbruhn () INDIANA EDU] Sent: Fri 4/4/2003 9:31 AM To: SECURITY () LISTSERV EDUCAUSE EDU Cc: Subject: Re: [SECURITY] RIAA Moves Against College-Network Fileswapping This supports the notion that policies shouldn't be written unless they are necessary for specific situations, and unless the organization has the means and desire to enforce them. This is one of the reasons (though maybe not the most important) we don't have such a policy, and indeed this citation lends add'l credibility to how most of us operate in this area (reactive instead of proactive). M. -- Mark S. Bruhn, CISSP Chief IT Security and Policy Officer Interim Director, Research and Educational Networking Information Sharing and Analysis Center (ren-isac () iu edu) Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu -----Original Message----- From: Robert Myles [mailto:mylesr () OHSU EDU] Sent: Friday, April 04, 2003 10:23 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] RIAA Moves Against College-Network Fileswapping There is precedence for the suit against the institution, case was settled for 1.5 million last year in the southwest against a company that had a policy against download of MP3's and P2P software, new of a P2P server on their system that they did not get around to shutting down, and were found a fault for not following their own policy. Lawsuits always go for the deep pockets!! Robert Myles, CISSP Information Security Officer Oregon Health & Science University >>> tbm3 () CORNELL EDU 4/4/2003 4:44:03 AM >>> Great question, the answer of which may substantially depend on whether they followed DMCA registration and procedures. Verizon did not, which is why RIAA subpoenaed them for user name. If these schools follow "safe harbor" provisions of the DMCA, they should be immune from contributory copyright liability. And even if they did not, there is language in the DMCA regarding ISPs which should go a long towards protecting them. But still, these are $64,000 questions, becoming more costly by the minute. Tracy At 06:30 AM 4/4/2003 -0600, you wrote: >Do you feel this excludes them from turning a law suit against the college >network operators next? Especially if they feel a college hasn't done >enough to discourage the activity? > >Ken M. Shaurette, CISSP, CISA, CISM, IAM >Omni Tech Corporation, www.omnitechcorp.com >(262) 523-3304 > > -----Original Message----- > From: Tracy Mitrano [mailto:tbm3 () CORNELL EDU] > Sent: Thu 4/3/2003 9:06 PM > To: SECURITY () LISTSERV EDUCAUSE EDU > Cc: > Subject: Re: [SECURITY] RIAA Moves Against College-Network > Fileswapping > > > > Please note, the action is not against network operators, but users, > students. Attached is the RIAA letter concerning this > matter. Tracy Mitrano > > > At 08:56 PM 4/3/2003 -0500, you wrote: > >For those of you that don't read slashdot - > > > >"The RIAA is taking action against college "Napster networks". > It's suing > >four network operators, two at Renssalaer Polytechnic Institute, > one at > >Princeton University, and one at Michigan Technological > University.".. > > > >http://yro.slashdot.org/yro/03/04/03/2312220.shtml?tid=141 > > > >If you have lots of p2p traffic on your network you might want > to touched > >base with your general council, if you haven't already. > > > >Cheers - > > > >********** > >Participation and subscription information for this EDUCAUSE > Discussion > >Group discussion list can be found at > http://www.educause.edu/memdir/cg/. > > ********** > Participation and subscription information for this EDUCAUSE > Discussion Group discussion list can be found at > http://www.educause.edu/memdir/cg/. > ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- RIAA Moves Against College-Network Fileswapping Pete Hoffswell (Apr 03)
- <Possible follow-ups>
- Re: RIAA Moves Against College-Network Fileswapping Tracy Mitrano (Apr 03)
- Re: RIAA Moves Against College-Network Fileswapping David L. Wasley (Apr 03)
- Re: RIAA Moves Against College-Network Fileswapping Michael Sinatra (Apr 03)
- Re: RIAA Moves Against College-Network Fileswapping Ken Shaurette (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Schmidt, Eric W (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Tracy Mitrano (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Ken Shaurette (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Robert Myles (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Bruhn, Mark S. (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Ken Shaurette (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Bruhn, Mark S. (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Ken Shaurette (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Wayne Wilson (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Ced Bennett (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Allen Chang (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Doug Sandford (Apr 04)
- Re: RIAA Moves Against College-Network Fileswapping Dan Updegrove (Apr 05)