Educause Security Discussion mailing list archives

Re: DMCA

From: David Gillett <gillettdavid () FHDA EDU>
Date: Tue, 29 Nov 2011 11:08:57 -0800

  Our campus Acceptable Use Policy rests on two principles:  Comply with
applicable law, and don't interfere with others' access.

1.  We've found that P2P applications generally, regardless of the legality
of the content, try to saturate the user's Internet connection.  And since
some users are on ports with as much bandwidth as their entire campus has to
the Internet (not as many as before our pipe got upgraded, but the next
round of access-layer upgrades will boost that number right back...), a user
running P2P risks clogging Internet access for the whole rest of the campus.

2.  I'm sure that to the makers of WoW, making users "donate" the bandwidth
needed to distribute updates, instead of purchasing it themselves, looks
like a win.  But our bandwidth is heavily subsidized by state taxpayers --
how does this "donation" not qualify as a taxpayer subsidy to what is, after
all, a for-profit enterprise?  (My understanding is that such subsidies are
illegal in California -- other states may have other rules or institutional
bandwidth may be funded differently.)

3.  My understanding of HEOA (2009) -- I am not a lawyer, and so I welcome
correction -- is that Congress "found" (established as a legal fact which
should, but needn't, absolutely reflect Reality) that the raison d'être of
P2P applications and protocols is to violate copyrights, and that therefore
access to federal funding would be denied to institutions of higher
education that do not take steps to block P2P.  MAYBE one can get away with
saying "P2P application XYZ managed to circumvent the measures we put in
place", but I doubt that "We permit P2P app ABC because x% of the material
our students download using it is not in violation of copyright" will be
good enough to restore access to funding--it doesn't, as far as I can see,
comply with the requirements of the Act.  I do not believe I am authorized
to commit civil disobedience in the name of our campuses, even if I believe
Congress was mistaken.

  On two or three occasions, people have requested BitTorrent access to
download updates for Linux-based systems.  I've been ready to accommodate
this on two conditions that I don't think are too onerous:  that they use a
static IP address so the exception can be made just for specific machines,
and that they agree not to be sharing additional files beyond what those
updates (see 1 above...).  Strangely enough, in each case, they've gotten
back to me to say that they've found a way to get the updates they need
without BitTorrent -- I'm not 100% certain, but my impression is that that
happened with WoW too.  (An affiliate that goes through us to get to the
Internet uses WoW in their work, or at least that's what they told me.)

  (We do not have residences on our campuses, so I can only imagine the
additional pressures on those of you who do.  But I can't see that the
principles of our AUP wouldn't or couldn't be applied to a residential
setting, and in my only recent direct experience of campus residential life
(3 recent summer sessions) the policy on network use appeared to be even
stricter than our own.)

David Gillett, CISSP CCNP
Sr Security Engineer
Foothill-De Anza College District


-----Original Message-----
From: Kevin Hayes [mailto:krhayes () WAYNE EDU]
Sent: Tuesday, November 29, 2011 06:41
To: SECURITY () listserv educause edu
Subject: Re: [SECURITY] DMCA

The World of Warcraft updater uses BitTorrent to help distribute their
patches.  Maybe not legitimate from an academic standpoint, but virtually
essential if you ask people in Residential Life.

--Kevin

Kevin Hayes
Lead Systems Security Specialist
C&IT - Network Engineering and Security
Wayne State University
313-577-3454
krhayes () wayne edu

<<<  C&IT Staff will never, never, NEVER ask you for your password!
Please keep your computer and accounts safe - pass on the message!>>>


On 11/29/2011 9:32 AM, Joel Rosenblatt wrote:

Used by our students

Linux download, Skype

See <http://net.educause.edu/ir/library/pdf/EST0901.pdf> THINGS YOU
SHOULD KNOW ABOUT P2P

<http://www.cs.columbia.edu/~danr/courses/6772/Fall06/papers/planetsca
le.pdf>
Planet Scale Software Updates

My 2 cents
Joel


--On Tuesday, November 29, 2011 8:04 AM -0600 Brian L Cox
<coxbl2 () UNK EDU> wrote:

Ed,

We block P2P traffic.  When we identify a new P2P application being
used by a student we block their access to the network and require
them to call and set up an appointment with our CIO before their
access is restored.
That application is then added to the default blocking list  This may
seem a bit harsh but it has resulted in only 2 notices sent to us so
far this year.  We will allow legitimate P2P traffic and so far the
only P2P traffic allowed is for those using games that require P2P
for updates etc.
 We have yet to have anyone come forward with a legitimate
educational use
for P2P.   I am sure those applications exist, but we have not
encountered
them so far.   This brings up a second part to this question....what, if
any, legitimate P2P applications have been identified being used on
college campuses?

_________________
Brian L Cox
Information Technology Services
Assistant Director of Network Services University of Nebraska Kearney
(308)865-8176




From:   "Hudson, Edward" <ewhudson () CSUCHICO EDU>
To:     SECURITY () LISTSERV EDUCAUSE EDU
Date:   11/28/2011 05:47 PM
Subject:        [SECURITY] DMCA
Sent by:        The EDUCAUSE Security Constituent Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU>



Hi All,
Polling to see how other campuses are handling DMCA take down notices.
Ours has risen to a level current process is not working efficiently. We
are hearing some universities are:
1) Ignoring notices from copyright holders
2) Outright blocking of file sharing as "95% are used for nefarious
purposes"
Interested to see how other institutions are addressing.
Thanks
Ed


Ed Hudson, CISM
Information Security Office
California State University, Chico
http://www.csuchico.edu/isec/index.shtml
Office: (530) 898-6307
ewhudson () csuchico edu




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3

Current thread:

DMCA Hudson, Edward (Nov 28)
- Re: DMCA Dave Koontz (Nov 28)
  - Re: DMCA Ouska, Julie (Nov 28)
- Re: DMCA Joel Rosenblatt (Nov 28)
- Re: DMCA Brian L Cox (Nov 29)
  - Re: DMCA Joel Rosenblatt (Nov 29)
    - Re: DMCA Kevin Hayes (Nov 29)
    - Re: DMCA David Gillett (Nov 29)
    - Re: DMCA Miller,James R (Nov 29)
    - Re: DMCA David Gillett (Nov 29)
    - Re: DMCA Alexander Kurt Keller (Nov 29)
    - Re: DMCA Dave Koontz (Nov 29)
    - Re: DMCA randy marchany (Nov 29)
    - Re: DMCA Rich Graves (Nov 30)
    - Message not available
    - DMCA hall, rand (Nov 30)
    - Re: DMCA Colleen Keller (Nov 29)
  - Re: DMCA randy marchany (Nov 29)
    - Re: DMCA Tim Doty (Nov 30)

(Thread continues...)