Educause Security Discussion mailing list archives
Re: DMCA Infringement Handling
From: "Arthur, Matt" <arthur () WUSTL EDU>
Date: Thu, 15 Sep 2011 17:14:54 -0500
Sorry if I was vague. DMCA requires, as Tim points out, that the offending content have access removed - but only for resources that are owned by the institution (17 U.S.C. Section 512(c) ). Since the thread seemed to pointed towards students and thus student-owned computers, I was referencing how the institution is affected for DMCA complaints about them (17 U.S.C. Sectin 512(a) ). A good reference is the Educause DMCA FAQ (http://www.educause.edu/policy/campus/dmcafaq). Matt ______________________________________ Matthew K. Arthur, CISSP | Director - Media Services & Incident Communications Solutions Information Services & Technology | Washington University in St. Louis Campus Box 1110, 7425 Forsyth Blvd, St. Louis, MO 63105-2161 314.935.3899 o | 314.323.9246 c | arthur () wustl edu<mailto:arthur () wustl edu> P Please consider the environment before printing This email, including attachments may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this email is not the intended recipient or his/her authorized agent, the reader is hereby notified that any dissemination, distribution or copying of this email is prohibited. If you have received this email in error, please notify the sender by replying to this message and delete this email immediately. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Doty, Timothy T. Sent: Thursday, September 15, 2011 4:38 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] DMCA Infringement Handling True, the DMCA does not require that you "disable" someone - that would probably be illegal :) It does require removing access to the allegedly infringing work. ISPs/OSPs generally don't have authority to take action on the file system of the indicated system - whether that would be to delete the file or in some other way block access to it. Nor, thanks to the way P2P filesharing works, do ISPs/OSPs have the ability to wedge into the protocol and block access to the single indicated file. But it does require access to the allegedly infringing work be blocked. I don't find it particularly strange that ISPs/OSPs often comply with the requirement by terminating network access when dealing with content stored on a system they do not have legal access to. We once received a very obviously false but quite properly filed DMCA notice. I gritted my teeth, but our general counsel required pulling the allegedly infringing content. A counterclaim can be filed and after some time the work can be restored. All without any real legal recourse against abuse of the DMCA system. I suspect you were referring to our (and other) institutions disabling network access for all devices registered to the user. That is our response to a validated complaint concerning copyright infringing activities that, while it may be triggered by receipt of a notice filed according to the DMCA, does not solely spring from the requirements of the DMCA. In my opinion institutions of higher learning in the United States should be encouraging ethical behavior. Copyright infringement is specifically against our student code of conduct. It is in the context of our student code that the consequences of copyright infringing (from a student's perspective are made). Tim Doty From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Arthur, Matt Sent: Thursday, September 15, 2011 4:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] DMCA Infringement Handling A couple of thoughts (along with our 'policy' URL for students and copyright): 1) Neither DMCA nor HEAO requires you fine or disable anyone on a first offense. You must take 'action' for 'repeated' violations. 2) A policy that takes some kind of 'action' (fines or disable network access) on the first DMCA complaint seems to violate the concept of innocent until proven guilty. Something that I doubt institutions of higher learning in the United States should be doing (my opinion). 3) We have noticed that more and more of our DMCA notices are for IP addresses outside of the student networks. Do you 'fine' faculty and staff members as well? 4) Be sure your institutions policy covers your requirements pursuant to the HEOA P2P section. And then be sure you follow your policy! 5) Our student policy URL: http://sts.wustl.edu/index.php?option=com_content&view=article&id=59&Itemid=69 Matt ______________________________________ Matthew K. Arthur, CISSP | Director - Media Services & Incident Communications Solutions Information Services & Technology | Washington University in St. Louis Campus Box 1110, 7425 Forsyth Blvd, St. Louis, MO 63105-2161 314.935.3899 o | 314.323.9246 c | arthur () wustl edu<mailto:arthur () wustl edu> P Please consider the environment before printing This email, including attachments may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this email is not the intended recipient or his/her authorized agent, the reader is hereby notified that any dissemination, distribution or copying of this email is prohibited. If you have received this email in error, please notify the sender by replying to this message and delete this email immediately.
-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bob Bayn
Sent: Thursday, September 15, 2011 3:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] DMCA Infringement Handling
We are considering revising our DMCA infringement handling procedures, especially with
regard to repeat infringers.
I wonder what everybody else is doing with these issues?
We match up the complaint with our IP>Etnernet assignment and network traffic logs. I
forward the complaint to the student and disable their ethernet card registration. They are
required to pay $50 and give an assurance that the infringing file(s) and filesharing
software have been removed. I then re-enable their ethernet card registration for access to
our network.
Repeat infringers get the same procedure except that they also are referred to the VP for
Student Services for some sort of an appointment. I do not know what happens in that
appointment.
Would you share with me, so I could tabulate it and present the options others use to our
administration:
1) What is your charge or penalty for first and repeat infringement?
2) When do disciplinary staff intervene? first time or repeats?
3) How long do you deny network access?
4) If a student has multiple devices, do you deny access to all devices or just the one
implicated in the complaint?
5) Who was involved in the approval process for your procedures?
6) How much pushback to you get from users who receive infringement notices?
7) Do you have an appeals process that has ever given an infringing user any relief?
8) May I use your institution name along with your other responses in my report to the
administration?
Finally, a slightly separate question:
9) Do you ever get complaints forwarded from an agent of the pornography industry? (we
have seen a few recently)
Thanks for any info you are willing to share.
Bob Bayn (435)797-2396 IT Security Team
We will never send you email asking for your password
(never, never, never with this one exception: NEVER!)
Office of Information Technology, Utah State University
http://tinyurl.com/bicyclists-share-kidneys-v2-0
USU employees - join the Phirst Phish Contest
http://it.usu.edu/security/htm/phirst-phish-contest
Current thread:
- DMCA Infringement Handling Bob Bayn (Sep 15)
- Re: DMCA Infringement Handling James Farr '05 (Sep 15)
- Re: DMCA Infringement Handling Doty, Timothy T. (Sep 15)
- DMCA Infringement Ozzie Paez (Sep 15)
- Re: DMCA Infringement hall, rand (Sep 16)
- Re: DMCA Infringement Ozzie Paez (Sep 16)
- DMCA Infringement Ozzie Paez (Sep 15)
- Re: DMCA Infringement Handling Arthur, Matt (Sep 15)
- Re: DMCA Infringement Handling Doty, Timothy T. (Sep 15)
- Re: DMCA Infringement Handling Arthur, Matt (Sep 15)
- Re: DMCA Infringement Handling Adrian Teo (Sep 15)
- Re: DMCA Infringement Handling Valdis Kletnieks (Sep 16)
- Re: DMCA Infringement Handling Ed Zawacki (Sep 16)
- Re: DMCA Infringement Handling Jacobson, Dick (Sep 16)
- Re: DMCA Infringement Handling Doty, Timothy T. (Sep 15)
- Re: DMCA Infringement Handling VIEYRA, MARCOS (Sep 15)
- Re: DMCA Infringement Handling Bob Bayn (Sep 15)
- Re: DMCA Infringement Handling Joel Rosenblatt (Sep 15)
- Re: DMCA Infringement Handling Ed Zawacki (Sep 16)
- Security Survey Ozzie Paez (Sep 20)
- Re: Security Survey Valdis Kletnieks (Sep 20)
- Security Survey Ozzie Paez (Sep 20)