Re: DMCA

[Alexander Kurt Keller <alkeller () SFSU EDU>]

Hi David,

Re:  My understanding of HEOA (2009) -- I am not a lawyer, and so I welcome correction -- is that Congress "found" 
(established as a legal fact which should, but needn't, absolutely reflect Reality) that the raison d'être of P2P 
applications and protocols is to violate copyrights, and that therefore access to federal funding would be denied to 
institutions of higher education that do not take steps to block P2P.  

I can't find any reference to this (peer to peer protocols should be arbitrarily blocked) in the EDUCAUSE HEOA 
documentation:
http://www.educause.edu/Resources/Browse/HEOA/34600

 Do you have a reference for this?

Thanks,
alex

Alex Keller
Systems Administrator
Academic Technology, San Francisco State University
☛Burk Hall 155 ☎ (415)338-6117 ✉alkeller () sfsu edu


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David 
Gillett
Sent: Tuesday, November 29, 2011 11:09 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] DMCA

  Our campus Acceptable Use Policy rests on two principles:  Comply with applicable law, and don't interfere with 
others' access.

1.  We've found that P2P applications generally, regardless of the legality of the content, try to saturate the user's 
Internet connection.  And since some users are on ports with as much bandwidth as their entire campus has to the 
Internet (not as many as before our pipe got upgraded, but the next round of access-layer upgrades will boost that 
number right back...), a user running P2P risks clogging Internet access for the whole rest of the campus.

2.  I'm sure that to the makers of WoW, making users "donate" the bandwidth needed to distribute updates, instead of 
purchasing it themselves, looks like a win.  But our bandwidth is heavily subsidized by state taxpayers -- how does 
this "donation" not qualify as a taxpayer subsidy to what is, after all, a for-profit enterprise?  (My understanding is 
that such subsidies are illegal in California -- other states may have other rules or institutional bandwidth may be 
funded differently.)

3.  My understanding of HEOA (2009) -- I am not a lawyer, and so I welcome correction -- is that Congress "found" 
(established as a legal fact which should, but needn't, absolutely reflect Reality) that the raison d'être of P2P 
applications and protocols is to violate copyrights, and that therefore access to federal funding would be denied to 
institutions of higher education that do not take steps to block P2P.  MAYBE one can get away with saying "P2P 
application XYZ managed to circumvent the measures we put in place", but I doubt that "We permit P2P app ABC because x% 
of the material our students download using it is not in violation of copyright" will be good enough to restore access 
to funding--it doesn't, as far as I can see, comply with the requirements of the Act.  I do not believe I am authorized 
to commit civil disobedience in the name of our campuses, even if I believe Congress was mistaken.

  On two or three occasions, people have requested BitTorrent access to download updates for Linux-based systems.  I've 
been ready to accommodate this on two conditions that I don't think are too onerous:  that they use a static IP address 
so the exception can be made just for specific machines, and that they agree not to be sharing additional files beyond 
what those updates (see 1 above...).  Strangely enough, in each case, they've gotten back to me to say that they've 
found a way to get the updates they need without BitTorrent -- I'm not 100% certain, but my impression is that that 
happened with WoW too.  (An affiliate that goes through us to get to the Internet uses WoW in their work, or at least 
that's what they told me.)

  (We do not have residences on our campuses, so I can only imagine the additional pressures on those of you who do.  
But I can't see that the principles of our AUP wouldn't or couldn't be applied to a residential setting, and in my only 
recent direct experience of campus residential life
(3 recent summer sessions) the policy on network use appeared to be even stricter than our own.)

David Gillett, CISSP CCNP
Sr Security Engineer
Foothill-De Anza College District


-----Original Message-----
From: Kevin Hayes [mailto:krhayes () WAYNE EDU]
Sent: Tuesday, November 29, 2011 06:41
To: SECURITY () listserv educause edu
Subject: Re: [SECURITY] DMCA

The World of Warcraft updater uses BitTorrent to help distribute their patches.  Maybe not legitimate from an academic 
standpoint, but virtually essential if you ask people in Residential Life.

--Kevin

Kevin Hayes
Lead Systems Security Specialist
C&IT - Network Engineering and Security
Wayne State University
313-577-3454
krhayes () wayne edu

<<<  C&IT Staff will never, never, NEVER ask you for your password!
Please keep your computer and accounts safe - pass on the message!>>>


On 11/29/2011 9:32 AM, Joel Rosenblatt wrote:
> Used by our students
>
> Linux download, Skype
>
> See <http://net.educause.edu/ir/library/pdf/EST0901.pdf> THINGS YOU 
> SHOULD KNOW ABOUT… P2P
>
> <http://www.cs.columbia.edu/~danr/courses/6772/Fall06/papers/planetsca
> le.pdf>
> Planet Scale Software Updates
>
> My 2 cents
> Joel
>
>
> --On Tuesday, November 29, 2011 8:04 AM -0600 Brian L Cox 
> <coxbl2 () UNK EDU> wrote:
>
> > Ed,
> >
> > We block P2P traffic.  When we identify a new P2P application being 
> > used by a student we block their access to the network and require 
> > them to call and set up an appointment with our CIO before their 
> > access is restored.
> > That application is then added to the default blocking list  This may 
> > seem a bit harsh but it has resulted in only 2 notices sent to us so 
> > far this year.  We will allow legitimate P2P traffic and so far the 
> > only P2P traffic allowed is for those using games that require P2P 
> > for updates etc.
> >  We have yet to have anyone come forward with a legitimate 
> > educational use
> > for P2P.   I am sure those applications exist, but we have not
> > encountered
> > them so far.   This brings up a second part to this question....what, if
> > any, legitimate P2P applications have been identified being used on 
> > college campuses?
> >
> > _________________
> > Brian L Cox
> > Information Technology Services
> > Assistant Director of Network Services University of Nebraska Kearney
> > (308)865-8176
> >
> >
> >
> >
> > From:   "Hudson, Edward" <ewhudson () CSUCHICO EDU>
> > To:     SECURITY () LISTSERV EDUCAUSE EDU
> > Date:   11/28/2011 05:47 PM
> > Subject:        [SECURITY] DMCA
> > Sent by:        The EDUCAUSE Security Constituent Group Listserv
> > <SECURITY () LISTSERV EDUCAUSE EDU>
> >
> >
> >
> > Hi All,
> > Polling to see how other campuses are handling DMCA take down notices.
> > Ours has risen to a level current process is not working efficiently. 
> > We are hearing some universities are:
> > 1) Ignoring notices from copyright holders
> > 2) Outright blocking of file sharing as "95% are used for nefarious 
> > purposes"
> > Interested to see how other institutions are addressing.
> > Thanks
> > Ed
> >
> >
> > Ed Hudson, CISM
> > Information Security Office
> > California State University, Chico
> > http://www.csuchico.edu/isec/index.shtml
> > Office: (530) 898-6307
> > ewhudson () csuchico edu
>
>
>
> Joel Rosenblatt, Manager Network & Computer Security Columbia 
> Information Security Office (CISO) Columbia University, 612 W 115th 
> Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel 
> Public PGP key
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3