Ten ways to combat illegal file sharing

1. Comply with both the letter and spirit of the law. Part of being compliant is not just putting in place technology barriers, but also leveraging teachable moments, employing a three-strikes model (or graduated response) for students, and making sure that the end goal of being HEOA compliant is to build better digital citizens.

2. Involve all key constituencies, such as those who deal with federal funding, student and judicial affairs, legal counsel, residential/housing, IT, campus decision-makers, and students and faculty.

3. Define clear policies that fit your school’s philosophy. For example, will your approach to illegal file sharing be proactive or reactive? What is considered an infraction? How will that infraction be communicated? What sanctions should be in place for when an infraction occurs?

4. Address all legal issues, and not just HEOA compliance; for example, individual privacy issues, net neutrality, academic freedom, and so on.

5. Assess the effectiveness of whatever technologies you use, such as the cost, impact on the network, impact on campus policies, how much they measurably reduce illegal file sharing, how many offenders resume illegal file sharing, and so on.

6. Know the impact of your network architecture, such as bandwidth needs, asymmetric routing, integration with other network resources, and Network Address Translation and Dynamic Host Configuration Protocol.

7. Know what technologies are available, such as deep packet inspection, bandwidth shaping, blocking devices, homegrown solutions, and copyright detection products.

8. Measure overall effectiveness by tracking the reduction in DMCA notices, the reduction in file-sharing activity, and the reduction in P2P bandwidth usage.

9. Know that it’s not enough simply to respond to Digital Millennium Copyright Act (DMCA) copyright infringement notices. Institutions should try to be proactive, not just reactive, and they should prepare to set clear rules, enforce these rules, and include educational components in their plan.

10. Calculate a budget for executing your plan, including both a capital and operating budget. Identify potential shrinkages in the future, and determine the potential cost of any legal mandates and risks.

Central Washington University (CWU) is one institution that took steps to comply with HEOA before the mandate was even created.

In 2002, CWU began receiving Recording Industry Association of America (RIAA) notices and decided to establish a partnership between IT, housing, and student affairs to develop a plan of action.

“In 2002 our goals were to eliminate violations, reduce the number of illegal P2P attempts, reclaim our ResNet bandwidth, reclaim IT staff time, and improve student awareness,” said Jason Gerdes, ResNet specialist for CWU.

Gerdes explained that through proactive staff training and educating students about the effects of illegal file sharing, as well as by implementing Audible Magic’s CopySense—a network-based solution that identifies and blocks copyrighted files while allowing other legitimate P2P sharing—and Packeteer PacketShaper, the university was optimistic about cutting back on illegal file sharing.

“We also developed a registration quiz for students,” said Gerdes. “Basically, every time a student connects to ResNet for the first time, they must take a quiz about our campus acceptable-use policy. The questions alternate from person to person to allow for no cheating, the student has to answer eight or more questions correctly, and they only have to take the quiz once. If the student doesn’t get eight or more correct, they just have to take the quiz over again. Any missed questions, regardless of if they pass or not, will provide the correct answers.”

CWU also implemented a “three-strike” policy for students, with each infraction resulting in the following sanctions: