Universities Cope with New Anti-Piracy Requirement

David Reis, director of IT security and policy at Thomas Jefferson University in Philadelphia, has been on what he calls a "nine-month journey" to figure out exactly how he's going to make sure his school doesn't break the law --even though they were never in trouble in the first place

Reis' headaches began at the end of last summer, just after President Bush signed into law the Higher Education Opportunity Act, the first reauthorization of the Higher Education Act since 1998. The act included several new provisions, but the one that has Reis and others on college campuses concerned is a new requirement that schools ensure they are doing all they can to combat illegal file sharing among students. The new rules, according to the wording contained in the legislation, requires institutions to develop plans to "effectively combat the unauthorized distribution of copyrighted material, including through the use of a variety of technology-based deterrents." Schools must also "to the extent practicable, offer alternatives to illegal downloading or peer-to-peer distribution of intellectual property." Any institute found to be non-compliant could lose federal funding.

The provision made its way through due to the heavy lobbying efforts of groups such as the Recording Industry Assocation of America and the Motion Picture Association of America. Until recently, the RIAA had been waging their fight to stop piracy among students by filing individual lawsuits against those accused of illegal file sharing. But recently the RIAA has said it has abandoned that strategy and will now focus efforts on working with Internet service providers to issue warnings to violators. They have also lauded this new provision in the HEOA.

But Reis said illegal file-sharing has never been a problem at Thomas Jefferson University and the requirement uses a broad brush to paint a picture that is inaccurate in many instances.

"We have not received one complaint about one student. Yet now we have to go out and incur the cost to solve a problem that we didn't really have," he said.

Reis estimates he will spend approximately $100,000 implementing new hardware and software in order to be in compliance with the regulation. But figuring out exactly what is needed is not easy. The HEOA is still in the negotiated rulemaking process, so the exact language and interpretation from the Department of Education is still forthcoming.

"Because the HEOA is in effect, campuses are under an obligation to make a good faith effort to comply with the law," according to Steve Worona, director of policy and networking programs with the non-profit organization EDUCAUSE, which supports higher education institution technologists. "But since the department hasn't issued any detailed regulations of what that means, campuses are pretty much on their own to figure out what that means."

Worona referenced a managers' report that was authored along with the legislation that defines the "technology-based deterrents." They include bandwidth shaping, traffic monitoring to identify the largest bandwidth users, a vigorous program of accepting and responding to Digital Millenium Copyright Act notices and a variety of commercial products designed to block or reduce legal file sharing. It's the fourth item on that list that Worona has heard concern about from many school IT officials. Using commercial products to block or reduce illegal file sharing is expensive. But the report states schools need to use some OR all of the technology-based deterrents listed, so the concern is misplaced, he said.