Wednesday, July 30, 2008

Educators Forced to Become MPAA's Cops

On July 30th, the House and Senate conferees approved the Higher Education Act reauthorization conference report, H.R. Rep. 110-803, to H.R. 4137. The bill, expected to become law soon, includes the College Opportunity and Affordability Act. Some may recall efforts last year to condition federal aid to universities on those institutions employing filtering technology. Senate Majority leader Harry Reid would have also mandated that the Secretary of Education compile a 25 “worst offenders" list of those schools with the highest levels of illegal P2P file sharing. The idea wasn’t original, MPAA had already compiled its the top 25 list. MPAA head Dan Glickman put out this press release at the time:

Some college students are abusing powerful taxpayer funded computer networks to download and distribute movies and other copyrighted material which is why we are committed to working with universities to develop and implement plans to address this problem. We commend Senator Reid for his leadership in getting this important legislation passed through the Senate which will help encourage universities to do more.

At the time, Mr. Glickman estimated that downloading at universities cost the industry $500 million annually. Why not the Austin Powers ONE BILLION DOLLARS? Apparently members of Congress later failed to read the MPAA’s January 2008 admission that its numbers in a commissioned survey about the extent of alleged unauthorized file sharing on campus were way off, the result of alleged “human error.” But even the new number was phony and also failed to take into account the fact that most students live off campus.

This raises one of the features of Washington DC that rightly baffles those outside the Beltway: how is that a trade association gets an issue so wrong, but then still manages to get legislation passed that addresses a non-problem that the association deliberately concocted? The answer, supplied by Mr. Glickman, is: leadership.

MPAA’s initial efforts were defeated fortunately, and the history of the bill during late 2007 and early 2008 is recounted in a series of very informative posts by Anne Broache for Cnet here , here, and here. Congress, in the bill that just passed, instead of mandating filtering and bad boy lists, mandated various requirements for educators to undertake, all of which involve spouting MPAA and RIAA’s propaganda. Here are the relevant pages from the Joint Explanatory Statement of the Managers in the Conference Committee report describing the requirements:

Institutional and Financial Assistance Information for Students.

The Senate amendment and the House bill require institutions to make available to current and prospective students the institution of higher education's policies and sanctions related to copyright infringement, including a description of actions taken by the institution of higher education to detect and prevent the unauthorized distribution of copyrighted materials on the institution of higher education's technology system.

Both the Senate and the House recede with an amendment to replace language in (iv) with language requiring institutions to make available the development of plans to detect and prevent unauthorized distribution of copyrighted material on the institution of higher education's information technology system which shall, to the extent practicable, include offering alternatives to illegal-downloading or peer-to-peer distribution of intellectual property, as determined by the institution of higher education in consultation with the Chief Technology Officer or other designated officer of the institution.

The Conferees have combined elements from both bills to require institutions to advise students about this issue and to certify that all institutions have plans to combat and reduce illegal peer to peer file sharing.

Experience shows that a technology-based deterrent can be an effective element of an overall solution to combat copyright infringement, when used in combination with other internal and external solutions to educate users and enforce institutional policies.

Effective technology-based deterrents are currently available to institutions of higher education through a number of vendors. These approaches may provide an institution with the ability to choose which one best meets its needs, depending on that institution's own unique characteristics, such as cost and scale. These include bandwidth shaping, traffic monitoring to identify the largest bandwidth users, a vigorous program of accepting and responding to Digital Millennium Copyright Act (DMCA) notices, and a variety of commercial products designed to reduce or block illegal file sharing.

Rapid advances in information technology mean that new products and techniques are continually emerging. Technologies that are promising today may be obsolete a year from now and new products that are not even on the drawing board may, at some point in the not too distant future, prove highly effective. The Conferees intend that this Section be interpreted to be technology neutral and not imply that any particular technology measures are favored or required for inclusion in an institution's plans. The Conferees intend for each institution to retain the authority to determine what its particular plans for compliance with this Section will be, including those that prohibit content monitoring. The Conferees recognize that there is a broad range of possibilities that exist for institutions to consider in developing plans for purposes of complying with this Section.

Numerous institutions are utilizing various technology based deterrent in their efforts to combat copyright infringement on their campuses. According to a report of the Joint Committee of the Higher Education and Entertainment Communities, many institutions of higher education have taken significant steps to deal with the problem. Indiana University, for example, hosts an extensive "Are you legal?" educational campaign for students on the issues, and enforces campus policies on proper use of the network. It acts on DCMA notices by disconnecting students from the network and requires tutorials and quizzes to restore service. Second offenders are blocked immediately and are sent to the Student Ethics Committee for disciplinary action.

Audible Magic's CopySense Network Appliance provides comprehensive control over Peer-to-Peer (P2P) usage on a university's network. The CopySense Appliance identifies and blocks illegal sharing of copyrighted files while allowing other legitimate P2P uses to continue. It filters copyrighted P2P content by sensing an electronic fingerprint unique to the content itself, which is very similar to the way virus filters operate.

Red Lambda's "Integrity" is a network security solution dedicated to the management of file-sharing activities via protocols like P2P, IM, IRC, and FTP. This technology is able to detect all P2P, OS file-sharing, FTP, IM, proxy use, Skype and application tunneling over HTTP, HTTPS, DNS and ICMP protocols.

The University of Maryland, College Park, severely restricts bandwidth for residential networks and block certain protocols. It designed "Project Nethics" to promote the responsible use of information technology through user education and policy enforcement. A third violation can result in eviction from the university housing system. Montgomery College in Maryland enforces an Acceptable Use Policy on its wired and wireless networks.

Additional existing technological approaches can deter illegal file sharing by automatically processing notices sent by scanning vendors then taking actions such as messaging the user via browser redirection, applying the appropriate sanction and automatically re-enable browsing after a timeout or reconnect fee is paid. Other institutions use technology to appropriately manage their campus networks by limiting and/or shaping bandwidth, such as Packeteer's packet shaping technology.

This statement, in all likelihood written by MPAA, is extraordinary in many respects, especially for its detailed endorsement of private sector products. No general principles here like the text of the bill, and that of course is one of the abuses of legislative history that Justice Scalia and others rightly complain about: the tenor of the legislative history would never have been able to pass as legislative text. But the legislative history was inserted to serve a long-term agenda: there is likely to be an effort in the next Congress to mandate these technologies. The MPAA, with figures no better than the ones they retracted, will complain about universities’ alleged failure to be MPAA’s cops, and will lobby for mandated use of technologies, along with forfeiture of federal funding for not doing so. Why not throw in a 10 year federal prison term (no parole in the federal system, btw) for the President of a University that isn’t up to snuff. Or, how about adopting Sarbanes-Oxley for university officials who will have to swear on penalty of perjury (and imprisonment) that they have fulfilled MPAA’s requirements?

Here is the relevant statutory language:

4 Section 485(a) (20 U.S.C. 1092(a)) is amended—
5 (1) in paragraph (1)—
6 (A) in subparagraph (G)—
7 (i) by striking ‘‘program, and’’ and in
8 serting ‘‘program,’’; and
9 (ii) by inserting ‘‘, and (iv) any plans
10 by the institution for improving the aca
11 demic program of the institution’’ after
12 ‘‘instructional personnel’’; and
13 (B) by striking subparagraph (M) and in
14 serting the following:
15 ‘‘(M) the terms and conditions of the loans
16 that students receive under parts B, D, and
17 E;’’;
18 (C) in subparagraph (N), by striking
19 ‘‘and’’ after the semicolon;
20 (D) in subparagraph (O), by striking the
21 period and inserting a semicolon; and
22 (E) by adding at the end the following:
23 ‘‘(P) institutional policies and sanctions re
24 lated to copyright infringement, including—
25 ‘‘(i) an annual disclosure that explic
26 itly informs students that unauthorized
1 distribution of copyrighted material, in
2 cluding unauthorized peer-to-peer file shar
3 ing, may subject the students to civil and
4 criminal liabilities;
5 ‘‘(ii) a summary of the penalties for
6 violation of Federal copyright laws; and
7 ‘‘(iii) a description of the institution’s
8 policies with respect to unauthorized peer
9 to-peer file sharing, including disciplinary
10 actions that are taken against students
11 who engage in unauthorized distribution of
12 copyrighted materials using the institu
13 tion’s information technology system;
25 U.S.C. 1094(a)) is amended—
1 (i) in paragraph (23)—
2 (I) by moving subparagraph (C)
3 two ems to the left; and
4 (II) by adding at the end the fol
5 lowing:
6 ‘‘(29) The institution certifies that the institu
7 tion—
8 ‘‘(A) has developed plans to effectively
9 combat the unauthorized distribution of copy
10 righted material, including through the use of a
11 variety of technology-based deterrents; and
12 ‘‘(B) will, to the extent practicable, offer
13 alternatives to illegal downloading or peer-to
14 peer distribution of intellectual property, as de
15 termined by the institution in consultation with
16 the chief technology officer or other designated
17 officer of the institution.’’.


Anonymous said...

Thanks for another great commentary on the music industry's campaign against its American customers. You might be interested in Cory Doctorow's latest post from across the pond:

Seems that the mafIAA are having a run of legislative good luck, both here in the US and in the UK. However, Cory rightly points out that passing increasingly intrusive laws which can't be effectively enforced will just encourage copyfighters to continue circumvention. Remember, cops and legislators (and university Presidents) work 40-hour weeks. The guys writing encrypted bittorrent protocols will use them to share movies and music 24 hours a day, and they're already getting away with it.

This new legislative text pretends that the MPAA is effectively fighting infringers and holding back the tide of technological advancement. In reality, US college classes start in about three weeks, and a brand new crop of students is about to begin using their high-bandwidth dorm room net connection to download high-definition movies without fear or remorse.

Cory's proposed solution is intriguing- I'd be interested in Bill's thoughts. Would the average person be willing to pay for an ASCAP-style bulk download license? And could the MPAA/RIAA be persuaded to sell rights on that basis?

William Patry said...

Steve, thanks for the link to Cory's piece on record labels and ISPs in the UK, which I read. The mechanical compulsory license and ASCAP licenses arose only because there were statutory laws that backed them up. As Cory points out the label-ISP deal in the UK is voluntary in the sense of not being mandated by a statute.

There has been nothing stopping RIAA and MPAA from offering voluntary license deals; they could have done so over a decade ago. I think the question is not whether universities should be forced by the government to enforce private rights, but rather why haven't those private interests done what other businesses do: try to sell their goods to the consumers?

Anonymous said...

why haven't those private interests done what other businesses do: try to sell their goods to the consumers?

Heh- because the law hasn't yet forced them to do so.

I don't know much about the genesis or history of ASCAP. Their website makes it appear that the beginnings of the association were entirely voluntary. I do know that there were some antitrust cases about licensing music, in which the Chicago-school "economic efficiency" arguments supporting the ASCAP/BMI model largely won out.

If ASCAP has its roots in legislation, is there hope that a similar clearinghouse might be established to license unlimited personal use?

William Patry said...

Steve, the antitrust cases go to things like ASCAP and BMI being limited to offering non-exclusive licenses rather than exclusive licenses, as well as equal license terms to those similarly situated.

Anonymous said...

considering that the supreme court has ruled p2p software legal this can be easily overturned

Anonymous said...

There has never been an adequate debate over the responsibility of third parties, such as colleges and universities or businesses with big networks, to "do the work of the MPAA" in terms of identification, interdiction and suppression of copyright infringements. Clearly, large institutional copyright owners would prefer a system of laws imposing some responsibility on others for that work. But it is a bit like requiring the third parties to take apart every machine they use from steam boilers to high-end electronic switching devices looking for potential patent infringements.

The Internet is, after all, interconnected. This advantage already makes the work of identification and interdiction relatively easy when compared to finding an illegal manufacturer of DVD's in Saigon. So what the MPAA is really looking for is help in actually suppressing infringements.

Instead of geeking out over the granular small-step laws being proposed by the music and film industry, a big issue focus on third-party responsibility for the suppression of communications is politically more feasible and socially more critical in terms of debate and action. If that suppression is rightfully identified as a social "wrong" it can be used as a shield against the seductions and heavy handed arm twistings of the film and music industry.

Sorry this post must be anon. Written from inside the beast where the infection of liberation is spreading.

Anonymous said...

I love this line, especially:

"This technology is able to detect all P2P, OS file-sharing, FTP, IM, proxy use, Skype and application tunneling over HTTP, HTTPS, DNS and ICMP protocols."

Yeah, sure it is -- for now.

And problem do they have with Skype? Seems odd that Skype is even mentioned.

Unknown said...

Doesn't every college student use Skype as a means of copying music by streaming the audio across VOIP and recording the "conversation"