THIS WEEK
Cover News
Opinion A & E
Sports Intramurals
Calendar Comics
 
YH FEATURES
Exclusive
Archives/Search
Planet of Sound
Speak Your Mind
Pick the Pros
Crossword
 
ONLINE TOOLS
Ground Zero
Sublet Search
Rideboard
Book Shopper
Blue Book Search
 
ABOUT US
the Yale Herald
YH Online

Get Up, Stand Up

By Kushal Dave

On Mon., Oct.18, Carnegie Mellon University's Computing Services cracked down on mp3's on its internal network, removing any computers found in violation of copyright rules (including those for games and movies) during a random search of the CMU network. In all, 73 computers of the 250 searched were removed.

The drastic measures, according to Paul G. Fowler, Associate Dean of Student Affairs at CMU, were the result of complaints from the Recording Industry Association of America (RIAA), which actively attempts to stop violation of musicians' copyrights by mp3 sites. Although the RIAA had been alerting CMU for some time of offending FTP and web sites, Fowler said, two messages arrived on the same day complaining that illegal files were being shared within the school’s internal network, the Windows Network Neighborhood.

'I about had a cow'

CMU Computing Services asked to conduct the survey to determine the scale of the violations. John Lerchey, the head of Distributed Workstation Services, suggested the penalty should be loss of network access until the end of the semester, but after the extent of the problem became clear, Fowler suggested it be reduced to four weeks for those who attended a class on copyright law. "After Computing Services informed me that there were 71 machines in violation, I about had a cow," Fowler said. "I was anticipating ten to fifteen."

The punishment was still less than normal for violation of their "Acceptable Use Policy" (AUP), common networking parlance for a document which lists what is permitted online. Generally, mediation results in the student losing access for one year and being placed on disciplinary probation. Of course, they do have a choice. "We always give the students the option of a university hearing or having this turned over to the police to resolve," Fowler said. "They take the mediation!"

Daniel Updegrove, Director of Information Technology Services, said Yale has also been in touch with RIAA. "Yale has, from time to time, received correspondence from RIAA alleging specific violations of RIAA member copyrights," he said. "By policy, the University actively investigates such allegations of violation of Federal copyright law, and any members of the Yale community who violate such laws are subject to both University and legal sanctions."

Daniel Folkenshteyn, JE '02, was caught by ITS for running "a nice FreeBSD 2.2.8 server, with all episodes of Southpark and 11 gigs of mp3s and some apps" when after half a month ITS shut him down, noticing the spike in network traffic. "I had to meet with them [ITS] and have a nice discussion about it, and they were very reasonable," he said. "So i got my net access back after having had to read and sign the net use policies and promising to follow them."

'Doing nothing that any other student couldn't do'

Controversy arose at CMU when it was discovered that Computing Services personnel attempted to read password-protected folders by using the login and password 'mp3' and by searching for logins and passwords in public text files. Although clearly intended for public consumption, many still consider these methods of infiltration into private directories to be unauthorized access. Fowler characterized it as "doing nothing that any other student couldn't do."

Updegrove felt it raised some interesting issues. "To the extent that some CMU student files and folders were nominally 'protected' by passwords that were intended to be guessed easily, or that were deliberately disclosed in other files or folders, one could have an interesting debate about whether university officials' inspection of their contents constitutes a violation of privacy," he said.

One CMU student had a more pragmatic view of this issue. "Some of the affected students might have been a little more creative with their passwords for shared folders," said William Merriman, '02.

Other students felt the search was generally unfair. &qupt;I think it is difficult to form the argument that a person making mp3's available to the public is a violation of copyright infringement, and therefore should be dealt with by the school before the affected parties bring suit," said Craig Gomulka, a CMU graduate student whose web page contains commentary and links related to mp3's. "What resides on a person's computer's hard drive is personal property, and the way in which CMU conducted the surprise raid is also in violation of student and citizen privacy rights."

Philip W. Fong, '02 headed a committee investigating the incident for the Student Dormitory Council and the Student Senate, which eventually settled on some resolutions. "Basically, most people feel that the rules should be enforced," Fowler said. "But they have a problem with how it was enforced this time." He cited the disruptive disconnection of people's internet service, lack of notification prior to disconnection. "This screwed up people's work," he said. He noted the irony of students being told they were disconnected three hours after the fact, via e-mail.

Investigators guessing passwords was also a distinct issue for Fong. "It is not clear whether the university policy allows this," he said. "This is further complicated by the fact that the copy of the policy on the computing services server is different then the one of the official policy server."

Kevin M. Babbitt, '00, editor-in-chief of CMU's weekly The Tartan told The New York Times that "At first . . . students were upset, surprised, and angry." Fowler echoed this assessment but attributed much of it to students who "thought the worst."

'In hindsight, no'

Asked whether other schools should follow CMU's example, especially if pressure is applied by RIAA, Fowler said, "In hindsight, no. We should have been warning and educating students all along." He added, "It wasn't the pressure from the RIAA that was getting under my skin — it was actually having to take the time to deal with situations that should not be occurring on campus. My hope is that the RIAA will leave us alone since we have acted internally."

CMU was actually one of the first adopters of the RIAA's Soundbyting plan to increase copyright awareness, but Fowler says plans are to further increase education, rather than conduct additional surprise searches. "Now we have facts for which we will develop protocol," he said. "That protocol will be expanded education and outreach along with the revision of policies and guidelines, including clear examples. In the future, if we hear that there are problems, we'll send warnings and announce reviews. From the outset, our primary goal has been to protect students from potential harm."

Updegrove is opposed to drastic action. "It appears from press reports that there were at least two results of the CMU actions. One, university officials determined that violation of copyright law and university policy was more widespread than had been believed previously, and two, students at that university became better informed of the existence of copyright law and relevant university policy and were put on notice that violation of law and policy would be taken seriously by the university," he said. "We would prefer to achieve the second result by other means."

For the record, then, Yale's AUP states, "Users must observe intellectual property rights including, in particular, copyright laws as they apply to software and electronic forms of information." Students, on the other hand, have different ideas. "I don't think a university should get involved in the regulation of mp3's," said Michael Cheung, PC '02.

Folkinshteyn had a mixed response. "They had full right to go into people's public folders which had no password protection to look for mp3s, but they should not have tried to guess the password like 'mp3' or something like that, because they have no reason to guess user's passwords," he said. "I also think the students had it coming, although my sympathies still lie with the students since they imposed such harsh sanctions on them, as well as giving them no opportunity for defense before the imposition of the sanctions. I also think that all that that is going to accomplish is people putting passwords on their folders, and when people want to download they will just email the dude for the password to his mp3 folder."

Additional Links:

Back to YH Features...

 

 

All materials © 1999 The Yale Herald, Inc., and its staff.
Got any questions, comments, or advice? Email the online editors at
online@yaleherald.com.
Like to join us?