For all the high-tech tactics colleges have employed to slow or block students' illegal file sharing activity, few have actually turned to methods used in the classroom to get the message across. A university in Missouri thinks it's found the right solution, combining an age-old teacher's tool with a dash of discipline.
Last academic year, Missouri University of Science and Technology, in Rolla, received some 200 Digital Millennium Copyright Act "takedown" notices from the recording industry, notifying the institution that users of its network had made copyrighted works available for download. This academic year -- at a time when colleges across the country have been experiencing sudden spikes in copyright complaints -- the university received eight. Karl F. Lutzen, a systems security analyst at the university, chalks it up to Missouri S&T's unusual method of regulating students' network usage: In order to download (or upload) files on any peer-to-peer network whatsoever, all on-campus users have to pass an online quiz on copyright infringement.
But not just once. Passing the test -- with a perfect score -- enables peer-to-peer access for six hours on the user's on-campus registered machines, presumably enough time to download that (legal) song, TV show or e-book. The next time, the student, staff or faculty member has to go to the intranet Web page and take the randomized test again, for a maximum of eight uses per month (which, kind of like vacation days, can accrue to at most 20).
"The idea is that we had a policy where we permitted peer-to-peer protocols for educational and research use," Lutzen said, and as long as it was for legitimate reasons, "we didn’t have a problem with people using it.... This solution, more or less, through educational and technical controls, enforces that policy."
The system works by taking advantage of "traffic shaping" technology used by most campus networks to prioritize certain types of data over others. For example, without traffic shaping that limits outgoing peer-to-peer traffic (regardless of a university's policy on file sharing), a campus network could easily and quickly become a hub for downloaders around the world. By quickly isolating specific users and turning their ability to send and receive peer-to-peer data off or on, Missouri S&T is harnessing the traffic shaping technology to tie access to the online quiz.
"Based on the amount of grumbling it’s actually working pretty well," Lutzen said.
When students pass the quiz, P2P access is granted within 10 seconds for use by any program, whether it's a game or software program that needs to download an update, LimeWire, BitTorrent or another program. From that point on, there's no way for the university to monitor whether users' file-sharing activity is legal -- but, on the other hand, there's also no way for them to claim ignorance. If a student fails to make a perfect score, though, he or she has a minute or two to try again. But the questions change, and so does the order. Theoretically, students can memorize the questions, Lutzen said, but they'd still have to pay attention to how the answers are arranged (which also changes) and end up learning the material anyway.
Questions include asking students what kinds of works are protected by copyright and the difference between copying a CD and downloading music. The university's sanctions for violations of copyright policy are strict: 14 days of revoked network access for the first offense and 28 days, plus community service, for the second, and so on.
Colleges have taken widely divergent approaches to the problem of illegal file sharing, from a "look the other way" philosophy to complete bans. Most inform their students of the legal aspects of peer-to-peer networks and (sometimes reluctantly) hand over "pre-litigation" letters sent by the recording industry that offer certain students discounted settlements in order to avoid copyright infringement lawsuits. Some have gone so far as to block peer-to-peer access altogether, and others -- like Missouri S&T -- offer legal alternatives, such as Ruckus.
But the combination of strict enforcement on the campus network and educational requirements is novel. Last year, the University of Michigan used similar traffic-shaping tools to begin informing students when they were uploading data over peer-to-peer networks, but that hasn't been matched with any blocking mechanisms. Michigan's goal was to prevent students from inadvertently offering copyrighted content for others to download -- which is sometimes the default option on file-sharing programs -- and becoming susceptible to litigation. (Missouri S&T, formerly the University of Missouri at Rolla, essentially accomplishes the same goal, because uploading on peer-to-peer networks is also limited to the six-hour blocks enabled by the quiz.)
"I think that this is an interesting and new area, I think it’s great to have a thousand flowers bloom and try different things," said Tracy Mitrano, the director of Cornell University's IT policy as well as its Computer Policy and Law Program. At Cornell, she said, students who receive DMCA notices take an intensive educational program that they must pass. Missouri S&T's program, meanwhile, was "another layer deeper" than Michigan's system, dubbed BAYU (for Be Aware You're Uploading), she said.
Mitrano added that she and others at Cornell were discussing how to move some of its post-infringement educational resources to the "front end," when students enroll, since many come into college with downloading habits ingrained since middle school. It's better “trying to front-load it rather than have it be 'discipline' even though it’s just education,” she said.
Lutzen agrees: "I think the model of putting education up front and limiting the usage is what needs to be looked at. How that’s done is up to the institution."