The abuse of network resources to illegally obtain and distribute media or software, through peer to peer (P2P) networks, Usenet, or direct download, is a problem for many institutions of higher education. While The University of Southern Mississippi (Southern Miss) recognizes that there are legitimate uses for the previously mentioned applications, the University also understands that significant risks are implicit in the use of such applications. The Higher Education Opportunities Act of 2008 (HEOA) [34 CFR Section 668], specifically requires Universities to take steps to mitigate illegal downloads and P2P abuse. The university does not seek to ban any method for distributing or acquiring digital media, and will continue to support academic freedom and any technologies that can be used to foster collaboration. However, Southern Miss must also protect its assets and reputation, as well as comply with federal regulations.
Reason for Policy/Purpose
This policy is required for the effective communication of university policies regarding Peer-to-Peer usage. It has been revised in order to limit the exposure of the university to security risks and liabilities associated with the irresponsible use of university resources for illegal file sharing activities and bring Southern Miss into compliance with the HEOA.
Who Needs to Know This Policy
This policy applies to all individuals, regardless of affiliation or status with the University, at such time they are using any of the following resources: computer workstations, laptops, servers, networked appliances, and any other device if such device is owned by Southern Miss; or any device utilizing university network resources, even if that device is privately owned by an individual or third party.
Website Address for this Policy
Examples of permitted activity:
3.0 RIGHTS AND RESPONSIBILITIES
All individual persons or groups utilizing Southern Miss networks, including but not limited to Southern Miss employees, students, guests, external business entities and non-profit entities, shall bear legal and financial responsibility for events or consequences resulting from their own use of network resources.
Individual departments, colleges, administrative areas, and other entities must respond in a timely and efficient manner to all inquiries and complaints that arise in regard to this policy.
iTech and Southern Miss are required by federal law to report certain illegal activities to specified law enforcement agencies without notice to the user or the appropriate department.
4.0 TECHNOLOGY MITIGATION
iTech has implemented Audible Magic's CopySense Appliance (CSA), designed to mitigate illegal Peer-to-Peer (P2P) activity. The CSA attempts to:
5.0 SUGGESTED LINKS TO LEGAL SOURCES FOR DIGITAL MEDIA
Please read the disclaimer listed in the “RELATED INFORMATION” section before proceeding to external links.
6.1 Information Collection
Logs detailing P2P traffic and usage on the Southern Miss network will be collected. Logs will contain IP addresses involved in data transfer, direction of transfer (if retrievable), metadata (if retrievable), time, protocol used, and amount of data transferred. Logged information will be kept on the appliance for 15 days. Aggregate information generated from logged activity will be archived indefinitely.
6.2 Information Use
Logs will be subject to periodic review for enforcement of this policy.
Information collected may be used in aggregate format for reporting purposes.
Individual usage will not be actively or routinely monitored.
Logs maybe used to investigate complaints or suspicious traffic patterns.
Individual colleges, departments, functional or administrative areas, and entities of Southern Miss may request information about P2P usage pertinent to that area. This request may only be made by the dean, chair, department head, manager, or other leadership of the area requesting information. iTech will not release any information collected by the appliance to any entity external to Southern Miss unless compelled or obligated by law or court order, subpoena, warrant, or writ; with the exception of Audible Magic Corporation, which will receive data exclusively in aggregate format, with no personal identifying information, for purposes of internal statistical analysis.
7.0 ENFORCEMENTAND PENALTIES
7.1 University Community
Any faculty, staff, or student found to have violated this policy may be subject to disciplinary action, up to and including suspension, expulsion, and/or termination of employment in accordance with procedures defined by USM administrative policies stated in the handbook governing that individual.
7.2 Individuals not affiliated with Southern Miss
Any external entity, contractor, consultant, or temporary worker found to have violated this policy may be held in breach of contract, and as such, may be subject to grievances or penalties allowed by such contract.
7.3 Individual Wireless Internet Access Accounts
Any individual, regardless of their affiliation or status with the University, can have their wireless Internet access permanently suspended for egregious or multiple violations of this policy.
A notice of alleged copyright violation that complies with the Digital Millennium Copyright Act, will be referred to as a "DMCA notice." DMCA notices received by Southern Miss as a result of abuse while utilizing an individual wireless internet access account will be researched, and if possible matched with the individual responsible for the abuse.
Faculty, Staff and other University employees:
For all Guest/Temporary access:
The individual will have their access to the wireless network permanently banned if Southern Miss receives just one DMCA notice linked to the guest's account, or on any other offense of this policy.
For all non-University business entities:
Violations of this policy will be address as described in any contract with that entity, as allowed in this policy, or per resolution agreed, through arbitration, between the office of the CIO and the external entity.
7.4 Graduated Response
An automated process, known as "Graduated Response," has been implemented to modify the behavior of Southern Miss network users who abuse P2P.
Faculty, staff and students may appeal a decision to suspend individual wireless Internet access by submitting a written request to firstname.lastname@example.org. The appeal should include all pertinent facts and information related to the incident or event that led to the suspension of service. iTech will, re-examine all available information regarding the decision to suspend service and come to a decision. The suspension of a wireless Internet access account can only be appealed once.
Guest and Temporary users may not appeal to reverse the decision to suspend wireless Internet access.
In regards to penalties, other than the suspension of wireless Internet access, faculty, staff and students may appeal disciplinary decisions per the university handbook appropriate for that individual.
7.6 Legal and Civil penalties
17 U.S.C. Sec 504 specifies that an person infringing on copyright may be obligated to repay up to $30,000 per work in a civil action, or up to $150,000 per work if it is proven that the copyright infringement was willful.
18 U.S.C. Sec 2319 makes it a federal crime to infringe copyright when it can be proven that the violation was committed willingly with attempt to profit. An individual convicted of infringing copyright can face up to 10 years of imprisonment, depending on the specifics of the case.
The Chief Information Officer is responsible for the review of this policy every four years (or whenever circumstances require immediate review).
Neither the University of Southern Mississippi (Southern Miss) nor iTech is responsible for the content of any off-site pages that are referenced by or that reference the Southern Miss InfoSec Web Site.
Neither Southern Miss nor iTech is responsible for any defamatory, offensive, misleading or illegal conduct of other users, links or third parties, and the risk of injury from the foregoing rests entirely with the user.
Links from the Southern Miss InfoSec Web Site to other sites, or from other sites to the Southern Miss InfoSec Web Site, do not constitute an endorsement by Southern Miss or iTech.
It is the responsibility of the user to evaluate the content and usefulness of information obtained from other sites. All information provided by the Southern Miss InfoSec Web Site is made available to provide immediate access for the convenience of faculty, staff and students of Southern Miss. While iTech believes the information is reliable, human or mechanical error remains a possibility. Therefore, Southern Miss and iTech do not guarantee the accuracy, completeness, timeliness, or correct sequencing of information. Neither Southern Miss, iTech, nor any sources of the information shall be responsible for errors or omissions, or for the use of, or results obtained from the use of, the information.
Reference to any specific commercial products, processes, or services by trade name, trademark, manufacturer, or otherwise does not constitute or imply endorsement, recommendation, or favoring by Southern Miss, iTech, or its affiliates.
Amendments: Month, Day, Year – summary of changes