Cyber Stealing

You've heard the story before.

For years, headlines have told the tales of individuals being sued by the Recording Industry Association of America. Music downloading, copyright infringement, fair use---we get it already. College students are the most likely users of peer-to-peer programs, which are often used to download music illegally. And colleges, facing new, unsteady judicial grounds on the Internet, are scrambling to figure out what to do.

Since 2003, when the first lawsuit was filed against individuals who were involved in downloading music and violating copyright laws, the Recording Industry Association of America has settled or threatened legal action against more than 30,000 people in the United States.

And starting in February of last year, the RIAA began targeting institutions of higher learning, sending pre-lawsuit notices to universities to turn over the names of students-identified by their IP addresses-who illegally downloaded music.

The letters offered a settlement to students who contacted the RIAA within 20 days, usually of an amount between $2,000 and $4,000.

Within a year, the RIAA sent out 5,404 letters to college students from more than 160 schools across the country, according to a report by the Electronic Frontier Foundation.

Universities nationwide, including Duke, have had to grapple with how to address the illegal activity of student downloading. But do these policies protect students from the RIAA's interference with Honor Codes and community standard policies? Where do universities draw the line between privacy and piracy?

Jackie Thompson, a junior, was one of the students at the University contacted by the RIAA after illegally downloading music and violating copyright laws. Thompson, who asked that her real name not be used, started downloading music in high school.

"I am a college student that has to take out two work-study jobs to pay for my expenses," Thompson explains. "I certainly could use the money a lot more than [the RIAA]. It makes me sick that the money that I have been saving from babysitting jobs, waitressing and work-study is used to pad the pocket of a government bureaucrat. That money means little to them, but means a lot to me."

Thompson is one of 21 students at Duke who have received settlement offers (40 others have received pre-litigation notices and eight have been served subpoenas).

But the trend isn't unique to Duke. College students have been the largest demographic to use P2P networks for music downloading, which isn't surprising, considering the first Web site that promoted illegal downloading was created by a college student. In 2002, an estimated 44 percent of 18-24 year olds reported downloading music at least once, according to Edison Media Research.

Headlines about the take-down of file-sharing networks have been in the news for years, since Napster, one of the first P2P programs, was sued and subsequently shut down in the late '90s.

"It was easy to shut that down because even though the files were everywhere, you had to go to one server to find out where they were," explains Owen Astrachan, professor of the practice of computer science and co-director of undergraduate studies for the department. "It was all stored in a central directory, so you would go to Napster's server to find what you needed. All connections were from computers all over the place but it was in one central place, which made it easy to shut it down and easy to sue for copyright violations."

Now, commonly-used P2P programs such as BitTorrent and LimeWire are decentralized, making it harder to completely shut down or stop, which may be one reason why the RIAA has begun targeting individuals.

"Companies such as LimeWire enable users to download music for free," Thompson explains. "They provide incentives for you to steal, and even make money off of music downloading by selling ads. That would be like Macy's giving you clothes for free, and then you getting arrested for shoplifting."

According to a report published in New Media & Society by William Kinnally, motives for downloading music among college students can range from entertainment, to social interaction to economic utility.

But studies show that many students do not see illegal music downloading as stealing. Because the transaction requires little to no effort, it has become prominent on college campuses, where economic need and readily accessible technology collide.

"It's just easier because you can get [music] without going to the store and taking the jewel case in which the CD is located," Astrachan says. "Arguably it's the same thing-you're taking something that doesn't belong to you. And it's at no cost to you, so you can do it thousands of times quickly and easily."

Although Thompson says that she sees her actions as stealing, she has found ways of getting music that will not come with a $3,000 price tag-or any price tag at all.

"Now that the RIAA has stolen from me, however, I feel no reason to respect them," she says, "I have found my own ways of obtaining music and hope to never have to pay for it again."

The RIAA began specifically targeting colleges and universities in 2007, causing adminstration in the institutions to adopt to a new landscape in copyright law. Duke, like most universities, has formed a set of policies for illegal downloading behavior among students.

Earlier this year, Vice President for Student Affairs Larry Moneta and Vice President for Information and Technology Tracy Futhey sent an e-mail to the Duke student body explaining the laws surrounding copyright infringement and Duke's policy in dealing with it.

"Complying with copyright law is an essential part of the Duke Community Standard and of being a Duke student," they wrote in the e-mail. "It is also the right thing to do as a member of an intellectual community."

Yet Moneta says in an interview with Towerview that copyright infringements are "not a judicial matter," even with the violation of the Duke Community Standard and Honor Code. Because of the inability to collect sufficient evidence when it comes to P2P file downloading, students-even those in legal trouble with the RIAA-do not face judicial punishment on campus.

What kind of message is the University sending when it ignores incidences of illegal activity on its own campus?

A new Duke policy requires evidence of the transaction between both the student who acts as a server for the copyrighted material and the party that downloads from them.

Moneta adds, however, that Duke's new policy is one of the most protective policies of individual privacy in America.

"This new policy is a novel approach," Moneta says. "I'm imagining it will be within a matter of days that my colleagues around the country will be contacting me asking, 'What's up, and has the RIAA come down to hammer you about this?'"

Those peer institutions have dealt with the threats from the RIAA in different ways. Until recently, Duke's policy was like that of many schools across the U.S.: to deliver RIAA messages to students without discretion, without taking judicial action against student offenders.

Duke's recent policy change came about when administrators realized that the RIAA often served notices without sufficient evidence that students had actually violated copyright law.

The process by which the RIAA obtains information about the illegal activities of students is still not widely known-even by University officials, says Stephen O'Donnell, senior communications strategist at OIT.

"The RIAA does not share their processes," he says. "We are not sure what types of tools the RIAA or other copyright owners use, or how they determine what users or service providers to contact."

For security purposes, Duke stores IP addresses for two weeks. After those two weeks, a record of what registered computer was using bandwidth under what IP is history that cannot be retrieved.

Moneta says that although some students assume the RIAA notices are a result of the Duke administration reporting student activity to record companies and the government, that claim is untrue.

"Duke has two first principles here. On one side, students have a right to privacy. We have to protect that, so we don't give out your IP addresses willy-nilly or reveal you or your activity to the RIAA," Moneta says. "But on the other end of the spectrum is a deep respect for copyright holders. As a research institution that values intellectual property, how can we not respect that right? Those are the two real ethical principles we are trying to balance."

Some peer institutions across the nation do have stricter judicial repercussions for illegal downloading. Stanford University started charging students for each complaint received from the RIAA-the first costing $100, $500 for the second and $1,000 for the third, according to Stanford policy published on the Residential Computing Department Web site. The University of Wisconsin's student newspaper, The Spectator, reported in November that students have been forced to drop out due to exorbitant pre-litigation settlement fees.

Most universities fall closer to the middle, with policies similar to Duke's previous policy, where pre-litigation letters are forwarded to the student, even if there is a lack of sufficient evidence.

But with a step-by-step guide to running P2P applications (available online from OIT) and one of the most liberal policies regarding suits, is Duke encouraging illegal activity that is in direct violation with the Duke Community Standard? Does the University promote these illegal practices while simultaneously complying with RIAA notices and fines against students?

No, say University officials.

"The response to that would be that we don't operate under the assumption that people are looking to do illegal things," Moneta says. "P2P can also serve for the movement of legitimate files."

Earlier this year, the Los Angeles Times Technology Blog published results from a survey of American college campuses that showed that 64 percent of students download music through P2P networks.

Even with legitimate information transferring over these networks, many students utilize them solely for illegal activity, the study points out. To a population that is prone to illegal downloading, some claim that colleges and universities across the country should be doing more to stop this kind of activity instead of allowing-or even condoning-it.

Six months after the lawsuits began against individuals, more than 20 million Americans were using P2P file sharing software-that's one in six people with Internet access, according to the Pew Internet and American Life Project. And according to the Electronic Frontier Foundation, "The RIAA's lawsuit campaign against individual American music fans has failed."

The cause for the failure? Astrachan says the global nature of the problem and the fact that violations are so widespread, make it impossible for the RIAA to ever fully eradicate P2P downloading in the mainstream digital music marketplace.

"People are pretty ingenious," he says. "They're not going to stop [illegal downloading] with the Internet working the way it is. If they shut down one something else pops up."