Jan 25, 2008 (07:01 PM EST)
P2P Threats Call In The Copyright Cops

Read the Original Article at InformationWeek

1   2   3  
The pervasiveness of digital media has changed the nature of the intellectual property game and, to a large extent, perception of the issue among users. A poll we conducted recently on a Northeast college campus highlights the dichotomy: While 85% say copyright pirates are criminals, 76% believe it is legal to share copyrighted music files with friends if the music has been purchased legally. This wasn't a trick question, and it illustrates the need for corporate IT groups to issue clear policies on all copyrighted material, both internally produced and what may be brought onto your network.

9 Ways To Stay Out Of The RIAA's Sights
1 Ensure that your organization's IT policies explicitly forbid unauthorized hosting or sharing of copyrighted material. Period.
2 Include warning language to that effect on guest machines and guest wireless if provided.
3 Provide user training on copyright and fair use. Materials are available from industry groups, the Electronic Frontier Foundation, and others.
4 Lock down computers you control to regulate user-installed P2P apps.
5 Get help from perimeter defenses— network access control systems, packet shaping tools, and other security apps often provide P2P filtering.
6 Check to see if you need a specialized system from one of the RIAA's three recommended vendors or other alternatives.
7 Assess whether your operation could be classified as an Internet service provider; currently, educational institutions are under that umbrella, but as others start to offer ubiquitous Wi-Fi, the definition is expected to broaden.
8 Review peer organizations and assess the likelihood your shop may be targeted for investigation.
9 Discuss your risk exposure with corporate counsel and develop a response plan ... before an industry group knocks on your door.
Think that because your company produces lattes, not IP, you're off the hook? Say you oversee IT for a chain of coffee shops providing free Wi-Fi. What's your legal responsibility for policing the infrastructure for copyright violations?

It depends on whom you ask.

According to the Recording Industry Association of America and the Motion Picture Association of America, their member companies, and the artists they represent, as well as U.S. and some international law, your company is liable for any file sharing of copyrighted material on its network. If you provide Internet access and are defined as an Internet service provider, you can either provide legal authorities with the identities of copyright violators or be culpable yourself. Educational institutions are under that ISP umbrella, and municipalities that offer Wi-Fi are now in the RIAA's sights. Closed corporate networks are not considered ISPs--for now, anyway--but that doesn't mean you're immune.

One vendor rep interviewed for this story, who asked to remain anonymous, made it clear that his company's marketing plan has two faces, one touting peer-to-peer and copyright enforcement aimed at the educational, public, and small- and midsize-business markets, and a second pitch focusing on data leakage risks associated with P2P platforms for corporate clients. "I have never met with a large company that has been named in an RIAA suit," he says. "You draw your own conclusions."

InformationWeek Reports