It doesn't pay to mess with RIAA. Here's how to sue-proof your network.
The pervasiveness of digital media has changed the nature of the intellectual property game and, to a large extent, perception of the issue among users. A poll we conducted recently on a Northeast college campus highlights the dichotomy: While 85% say copyright pirates are criminals, 76% believe it is legal to share copyrighted music files with friends if the music has been purchased legally. This wasn't a trick question, and it illustrates the need for corporate IT groups to issue clear policies on all copyrighted material, both internally produced and what may be brought onto your network.
9 Ways To Stay Out Of The RIAA's Sights1 Ensure that your organization's IT
policies explicitly forbid unauthorized
hosting or sharing of copyrighted
2 Include warning language to that
effect on guest machines and guest
wireless if provided.
3 Provide user training on copyright and
fair use. Materials are available from
industry groups, the Electronic Frontier
Foundation, and others.
4 Lock down computers you control to
regulate user-installed P2P apps.
5 Get help from perimeter defenses—
network access control systems,
packet shaping tools, and other security
apps often provide P2P filtering.
6 Check to see if you need a specialized
system from one of the RIAA's
three recommended vendors or other
7 Assess whether your operation could
be classified as an Internet service
provider; currently, educational institutions
are under that umbrella, but as
others start to offer ubiquitous Wi-Fi,
the definition is expected to broaden.
8 Review peer organizations and assess
the likelihood your shop may be
targeted for investigation.
9 Discuss your risk exposure with corporate
counsel and develop a response
plan ... before an industry
group knocks on your door.
Think that because your company produces lattes, not IP, you're off the hook? Say you oversee IT for a chain of coffee shops providing free Wi-Fi. What's your legal responsibility for policing the infrastructure for copyright violations?
It depends on whom you ask.
According to the Recording Industry Association of America and the Motion Picture Association of America, their member companies, and the artists they represent, as well as U.S. and some international law, your company is liable for any file sharing of copyrighted material on its network. If you provide Internet access and are defined as an Internet service provider, you can either provide legal authorities with the identities of copyright violators or be culpable yourself. Educational institutions are under that ISP umbrella, and municipalities that offer Wi-Fi are now in the RIAA's sights. Closed corporate networks are not considered ISPs--for now, anyway--but that doesn't mean you're immune.
One vendor rep interviewed for this story, who asked to remain anonymous, made it clear that his company's marketing plan has two faces, one touting peer-to-peer and copyright enforcement aimed at the educational, public, and small- and midsize-business markets, and a second pitch focusing on data leakage risks associated with P2P platforms for corporate clients. "I have never met with a large company that has been named in an RIAA suit," he says. "You draw your own conclusions."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.