1. K-State home
  2. »Policies
  3. »PPM
  4. »3400
  5. »Peer-to-Peer (P2P) File Sharing Policy

Policies

Internal Audit Office

Kansas State University
214 Anderson Hall
Manhattan, KS 66506-0118

 

785-532-7308
785-532-0186
internalaudit@k-state.edu

Peer-to-Peer (P2P) File Sharing Policy

Chapter 3490
Revised September 2, 2010

Table of Contents

.010 Purpose
.020 Scope
.030 Effective Date
.040 Authority
.050 Policy
.060 Definitions
.070 Roles and Responsibilities
.080 Implementing Procedures
.090 Related Laws, Regulations and Policies
.100 Questions/Waivers

.010 Purpose

While Peer-to-Peer (P2P) technologies have many important and legitimate uses, P2P file sharing applications are often used to obtain copyrighted materials (e.g. music, movies, videos, text, etc.) without the permission of the owner or distributor while utilizing a disproportionate amount of network bandwidth and leaving the user's computer vulnerable to computer viruses. Running P2P file sharing applications on university computers also introduces the risk of inadvertently sharing files containing sensitive University Data. The purpose of this policy is to articulate Kansas State University's position on the use of Peer-to-Peer file sharing applications and the unauthorized acquisition or distribution of copyrighted or licensed material.

.020 Scope

This policy applies to all students, faculty and staff, and other individuals using University information technology resources or data.

.030 Effective Date

This policy became effective on November 13, 2009.

.040 Authority

This policy responds to requirements in the Higher Education Opportunity Act of 2008 that universities develop plans to effectively combat the unauthorized distribution of copyrighted materials.

.050 Policy

  1. Use of Peer-to-Peer file sharing applications for the unauthorized acquisition or distribution of copyrighted or licensed material is prohibited on any University computer or University network. Furthermore, P2P file sharing applications commonly used for these illicit purposes may not be installed on any University computer, and technological deterrents will be used to block their use on the University network.

  2. Any violation of this policy may result in the suspension of access to network resources or other appropriate university discipline, up to and including termination of employment and/or expulsion. In addition, the unauthorized acquisition or distribution of copyrighted or licensed material, including unauthorized peer-to-peer file sharing, may subject individuals to civil and criminal liabilities.

  3. Kansas State University will annually inform students of this policy and associated procedures, consistent with the requirements of the Higher Education Opportunity Act of 2008.

.060 Definitions

  1. Digital Millennium Copyright Act (DMCA) - A federal law passed in 1998 that revised copyright law for the digital environment to, among other things, define how alleged copyright infringements are to be handled and establish liability limitations for "online service providers."

  2. Peer-to-Peer (P2P) - A network environment where participants share their resources (such as files, disk storage, or processing power) directly with their peers without having to go through an intermediary network host or server.

  3. Peer-to-Peer file sharing applications - Programs or services that use P2P technology to share music, movies, software, or other digitally stored files.

  4. University computer - Any computer considered to be the property of Kansas State University.

  5. University network - Any part of K-State's data network physically located on the Manhattan or Salina campus. This includes devices on the network assigned any routable and non-routable IP addresses, typically 129.130.X.X or 10.X.X.X, respectively, and applies to K-State's wireless network and the network serving K-State's student residence halls and Jardine Apartments.

.070 Roles and Responsibilities

  1. Chief Information Security Officer (CISO) - the CISO will determine the set of prohibited P2P file sharing applications, with input from K-State's Security Incident Response Team. The CISO is also responsible for technology-based deterrents used to enforce this policy.

  2. Office of Student Life - is responsible for notifying students about this policy at the beginning of every fall semester.

.080 Implementing Procedures

  1. The Chief Information Security Officer will maintain and publish a list of P2P file sharing applications that are commonly used for unauthorized acquisition or distribution of copyrighted or licensed material. Examples include but are not limited to Ares, BitTorrent, eDonkey (aka eMule), and Gnutella (aka LimeWire). These applications cannot be installed on University computers and will be blocked on the network using appropriate technology-based deterrents.

  2. A University web site http://SecureIT.k-state.edu/filesharing.html will provide information about alternatives to illegal file sharing and about K-State's program to combat unauthorized acquisition or distribution of copyrighted or licensed material.

  3. Notices of alleged copyright infringement per the Digital Millennium Copyright Act (DMCA) will be handled according to the following procedure: http://www.k-state.edu/its/security/procedures/DMCAnotice.html

.090 Related Laws, Regulations, or Policies

  1. K-State copyright and intellectual property information: http://www.k-state.edu/academicservices/intprop/copyright.htm

  2. K-State Information Technology Usage Policy: http://www.k-state.edu/policies/ppm/3400/3420.html

  3. K-State Security for Information, Computing and Network Resources policy: http://www.k-state.edu/policies/ppm/3400/3430.html

  4. K-State procedures for removing compromised computers from the network: http://www.k-state.edu/its/security/procedures/compromised.html

  5. K-State Student Conduct Code: http://www.k-state.edu/osas/code.html

  6. Higher Education Opportunity Act of 2008 (H.R. 4137): http://www.ed.gov/policy/highered/leg/hea08/index.html

  7. Criminal penalties and civil remedies for violation of Federal copyright laws are summarized in the Congressional Research Services report titled, "Intellectual Property Rights Violations: Federal Civil Remedies and Criminal Penalties Related to Copyrights, Trademarks, and Patents"http://assets.opencrs.com/rpts/RL34109_20081031.pdf.

  8. U.S. Copyright Office information on designating an agent for notification of claims of infringement: http://www.copyright.gov/onlinesp/

  9. K-State's registration with the U.S. Copyright Office designating the agent for notification of claims of infringement:http://www.copyright.gov/onlinesp/agents/k/kstateu.pdf

  10. Summary of the DMCA: http://www.copyright.gov/legislation/dmca.pdf

  11. Full text of the DMCA: http://www.copyright.gov/legislation/pl105-304.pdf

.100 Questions/Waivers

The Chief Information Officer (CIO) is responsible for this policy. The CIO or designee must approve any exception to this policy. Questions relating to this policy should be directed to K-State's designated copyright agent (see http://www.k-state.edu/copyright.html). Questions about the list of prohibited P2P file sharing applications should be directed to the Chief Information Security Officer.