Peer-to-Peer (P2P) File Sharing Policy
Revised September 2, 2010
Table of Contents
.030 Effective Date
While Peer-to-Peer (P2P) technologies have many important and legitimate uses, P2P file sharing applications are often used to obtain copyrighted materials (e.g. music, movies, videos, text, etc.) without the permission of the owner or distributor while utilizing a disproportionate amount of network bandwidth and leaving the user's computer vulnerable to computer viruses. Running P2P file sharing applications on university computers also introduces the risk of inadvertently sharing files containing sensitive University Data. The purpose of this policy is to articulate Kansas State University's position on the use of Peer-to-Peer file sharing applications and the unauthorized acquisition or distribution of copyrighted or licensed material.
This policy applies to all students, faculty and staff, and other individuals using University information technology resources or data.
This policy became effective on November 13, 2009.
This policy responds to requirements in the Higher Education Opportunity Act of 2008 that universities develop plans to effectively combat the unauthorized distribution of copyrighted materials.
Use of Peer-to-Peer file sharing applications for the unauthorized acquisition or distribution of copyrighted or licensed material is prohibited on any University computer or University network. Furthermore, P2P file sharing applications commonly used for these illicit purposes may not be installed on any University computer, and technological deterrents will be used to block their use on the University network.
Any violation of this policy may result in the suspension of access to network resources or other appropriate university discipline, up to and including termination of employment and/or expulsion. In addition, the unauthorized acquisition or distribution of copyrighted or licensed material, including unauthorized peer-to-peer file sharing, may subject individuals to civil and criminal liabilities.
Kansas State University will annually inform students of this policy and associated procedures, consistent with the requirements of the Higher Education Opportunity Act of 2008.
Digital Millennium Copyright Act (DMCA) - A federal law passed in 1998 that revised copyright law for the digital environment to, among other things, define how alleged copyright infringements are to be handled and establish liability limitations for "online service providers."
Peer-to-Peer (P2P) - A network environment where participants share their resources (such as files, disk storage, or processing power) directly with their peers without having to go through an intermediary network host or server.
Peer-to-Peer file sharing applications - Programs or services that use P2P technology to share music, movies, software, or other digitally stored files.
University computer - Any computer considered to be the property of Kansas State University.
University network - Any part of K-State's data network physically located on the Manhattan or Salina campus. This includes devices on the network assigned any routable and non-routable IP addresses, typically 129.130.X.X or 10.X.X.X, respectively, and applies to K-State's wireless network and the network serving K-State's student residence halls and Jardine Apartments.
Chief Information Security Officer (CISO) - the CISO will determine the set of prohibited P2P file sharing applications, with input from K-State's Security Incident Response Team. The CISO is also responsible for technology-based deterrents used to enforce this policy.
Office of Student Life - is responsible for notifying students about this policy at the beginning of every fall semester.
The Chief Information Security Officer will maintain and publish a list of P2P file sharing applications that are commonly used for unauthorized acquisition or distribution of copyrighted or licensed material. Examples include but are not limited to Ares, BitTorrent, eDonkey (aka eMule), and Gnutella (aka LimeWire). These applications cannot be installed on University computers and will be blocked on the network using appropriate technology-based deterrents.
A University web site http://SecureIT.k-state.edu/filesharing.html will provide information about alternatives to illegal file sharing and about K-State's program to combat unauthorized acquisition or distribution of copyrighted or licensed material.
Notices of alleged copyright infringement per the Digital Millennium Copyright Act (DMCA) will be handled according to the following procedure: http://www.k-state.edu/its/security/procedures/DMCAnotice.html
K-State copyright and intellectual property information: http://www.k-state.edu/academicservices/intprop/copyright.htm
K-State Information Technology Usage Policy: http://www.k-state.edu/policies/ppm/3400/3420.html
K-State Security for Information, Computing and Network Resources policy: http://www.k-state.edu/policies/ppm/3400/3430.html
K-State procedures for removing compromised computers from the network: http://www.k-state.edu/its/security/procedures/compromised.html
K-State Student Conduct Code: http://www.k-state.edu/osas/code.html
Higher Education Opportunity Act of 2008 (H.R. 4137): http://www.ed.gov/policy/highered/leg/hea08/index.html
Criminal penalties and civil remedies for violation of Federal copyright laws are summarized in the Congressional Research Services report titled, "Intellectual Property Rights Violations: Federal Civil Remedies and Criminal Penalties Related to Copyrights, Trademarks, and Patents"http://assets.opencrs.com/rpts/RL34109_20081031.pdf.
U.S. Copyright Office information on designating an agent for notification of claims of infringement: http://www.copyright.gov/onlinesp/
K-State's registration with the U.S. Copyright Office designating the agent for notification of claims of infringement:http://www.copyright.gov/onlinesp/agents/k/kstateu.pdf
Summary of the DMCA: http://www.copyright.gov/legislation/dmca.pdf
Full text of the DMCA: http://www.copyright.gov/legislation/pl105-304.pdf
The Chief Information Officer (CIO) is responsible for this policy. The CIO or designee must approve any exception to this policy. Questions relating to this policy should be directed to K-State's designated copyright agent (see http://www.k-state.edu/copyright.html). Questions about the list of prohibited P2P file sharing applications should be directed to the Chief Information Security Officer.