This presentation provides and overview of 34CFR668 for HEOA P2P requirements. It is offered in concert with an assessment program also on SlideShare and the post on blog.thehigheredcio.com.

1. Combating Copyright Infringement HEAO P2P Assessing First Year Effectiveness Jerry Bishop TheHigherEdCIO HEOA P2P Assessment by Jerry Bishop is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

2. What’s required – the law Brief summary of the essential elements

3. Combating Copyright Infringement Authority: 34 CFR 668.14(b)(30) Effective July 1, 2010 Condition of any Title IV HEA program Institutions must Develop Institutional Plans Implement Technology Deterrents Offer Legal Alternatives

4. Institutional Plans “…Develop & implement written plans to combat unauthorized distribution of copyrighted materials by users of the institutions network without unduly interfering with the educational and research use of the network.” Components Use of one or more technology-based deterrents Educating community on appropriate use of copyrighted material Procedures for handling unauthorized distributions, including disciplinary procedures Procedures for reviewing effectiveness of the plan

5. Technology Deterrents Bandwidth shaping Traffic monitoring Accepting & responding to DMCA notices Commercial products to block illegal file sharing

6. Legal Alternatives Authority: 34 CFR 668.14(b)(30) Offer legal alternatives to illegal downloading or acquiring copyrighted materials Where to buy content commercially Where to find free to use content Periodic reviews of alternatives are required

7. Consumer Information Authority: 34 CFR 668.43(a)(10) Provide upon request institutional policies and sanctions related to unauthorized distribution of copyright materials Must include: Explicitly inform students of civil and criminal liabilities associated with violations Include summary of penalties for violations of Federal copyright laws Describe policies and disciplinary actions taken for violations Provide one-to-one annual notice to students

8. Assessing Plan effectiveness Tips for gauging your current risk exposure

9. Plan Effectiveness You do not have to be an investigator Operational Portion Review written plan and assessment portion Review related policies and procedures Review handling of a sample of suspected violations Technical Portion (really optional) Search for known file sharing applications Scan network drives for signs of collections Check web filtering or blocking tools

10. Query Results from SCCM Peer-2-Peer Programs on Staff Computers uTorrent 1 BitTorrent 1 BitviseTunnelier 1 FileZilla 9 Others likely exist but do not register Remember, having the application alone it not a violation – there are legitimate uses

11. Scan Storage Volumes Use disk tools to scan for common filetypes Check sampling of directories with unusually large volumes of content Users home directories and departmental folders Remind college of policy and prompt for clean-up Include volume and drive data to illustrate Watch for shifting content between locations Follow-up with Pre and Post clean-up results

12. S:Drive Access Dates by Size May 2011 April 2011

13. S:Drive Folders Sizes April 2011 May 2011

14. S:Drive by Filetypes April 2011 May 2011 140 GB .mpg and 93.4 GB .mp3 removed 111 GB .avi increased

15. Review Web Traffic for P2P Sites

16. Questions? Jerry Bishop blog.thehigheredcio.com