Information Security Office
Adopted August 28, 2008 in compliance with the Higher Education Opportunity Act of 2008
Revised July 23, 2009 per outcomes of the U.S. Department of Education’s Negotiated Rulemaking process (See pages 164-173 of Draft Regulatory Language Issue Papers)
Revised July 02, 2010 to reflect an update to Ed Strategy 3 and the addition of Ed Strategy 9
Goal: Deter the unauthorized distribution of copyrighted digital material, especially audio, video, and software file sharing that involves the use of the campus network for peer-to-peer (P2P) downloading or distribution of copyrighted digital material.
Develop and implement proactive outreach and educational programs that increase student, faculty, and staff knowledge and awareness of copyright protections and the penalties attendant to infringement of those copyrights.
Ed Strategy 1: Provide a “Notice to Students” every semester via email that outlines federal law, University policy, campus practices, and the potential internal and external sanctions applicable to copyright infringement, including unauthorized P2P file sharing via the campus network.
Ed Strategy 2: Forward the “Notice to Students” to members of the Texas State Family Association via that organization’s email mailing list.
Ed Strategy 3: Develop and distribute curricula materials on Copyright Infringement and P2P File Sharing for discretionary use by instructors in Freshman Seminar.
Ed Strategy 4: Prominently include copyright infringement and P2P file sharing presentations and/or materials in the Information Security Office’s annual observation of Cyber Security Awareness Month.
Ed Strategy 5: Post the “Notice to Students” and other educational materials on the Information Security Office's web site and keep the site content up-to-date.
Ed Strategy 6: To the extent practicable, include a discussion of copyright infringement and the risks of P2P file sharing as a component of every security/privacy related presentation provided by the Information Security Office, including New Student Orientation, Parents Orientation, New Employee Orientation, and semesterly training workshops offered to the campus community.
Ed Strategy 7: Seek out and utilize off-campus opportunities, such as those available from K-12 institutions and civic organizations, to speak on the risks associated with P2P file sharing.
Ed Strategy 8: In consultation with the Vice President for Information Technology, develop and publicize a comprehensive list of legal sources of copyrighted music and video materials, sources suitable for use as alternatives to illegal file sharing.
Ed Strategy 9: Include a reference in the Student Handbook to the "Notice to Students" and related copyright infringement deterrence information.
Policy Enforcement Objective:
Maintain and enforce campus copyright policies and procedures in accordance with federal copyright laws and regulations.
PE Strategy 1: Maintain and enforce a clause in the campus appropriate use policy prohibiting the unauthorized duplication, use, or distribution of copyrighted digital materials (including software, music, video, graphics, etc.).
PE Strategy 2: Document, publicize, and adhere to campus procedures for addressing notices and other communications pursuant to the Digital Millennium Copyright Act (DMCA)
PE Strategy 3: Maintain a historical record of policy violators for use in applying progressive discipline to repeat offenders.
PE Strategy 4: Keep all University copyright policies up-to-date with evolving federal regulations.
Employ technology-based deterrents to combat illegal P2P file sharing in ways that do not unreasonably impede the use of P2P technology for legitimate University purposes.
Tech Strategy 1: To the extent practicable, configure the University's intrusion prevention and firewall systems to block and/or otherwise disrupt transmissions employing the P2P networks and protocols that are used almost exclusively for illegal file sharing (e.g., Gnutella, Ares, eDonkey, etc.).
Strategy 2: To the extent practicable, implement secure solutions/exceptions that facilitate authorized use of P2P technologies.
Strategy 3: Utilize Network Access Control and Wireless Network Control systems to prevent offending computers from accessing the campus network until such time as any allegedly infringing materials are removed or otherwise made unavailable from those systems.
Strategy 4: Monitor the viability of bandwidth shaping as an effective future alternative mechanism for discouraging illegal P2P file sharing.
Plan Effectiveness Assessment:
The Information Security Office will assess the effectiveness of the above plan in meeting its goal in January of each calendar year. The plan will be considered effective if the total number of infringement notices and reports for the preceding calendar year is less than thirty-six (36), or an average of 3 per month.
Countable infringement notices and reports include those validated as accurate by the Information Security Office and resulting in University action to force removal of the infringing material and/or an end to its unauthorized distribution. Countable infringement notices and reports may come from any of the following sources:
- DMCA notices received from content owners or their representatives,
- open P2P shares discovered through proactive, internal network scans, and
- verifiable reports from other reputable sources.
[Back to Top]