SPA's Higher Education Initiative
As more schools are wiring dorms, libraries, and classrooms to the Internet, campus crime has been elevated to a far more advanced and technologically sophisticated level. While technological improvements are often used to promote educational diversity and the sharing of information, they can also lead to serious civil and criminal wrongdoing, placing all sectors of the campus community at risk.
The Software Publishers Association (SPA) is the principal trade association of the PC software industry. Our 1,200 members look to us to protect against the unauthorized reproduction and distribution of their copyrighted material commonly known as software piracy.
The SPA has traditionally balanced its anti-piracy efforts between enforcement and education. As such, we have been proactive in providing users with the tools and information necessary to protect themselves against software piracy and associated liability. Recently, we have received numerous calls from university officials seeking our help to stem the tide of software piracy on campuses. As a result, the SPA has developed the Higher Education Initiative to educate and promote awareness of these issues within the halls of academia.
Software piracy on college campuses may be generally divided into two categories. The first occurs when the institution itself is violating copyright law. This results when installations of software programs are in excess of the terms stated in the licensing agreement or under law. For example, software that is licensed for use on a single machine is installed on many computers or on a network server allowing unlimited access. Oftentimes, as a result of poor or no software management, the school is unaware of the problem. In other instances, the school simply cannot afford to buy software and chooses to risk the infringements.
More common is the second type of piracy, often conducted by students. In this scenario, the piracy often takes place on the Internet, where students trade or simply give away software programs as if they were trading cards. If the students are using the school's network or computers to facilitate their illegal activity, the college itself may be held liable.
All members of the campus community can take steps to prevent such illegal activity and minimize misuse of computer resources. It is important to promote an understanding of the law and to ensure specific procedures and protocols are implemented to establish a foundation by which illegal activity may be prevented.
SOFTWARE POLICY AND AUDITS
The most important first step is the development and implementation of a software policy. SPA has draft policies that may be adapted to a specific environment. Within the policy, specific guidelines for legal software use should be established. First and foremost this should include a prohibition against using software in violation of applicable licensing agreements and copyright law. The policy should also describe procedures to legally acquire new or additional copies of software so that users are aware of the alternatives to pirating copies. All users of the campus computer system should be required to sign the policy as a condition of employment or matriculation. The policy may be either a hardcopy kept on file with computing services or an electronic version stored in e-mail. Another possibility is to require the user to 'click' acceptance of the policy upon the first login and periodically, as a reminder, thereafter. The acceptance is then registered in a database. If the user does not accept the terms of the policy, they do not receive access.
A key element of any policy is enforcement. A software policy is enforced through periodic audits. SPA recommends audits take place at least once a year, although advances in auditing and metering software do allow constant monitoring to ensure compliance. Such software may be installed on a network server and configured to permit limited use of applications in accordance with the terms of the license agreement the school has obtained.
In addition to compliance, audits reveal what new software may be needed, what applications are no longer used and may be removed, if additional licenses should be purchased, or if too many have been purchased, indicating future orders may be reduced. Audits also permit maintenance of hardware, ensuring that multiple copies of the same product are not installed on a single machine, wasting valuable memory.
In a recent case, the SPA audited an institution in Pennsylvania. As a technical institute, the school had acquired a considerable number of computers to facilitate the teaching of its students. However, as the school grew and additional hardware was obtained, software was simply copied from machine to machine. It was clear the school lacked a software policy and management procedures to ensure and promote compliance. Ultimately, the school was reported to the SPA and paid a fine of $100,000 for violations of SPA members' copyrights.
Internet piracy is growing at an exponential rate. The SPA's investigations have revealed a large portion of this activity is attributable to college students. Hiding behind the presumed veil of their campus network, students log on to unlawfully reproduce and distribute copyrighted material valued at millions of dollars. However, as the students are often using a university-owned network or computers, they are placing the university in a position of liability as well.
The SPA has resolved numerous cases of this form of piracy in cooperation with college officials. In the matter of Andrews University in Berrien Springs, Michigan, university network administrators noticed unusual activity on the campus network. Upon tracing the source activity, two students were identified and implicated in the piracy. Campus safety officers impounded the students' computers and university officials then contacted SPA for assistance. [Apparently this is something serious and large, if it was so noticeable. Please describe as much about this incident as you are able.]
SPA settled with the students along terms similar to those we have used in previous incidents. The students agreed to a permanent injunction and 50 hours of community service. Should these obligations not be fulfilled, the settlement calls for a payment to SPA of $100,000. In addition, SPA seized the students' computer equipment which was used to conduct the illegal activity.
[Need a segue here; this is a very abrupt change. Consider mentioning how/if such actions as you mention in this paragraph would have prevented the incident described above.]As described above, students and faculty should be asked to sign a policy stipulating to certain conditions before being granted access to the school's computer system. In regard to Internet piracy, the policy should clearly state that use of the campus network is not private and activity may be logged. In addition, suspicious account activity will be monitored and violators will lose privileges and be reported to SPA and/or the authorities.
SPA offers a simple Five-Point Solution to enable schools to use software legally:
SPA has a variety of resources available to promote the legal use of software. These include our Anti-Piracy hotline, (800) 388-7478, the Certified Software Manager (CSM) and Internet in the Workplace courses, SPAudit and KeyAudit auditing software, the "Software Management Guide," videos including the university targeted[I'm not sure what this means; are the videos tailored to each university, or do they feature one specific one, or is there some other meaning I'm missing?], A Shared Set of Values[What is/are this?], posters, and other awareness materials. More information on SPA's software piracy efforts can be found at our Web site.
The problem being addressed isn't clearly articulated, SPA's special interests aren't clearly "sold" to the readers, and the paper jumps to recommendations without a good transition. As expected, the article has some elements of a "scare job" for colleges and universities. It would be more helpful to approach this from the perspective of everyone being responsible citizens and recognizing intellectual property rights.