billso.com

Legislation in a US House committee would require universities to control, monitor and report illegal file-sharing, according to a report in today’s New York Times:

“You have the federal government requiring a nonprofit educational institution to develop plans to help a for-profit industry to earn more revenue from their students,” said Matt Owens, assistant director of federal relations at the Association of American Universities. “It makes no sense. That’s not what we’re in the business of doing.”

File sharing has come under attack from several sources. According to Reuters, The Pirate Bay, one of the best-known sites for finding torrent seeds of video games, movies, audio and comic books, has thrown its support behind a project to replace BitTorrent with a more secure protocol that is difficult to trace.

BusinessWeek reported that AT&T will deploy a network monitoring system that can detect and interrupt illegal file transfers. The Associated Press investigated Comcast’s filtering technology last month, only to find that Comcast filters blocked several types of legal file downloads in certain areas of the US.

One common thread in these developments is copyright law. Each of these organizations has been involved in lawsuits by industry organizations like the MPAA, and by media publishers.

Meanwhile, a recent research report gave US universities an average or C grade on information security. One major point of concern was illegal downloading of files. Trade associations have targeted universities, based upon the widespread use of file-sharing software in campus residential networks.

Curiously, 93 percent of the campus IT professionals who responded to the survey claimed their network infrastructure was safe. The report indicated that network intrusions from outside the university, through sources like hacking and malware, accounted for the majority of IT security incidents. Campus IT professionals generally felt that their organization’s managers ignored or underplayed concerns about IT security.

One university learned its lessons about information security the hard way. Ohio University received more Digital Millennium Copyright Notices than any other university in the first half of 2007. Five OU students face court dates. But that’s not the worst part, according to Campus Technology:

In 2005, the medical records of 60,000 people who had been treated at a campus health center and personal information of 300,000 university donors, including thousands of Social Security numbers, were exposed to hackers who breached university servers.

OU has since hired an information security manager and staff, but the damage has already been done. There’s nothing like violating your donors’ privacy to get the administration’s attention.