Your teen seems to have a never-ending playlist of music on his iPod or MP3 player. You assume he is just trading songs with his friends. You don’t listen to that kind of music anyway, so you assume they are swapping CDs just like you and your friends used to swap albums. There’s no harm in that, right? Wrong.
The Record Industry Association of America (www.riaa.com) is the trade group that represents the recording industry. The RIAA has, in recent years, emerged as the “piracy police” for any recorded audio.
Know that while your college student is ignoring you because she has her earbuds firmly implanted, she could also be opening up you and herself to some pretty hefty fines. In fact, the legal limit to which someone can be penalized for music piracy is 5 years in jail and $250,000.
Is it realistic to think these kinds of fines will be instituted against your child? Not really, but the RIAA has become much more aggressive in recent years fighting the battle against music piracy.
The RIAA cites an Institute for Policy Innovation study that concluded global music piracy accounts for $12.5 billion of economic losses every year; 71,060 jobs lost; a loss of $2.7 billion in workers’ earnings, $291 million in personal income tax, and $131 million in corporate income and production taxes (source: www.ipi.org).
Peer-to-peer (or “P2P”) networks allow multiple users to share files readily. They have many uses that are legitimate and allow easy file exchange via the Internet, but they have gained tremendous popularity as a means of sharing music. Some common P2P applications are LimeWire, DC++, BearShare, Warez, Morpheus, BitTorrent, and iMesh.
It didn’t take long for the RIAA to realize that these P2P networks were more often being used to share music collections, particularly among college and university students. Because P2P networks have user data records that are retrievable and resolvable, it also didn’t take long for RIAA to target these networks as a major source for music piracy.
The RIAA openly acknowledges this targeting. Here’s a statement from its website (www.riaa.com/faq.php):
That said, the piracy habits of college students remain especially and disproportionately problematic—despite real progress by the music industry on other fronts. According to some recent surveys, more than half of the nation’s college students frequently download music and movies illegally from unlicensed P2P networks. That’s a statistic we just cannot ignore.
As a result, we have stepped up our efforts to address college piracy across the board by significantly expanding our deterrence and education programs, continuing our push for legal music offerings on campuses, and advocating technological measures that block or curb piracy on college networks.
In 2003, the RIAA began a crackdown against music piracy. To date, the RIAA has sued around 18,000 people. The figure includes 1,062 computer users at 130 universities. In 2007, the RIAA began a campaign specifically targeted at colleges and universities across the U.S. offering students caught in illegal downloading or trading the opportunity to avoid a potential lawsuit by settling out of court for a reduced fee. As of February of 2008, over 5,000 letters have been sent to students. These “prelitigation” offers gave the students the opportunity to pay up or face a lawsuit. Students who do not take the offer face lawsuits and minimum damages of $750 for each copyrighted recording they shared if they lose. That’s $750 per song! The RIAA has engaged in formal lawsuits against 2,465 students who either ignored the initial offer or never received it.
How does the RIAA know which students to target? They don’t. The following is from an October 24, 2007 article that appeared in the Portsmouth Herald newspaper interviewing an RIAA representative, Carol Duckworth:
“We have an active online investigative team,” said Duckworth. “They log on to illegal peer-to-peer networks and monitor for copyright infringement. When they capture evidence of distribution, they get the IP address, a representative sampling of files shared, and a time stamp of the activity.”
There’s that old IP address again. You’ll hear us say this over and over: An IP address is like a homing beacon that can eventually end up on your doorstep. In this case, once the IP address is established, the RIAA sends out Digital Millennium Copyright Act letters. These letters inform the university’s Internet service provider that an IP address on the network is illegally sharing copyrighted material. “From there we have no identifications, but the university network can send letters to the appropriate users,” Duckworth explained.
Do universities, among the most liberal backdrops of America on issues of protecting privacy, cooperate with these requests? You bet they do. Among the many schools targeted was the University of New Hampshire, which we’re most familiar with. A university spokeswoman, Kim Billings, was quoted in that same article as saying that the school passes the letters on to students. “They contact RIAA and get things worked out”. At student orientation, the campus population is advised that UNH has a policy recommending students don’t download illegal content. “We cooperate with anyone who issues the subpoenas,” said Billings. “We say, ‘We told you; here it comes.’”
That has been the case with most of the universities.
To understand the significance of the ruling, it is important to understand how P2P networks work. Let’s say you want to make certain files available to others over the Internet. There are many ways to share files, but one easy way is to install file-sharing software. Generally, these programs designate a particular folder as the public “shared” folder. P2P software is commonly used to share music, video, and software files. It also comes with some very inherent dangers, however.
The most common problem with P2P software is malware—malicious software that can easily be installed on your computer because, basically, you’ve left the front door open. P2P software manufacturers can make claims about protecting your computer all they want, but the reality is that P2P software is a huge source of nasty stuff that can wreak havoc on your system.
Another real danger is that by joining a P2P network, the potential exists that others could access, pilfer, or corrupt your private documents. These programs are not always intuitive, and some unskilled users have been known to share their entire hard drive, including their financial information, their family photos, their emails, and so on. The interface on some of these programs is very awkward to navigate and can lead to users sharing far more than they ever thought.
The SANS Institute, a nonprofit computer security organization, has identified file-sharing applications as one of the most crucial Internet security vulnerabilities.
Kids & Digital Content reports that 70% of kids ages 9 through 14 are downloading digital music. The NPD Group, a marketing research firm, has stated, “high levels of illegal peer-to-peer (P2P) file sharing” are attributed as the source of those downloads.
According to the Identity Theft Assistance Center, throughout 2008 “criminals will continue to exploit new technologies to commit identity theft”. At the top of their list of “major event” security breaches from 2007 is a case involving a peer-to-peer file-sharing network.
Think P2P problems only impact college students? Think again. In July of 2008, Supreme Court Justice Stephen Breyer’s birth date and social security number, as well as records for about 2,000 other clients of an investment firm, ended up on the Internet when an employee of that investment firm who had LimeWire installed on his computer used it to swap personal files at the company’s office—but company records were swapped as well. The breach went on for 6 months until a reader of The Washington Post discovered it and alerted the paper.