The First Close Look at Colleges' Digital Pirates

September 07, 2007

Late in 2006, a group of officials from Illinois State University and a few other colleges sat at a broad, U-shaped conference table in a New York City office and stared into the eyes of the enemy.

Cheryl A. Elzy, dean of libraries, and Warren Arbogast, a college-technology consultant, sat with several college presidents on one side. Opposite were dozens of entertainment-industry executives, lawyers, and other intimidating people in business suits.

The mood, Mr. Arbogast recalls, was tense. "To say there was distrust is like saying the Atlantic Ocean is moist," he says.

"Everybody in the room was very civilized," says Ms. Elzy. "But there were some hot moments."

Some of that heat radiated from the entertainment industry, which argues that colleges are havens for music and movie pirates and has chided the institutions — often in front of Congress — for what it sees as a slow response to a billion-dollar crime wave. Temperatures rose on the collegiate side, too, among campus officials who have complained that they are being asked to do the industry's police work.

The meeting was actually an attempt to bridge the divide. Illinois State had been quietly building an unorthodox research program designed to give both the university and the entertainment industry a detailed snapshot of music and movie piracy on a typical college campus.

Ms. Elzy and Mr. Arbogast wanted financial support from the industry, and they got it. The Digital Citizen Project, as Illinois State calls it, has benefited from considerable entertainment-industry financing, including an influx ofseveral hundred thousand dollars that came shortly after the meeting. . Later, Illinois State secured promises that the information the university collects will not be used to prosecute students.

So the university opened up its campus network, collecting never-before-seen data on what files students were swapping and how they share them. It has started to survey students' opinions on copyright, hoping that a scholarly study will reveal how they can be persuaded not to download illegally. It is also working to create a sort of Consumer Reports for antipiracy tools, testing both legal downloading services and technology designed to block peer-to-peer file sharing.

The first results from the research are startling: They show that record companies and movie studios have reason to complain about campus piracy. In April, for example, Illinois State logged about 60,000 "original transfers" coming into or out of the campus network. Many of those transfers are undoubtedly illegal, says Susan Stroyan, director of the Digital Citizen Project. The study also shows that college computers are acting as hubs in wider file-sharing networks that spread far beyond campus boundaries.

But the project's other preliminary conclusion may steel college officials who argue that entertainment-industry groups — and lawmakers — should dial back their invective. According to Illinois State's tests, the technology tools that the industry is recommending to block illegal transactions may have only a limited effect. In April they captured just a small percentage of the university's pirated files.

That information comes at an important time. Just last week, the Electronic Frontier Foundation released a report arguing that the recording industry will have sued nearly 30,000 suspected music pirates — on campuses and off — when its legal campaign celebrates its fourth anniversary this fall.

What's more, Sen. Harry M. Reid, Democrat of Nevada and Senate majority leader, planned last month to add controversial language to the Higher Education Act reauthorization bill that would have forced some colleges to purchase antipiracy tools. College groups fended off the measure, but campus officials fear the proposal will pop up again this fall, when the House of Representatives considers the act.

Lawsuits and Complaints

When Ms. Elzy, the library dean, conceived of the Digital Citizen Project, nearly three years ago, she could scarcely have imagined that it would become so ambitious and time-consuming. She was simply trying to keep Illinois State out of the entertainment industry's cross hairs.

The university had, like many of its counterparts, grown accustomed to fielding copyright-infringement notices sent by record companies and movie studios. The notices identify purportedly pirated files on campus computers and ask colleges, in their roles as Internet-service providers, to ensure that the offending material is deleted.

Ms. Elzy, who responded to the notices on Illinois State's behalf, typically received 40 to 50 such copyright complaints a year — a manageable figure, if slightly worrisome. But by the fall of 2004, the floodgates had opened. At times the university was receiving 15 notices per day. Tracking those complaints back to the offending computers takes a surprising number of hours.

Early in 2005 the recording industry sent the university four "John Doe" subpoenas, demanding that Illinois State not just delete suspected material but also turn over the names of students who were song-swapping suspects. (They are "John Does" because the subpoenas identify people only by their numerical Internet addresses.) The university complied, and the students were served with lawsuits. Ms. Elzy — whose son is an undergraduate at Illinois State  — was spooked. "If my son had been sued," she says, "my first response would have been to ask why the university didn't protect him."

The librarian and the university began to look for a simple solution that would swiftly eliminate piracy. When it became clear that nothing like that existed, primarily because no one really understood the scope of the problem, Ms. Elzy decided that piracy was a topic in need of real research.

But her decision to have Illinois State conduct that research in consultation with the dreaded Recording Industry Association of America — the trade group sending out the copyright notices — did not sit well with some of Illinois State's technology officers. Some IT-staff members worried that the industry group would start trying to tinker with the campus network. Others were just reluctant to turn their network into a testing ground.

Ms. Elzy says she eased those concerns by getting support for the project from the university's president, C. Alvin Bowman Jr., and by promising that she would never ask technology officials to weaken the campus network. "We made clear that our allegiance was to the university, not the entertainment industry," she says.

Mr. Bowman says that although he was initially concerned about the project, after speaking with other college presidents — some of whom, he thought, were too nonchalant about piracy — he decided that it was "a risk worth taking."

As objections died down, the project expanded, says Mr. Arbogast. (Mr. Arbogast, president of the Boulder Management Group, in Washington, is a frequent contributor to The Chronicle.) Illinois State signed a deal with Audible Magic, a company that sells antipiracy technology, to use a tool called CopySense. At that point, other technology firms, many of which had been reluctant to offer their products for evaluation, started approaching the university.

And the entertainment industry has stepped up its financial support for the project. Motion Picture Laboratories, a nonprofit technology-research group started by the six major movie studios, has put about $600,000 into the Digital Citizen Project. "We invest money in various places," says Steve Weinstein, president of the Palo Alto, Calif.-based group, "and the project will help us determine if we're investing it where it makes sense."

Hard Evidence

A quick look at the project's early findings makes clear that Illinois State's student body includes plenty of prolific downloaders. Most students swap files through peer-to-peer services, which allow users to connect their computers directly to other machines. The transfers that passed through peer-to-peer services in April accounted for just over half of the bandwidth usage of ResNet, the network that provides Internet access to students. About 53 percent of the peer-to-peer traffic at Illinois State went through BitTorrent, far and away the most popular file-transfer service among all college students and Web surfers.

Even when students aren't downloading files, they act as cogs in a piracy machine, the university reports. Any time of day, uploads from the campus network exceed downloads, which means outside computer users are pillaging plenty of material from students' computers. What is happening, apparently, is that students leave themselves logged on to peer-to-peer services even while they head off to class, allowing off-campus users to grab music files from their machines. Around noontime, uploads sometimes outpace downloads by a factor of 10.

The project has also concluded that CopySense, AudibleMagic's increasingly popular antipiracy tool, is powerless to stop a sizable chunk of illegal downloads. CopySense roots out copyrighted songs and movies, as they are being swapped, by spotting "signatures" that record companies and film studios have embedded in the files. But only about 51 percent of music files, and just 2 percent of video files, come with these signatures, Ms. Elzy says.

Illinois State officials plan to stick with CopySense, if only because it's the best thing they have. They use it to require students caught file swapping to view an online tutorial on copyright.

The officials also intend to experiment with other antipiracy tools, including RedLambda's Integrity, but say they are not willing to use any software or hardware that shuts off peer-to-peer networking altogether. Blocking BitTorrent would prevent students from acquiring perfectly legal upgrades to Linux, the open-source operating system, says Michael R. Zehr, a technology officer on the project. It would also stop people from downloading legal updates to World of Warcraft, a popular online game.

Restrictions of that nature could certainly incense students. But even without impeding World of Warcraft play and Linux downloads, the university knows that, as its exploration of antipiracy measures becomes public, it runs the risk of alienating network users.

"I don't know when the blowback will come," Ms. Elzy says, "but we're expecting it."

At the moment, most Illinois State students are only dimly aware of the monitoring project. In order to collect unbiased data, project officials say, they had to avoid publicizing their plans and altering students' behavior.

The university has not kept students completely out of the loop. In 2005 it presented an overview of the plan to the student government. "Going into it, I wasn't really sure how students would respond," says David R. Horstein, president of Illinois State's Student Government Association. "But it's been well received."

"I don't think we're doing anything that is secretive," says David L. Greenfield, Illinois State's director of student technical-support serv-ices. "Our overriding concern is protecting our students."

The institution is also standing up for students, using the data from the Digital Citizen Project to argue that piracy is not a simple case of student malfeasance but a symptom of a broken copyright system. The message is starting to sink in, says Ms. Elzy: "The last time I talked with the rec-ord industry, 90 percent of the discussion was about educating students, not suing them."

Still, concerns remain as the project prepares to release another, even more detailed, snapshot of file-swapping behavior in the fall. If the data show yet more illegal behavior, Ms. Elzy worries that the industry — or Congress — will renew pressure on colleges to employ antipiracy tools that cause more problems than they solve. The Illinois State data clearly show that "technology alone is not the answer," says Ms. Elzy. "There's nothing wrong with technology, but if the federal government says colleges have to use it, that's where I start to have a problem."

Behind the Scenes: On-Campus and Off-Campus File Sharing

In April officials at Illinois State University took a monthlong "snapshot" of its residential network, capturing never-before-seen data on student piracy. During an average April day, Illinois State found that more people outside the university than inside are uploading files from the computers of students logged onto open file-sharing, or peer-to-peer, networks.


Downloads by computers on the campus network

Uploads from the campus network by outside computers

Midnight 232 1029
1 a.m. 232 987
2 a.m. 242 964
3 a.m. 233 902
4 a.m. 217 832
5 a.m. 202 756
6 a.m. 146 635
7 a.m. 99 586
8 a.m. 63 558
9 a.m. 42 541
10 a.m. 31 548
11 a.m. 27 582
Noon 30 654
1 p.m. 40 746
2 p.m. 59 799
3 p.m. 106 900
4 p.m. 14 1013
5 p.m. 172 1043
6 p.m. 179 1079
7 p.m. 196 1075
8 p.m. 199 991
9 p.m. 205 997
10 p.m. 207 1020
11 p.m. 210 980

Trouble With Antpiracy Tools

Illinois State used a program called CopySense to monitor illegal file sharing on its campus network. "Signatured" files are music and video files with digital copyright information. "Metadata" files have information such as song titles that could indicate file sharing. But most files are unknown, and researchers assume many are pirated songs and videos.

Signatured Files 2.9%
Files with metadata, but no signatures 28.4%
Unknown files 68.7% Section: Information Technology Volume 54, Issue 2, Page A1