CASE.EDU:    HOME | DIRECTORIES | SEARCH
case western reserve university

INFORMATION SECURITY

 
 

Case Peer to Peer Filesharing Advisories

October 2008
staysafeonline
What is Peer to Peer (P2P) File Sharing?

Generally speaking, peer-to-peer file sharing refers to a system or service

  1. that allows individuals within the system to share files with one another
  2. through which users store and distribute files independently—without reliance on a central server
  3. whose content is controlled by users of the system rather than through a central authority.
Advantages of P2P
P2P systems can use less bandwidth, enable faster file transfers, reduce redundancy, and enable peers to connect directly with one another without going through a central authority.  Numerous software vendors, especially small comercial or open source vendors, use BitTorrent to distribute software products.

NASA's Visible Earth site used to distribute all photographs and animations directly through their Web site.  Some of the images had extremely large file sizes. These took a long time to download, used significant bandwidth and sometimes put such a load on the server that users would be disconnected before their downloads were complete. To solve the problem, NASA took advantage of the popular P2P technology, BitTorrent, which distributes their larger files (typically more than 100MB) in small pieces via other users who have also made copies of the files available. This reduced the strain on NASA's image servers and made for a more reliable user experience.

Disadvantages of P2P
As P2P systems don't have central file repositories neither do they have central authorities to verify the quality and legality of files within their systems. This shifts the burden of responsibility to users who must personally ensure that they only share and download safe and legal materials. There are both legal and practical considerations to this.

Sharing and downloading copyrighted material, without permission of the owner is illegal. Most people know that; but when movies, songs, games and other files are discovered via P2P networks it can sometimes be difficult to tell whether they were shared legally or not. When in doubt users should do further research to find out if the copyright holder authorized the distribution. If no such authorization can be found, one should assume the material is protected by copyright and not legally available for file sharing.

Legal Considerations: Copyright Infringement

For example, fans may know that the popular band Nine Inch Nails (NIN) has released some music for free on the Internet.  If a user finds a NIN song available via P2P, that doesn't necessarily mean it was distributed legally. The only way to know for sure is to check with the band/artist. In this case, NIN provides links to their free content on their Web site and clearly publishes their licensing policy. Their most recent album, The Slip, is licensed under a creative commons attribution non-commercial share alike license in which NIN encourages "you to remix it, share it with your friends, post it on your blog, play it on your podcast, give it to strangers, etc."

If an organization such as Nine Inch Nails or NASA is making content freely available, they will make it clear through their Web sites or other communications channels. If no such statement is available, one should assume the material in question remains under copyright protection.

There is a really interesting podcast of Fred Von Lohmann discussing the RIAA litigation trail, from the Center for Internet and Society at Stanford University.  This will give you some real context on what can happen. 

The RIAA Litigation Process is illustrated in this site.  The College Version of the ex parte discovery procedure gives more pertinent details to university users.  The take home message from the litigation process is the only case to go to trial so far has resulted in the (Capitol v. Thomas) plaintiff being awarded $9250 for each of 24 infringed recordings, for a total verdict of $222,000.  Note that this decision was set aside by a District Judge and ordered for a new trial in September 2008.

Practical Considerations: Do You Really Know What You Are Downloading?

The use of P2P makes it easy for anyone to share content. Ideally the files are legitimate documents, but they may not be. Anyone who's been Rickrolled—when one starts to watch a video about topic X only to have it turn into a Rick Astley video—knows that what you see is not always what you get. But other bait and switch tactics can cause bigger problems. Some file sharing programs include spyware, viruses or worms while others may share information on your computer that you didn't intend to share. To be safe, users should download files, especially executable files such as software, from legitimate resources and maintain up-to-date virus protection on their computers.

Learn More about Peer to Peer Filesharing

RIAA v. The People: Four Years Later  A report from the Electronic Freedom Foundation (EFF)
Wikipedia: Peer-to-peer
EduCause Connect: P2P File Sharing
Peer to Peer (P2P) File Sharing - Risks You Need to Know!
FTC Report: Peer-to-Peer File-Sharing Technology: Consumer Protection and Competition Issues