Fallout in the Music Sharing Wars

From Salon: Don’t look now, but the dean is watching

The idea that university administrators are reading private e-mail might seem distinctly Big Brotherian, but the practice is increasingly commonplace. When students access the Internet via university equipment, everything they do — from sending e-mail and visiting Web sites, to sharing pictures and using certain kinds of software — is being watched.

Historically, computer network administrators have monitored student activity online for purely legitimate, technical reasons. Increasingly, however, pressure from government and industry is forcing university administrators to become digital spies. Fears of terrorism, combined with concerns about copyright violations, are creating a climate of campus surveillance.

At the University of California at Berkeley, the everyday Web-surfing habits of students are regularly watched and recorded. Berkeley’s Systems and Network Security group uses a program called BRO — named after the infamous fascist icon from George Orwell’s “1984” — that keeps logs of every IP address students visit on the Internet from the campus network.

Cliff Frost, UC-Berkeley’s director of communication and network services, says that “this practice is under review right now,” because the campus community feels it interferes with academic freedom. He expects that the university will continue to keep logs but will discard them after a month or two. “I’d love to keep that data forever,” he adds, “if there weren’t the threats of subpoenas for vile purposes.”

[…] And if the experiences of MIT computer network director Jeff Schiller are any indication, USA-PATRIOT Act subpoenas are being used on a regular basis to gather information about student online activity. “Things have definitely changed around here since 9/11,” Schiller says. “Nobody has come around with a blanket subpoena looking for e-mails sent by Muslims [on campus]. But we’d never seen subpoenas for information related to national security before, and now we do.” He couldn’t reveal how many of these subpoenas he’s received, but he did confirm that there has been a marked escalation in the electronic investigation of people at MIT “on terrorist grounds.”

The only way to defend student privacy against USA-PATRIOT subpoenas, says University of Michigan public policy professor Virginia Rezmierski, is for university IT departments to stop saving their logs. You can’t subpoena information that doesn’t exist. Rezmierski is the lead author of a 2001 National Science Foundation study of network monitoring and logging practices on college campuses.

[…] Perhaps most disturbing to critics and privacy advocates is the fact that schools are responding to subpoenas from the music recording industry with as much alacrity — and as many privacy-invading techniques — as they are to subpoenas related to national security. In their efforts to ferret out pirates, administrators are violating their own campus privacy policies, treating students who use P2P software the same way they would treat potential terrorists.