Tufts has challenged the Recording Industry Association of America's (RIAA) investigation into two cases of illegal file sharing, saying that the industry lacks sufficient evidence to implicate specific students.
But the move does not amount to a sweeping rebuke of the RIAA's lawsuits against students, and the school is "actively investigating" improvements to its network in order to avoid confusion when identifying violators, according to Director of Public Relations Kim Thurler.
The RIAA, meanwhile, will not pursue legal action in the two cases to which Tufts objected.
The association filed a subpoena on July 9 against 11 Tufts students as part of its nationwide anti-piracy campaign, much of which targets illegal file sharing on college campuses nationwide. The RIAA says it linked the IP addresses of the 11 unidentified students, or "John Does," to illegally shared copyrighted material.
The plaintiff in the Tufts suit is the Zomba Label Group, a distributor of many large music labels, including Jive and LaFace Records. In Zomba v. Does 1-11, the RIAA filed a subpoena requesting that the university provide the identities of the users of 11 IP addresses on the school's network. Known as the "discovery" process, this step is standard procedure in RIAA lawsuits. Once a network user's identity is matched to the IP address, the alleged infringer's personal information can be turned over to the RIAA, which may bring a lawsuit against the newly identified user.
But in a July 28 letter to Judge Nancy Gertner of the Massachusetts District Court, Tufts' Vice President of University Relations Mary Jeka protested that in two of the 11 cases, the technical limitations of the Tufts network would require the school to release the identities of multiple candidates, most of whom would be unconnected to the infringements.
The university uses two systems to "attempt to match an Internet Protocol [IP] address to a Media Access Control [MAC] address," Director of Public Relations Kim Thurler told the Daily in an e-mail. A MAC address is a sort of serial number identifying a computer, and it is useful because IP addresses are reused by different computers. The MAC addresses, unlike the IPs, are specific to individual users.
One of the university's two systems, the Dynamic Host Configuration Protocol (DHCP), issues IP addresses to individual network cards and links IPs with MAC addresses. But Tufts only stores its DHCP cache for 10 days.
The second system, the Address Resolution Protocol (ARP), separately records the first and last known times when a given MAC address uses an IP address. But there may be gaps – sometimes during which the illegal file sharing occurred – when a MAC-IP pair does not match the latest ARP record. The ARP cache is kept for an extended period of time, but it "cannot tie a specific user to a specific MAC address at a specific time," Jeka wrote in her letter.
This imprecision raises legitimate questions about the culpability of the accused students, according to Jeka. In the case of the IP address of one of the John Does in this lawsuit, there are as many as 23 possible users who fit the description of having accessed the system at the time the alleged infringement took place. For another address, there are 17 possible suspects.
"We believe, in these two instances, that it would be unfair to identify all possible individuals meeting the plaintiffs' criteria, given the low likelihood of identifying the guilty party," Jeka said in the letter. She cited the need to protect the families of students, "spar[ing] them from any undue distress."
Zomba's legal counsel has since advised Tufts that Zomba will drop the request for the two IP addresses in question.
The university refused to release the names of all of the potential suspects, Thurler said, because the university "is concerned about protecting innocent parties."
But she warned that protecting innocent students does not amount to condoning illegal file sharing. "[Tufts] does not support students who break federal copyright laws and will not protect such students from the consequences of those actions," she said.
Of the nine remaining students subpoenaed by the RIAA, "several" have already elected to settle out of court and avoid lawsuits, Thurler said. Agreeing to a settlement with the RIAA typically means paying thousands of dollars in damages.
If any students do not elect to settle up front, they will have their names turned over to the RIAA on Sept. 8. The RIAA will likely pursue legal action against those students at that time.
Since February 2007, the RIAA has turned up the heat on U.S. college students, whose illegal sharing habits far outstrip those of typical Internet users.
"Unfortunately, college students are stealing music at an alarmingly high rate," Liz Kennedy, a spokesperson for the RIAA, told the Daily in an e-mail.
Kennedy said the RIAA has sent over 7,000 "pre-litigation settlement letters" to schools since the start of the crackdown. More than half of the students receiving such a notice have elected to settle.
The prevalence of legal alternatives leaves few excuses for students caught illegally sharing music, Kennedy said. "Every student in the country has access to affordable, legal music through innovative music industry-supported models like … Ruckus, Last.fm, and iMeem, to name a few.
"Why take the risk [of] getting in trouble [and] facing a lawsuit or paying fines with so many legal options?" she continued.
The RIAA has publicly stated that since 2004, when it first took legal action against sharers, music piracy has "stabilized," with the number of illegal sharers edging slightly upward from 7 million in 2003 to 7.8 million in 2008. During this time, the number of U.S. broadband connections has soared from 38 million to 80 million.
Kennedy added that "bringing lawsuits [against individuals] was never the music industry's first choice. … We are trying to do all we can — most importantly, to offer exciting legal options — to encourage fans to enjoy music legally."
Jonathan Evans, a Tufts sophomore, disagrees. Evans, who established the Tufts Direct Connect file-sharing system last year, shut down the service after a warning from UIT that outsiders could potentially discover and punish its users.
For Evans, who established Direct Connect in the hopes of using it to legally distribute un-copyrighted music, the RIAA's tactics may deter some music pirates, but they also have a "huge negative impact on legal Internet use" as well. The specter of piracy, more specifically anti-piracy litigation, has endangered "legitimate distribution channels" such as BitTorrent, as well as "forward-thinking online businesses like Pandora," the innovative but embattled Internet radio service, he said.
Evans also questioned the efficacy of legal action as a piracy deterrent. "The RIAA will not be able to stop file sharing by spreading fear of legal repercussions," he said.
Kennedy agrees that some piracy is inevitable. "We're realistic that we cannot catch every single person [stealing music]," but legal action is "a small piece of a large puzzle" encouraging fans to obtain music legally, she said.
