Last week, the Recording Industry Association of America notified RPI that subpoenas are being sought for illegal file-sharing, and that it would be needing information on students based on the IP addresses they had been tracking. This is neither the first time this has happened at RPI, nor the first time that RPI has failed to stand up for students in a similar situation.
While obligated to comply with the law, RPI and other universities should keep student interests in mind and band together to try to find alternatives to these suits. It is evident that these lawsuits are not stopping file-sharing, and obvious that lawsuits are not helping the students. There are a multitude of alternatives that can be pursued, some already in place. Many students have already received e-mails from the Department of Academic and Research Computing, informing them that they need to delete their illegal content or face further action. We understand that these incidents do not currently involve the RIAA, which is quite vehement in its attempts at stopping file-sharing, but instead of immediately complying with the organization, other options could be recommended to students. Yet another alternative, which was pursued by Pennsylvania State University, is to give every student an account to a legitimate file-sharing service such as the new Napster, to prevent students from turning to illegal ways to get their music.
We are also concerned that the Department of the Chief Information Officer may be complying with these orders in circumstances it is not required to. Some of the letters sent to the Institute last week were notices that subpoenas would be sent soon, and that RPI should not purge its related logs. RPI said that it would follow its legal obligations, which is conveniently vague. If the information being sought was somewhat old, as could be reasonably expected given the circumstances, and marked for purging, RPI should not go out of its way to accommodate these requests. The Institute should instead protect its students and follow its normal procedures.
This incident again reminds us that RPI does not have a campus-wide privacy policy yet other than the Policy on Electronic Citizenship, a major point of contention between the administration and the Faculty Senate last year, and as such has no well-defined procedures such as this in place. As more information is made readily available concerning each of our activities, it becomes more important that policies are in place regarding the handling of such information. We urge the administration to put such a policy in place, and quickly. It makes situations as this all that more clear on what the normal procedures truly are.
