Courts in the US are reportedly issuing about 75 subpoenas per day at the request of the music industry in its fight against anonymous users of peer-to-peer software. The question now is, When will grand juries begin handing down indictments? That's right, indictments, as in, Go to jail, go directly to jail, do not pass go, do not collect 200 MP3s.
In a recent telephone conversation, Representative Anthony D Weiner (Democrat - New York), a member of the House Judiciary Committee's Subcommittee on Courts, the Internet and Intellectual Property, commented that "the marketplace is ripe for criminal prosecution of digital file sharing because the problem is getting worse and having a more dramatic impact on the economy."
Until recently, companies in the US wanted their employees to avoid peer-to-peer activities at work to eliminate distractions, avoid network slowdowns, minimise security risks and slow the spread of viruses. Now they must also be concerned about facing civil penalties for contributing to copyright infringement. Imagine the public relations nightmare that a criminal prosecution of an employee would cause, especially if he used the company's computer to commit the crime.
Years ago, there was an interesting loophole in the Copyright Act -- people who intentionally distributed copyrighted material over the internet didn't face criminal sanctions if they didn't derive any profits from their actions. In 1997, however, the NET (No Electronic Theft) Act amended the law so that financial gain was redefined to include the mere expectation of receipt of anything of value, which specifically included other copyrighted material. Now it's a federal crime to share (not just sell) copyrighted files.
On July 16, the Author, Consumer, and Computer Owner Protection and Security (ACCOPS) Act of 2003 was introduced to further amend the Copyright Act. Under ACCOPS, a single file upload to a file-sharing site would meet the 10-copy, US$2,500 threshold of felonious copyright infringement. Penalties could include up to five years in jail and as much as $250,000 in fines. Weiner, a co-sponsor of the bill, warned that "there is going to be an increasing focus on using the tools of the law to stop this problem."
Corporations should be especially concerned, given the study released in mid-July by Ottawa-based AssetMetrix (download a PDF here), which showed that of 560 companies polled, three quarters had peer-to-peer software loaded onto their systems.
"P2P file sharing has been elevated from an IT-related issue to an executive issue. CEOs and CTOs are fearful of the legal liabilities and having their corporate names dragged down by use of these services by their employees," says AssetMetrix President Paul Bodnoff.
In order to avoid the spotlight, IT managers should do the following:
- Implement programs to detect and block P2P access (though they aren't foolproof).
- Perform random keyword searches of files that are stored throughout the network for illicit materials.
- Scan networks to determine how many computers use P2P programs, how many files have been transferred and how much space those files have consumed.
- Limit the amount of hard drive space or the number of CD-RW drives available to employees.
- Launch an aggressive educational program to alert employees to the company policy on file sharing.
By taking these proactive steps, companies may avoid association with the first criminal prosecution for file sharing. After all, the Department of Justice doesn't accept "get out of jail free" cards.
Kaplan is an attorney and a freelance writer in New York.