Liability Concerns Prompt Corporate P2P Crackdown

Computerworld - The ongoing worldwide crackdown on illegal online music-sharing is highlighting the need for companies to detect and shut down unauthorized peer-to-peer activities on their networks.

Last week, the International Federation of the Phonographic Industry launched criminal cases against scores of individuals for illegally sharing copyrighted music on P2P networks in Canada, Germany, Italy and Denmark. The IFPI's action follows a similar campaign by the Recording Industry Association of America (RIAA), which on March 23 initiated a fresh round of legal actions against more than 500 computer users for illegal music-sharing.

So far, nearly all of the lawsuits have involved individuals on university networks or commercial Internet service provider (ISP) networks. But as early as October 2002, the RIAA informed CEOs at hundreds of large companies of the significant legal liability they face under federal copyright law if music, movies and other copyrighted works are pirated using their networks.

Liability Concerns

Some organizations seem to be taking that message seriously.

"We are concerned about the liability issues," said Steven Annese, IT manager at Sara Lee Coffee & Tea North America, a Harrison, N.Y.-based division of Sara Lee/DE of the Netherlands.

The company has installed software from San Diego-based Websense Inc. to help it detect and automatically shut down any P2P application that a user might attempt to launch on its corporate network. The software also allows Sara Lee to block employee access to P2P Web sites, including some of the newer ones that mask the origin of the IP address and encrypt the traffic.

Sara Lee made the move after discovering several employees running P2P software such as Kazaa and Morpheus on its networks, Annese said.

Terra Nova Trading LLC made a similar move after finding employees using P2P applications. The Chicago-based financial services firm began using software similar to that from Websense to sniff out and stop P2P applications from launching on all trader and back-end systems. Terra Nova installed the software to protect itself from liability for copyright infringements and because P2P applications waste a tremendous amount of bandwidth, said Kevin Ott, vice president of technology at Terra Nova.

As a financial trader, "we live and die by the amount of bandwidth we have," Ott said.

The University of Wisconsin in Madison, meanwhile, is using "network shaping" technology to prioritize network traffic, with P2P sharing being given a lower priority than other types of traffic, said Kim Milford, the university's information security manager.

"Sharing files via P2P technologies takes longer, [thereby] reducing the incentive to use it," she said.

Since the RIAA's crackdown began, First Internet Inc., an ISP in St. Clairsville, Ohio, has been sending notices to its customers warning them about the consequences of illegal file-sharing. Since then, the company has been monitoring its networks "for any large and consistent increases in P2P activity," said Mike Tindor, the company's vice president of network operations.