[unisog] bogus (and real) DMCA notices

Rita Seplowitz Saltz rita at Princeton.EDU
Fri Nov 10 20:43:46 GMT 2006

Dave Dittrich wrote:

> What happens when the report is false, because the data
> used to create it was falsified by a third party, or because the
> second party who "noticed" the infringement was inadequate?
> Isn't the result that you spend valuable time and energy tracking
> down a false lead, costing you time


>                             ...The less prepared a site is to  
> determine
> the history of an IP address, DHCP leases, account logins, etc.,
> the more likely it is they will spend hours of valuable time
> trying to manually figure out who the "suspect" is (or not)
> and respond.

First,  very few of the notices filed with Princeton over the last  
few years have involved IP addresses active within our domain but not  
in use by our customers.  Most of the bogus filings involved  
addresses within our range, but never used.

These are easy to determine, as are the particulars related to an  
active IP address, because we require registration of hosts for  
network service.  A fixed IP address is assigned to registered hosts  
for Ethernet connection;  and for dynamic wireless and mobile  
service, network staff maintain excellent records and make them  
available in easily searchable form.  There also are excellent logs  
of VPN use so it is a simple matter to determine what account  
initiated a session at a time cited in a complaint.

Admittedly, I have one extra step now (well, two, because I need to  
download a day's log of wireless use before searching it) because  
dynamically allocated wireless IP addresses appear more frequently in  
take-down notices.  For Ethernet addresses, it's a simple query to  
the host database via a very usable interface Network Systems  
designed;  the result gives me among other things the responsible  
party's account ID.  For wireless, it's a simple text-edit search of  
the daily file for the IP to locate the registered hostname  
affiliated with the address at the time(s) cited in the take-down  

So identifying the person(s) responsible for the allegedly infringing  
machine is a fairly simple process, thanks to the work of my expert  
network colleagues.  Not much time involved at all.

The scheme they devised makes good sense in general, not just for  
identifying DMCA-notice "suspects."  The same data are indispensable  
in identifying compromised systems, misconfigured devices that are  
disrupting network performance, and in allowing our office's Help  
Desk folks to contact the responsible person(s).

I am monumentally grateful that our network folks invested their time  
in constructing a design, and tools, that allow ready identification  
of machine and human.

For me, the truly labor-intensive aspect of DMCA notices often is the  
aftermath, when a student poses questions.  But that shows the  
student is ready to learn, so investing time at that point seems very  

Rita Saltz
Senior Policy Advisor
Office of Information Technology (OIT)
Princeton University
and DMCA Agent for Princeton University
rita at princeton.edu

More information about the unisog mailing list