[unisog] bogus (and real) DMCA notices
Rita Seplowitz Saltz
rita at Princeton.EDU
Fri Nov 10 20:43:46 GMT 2006
Dave Dittrich wrote:
> What happens when the report is false, because the data
> used to create it was falsified by a third party, or because the
> second party who "noticed" the infringement was inadequate?
> Isn't the result that you spend valuable time and energy tracking
> down a false lead, costing you time
> ...The less prepared a site is to
> the history of an IP address, DHCP leases, account logins, etc.,
> the more likely it is they will spend hours of valuable time
> trying to manually figure out who the "suspect" is (or not)
> and respond.
First, very few of the notices filed with Princeton over the last
few years have involved IP addresses active within our domain but not
in use by our customers. Most of the bogus filings involved
addresses within our range, but never used.
These are easy to determine, as are the particulars related to an
active IP address, because we require registration of hosts for
network service. A fixed IP address is assigned to registered hosts
for Ethernet connection; and for dynamic wireless and mobile
service, network staff maintain excellent records and make them
available in easily searchable form. There also are excellent logs
of VPN use so it is a simple matter to determine what account
initiated a session at a time cited in a complaint.
Admittedly, I have one extra step now (well, two, because I need to
download a day's log of wireless use before searching it) because
dynamically allocated wireless IP addresses appear more frequently in
take-down notices. For Ethernet addresses, it's a simple query to
the host database via a very usable interface Network Systems
designed; the result gives me among other things the responsible
party's account ID. For wireless, it's a simple text-edit search of
the daily file for the IP to locate the registered hostname
affiliated with the address at the time(s) cited in the take-down
So identifying the person(s) responsible for the allegedly infringing
machine is a fairly simple process, thanks to the work of my expert
network colleagues. Not much time involved at all.
The scheme they devised makes good sense in general, not just for
identifying DMCA-notice "suspects." The same data are indispensable
in identifying compromised systems, misconfigured devices that are
disrupting network performance, and in allowing our office's Help
Desk folks to contact the responsible person(s).
I am monumentally grateful that our network folks invested their time
in constructing a design, and tools, that allow ready identification
of machine and human.
For me, the truly labor-intensive aspect of DMCA notices often is the
aftermath, when a student poses questions. But that shows the
student is ready to learn, so investing time at that point seems very
Senior Policy Advisor
Office of Information Technology (OIT)
and DMCA Agent for Princeton University
rita at princeton.edu
More information about the unisog