Violations of copyright law are also violations of University policy. The federal regulations focusing on prohibiting the sharing of copyrighted information through electronic means are:

• HEOA, the Higher Education Opportunity Act enacted in 2008
• DMCA, the Digital Millennium Copyright Act enacted in 1998

Requirements and procedures are in support of governing Columbia University Policies and CUIMC Information Security Procedures.

Requirements

Anyone using University resources must not violate copyright legislation.

• Any originally created piece is automatically protected by copyright legislation from the moment it is created, even if it does not include a notification of copyright.  This includes email messages, postings on websites and any other electronic formats.
• You must have explicit permission from the copyright owner to copy, distribute, share or store any information.
• Anyone using copyright protected information for academic, research or other purposes should not assume exception under fair use.  While there are many instances where fair use applies for academic settings, this must be determined prior to sharing, copying or using copyrighted material, especially when posting to websites or otherwise using electronic means for disseminating information.
  • The Columbia University Copyright Advisory Office provides information and can be contacted for assistance.
  • The Campus Recordings and Copyright page includes more details on copyright and podcasts or other recordings on the CUIMC campus.
• If your computer is used to distribute copyrighted material, you are responsible and will be subject to disciplinary measures. You are responsible for activities conducted on your computer and must take precaution when allowing friends, family, or other employees access to your computer. 

Peer-to-peer file sharing is prohibited on computers and devices that access, transmit and/or store data classified as sensitive.  Peer-to-peer applications can only be used under the following circumstances:

1. There is valid business or academic need to use peer-to-peer, and there are no alternatives.
2. Connected systems do not contain any sensitive data.
3. IT support is contacted and verifies that applications are properly configured.
   1. Peer-to-peer applications cannot be set to automatically share files or allow files to be automatically discovered via network searches.
   2. The files that require sharing for business or academic need should be manually identified.
   3. No other files should be kept in the same directory that permits peer-to-peer access.

Procedures

The various technology offices on campus do not routinely monitor network traffic for content, but they do monitor for unusual activities that can indicate hacking activities or other misuse of resources. On top of this, companies such as Sony and Time-Warner routinely survey computers and information online looking for individuals who, by providing video, music, or software files for download, are in violation of copyright laws.

Issues that indicate violation of copyright law and University copyright related policies will result in some if not all of the following:

• The University will take immediate action when notified of infractions by third parties who monitor for copyright infringement of their own or their client's information.
• Anyone found to be violating copyright laws will immediately lose access to University data networks.
• The system user/owner’s cognizant supervisor and/or department chair will be notified of infractions by their employees. Students will be reported to their school’s dean.
• Departments of staff or faculty found to be in violation will be charged a mandatory $141 fine for each infringement that occurs.  This fine was introduced due to a direct, significant increase in staff and faculty violations of copyright laws.
• Using CUIMC IT technicians to verify that infringing files have been removed may incur additional fees for their time/work, as per normal support billing.

In order for access to be restored, the following must be completed:

1. Verify that the file(s) has been removed via independent means. Verification can be accomplished by visiting the Service Desk on in the Hammer Building LL-118.
2. The acknowledgement letter attached to all copyright violating notifications must be signed and returned.
3. Staff and faculty must provide an ARC chart string for the mandatory $141 fine.