Looking at some of the key aspects of the Code, it is the commercial ISPs with the largest share of the market who are the primary target. However, should Ofcom perceive consumer migration away from these ISPs as a result of prescribed measures taken to reduce copyright infringement, it intends to reduce the threshold, thereby making the Code applicable to ISPs with a small to medium number of subscribers. Should this happen, there is currently no attempt made in the Code to reflect the issues which public sector entities such as universities would encounter if they were forced to conform to the Code. As such it is best to take a ‘worst-case scenario’ approach to the Code and look at the greatest impact it may have on HE institutions (HEIs), taking into account the complexities of the HE sector.
- No definition of what an HEI is in relation to the Code
- Difficult to identify and track infringers
- External companies based on university campus – classed as subscribers or ISPs?
- Potentially heavy costs involved in tackling infringement, discovery and appeals
- HEIs assume quasi-judicial role
- HEIs more likely to be prosecuted than individuals
- Data held on infringers must be compliant with the Data Protection Act
- Defences for appeal are limited -“reasonable steps” are undefined
Practical Measures to take:
- Lobby Ofcom for clarification of definitions (ISP / Subscriber / Comms Provider)
- Keep abreast of legislative changes and new drafts
- Watch for developments in JANET’s Acceptable Use Policy
- Promote legitimate download and streaming services as alternative to file-sharing
- Review current network infrastructure and policies
- Implement robust notice and takedown procedures
- Set up a clear route for contacting the HEI about copyright infringement
- Review data logs in light of possible Subject Access Requests
- Review current monitoring and discovery practices
- Implement robust regulations for the use of IT systems
- Embed a culture of corporate compliance for all users
Guidance and Implementation
One of the biggest issues is defining a university in light of the Digital Economy Act and subsequently the Ofcom Code. Most universities offer connections to JANET for their staff and students and therefore consider themselves ‘communications providers ‘. Effective policies and procedures are already in place around this model and are enforced as part of student regulations and staff contracts. Any interference with the current system at this stage by a government body such as Ofcom would disrupt network operation and have severe consequences for administration and research progress, as well as increasing cost and impacting staff time.
That said, it would be unwise to sit back and do nothing. HEIs should at the very least review their current policies and procedures, tallying up the number of copyright infringement notices that they have received over the course of each academic year and measuring how effectively these have been dealt with. Annual trends of copyright infringement notifications and subsequent action taken to remedy them should be analysed and key areas identified for improvement if needs be. Data Protection Officers should be consulted about the potential compliance issues of data logs and a contingency plan drawn up to ensure accuracy of reporting. In addition, JISC have developed a series of further practical suggestions to ensure compliance with the Digital Economy Act.
So what else can HEIs do? As many HEIs as possible should respond to Ofcom’s consultation (closing 30th July), drawing attention to the issues outlined above. The HE sector must not assume that just because all the big players are involved (JISC, Consumer Focus, JANET) it should sit back and let them solely bear the burden of response. HEIs are in the business of education, so they more than anyone are best placed to impute good practice in terms of copyright compliance to their network users. Respond now and defend your position.