Carnegie Mellon University

Higher Education Opportunity Act of 2008

In 2008, the Higher Education Opportunity Act (“HEOA”) was signed into law as Public Law 110-315. In October 2009, the Department of Education published final regulations implementing HEOA. HEOA included several provisions designed to stem unauthorized distribution of copyrighted materials (e.g. music, movies, books, etc.). More specifically, these provisions require that Carnegie Mellon:

  • Provide an annual disclosure to students informing them of federal copyright laws and explaining institutional policies and sanctions related to violations of copyright law;

  • Develop and implement a written plan to effectively combat the unauthorized distribution of copyrighted material by users of the institution’s network; and 

  • Periodically review and, to the extent practical, offer legal alternatives for acquiring copyrighted material.

The following is Carnegie Mellon’s plan for complying with HEOA and for combating the unauthorized distribution of copyrighted materials on the campus network.

Policies and Sanctions

The Fair Use Policy of Carnegie Mellon University states that “…all members of the university community must comply with U.S. Copyright Law.” Carnegie Mellon’s Computing Policy further stipulates that “…unless permission has been granted by the owner of the copyright protected materials, distribution of copyright protected material via the university network or computer systems is prohibited.” Both of these policies are published by the Office of the President and are available on Carnegie Mellon’s policy website. Additionally, Carnegie Mellon’s has published Our DMCA Process in support of the Computing Policy. This document explains that Carnegie Mellon will investigate reported copyright infringement (commonly referred to as a cease and desist order) and, if appropriate, suspend a user’s network access. As part of the network registration process, a user confirms that he or she has read, understands and agrees to abide by the Computing Policy and supporting guidelines.

In addition to institutional policies, Carnegie Mellon has published Community Standards for students. Copyright infringement is considered a violation of these Community Standards and is subject to disciplinary action. The Student Affairs division has established extensive procedures for handling a violation of Community Standards. More information can be found in Carnegie Mellon’s student handbook which is contained in the Word.

Annual Disclosure

At the start of each semester, Carnegie Mellon’s Information Security Office sends a welcome back message to all students. At least once per year, this welcome back message is sent either in an email or an article published on Computing Services' website.  The message contains a reminder that the unauthorized distribution of copyrighted materials violates federal copyright laws as well as institutional policies. This message also contains links to where students can read more about institutional policies and sanctions.

Education and Awareness

As an institution of higher learning, an important part of Carnegie Mellon’s plan for combating unauthorized distribution of copyrighted materials is focused around educating students on federal copyright laws and raising awareness on the risks associated with file sharing technologies. This approach is consistent with HEOA, which calls for the implementation of “…mechanisms for educating and informing its community about appropriate versus inappropriate use of copyrighted material…” 

During a student’s first year at Carnegie Mellon, he/she is required to take a course entitled Computing @ Carnegie Mellon (“C@CM”). C@CM includes a section on safe and responsible computing. This section educates students on the various provisions of the Computing Policy as well as sanctions for a violation of the Computing Policy. Additionally, C@CM informs students on Carnegie Mellon’s approach to handling cease and desist orders, a notice of intent to subpoena, an actual subpoena and pre-litigation settlement letters. Potential fines for a violation of federal copyright laws are also discussed.

As a supplement to C@CM, Carnegie Mellon publishes documentation on the use of file sharing technology and associated legal risks. Supplemental awareness materials published by Computing Services can be found at:

Legal Alternatives

HEOA requires that Carnegie Mellon periodically review and, to the extent practical, offer legal alternatives for downloading or otherwise acquiring copyrighted materials. Carnegie Mellon partners with EDUCAUSE who maintains an extensive list of alternatives for downloading copyrighted materials. A link to this, and other resources, is included in Carnegie Mellon’s file sharing awareness materials.

In addition to providing a list of sites where movies and music can be downloaded legally, Carnegie Mellon promotes the responsible sharing of various other types of copyrighted materials. For example, the library makes numerous books and journals available to students and Computing Services makes a number of software applications available to students through its campus licensing program. Carnegie Mellon also promotes responsible sharing of copyrighted materials through its iTunes U portal. While Carnegie Mellon does not currently endorse or offer specific alternatives for downloading music or movies, it continues to monitor and evaluate service offerings by Choruss, Noank Media and other organizations who are partnering with Internet service providers to offer legal access to collections of copyrighted digital media.

Technology Based Deterrents

HEOA further requires the implementation of technology based deterrents to stem the unauthorized distribution of copyrighted materials. While not defined in final regulations, a report from Congress that accompanied the legislation defined 4 primary types of deterrents.

  1. Bandwidth shaping
  2. Traffic monitoring to identify the largest bandwidth users
  3. A vigorous program for accepting and responding to Digital Millennium Copyright Act notices
  4. A variety of commercial products designed to reduce or block illegal file sharing

Carnegie Mellon has implemented technical controls to monitor bandwidth consumption of user’s of the campus network. Technical controls also enforce a 10 GB/day bandwidth limit on each computer. If usage exceeds this limit a series of warning messages are sent to the registered user of the computer and if usage continues to exceed specified limits, the computer is suspended from the network. More information can be found at the following location:

Carnegie Mellon also has a program for accepting and responding to Digital Millennium Copyright Act (“DMCA”) notices. Upon receipt, each complaint is logged in an internal ticketing system and investigated by Computing Services for legitimacy and accuracy. If the complaint can be tied to a specific user, the user is notified. Depending on the nature of the claim, a user’s system may be suspended from the network for a period of time or until the infringing activity ceases. If necessary, Computing Services will remove any infringing material. A student whose computer is removed from the network as a result of a DMCA complaint can choose an initiate an appeal through Student Affairs. Additional information on the appeals process can be found in the student handbook. Additional information regarding the handling of DMCA notices by Computing Services can be found in our DMCA process.

In addition to the above controls, Carnegie Mellon continues to look for new approaches for stemming the unauthorized distribution of copyrighted materials. In 2008, Carnegie Mellon participated in a workshop on copyright infringement suppression technologies organized by the Common Solutions Group. This workshop focused on three major vendors in that market space: Audible Magic, Red Lambda and SafeMedia. The following is an excerpt from the report illustrating the findings of the workshop:

Current technologies can affect unauthorized sharing. However, their effectiveness is very limited, and they can suppress legitimate traffic along with infringing traffic. Fully deployed, they are also expensive. Although new approaches may yield effective, inexpensive, operationally benign infringement-suppression technologies in the future, implementing current technologies simply will increase tuition and research costs in higher education and degrade network performance while yielding only modest effects on unauthorized sharing.

Reviewing Effectiveness

Carnegie Mellon is required to periodically review the effectiveness of this plan for combating the unauthorized distribution of copyrighted materials. This plan will be reviewed on an annual basis by the Information Security Office for effectiveness and appropriateness. The Information Security Office will also monitor for any trends in the number of DMCA complaints being received by Carnegie Mellon and monitor how frequently awareness materials are being accessed on its website.

Revision History

Status:  Published 
Published:  06/28/2010 
Last Reviewed:  08/13/2018
Last Updated:  08/13/2018