Higher Education Opportunity Act (HEOA)

Several sections of the HEOA deal with unauthorized file sharing on campus networks, imposing three general requirements on all U.S. colleges and universities:

• An annual disclosure to students describing copyright law and campus policies related to violating copyright law.
• A plan to "effectively combat the unauthorized distribution of copyrighted materials" by users of its network, including "the use of one or more technology-based deterrents".
• A plan to "offer alternatives to illegal downloading".

General Information

• December 6, 2010 letter from the Motion Picture Association of America (MPAA)
• June 4, 2010 "Dear Colleague" letter from the U.S. Department of Education
• EDUCAUSE Summary
• EDUCAUSE Live! Webcast with Greg Jackson and Jack Bernard (November 23, 2009)
• Memorandum from the Law Office of Zick Rubin (November 20, 2009)

Annual Disclosure

Each campus must distribute three pieces of information related to copyright policy and law:

i) A statement that explicitly informs its students that unauthorized distribution of copyrighted material, including unauthorized peer-to-peer file sharing, may subject the students to civil and criminal liabilities;

ii) A summary of the penalties for violation of Federal copyright laws; and

iii) A description of the institution’s policies with respect to unauthorized peer-to-peer file sharing, including disciplinary actions that are taken against students who engage in illegal downloading or unauthorized distribution of copyrighted materials using the institution’s information technology system.

In its "Dear Colleague" letter of June 4, 2010, the Department of Education provided the following sample text for (ii):

This sample text will also appear in the Federal Student Aid Handbook.

A plan to effectively combat unauthorized distribution using technology-based deterrents

The Department of Education regulations specify that the plan must be implemented and in writing. It must also be " periodically reviewed " using "relevant assessment criteria" as determined by each campus. Campuses have a great deal of latitude in crafting the plan and choosing the assessment criteria: "Each institution retains the authority to determine what its particular plans for compliance...will be."

There are four categories of "technology-based deterrents":

1. Bandwidth shaping
2. Traffic monitoring to identify the largest bandwidth users
3. A vigorous program of accepting and responding to Digital Millennium Copyright Act (DMCA) notices
4. A variety of commercial products designed to reduce or block illegal file sharing

These categories are equally valid in meeting the requirement to use one or more technology-based deterrents.

Periodic Review

The plan must include "procedures for periodically reviewing the effectiveness...using relevant assessment criteria." The Department of Education's August 21, 2009 posting included the following narrative:

Legal Alternatives

EDUCAUSE maintains a list of all known legitimate download services, which the community is welcome to link to.

Final HEOA Regulations Issued October 29, 2009

§ 668.14 Program participation agreement.

(b) By entering into a program participation agreement, an institution agrees that—

(30) The institution—

(i) Has developed and implemented written plans to effectively combat the unauthorized distribution of copyrighted material by users of the institution’s network, without unduly interfering with educational and research use of the network, that include—

(A) The use of one or more technology-based deterrents;

(B) Mechanisms for educating and informing its community about appropriate versus inappropriate use of copyrighted material, including that described in §668.43(a)(10);

(C) Procedures for handling unauthorized distribution of copyrighted material, including disciplinary procedures; and

(D) Procedures for periodically reviewing the effectiveness of the plans to combat the unauthorized distribution of copyrighted materials by users of the institution’s network using relevant assessment criteria. No particular technology measures are favored or required for inclusion in an institution’s plans, and each institution retains the authority to determine what its particular plans for compliance with paragraph (b)(30) of this section will be, including those that prohibit content monitoring; and

(ii) Will, in consultation with the chief technology officer or other designated officer of the institution—

(A) Periodically review the legal alternatives for downloading or otherwise acquiring copyrighted material;

(B) Make available the results of the review in paragraph (b)(30)(ii)(A) of this section to its students through a Web site or other means; and

(C) To the extent practicable, offer legal alternatives for downloading or otherwise acquiring copyrighted material, as determined by the institution

§ 668.43 Institutional information.

(a) Institutional information that the institution must make readily available upon request to enrolled and prospective students under this subpart includes, but is not limited to—

(10) Institutional policies and sanctions related to copyright infringement, including—

(i) A statement that explicitly informs its students that unauthorized distribution of copyrighted material, including unauthorized peer-to-peer file sharing, may subject the students to civil and criminal liabilities;

(ii) A summary of the penalties for violation of Federal copyright laws; and

(iii) A description of the institution’s policies with respect to unauthorized peer-to-peer file sharing, including disciplinary actions that are taken against students who engage in illegal downloading or unauthorized distribution of copyrighted materials using the institution’s information technology system

Updated May 2012