Notice to Students and the University Community Management of Copyright Infringement Complaints

Amended 6/10/09

In early 2007, the Recording Industry Association of America (RIAA) changed its strategy regarding copyright infringement complaints. This strategy may impact you. The University is also required by law to notify you of additional information about copyright infringement, so we feel it is important to share the details of the RIAA’s strategy and additional information.

Downloading and/or sharing of copyrighted content such as movies, music or software without permission, whether through peer-to-peer networks or any other method, without permission of the copyright holder or their designated agent, is both illegal and a violation of Northeastern University’s Appropriate Use Policy ( which applies to all members of the university community. Engaging in such activities may subject the violator to severe penalties, including but not limited to impoundment of computer equipment, substantial fines, and orders to cease activities. Engaging in the activities described above may also result in severe penalties at the University level.

While the University does not monitor content, the Recording Industry Association of America (RIAA) and other organizations actively do so via the Internet, and, on occasion, issue complaints to internet service providers, including the University, whose subscribers are alleged to be engaging in these activities. Generally, at the time of the complaint, the RIAA or other complainant is only aware of the network address of the computer from which copyrighted material was alleged to have been shared and not the identity of the individual community member. Additionally, the RIAA and other external organizations do not have access to Northeastern’s networks, systems, nor confidential information, including individual community member’s personal information stored on university systems.

When the University receives a formal complaint, the Office of Information Security investigates and takes appropriate action, including outreach to the community member and recommends how affected users may regain compliance with law and University policy. Any time before, during, or after this process, the complainant may seek to subpoena University records to establish the identity of the person tied to the computer address cited in the original complaint. If the University receives such a subpoena, the individual whose records are sought is notified and given an opportunity to object to the release of their information. The person may at their own expense seek legal representation in an effort to quash the subpoena. If this effort is not successful within the time frame demanded in the subpoena, the University must release the requested information to the complainant.

The new RIAA strategy includes a new document known as a “settlement letter”, which cites the computer address of the alleged offender, and requests the internet service provider to forward the letter to the user who is alleged to have infringed RIAA copyrights. The letter informs the user they have forty (40) days to contact an RIAA legal representative or face being sued in Federal Court. The letter also features a web link (URL), where the user may pay to “settle” the matter using a credit card. These letters, as currently defined, are neither legal documents nor formal complaints to the university and do not compel the university to take any specific action.

Members of the university community who chose to violate copyright protections and university policy are personally responsible for their actions. Accordingly, the University will not be a party to these actions nor to “settlement” discussions in these matters. Upon receiving a “settlement letter”, the university will not disclose the identity of the community member in question to the RIAA nor will the university retransmit the ‘settlement letter’ to the community member. To summarize, community members (students, faculty, and/or staff) engaging in illegal downloading or file sharing using Northeastern networks and/or systems are doing so at their direct, personal risk and are solely responsible for any and all potential consequences of their actions