Acceptable Use Policy

Privacy Policy

Copyright Infringement

Copyright Infringement

September 2000

The following policy is for MichNet, the network run by Merit Network, Inc., that is used by all Townships gaining Internet access through the Michigan Townships Online effort.

Dealing with Internet Abuse and Copyright Infringement at Merit and on MichNet

As the Internet has grown, there also has been a steady growth in the number and variety of Internet "abuse" cases. Internet abuse encompasses all sorts of negative acts, from e-mail spamming to copyright infringement to network-based hacking to personal crimes including stalking and harassment.

As a result of these unfortunate side effects of growth, Merit receives an ever-increasing number of abuse reports from Internet users and network providers, both within MichNet and from the greater Internet.

The purpose of this policy is to promote effective mechanisms for Merit and organizations connected to MichNet to use in dealing with such incidents.

To receive reports about Internet abuse including copyright infringement claims, Merit supports an email alias named abuse@merit.edu.

This email address is widely published in the Internet community as the preferred way to report abuse incidents involving traffic carried on MichNet. Messages to this address are received by several MichNet managerial and system administration staff who work to resolve serious abuse issues. Merit prefers this mechanism for Internet abuse reports because it allows everyone involved to create and exchange a written record of incidents.

It is becoming a standard practice for all organizations on the Internet to support an abuse@my-domain-name alias on their email servers. We encourage all Merit members and affiliates to create such an abuse alias, and to subscribe the appropriate staff to receive email sent to the alias. RFC-2142 describes Internet mail addresses to be used when contacting personnel at an organization.

When setting up an abuse alias, keep in mind that there are significant advantages to having a group of staff, rather than a single individual, receive reports of abuse incidents. First, multiple coverage allows individuals to go on vacation or otherwise be away from e-mail without abuse reports being ignored. Second, in serious cases--especially those involving law enforcement agencies--it is always better to have several people aware of the incident and of the site's plan of action.

If you have a serious on-going Internet security incident that needs immediate attention, ask the official Merit liaison at your site to phone the MichNet Network Operations Center (NOC). The NOC is open 24x7, every day of the year, and follows protocols for contacting staff as needed to respond to emergencies, any time of the day or night. Official Merit site liaisons who do not have the NOC's phone number should obtain it from their Merit Internet Consultant.

Organizations that are not Merit Members or Affiliates, or individuals who are not associated with Merit Members or Affiliates can report serious on-going incidents by sending e-mail to abuse@merit.edu, by calling 734-764-9430 (weekday business hours), or by calling 734-615-1475 (non-business hours, leave message).

abuse@merit.edu is monitored 24 hours a day, 7 days a week by the NOC, but you will get a faster response to serious incidents if you make a phone call directly to the NOC.

Serious on-going incidents include: when the health or safety of an individual is at risk or threatened, network accessible data of a confidential nature will be disclosed, network accessible data that is difficult or impossible to replace will be lost or damaged, or on-going incidents that seriously disrupt network use by others. These types of incidents should prompt you to immediately call the MichNet NOC.

If you have a possible abuse situation that you need help investigating, or need help sorting out what is or isn't acceptable under the MichNet Acceptable Use Policy, you can send e-mail to abuse@merit.edu or contact your Merit Internet Consultant. Merit is willing to consult with Merit members and affiliates to help determine the appropriate response to abuse incidents.

There are a few technical steps that you can take to limit and help recover from Internet abuse incidents:

• Limit anonymous access to and from your systems.

• If you must allow anonymous access, limit what can be done from the anonymous session to local activities that are not likely to cause problems for others elsewhere on the Internet.

• Develop and publicize your own Acceptable Use Policy.

• Include information about acceptable Internet use in staff and student orientation and other classes that you offer.

• Help your staff and students understand the importance of selecting good passwords and give them examples of what are and are not good ways to pick passwords.

• Log information that will allow you to identify individual users or locations if you are called upon to investigate a complaint.

• Inform your users that while you don't routinely monitor network activity, you can trace most access using IP addresses or logged information about userIDs used to authorize sessions.

• Inform your dial-in users that Merit logs the Access IDs used to authorize dial-in sessions and will use this information to investigate complaints.

• Configure your e-mail servers to log the IP addresses and domain names of the systems that submit messages. This information should be included in the headers of the messages that your systems forwards.

• On UNIX systems, be a good Internet neighbor and run identd (ident daemon). Remote hosts can query this background process to see who is initiating a connection. Identd, used potentially by any TCP services (e.g. sendmail and ftp), gives the remote system more detailed information on individual userIDs than is available from ordinary logs. For details on the ident protocol, see RFC 1413. Identd is publicly available via anonymous FTP.

Merit's has appointed an agent for handling copyright infringement claims under the Online Copyright Infringement Liability Limitation Act (Title II of the Digital Millennium Copyright Act of 1998). To report a copyright infringement claim contact:

        Mike Mosher
        Direct Connections Product Manager
        4251 Plymouth Road, Suite 2000
        Ann Arbor, Michigan 48105
        Phone: 734-764-9430
        Fax: 734-647-3185
        E-mail: abuse@merit.edu

Michigan Townships Online is a joint effort between Merit Network, Inc. and The Michigan Townships Association. © 2003 Acceptable Use Policy, Privacy Policy, Copyright Infringement,
Home, Sitemap, www@mi-twp.org, help@mi-twp.org