Security threats Toolkit

Firms facing file-sharing probes

Tags:
RIAA,
FBI

Dan Ilet ZDNet.co.uk

Published: 24 Mar 2005 18:10 GMT

Employers whose staff run peer-to-peer applications over their corporate networks could soon face investigation by legal authorities looking for illegal file sharers in UK companies, according to IT services and telecommunications firm Energis.

Security experts at Energis have noted an increase in the amount of network scanning over the Internet and say they have started to see the likes of the FBI looking for people copying movies and music online from work.

"The FBI was definitely one of them," said Malcolm Seagrave, head of security strategy for Energis. "We started looking at bandwidth saturation. It was people scanning trying to find out who is downloading all the stuff illegally. They’ve started investigating. I suspect that companies are going to get hit soon."

After seeing this, Energis started to carry out its own network scanning. It found one company had as much of 33 percent of its bandwidth consumed by file sharing.

As well as the FBI, the Recording Industry Association of America and an organisation called MediaDefender were also scanning networks, Segrave claimed. "When we spoke to the FBI they said they were trying to find out where the legal liability lay. It was all about the legality and breach of copyright," he said.

Employers are often unaware that their staff use file sharing programs, but they could soon given a nasty shock if organisations like the RIAA start to sue them for copyright issues. However, employees could also be in for a rough time.

"The potential vicarious employer liability does not get the employee off the hook," said Mark Smith, solicitor for Olswang. "What it means is you have the choice of suing the employer, who has lots of money, or the employee. Chances are you will choose the employer."

Smith also warned that peer-to-peer programs can spread spyware.

"[It's] a massive source of spyware and that passes on all sorts of risks," Smith said. "Peer-to-peer can be a lot of stuff, but I'm surprised that the FBI is involved."

Copyright infringement is typically a civil offence, although in some parts of the world it can result in criminal penalties. In May 2003, James E. Farnan, deputy assistant director of the FBI's cyber division, told a US congressional committee that the FBI was "working closely with private industry" on the intellectual property implications of peer-to-peer networks.

Last month the RIAA filed law suits against 11 people accused of illegal file sharing on university networks. They were said to have used the programs KaZaa, eDonkey and Grokster.

The FBI was unable to respond in time for the publication of this article.