Letters to the Editor

Network concerns led to CIT 'sweep'

This is in response to Jason Brownlee's Feb. 3 column, "CIT's Big Brother Cybersweep Compromises Students' Privacy."

I am the employee who said CIT would not seek out unauthorized MP3 files, and I sent the late November messages regarding Napster software. An important part of CIT's mission is to provide and maintain the Princeton network for use by all members of the University community, assuring equitable access and reasonable network performance. CIT also is charged with monitoring the network for long-range planning and to recognize and correct anything with a detrimental effect on performance. However, CIT's monitoring respects the privacy of those who use the network.

The campus network is designed to carry an immense amount of electronic traffic at a reasonable speed. Serious problems can occur when traffic patterns alter suddenly. As an analogy — if a convoy of semis enters a path designed for bicycle traffic, delays result, even on the wider road behind the convoy. Some network flow problems can make it difficult or even impossible to do any online work. CIT monitors constantly, using automated tools which alert CIT staff if something extraordinary occurs.

When an off-ramp that is rarely used suddenly attracts copious consistent traffic, that sends a signal. A sudden upsurge in traffic through the particular "portal" through which Napster takes MP3 files drew the attention of CIT's network systems staff. Concurrently, CIT learned Napster automatically sets itself up to serve MP3s when a person intends only to get MP3s. In the case of the "November sweep," CIT never looked at the content of a file to determine that it was an MP3. CIT does not try to see what is being transported; the traffic pattern simply was consistent with Napster export of MP3 files to the Internet.

This raised an ethical concern: were Napster users aware that the program creates a continually operating server? i.e. was there "informed consent?"

Locations of the computers on the network suggested almost exclusively undergraduate involvement. CIT contacted Student Life. The resulting e-mail message explained CIT was asked to "notify those whose Dormnet computers were . . . possibly using . . . Napster software."

Rather than being complacent as Brownlee suggests, many students spoke up, some repeatedly, seeking satisfactory answers regarding CIT's intent and actions. Many also sent thank-you notes, indicating that they were not aware of Napster's operating a server.

Unlike some universities, Princeton has a long tradition of allowing students to share information technology resources freely. It is not CIT's responsibility to examine files a student might store in a computer or centrally-allocated space, nor to ask whether the files are for classwork or personal amusement. CIT does need to monitor file passage to assure reasonable network performance for everyone. To that end, the constant monitoring of the Princeton network continues, and this is indeed "business as usual at Princeton." Rita Saltz Policy and Security Advisor, CIT