This sets out the University's policy on peer-to-peer resource sharing.
Sections in this document
- Executive summary
Potential problems with peer-to-peer software
3.1 Bandwidth utilisation
3.2 Copyright infringement
3.3 Security issues
- University regulations on use of peer-to-peer applications
5.1 Streaming media
5.3 Remote access services
5.4 Wireless networks
- Peer-to-peer software has many applications, from filesharing to telephony and videoconferencing
- Use of peer-to-peer software is not banned by University-wide policy
- However, usage may be restricted or banned by local (college or department) policy
- If in doubt as to what is permitted, consult your local IT staff
- Remember that the University network is provided primarily for academic purposes, although in most cases reasonable recreational usage is permitted
- Network capacity within the University is finite, and available bandwidth may be shared with a large number of other users
- Avoid excessive usage of the network to the detriment of others, regardless of the software in use
Traditional computer systems place resources on a centrally-managed server, which can then be accessed by client machines that connect to the central server (a "client-server" relationship). In contrast, peer-to-peer technology allows client computers on a network to share their own resources (filestore, processing power, peripherals etc.) with other network-connected machines with little or no involvement of any central server. Peer-to-peer software thus enables machines to act both as clients and servers. This powerful technology makes it possible for content to be distributed widely without the need for the central provision of large resources in terms of computing power, storage or in particular, network bandwidth. Unfortunately the technology is not without its problems, particularly for the network provider.
Some examples of current peer-to-peer resource-sharing software include:
Compiling and maintaining a complete list of such software would be virtually impossible.
Some definitions of 'peer-to-peer' may include more traditional systems such as the domain name service (DNS) or usenet news (NNTP). For our purposes we restrict ourselves only to those systems where end-user systems are serving data direct to other such end-user systems, or relaying data via other end-user systems. Crucially the bulk of the communications on the system are not with one or more central servers, unlike such cases as an institutional NNTP server or the core global DNS infrastructure.
The chief concern with peer-to-peer software, at least from the point of view of the network administrators, is in terms of bandwidth utilisation. The very nature of peer-to-peer networks means that for every unit of data downloaded by a given node, that unit of data may subsequently be sent from that node to many others. Well-connected nodes are particularly popular and the upload bandwidth available from a node on the University network is typically hundreds of times that of a node on a standard domestic broadband connection. Many applications are purposely designed to maximise usage of available bandwidth, even if this is to the detriment of other uses and users of the network.
Many peer-to-peer applications unfortunately give the user little or no degree of control over how their bandwidth may be used, other than disabling the application (and in some cases, even that much is nontrivial). It is natural for peer-to-peer networks to be concerned that some users may mostly be downloaders of content without contributing much to other users of the network. However, if for example one could instruct the application that for each item downloaded that it should serve out the equivalent of no more than three complete copies of said item, consuming no more than 5MB of bandwidth at any one time, then one might have a certain confidence that it would not completely overwhelm the local network infrastructure.
Bandwidth that seems insignificant for one user will soon add up when scaled up to the many thousands of users connected to Oxford University's networks, or the hundreds on a single college network. Many colleges have comparatively slow connections to the rest of the University network, particularly in view of the number of students, but cannot necessarily justify the expense of an upgrade to a faster connection. Some college annexes may be served over wireless links or commercial connections rather than the University's optical fibre network, which restricts bandwidth still further.
It is one thing attempting to justify a network upgrade on the basis of a genuine academic requirement, such as the petabytes of data expected from CERN when their latest collider comes online. It is another thing trying to do it purely to cope with the demands of high-bandwidth recreational usage. Taxpayers and research councils tend to like to see their money being spent more wisely! On most networks within the University, reasonable recreational usage of the network is expected and tolerated, but measures may be taken in the event of excessive utilisation so that resources can be fairly shared by all.
While there are many perfectly legitimate uses of peer-to-peer software, it is a particularly common method of illegal content distribution, particularly music, video and pirated software. These can of course be distributed by other means, but use of peer-to-peer software avoids the requirement for large amounts of storage or bandwidth on a central server, which can easily be blocked or shut down.
The University frequently receives notices of copyright violations and takes action to ensure that infringing content is quickly removed from the network to reduce the risk of legal action against the University or other damage to its reputation. Disciplinary action may be taken against those found to be in breach of college, departmental or University IT regulations. IT Services also impose an administrative charge for handling violation notices on colleges and departments in which users are responsible for copyright violation. Most colleges and departments pass on this charge to the user concerned, often with an additional charge or fine.
3.3. Security issues
It is wise to be cautious before installing any software, and peer-to-peer applications are no exception. Insecure applications may open up a machine to the danger of external attack from malicious third parties. Additionally, software from some sources may come bundled with malicious 'spyware' which invades the user's privacy, or worse. There are known cases of peer-to-peer applications incorporating spyware.
Saying that, many peer-to-peer-based applications, provided that they are obtained from a trustworthy source, will not be intentionally malicious. However, as with all software, security flaws may be discovered from time to time and so it is important to ensure that it is kept up to date with respect to vendor patches.
Until June 2010, the use of peer-to-peer software on the University network was absolutely forbidden without specific authorisation. The rules have now been relaxed however, as a result of increasing usage of peer-to-peer for purposes that may be regarded as more 'legitimate' (for instance Skype and Spotify), and the fact that it is increasingly difficult for users to determine whether or not a particular application uses peer-to-peer technology.
Since 18 June 2010, the use of peer-to-peer technology on the University network is covered by section 13(5) of the University IT regulations. This states:
"Use of file-sharing technology and participation in distributed file-sharing networks may be subject to additional regulation and restriction in order to prevent excessive use of university network resources, or the use of those resources for purposes unconnected with the University. If a user has any reason to suppose that an application employs peer-to-peer or other file-sharing technology, they should seek the advice of the IT officer responsible for the college or departmental network on which they propose to use the software."
Which, if any, peer-topeer applications are permitted therefore comes down to local policy. Some colleges and departments may operate a relatively lax policy, others may be extremely restrictive. Different policies may apply to wired and wireless networks owing to the differing bandwidth available. Local policy may forbid certain software or network usage irrespective of whether it uses peer-to-peer technology; this document cannot describe policies within individual units. It is each user's responsibility to ensure that they comply with any local regulations as well as University-wide rules; in the event of any queries they should ask their local IT staff.
University policy has relaxed significantly with respect to peer-to-peer software. The use of peer-to-peer technology these days has moved on from the early days, in which it was mostly used for the transfer of large files, often against the copyright holder's wishes. Many products these days may incorporate some element of peer-to-peer communications (for instance, for delivery of software updates, or instant messaging), and such usage may not be a major part of their function. Disciplinary authorities are encouraged to bear in mind that in some cases a user could not reasonably have been expected to know that a particular application might make use of peer-to-peer technology.
5.1. Streaming media
Audio and video streams rely on a traditional client-server model, and can only be played on systems directly connected to the Internet on a sufficiently fast connection (generally domestic broadband or better). Many sites provide content in such forms, including traditional broadcasters such as the BBC, or internet companies such as YouTube. These streams are generally played through tools such as Realplayer, Adobe Flash or Microsoft Silverlight (often in the form of web browser plugins).
Such streamed content is not using peer-to-peer technology; nevertheless some colleges or departments may have local policies which restrict usage of such systems. Please check with your IT officer if you are unsure. Please bear in mind that video streams do consume significant bandwidth, and if enough users are simultaneously watching streaming video then this may be detrimental to the overall performance of the network. In particular, a high-bandwidth video stream can easily overwhelm a wireless network.
Please note that watching television programmes online as they are being broadcast requires a television licence: see TV Licensing for further information. Watching recordings of programmes after they have been broadcast, whether as streaming media or downloads, does not require a television licence.
Playing of music, irrespective of the source, may be subject to licensing by the Mechanical-Copyright Protection Society/Performing Rights Society alliance. This serves to collect royalties on behalf of their members for playback of music under their copyright, whether for public performance or playback in locations such as offices, lecture theatres, etc. It is your responsibility to ensure that you are suitably licensed.
Please be aware that the IT regulations apply to all usage of the University network. Remote access services such as VPN and allow users outside University or college buildings to send all their network traffic via the University network. Any peer-to-peer applications left running will therefore be running over the University network and subject to University IT regulations.
5.4. Wireless networks
Wireless network provision is not considered to be a replacement for wired networking, and within the University installation of wireless networking has typically been concentrated on communal areas such as meeting rooms, common rooms and lecture theatres. Available wireless bandwidth is severely limited relative to wired networks and may be shared between a large number of users. Transfer of large volumes of data should be performed over wired network infrastructure where possible.
On centrally-provided University wireless networks, data rates are restricted in order to provide a fair service to all users; typical access speeds will be comparable to domestic broadband. Note that peer-to-peer networking is not specifically forbidden but will be severely rate-limited.