Forgot your password?
typodupeerror
Government Technology Your Rights Online

House Committee Passes "Informed P2P User Act" 235

Posted by ScuttleMonkey
from the is-this-really-the-most-pressing-issue dept.
An anonymous reader writes "This week the House Energy and Commerce Committee passed the 'Informed P2P User Act' and has sent it along to the full House for consideration. The bill, which appears to have heavy support on both sides of the political fence, simply states that P2P software must not install extra software or prevent users from removing it, in addition to being 'clear and conspicuous' about which files are being shared and getting user consent to share them. 'Rep. Henry Waxman (D-CA), the powerful committee chairman, opened the markup session by warning about "the danger of inadvertent sharing of sensitive information through the use, or misuse, of certain file sharing programs. Tax returns, medical files, and even classified government documents have been found on these networks. The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved."'"
This discussion has been archived. No new comments can be posted.

House Committee Passes "Informed P2P User Act"

Comments Filter:
  • Why P2P (Score:5, Insightful)

    by AnotherBlackHat (265897) on Friday October 02, 2009 @01:15PM (#29618707) Homepage

    Why is this limited to P2P software?

  • Unwanted software (Score:4, Insightful)

    by conureman (748753) on Friday October 02, 2009 @01:17PM (#29618747)

    I'd like to see criminal penalties for bundling undisclosed and unwanted software with any application. See if that gets past the lobbyists.

  • Stupid old men. (Score:4, Insightful)

    by Lord Kano (13027) on Friday October 02, 2009 @01:18PM (#29618759) Homepage Journal

    How do they expect to enforce this law on companies that produce software outside of the US?

    Apparently they still don't understand how this internet thing works.

    LK

  • Ummmm (Score:5, Insightful)

    by MikeRT (947531) on Friday October 02, 2009 @01:18PM (#29618761) Homepage

    even classified government documents have been found on these networks

    If they're finding classified documents on the public internet, that means that they have a bigger problem like government employees disregarding security guidelines by putting them on unclassified networks.

  • Re:Why P2P (Score:5, Insightful)

    by ZekoMal (1404259) on Friday October 02, 2009 @01:21PM (#29618795)
    Because then companies like Sony couldn't screw with us.
  • Waste of time (Score:3, Insightful)

    by Shagg (99693) on Friday October 02, 2009 @01:23PM (#29618833)

    The same users that are dumb/ignorant enough to share their tax and medical records are the same ones that won't bother to read any "clear and conspicuous" warnings. They'll either not understand it or hit "OK" without reading it. You can't write laws that eliminate stupidity.

  • Re:Why P2P (Score:5, Insightful)

    by kevinNCSU (1531307) on Friday October 02, 2009 @01:26PM (#29618893)

    Did someone forget to inform this senator that we (the US) no longer own the internets?

    Did someone forget to inform you that p2p software generally installs on a machine in a physical location and therefore is subject to the laws and regulations in that location? Just because your machine is able to talk to machines in a different country doesn't mean your machine is somehow above the laws of the country you live in.

  • Ulterior motive? (Score:5, Insightful)

    by Steve Cox (207680) on Friday October 02, 2009 @01:28PM (#29618915)

    It could be that this bill is being passed simply to remove a set of excuses people might use when caught using P2P for sharing copyrighted material - hence the name of the bill.

    If the software plainly states that it will be sharing a file with other people, then you cannot say 'I didn't know I was sharing it'. Likewise, you cannot say that it installed without your knowledge nor can you say it installed but you couldn't uninstall it.

    This is of course, only possible if the writers of P2P software actually give two hoots about the bill.....

    Steve.

  • Re:Why P2P (Score:5, Insightful)

    by ajs (35943) <ajs AT ajs DOT com> on Friday October 02, 2009 @01:28PM (#29618919) Homepage Journal

    Why is this limited to P2P software?

    Because almost every other type of unintentional sharing of files (if not all) are already covered by electronic privacy laws.

    However, in the case of applications which are designed to share files, there's a legal gray area, where the author can claim that they have no obligation to have disclosed which files were being shared, and that the user consented to sharing their files by installing file sharing software.

    This bill would close that loophole.

  • Re:Ummmm (Score:3, Insightful)

    by kevinNCSU (1531307) on Friday October 02, 2009 @01:29PM (#29618939)
    Yea, I get the feeling that's just a sensationalist flag the media likes to wave to make the story more interesting. I think the real reason here is kids installing p2p software without the parents knowledge and the sharing the my documents folder or the whole C: drive including all the parents tax returns and other personal information.
  • Liar, Liar. (Score:4, Insightful)

    by girlintraining (1395911) on Friday October 02, 2009 @01:30PM (#29618953)

    The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved.

    Sure it is. Now, how about taking a closer look;

    the term "peer-to-peer file sharing program" means[...]
    to designate files available for transmission to another computer
    to transmit files directly to another computer; and
    to request the transmission of files from another computer.

    Well, that's basically "using the internet". And using the definition of "protected computer", if you can add a tcp/ip stack to your toaster, it's a protected computer. So what will it be illegal to do using anything with a microprocessor and can communicate with the outside world? Also, "authorized user" -- I suspect a lot of EULAs are going to be updated so that every company that has a piece of networkable software installed on your system is now also an authorized user. Unintended consequences are a bitch, aren't they? Your system is now legally required to be insecure and full of backdoors. ...prevent the reasonable efforts of an owner or authorized user from blocking the installation [of a] program or function thereof

    So installing is now okay. 'Using' not available for comment. So we can still f*ck with it at the operating system level, or neuter it in memory -- messing with the code after installation or during runtime isn't covered. Oops.

    to fail to provide a reasonable and effective means to disable or remove from the protected computer...[excessive legalese deleted]

    Translation: Installers should come with uninstallers. We need a law for this? And without a definition of what "reasonable and effective" constitutes -- well, need I say more? Anyone try uninstalling Norton Antivirus lately? It's quicker just to nuke the drive from orbit, and it's the only way to be sure you got everything. Can I expect federal pound me in the ass prison time for all the Norton executives? No? Why -- oh, right... they're rich. But you there, little open source developer -- we know you're evil. I mean, you don't even have a brand identity!

    Yeah... this ends well.

  • Re:Waste of time (Score:1, Insightful)

    by Anonymous Coward on Friday October 02, 2009 @01:30PM (#29618955)

    Sure you can, force everyone to take some basic scam / computer literacy classes to get a computer permit that lets you use a computer. Then do retests every 5 years or so to make sure people are up to date with the latest information. of course this will never happen and won't solve 100% of the problems but if this law existed and was strictly enforced it would cut down on computer stupidity.

  • Re:Spill the beans (Score:4, Insightful)

    by ajs (35943) <ajs AT ajs DOT com> on Friday October 02, 2009 @01:30PM (#29618965) Homepage Journal

    Ok, so who funded this bill and why?

    Almost certainly groups like the RIAA and the MPAA.

    Their goal is in ratchet up the personal liability of the users who use these systems. By forcing applications to be much more explicit about what's being shared, they reduce the number of cases they lose against file sharers on the grounds that they didn't know what they were sharing.

  • Re:Spill the beans (Score:2, Insightful)

    by Smegly (1607157) on Friday October 02, 2009 @01:30PM (#29618967)

    One possible reason: Makes services like Freenet illegal. For example donating disk space and bandwidth [freenetproject.org] to encrypted files where the user-node does not actually know what they are helping to deliver sounds like it would violate being "'clear and conspicuous' about which files are being shared and getting user consent to share them".

    No "Common Carrier" [wikipedia.org] status for P2P nodes here...

  • Mod Parent Down (Score:3, Insightful)

    by geekoid (135745) <[dadinportland] [at] [yahoo.com]> on Friday October 02, 2009 @01:33PM (#29619003) Homepage Journal

    People should not be modded up for not reading the article.

  • Relevant Quote (Score:5, Insightful)

    by Kindgott (165758) <soulwound@god[ ]ead.com ['isd' in gap]> on Friday October 02, 2009 @01:39PM (#29619077) Journal

    "Anyone who says that the solution is to educate the users hasn't ever met an actual user."
    -- Bruce Schneier

  • Re:Why P2P (Score:2, Insightful)

    by commodore64_love (1445365) on Friday October 02, 2009 @01:39PM (#29619081) Journal

    And open a new one where the FBI (or RIAA investigators) can simply "ask" the program, "What files were shared?", get a convenient generated list, and find all the evidence they need to make your day in court miserable.

  • Re:Waste of time (Score:2, Insightful)

    by girlintraining (1395911) on Friday October 02, 2009 @01:43PM (#29619129)

    You can't write laws that eliminate stupidity.

    Doesn't stop them from trying.

  • Re:Why P2P (Score:4, Insightful)

    by girlintraining (1395911) on Friday October 02, 2009 @01:49PM (#29619187)

    And open a new one where the FBI (or RIAA investigators) can simply "ask" the program, "What files were shared?", get a convenient generated list, and find all the evidence they need to make your day in court miserable.

    And if my computer lies? Nobody said my computer has to be programmed to tell the truth.

  • Re:Mod parent up (Score:3, Insightful)

    by MBGMorden (803437) on Friday October 02, 2009 @01:56PM (#29619281)

    Notice that this didn't ONLY ban spyware. It had stipulations that state that when a P2P app is installed it clearly indicates what is being shared. This will just prevent Joe Sixpack from installed AwesomeShareItAll v3.1 where it just shares out your entire hard drive without indicating it.

    Personally, I just don't see too much evil in this bill.

  • Re:Spill the beans (Score:3, Insightful)

    by fuzzyfuzzyfungus (1223518) on Friday October 02, 2009 @02:00PM (#29619353) Journal
    Freenet could, barring a truly weird judicial interpretation, comply pretty easily.

    The only "shared folder" is the folder, of user allocated size, where freenet stores its encrypted chunks. Each of those chunks is one of the shared files. All freenet would have to do is say "When you install freenet, all files in folder X will be shared with other freenet nodes, as well as any files you explicitly upload". The fact that the user does not and cannot figure out what exactly the encrypted chunks are is neither here nor there.
  • by Dog-Cow (21281) on Friday October 02, 2009 @02:16PM (#29619547)

    You are an idiot.

    Upon installation, disclose to the user that additional programs are included and ensure there is a way to opt out of the installation of those other programs.

    In other words: the user.

  • Re:Why P2P (Score:3, Insightful)

    by Mister Whirly (964219) on Friday October 02, 2009 @02:32PM (#29619747) Homepage
    Dear everyone - this is Slashdot. Yes, some people will do and say things you don't like here. Get over it.
  • Re:Mod parent up (Score:3, Insightful)

    by Bill_the_Engineer (772575) on Friday October 02, 2009 @02:33PM (#29619769)

    Yeah but it will also stop us from using FreeNet and other censorship-resistant, anonymous sharing networks. Read more here:

    Please explain your position.

    How would informing the P2P user about what is being shared on that user's computer prevent the user from using FreeNet and other anonymous sharing networks?

  • Re:Why P2P (Score:5, Insightful)

    by gnieboer (1272482) on Friday October 02, 2009 @03:08PM (#29620103)

    True, all P2P apps have to know what files they are sharing. But here's where I see bill's raison d'etre...

    "being 'clear and conspicuous' about which files are being shared and getting user consent to share them"

    NOW, when the RIAA sues everyone:
    The software maker is free and clear ("We added the consent to share box as mandated by law")
    And the person sharing Rocky 17 CAN'T say "I had no idea that file was being shared", which has been a defense in the past.

    So (IMHO) when we talk about big lobbying groups, the RIAA would like it, and the software makers are willing to put up with the other provisions because now they are off the hook from the big P2P lawsuit.

  • Re:Mod parent up (Score:5, Insightful)

    by adolf (21054) <flodadolf@gmail.com> on Friday October 02, 2009 @03:47PM (#29620509) Journal

    Naah.

    Freenet stores its data in encrypted files and refers to them with hashes, right? I mean: It's just files on a filesystem, isn't it? So, all the software has to do to stay in compliance is state which of those files are being shared.

    It doesn't state that it must decrypt the files. Or that the content of them must be disclosed. It would just need to report to the user the same stuff that already gets reported to Freenet at large.

    Doing so is neither against this bill, nor against the spirit of Freenet, nor in any way any significant technical hurdle to overcome.

    (Unless I'm very mistaken, in which case I welcome any corrections.)

  • Re:Spill the beans (Score:3, Insightful)

    by SeaFox (739806) on Friday October 02, 2009 @04:39PM (#29621023)

    Isn't it sad that now whenever any piece of legislation is crafted we automatically assume someone "bought" it and has ulterior motives to it's existence than what the bill would have you believe.

The Universe is populated by stable things. -- Richard Dawkins

Working...