Forgot your password?
typodupeerror
Censorship Government United States Your Rights Online

US Lawmakers Set Sights On P2P Programs 180

Posted by kdawson
from the noes-of-the-camel dept.
After the FTC sent letters to 100 organizations warning them that their data is being leaked on P2P networks — and now has requested detailed operational data from at least a subset of those organizations — it was pretty likely that anti-P2P legislation would get proposed. Two senators have introduced the P2P Cyber Protection and Informed User Act, which "...would prohibit peer-to-peer file-sharing programs from being installed without the informed consent of the authorized computer user. The legislation would also prohibit P2P software that would prevent the authorized user from blocking the installation of a P2P file-sharing program and/or disabling or removing any P2P file-sharing program. Software developers would be required to clearly inform users when their files are made available to other peer-to-peer users under legislation introduced Feb. 24 by Sens. Amy Klobuchar, D-Minn., and John Thune, R-S.D."
This discussion has been archived. No new comments can be posted.

US Lawmakers Set Sights On P2P Programs

Comments Filter:
  • by BadAnalogyGuy (945258) <BadAnalogyGuy@gmail.com> on Friday February 26, 2010 @11:56AM (#31286746)

    Most well-known P2P software is deliberately installed. And users are told where their shared files will be.

    So how would P2P software be installed without consent? Perhaps spambots and other nefarious malware?

    That makes this less "P2P-related" and more anti-spam. And that's a good thing, I think.

  • by ig88b (1401217) on Friday February 26, 2010 @11:56AM (#31286762)
    I had to read it a couple times too. They're basically trying to prevent "hidden" p2p software.
  • by Kuroji (990107) <kuroji@gmail.com> on Friday February 26, 2010 @11:56AM (#31286774)

    Because it's worked so well in the past, when some idiot is breaking the rules to install some sort of software that they're already not allowed to install...

    What's next, are we going to legislate against games being installed on workplace computers?

  • by Bagels (676159) on Friday February 26, 2010 @11:57AM (#31286796)
    Basically, it sounds like there's two things here. Blocking P2P software that interferes with other P2P software in a malware-esque fashion, and enforcing clear notifications that shared files are, well, shared. Seems dumb, but a lot of folks out there don't realize that if they share "My Documents," everything from their tax records to their secret porn stash is going to be on the web for all and sundry to download. This hits home particularly hard for gov't employees, considering some of the sensitive stuff that's leaked through LimeWire and the like over the years.
  • by BhaKi (1316335) on Friday February 26, 2010 @11:59AM (#31286820)
    Simple, mate. It just means you'll no longer be able to say "OMG! I had no idea that my computer was sharing that movie" in court.
  • by Dr_Barnowl (709838) on Friday February 26, 2010 @12:02PM (#31286886)

    As far as I'm concerned they should extend it further. It seems like a
    good set of principles, why limit it to programs that communicate across
    a network?

    It should be prohibited to install ANY program on a computer without the
    informed consent of the user. And programs that remove other programs,
    or block the operation of other programs, without the user being informed,
    should also be illegal.

    Of course, this would cover some of the DRM techniques that block
    disk image emulation, and probably a few other DRM techniques.

    And yes, any program that serves your files up to the internet shouldn't
    do it without your consent. Until recently, that would have included
    Windows file sharing....

  • by Kuroji (990107) <kuroji@gmail.com> on Friday February 26, 2010 @12:03PM (#31286908)

    I would wager money that the majority of those organizations have rules against installing unauthorized programs on their computers, specifically P2P software in many cases.

    Those rules.

  • by tepples (727027) <tepples AT gmail DOT com> on Friday February 26, 2010 @12:08PM (#31287000) Homepage Journal

    It should be prohibited to install ANY program on a computer without the informed consent of the user.

    But how many times should the user be required to give consent for a software distribution that comprises dozens or thousands of packages? Operating system distributions like Ubuntu and Fedora come to mind.

  • by poetmatt (793785) on Friday February 26, 2010 @12:17PM (#31287164) Journal

    That's how I read this too. However, the devil is in the details, which we don't have.

    Given that a: usually a bill is introduced with opposite meaning to the statement of the bill if it's done by a bad politician and that b: it could be about the above but introduce some other issues, I'll hold my breath. I also can't find this act anywhere, other than it being mentioned as "to be introduced".

    This is a type of bill that could easily be subverted by bad interests depending on who influences it.

  • How is this bad? (Score:3, Insightful)

    by Khisanth Magus (1090101) on Friday February 26, 2010 @12:27PM (#31287322)
    I dislike the government as much as anyone, particularly their views on "piracy"...but I don't really see what is wrong with this law. It prohibits P2P software from being installed without your consent, and forces that P2P software to tell you what it is sharing with other people. How are these bad?
  • by icebike (68054) on Friday February 26, 2010 @12:28PM (#31287348)

    I had to read it a couple times too. They're basically trying to prevent "hidden" p2p software.

    Exactly, or drive by installed P2P software that shares your entire disk just because you wanted a torrent of the latest OpenSUSE distro.

    While this in itself would be commendable, these things end up being a gloss of what really gets implemented in regulation. What starts out looking like protection for the consumer is really a ploy to remove plausible deniablity as a defense.

    Further, such a bill would do nothing when Little Billy, who is an authorized user of Mom's machine, gives away the family tax returns while trying to get the next level of Wonder Rabbit to download by clicking thru that popup warning.

    There are already laws prohibiting unauthorized used of a computer, and the government already knows exactly who the bot masters and spam masters are, yet they walk around untouched while the "real criminals" are sued into poverty for sharing a song. Do we really need more unenforceable laws prohibiting what is already prohibited?

  • by NeutronCowboy (896098) on Friday February 26, 2010 @12:36PM (#31287480)

    I don't know. I'm hugely suspicious of this, for two reasons: Congress has a nasty habit of not understanding the technological ramifications of their legislation. And when they do make legislation where they understand the ramifications, it's generally for the purpose of making sure that corporations don't have their business models cut out from underneath them.

    While on the face of it, the bill seems alright (don't hide what your program does), I don't understand why it's specifically targeting P2P programs. Wouldn't it make sense to have the bill simply say "software should never be installed without the users consent" and "software should not be misleading in their activities"? What bothers me is the insistence from the two politicians that P2P programs somehow present an inherent privacy and security risk. I'm putting on my tinfoil hat here for a second, but I'm guessing that this has to be read in the larger context that P2P software is bad in general, and should be tightly regulated.

    I don't like where this is going. As the bill reads, it won't solve any problem that currently exists, and assumes something dangerous: that a specific type of software is somehow worse than others. I'm expecting that these two politicians will soon propose bills that restrict peer-to-peer connectivity in general (goodbye net neutrality) and legislate what software can and cannot do (goodbye software startups written by a single person).

  • Re:the guv'mint (Score:3, Insightful)

    by hitmark (640295) on Friday February 26, 2010 @12:39PM (#31287526) Journal

    good luck getting doctors, engineers, or something similar to drop their well payed jobs and go into politics.

  • by Anonymous Coward on Friday February 26, 2010 @12:47PM (#31287682)

    But why have a law restricted to p2p software? Wouldn't it make more sense to prohibit this sort of hidden installation of any software?

  • Seems to me like this just does two things:

    • Software requires explicit user consent to install.
    • Software requires explicit user consent to share files.

    The first seems like common sense for all software, not just P2P (if it already existed, this provision would be redundant). If the law also clearly defined the difference between an "update" and "new software," it might prevent Microsoft from pushing out WGA as an automatic update. It could also provide legal provision against a specific hacker activity, installing malware, rather than the blanket DMCA provision against unauthorized computer access (which could be playful and/or harmless, whereas silently installing software almost never is).

    As for the second one, I once installed Shareaza, and found eventually that it had downloaded a lot of high profile pirated software, presumably to share on the network and increase download speeds for other users. The program itself showed no indication of where these files came from, or how to remove them or stop sharing them. In the process, it implicated my as a copyright infringer without my intent, or even any benefit from the usage of the pirated software. Obviously there are more problems with technically illiterate people, but even a technical person could be bamboozled by the right program into sharing sensitive documents or participating in illegal activities. Again, these are actions most used by nefarious hackers.

    So, it's a law that should, in effect, provide real, useful provisions against hackers. It is not banning P2P as a technology, nor is it even targeting the sharing of copyrighted materials AFAIK.

  • by Anonymous Coward on Friday February 26, 2010 @12:55PM (#31287852)

    First, has anyone actually read the language in the proposal? Do you think that the actual legislation is going to fit so nicely into the way its being described or do you realize that other law makers are going to add their own language and objectives when the law is passed? In the language of government what constitutes a P2P file sharing application?

    If I'm a researcher, student or small, open source or independent developer that creates a new P2P "file sharing" protocol or prototype does that mean unless I specifically include notification or a feature the government feels complies with their regulations, that I become a criminal?

    I guess my main concern is that the more we go forward with these "protection laws" the more, we as developers are becoming limited and I worry going forward am I going to need a background in law to write code?

    The RIAA is clapping for a reason friends.

  • by HydroPhonic (524513) <theycallmeboss@gm[ ].com ['ail' in gap]> on Friday February 26, 2010 @01:11PM (#31288136) Homepage
    is what this law tries to ensure. No more users complaining ignorance of what their programs are "making available"... Definitely a boon for *AA organizations....
  • by wjousts (1529427) on Friday February 26, 2010 @02:26PM (#31289370)

    How are these bad?

    Because the government has no business getting between me and my computer

    How are they getting between you and your computer? You can still install P2P programs, just those programs will have to tell you that they are P2P (not a problem for a program that only does P2P, but some other programs use P2P for updates that users might not understand) and tell you what they are sharing.

  • by mcgrew (92797) * on Friday February 26, 2010 @03:32PM (#31290174) Homepage Journal

    Since the user is installing the software, isn't that consent?

    The user of the computer is not necessarily the OWNER of the computer. The computer on my desk at work belongs to my employer, and he has every right to forbid me from installing P2P, or any other software he doesn't want on it.

    And should my next door neighbor be able to visit me at my house and say "can I use your PC for a minute" and install Kazaa or Windows on it without my permission?

  • by misexistentialist (1537887) on Friday February 26, 2010 @04:55PM (#31291184)
    It's typical for the legislature to justify its full-time existence by passing laws in response to singular high-profile events (usually named after a pathetic victim), and to design the laws to prevent the event from happening by restricting individual freedom.

    In this case there was a lazy/stupid government employee who leaked information via p2p by sharing his entire drive, so lawmakers respond with a broad law that will result in millions of dollars being spent and the course of history being changed rather than let the one employee be fired (along with any supervisors and IT workers who didn't enforce computer security policies). I'm sure the idea of making all p2p software illegal was brought up, but they probably ran into difficulties coming up with a legal definition that didn't outlaw internet browsers too. Between child porn and terrorist communication it's only a matter of time before they ban it anyway.

As the trials of life continue to take their toll, remember that there is always a future in Computer Maintenance. -- National Lampoon, "Deteriorata"

Working...