Skip Links

FTC P2P data leak alarm could give law-makers big stick

FTC says P2P file-sharing networks are leaking sensitive data

By , Network World
February 23, 2010 03:37 PM ET

Network World - It’ s the last thing P2P File-Sharing Network proponents needed to hear: The Federal Trade Commission this week sent letters to almost 100 organizations that personal information, including sensitive data about customers and employees, has been shared from their computer networks and is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud.

The FTC said companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers’ sensitive information such as health-related information, financial records, and drivers’ license and social security numbers at risk for identity theft. In the notification letters, the FTC urged the entities to review their security practices and, if appropriate, the practices of contractors and vendors, to ensure that they are reasonable, appropriate, and in compliance with the law.

12 mad science projects that could shake the world

“Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure,” said FTC Chairman Jon Leibowitz.

The FTC has been leading the charge for tighter regulations of the P2P industry and this latest problem is only likely to increase the calls for such regulation. At a hearing last summer the FTC expressed its doubts about companies protecting sensitive consumer information or sensitive data over P2P Internet file-sharing networks. It doesn’t help the P2P cause that the technology continues to pop up in bad practices.

Peer-to-peer technology can be used in many ways, such as to play games, make online telephone calls, and, through P2P file-sharing software, share music, video, and documents. But when P2P file-sharing software is not configured properly, files not intended for sharing may be accessible to anyone on the P2P network, the FTC said.

The FTC said while many P2P file-sharing program developers have voluntarily implemented safeguards against the risk of inadvertent sharing of user-originated files in current versions of their programs, the FTC is supportive of legislation that mandates distributors of P2P file-sharing programs provide timely, clear, and conspicuous notice and obtain consent from consumers regarding the essential aspects of those programs.

Part of the agency’s concern comes from the fact that a number of industry watchers see P2P growing exponentially in the next few years. For example, MultiMedia Intelligence sees P2P traffic growing by 400% in the next five years, from 1.6 to 8 petabytes per month, with licensed P2P growing at ten times that rate as authorized offerings come into their own; and new advancements, such as P4P and hybrid services, take hold. Insight Research projected that the worldwide market for P2P and file-sharing will surpass $28 billion per year in revenue for carriers and ISPs over the next three years, according to the Distributed Computing Industry Association.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News