Proposed peer-to-peer technology law sparks animosity

The Federal Trade Commission and Distributed Computing Industry Association locked horns over a proposed law that would govern peer-to-peer networking technology would be used and regulated.

Before the Subcommittee on Commerce, Trade, and Consumer Protection, the Federal Trade Commission expressed its doubts about companies protecting sensitive consumer information or sensitive data over P2P Internet file-sharing networks.  It doesn't help the P2P cause that the technology continues to pop up in bad practicesRecently a company that monitors peer-to-peer networks said it found classified information about the systems used onboard the president's helicopter in a shared folder on a computer in Iran, after a file containing the data was accidentally leaked on a peer-to-peer network last summer.

Meanwhile the DCIA said any laws would likely be ineffective and stifle the business opportunities P2P can generate.

The FCT said while many P2P file-sharing program developers have voluntarily implemented safeguards against the risk of inadvertent sharing of user-originated files in current versions of their programs, the FTC is supportive of legislation that mandates distributors of P2P file-sharing programs provide timely, clear, and conspicuous notice and obtain consent from consumers regarding the essential aspects of those programs.

Part of its concern comes from the fact that a number of industry watchers see P2P growing exponentially in the next few years.  For example, MultiMedia Intelligence sees P2P traffic growing by 400% in the next five years, from 1.6 to 8 petabytes per month, with licensed P2P growing at ten times that rate as authorized offerings come into their own; and new advancements, such as P4P and hybrid services, take hold. Insight Research projects that the worldwide market for P2P and file-sharing will surpass $28 billion per year in revenue for carriers and ISPs over the next three years, according to the Distributed Computing Industry Association.

Specifically the FTC is in favor of adopting the bill known as H.R. 1319 or the Informed P2P User Act which is in committee and would let the agency obtain civil penalties against the distributors who do not meet a baseline standard of providing clear and conspicuous notice, in advance, to consumers about what files a P2P program will share, and for obtaining consent from consumers before making those files available on a P2P network. The proposed legislation also has provisions that should help network administrators keep P2P file-sharing applications that are inappropriate and potentially dangerous off their computer systems and would give the commission authority to seek civil penalties for violations.

The FTC said it has taken an active role in assisting P2P file-sharing software developers in devising best practices to help prevent consumers from inadvertently sharing personal or sensitive data over P2P networks. In July 2008, the DCIA published Voluntary Best Practices containing useful safeguards against inadvertent file sharing.

These safeguards, which apply to the features of the software programs themselves, include:

  • warnings to application users and notices about the number and types of files being shared;
  • default settings that limit what is shared upon installation of an application; controls for users to
  • stop sharing any file or folder; protections against any user attempt to share sensitive folders or
  • file types; and simple means to disable the file-sharing functionality.

Starting in February 2009, DCIA members began providing the FTC staff with reports outlining the ways in which they believe their applications comply with the best practices. FTC staff is currently assessing, with the assistance of an independent P2P technology expert, whether the member companies' applications, and those of other developers, comply with those best practices.

For its part the DCIA said today: "In our view, because of both the technical complexity and relatively fast-moving innovation in this area, a federally mandated and closely monitored private sector initiative, rather than even the best intentioned legislative measure, will produce the most beneficial effect to the public and to government agencies whose sensitive and confidential information must be protected as a matter of national security."

The DCIA went on to say: "Our legal review up to this point suggests that no matter the changes in the bill's construction, no matter any amount of rewording, it will still not only stifle its purported target from possible improvements that would better address the problem the bill intends to address, but it will also potentially still apply to any type of data transmitting software, including Internet applications, desktop applications, e-mail applications, instant messaging, cloud computing, social networks, fully licensed P2P deployments, hybrid peer-assisted content networks, etc."

P2P industry players include BitTorrent, the most widely used protocol, now with an enterprise offering and many derivatives; eDonkey, which ceased commercial operation, but has remained popular as the open-source eMule; Bearshare, which despite the company's acquisition by iMesh has also remained popular as a standalone program; LimeWire, a widely-used open-P2P program now integrating a LimeWire Store and new Lime Engine; and Kontiki, spun-off last year by VeriSign and currently used in several major enterprise deployments, including Wells Fargo, GM, and Coca-Cola.

Examples of new and emerging P2P services are Damaka, FrostWire,  

GigaTribe, Grooveshark, Itiva, LittleShoot, mBit, MyBloop, Ooma, Pownce, Raketu, RedSwoosh, SlapVid, Swapper, Twango, Vudu, and Yoomba, the DCIA noted.

Layer 8 in a box

Check out these other hot stories:

Hackneyed or amazing? Online system rates photos by artistic quality

Identity thieves get reprive as FTC backs off Red Flags rules again

NASA's electronic nose can sniff out cancer, space stench

What kind of data center can you build with $500 million?

Colossal spy airships with 15-story radars get $400M reality check

eBay, Xerox fraudster welcomed to federal prison

Giant, 1 million MPH space tornadoes drive northern lights  

Weather forecasts threatened by satellite network costs, delays

FTC targets mobile text messaging, security concerns

School IT director charged with stealing, selling computers

Blown away? Prototype camera, chips survive explosions

Can telepresence save the universe?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.