P2P bill could regulate Web browsers, FTP clients

news analysis The U.S. House of Representatives has scheduled a hearing Tuesday to examine a bill that would force peer-to-peer applications to provide specific notice to consumers that their files might be shared.

The hearing before a House Energy subcommittee comes about a month after reports that specifications about the helicopter used as Marine One may have been leaked through a P2P network. Meanwhile, a second House committee is probing whether LimeWire or another P2P application was responsible.

Tuesday's hearing is expected to focus on a bill introduced in March by Rep. Mary Bono Mack, a California Republican. The catch: while it appears intended to target only P2P applications, the measure sweeps in Web browsers, FTP applications, instant messaging utilities, and other common programs too.

Bono's Informed P2P User Act says that it will be "unlawful" for P2P software to cause files to be made available unless two rules are followed. First, the utility's installation process must provide "clear and conspicuous notice" of its features and obtain the user's "informed consent." Second, the program must step through that notice-and-consent process every time it runs.

Her bill defines P2P applications as software that lets files be marked for transfer, transferred, and received. (The exact wording: "to designate files available for transmission to another computer; to transmit files directly to another computer; and to request the transmission of files from another computer.")

Every copy of Windows, GNU/Linux, and Mac OS X sold in recent memory includes a command-line FTP client fitting that definition but lacking the proposed warning. Does that mean that Microsoft, the Free Software Foundation, and Apple could be fined for "unlawful" activities? If the definition stretches to include the rsync utility and open-source software too, will volunteer maintainers and foreign citizens have to comply?

Another example: Web browsers could also be regulated and subject to Federal Trade Commission enforcement action unless "informed consent" is obtained each time the desktop icon is double-clicked. (Every Web browser allows the user to "designate" files to be uploaded--ever post a photo?--and request that files be downloaded.)

It's true that forcing compliance--at least for those programmers who are paying attention to legislative proclamations from the U.S. Congress--shouldn't be too difficult. A few warning messages and click-here-to-continue dialog boxes would suffice.

Still, the argument that a particular piece of proposed legislation could be worse is no argument at all. What the bill's drafters may not appreciate is that the Internet is, by definition, a peer-to-peer network. Restricting its P2Pishness, for lack of a better term, is difficult to do with restricting Internet access completely.

The point here is not that LimeWire and its rivals are without risk; misconfiguration probably would expose sensitive files to the public.

It's more that software is uniquely malleable, difficult to define, and better overseen by West Coast coders voluntarily adding warning messages than East Coast lawyers making it illegal not to do so.

The U.S. Supreme Court failed to reach a consensus about regulating obscenity a generation ago; do we really think that computer code today won't be equally slippery?

[gsekse]

So congress continues to think that they can "regulate" the internet, an international entity. Sigh, I wonder how many non-american programmers give flying you know what about what congress says.

When will everyone grow up and start realizing that access to the internet is not a child's game. That security is your responsibility. Don't install programs willy-nilly, don't assume your system is secure unless you turn off your modem/cable/unplug the wire/etc.

[Remo_Williams]

It's a ridiculous proposal, and I wouldn't even accept any of the premises offered as a rationale for it. I am using the software for a specific purpose, and whether I use it improperly or not is not affected by notices, but behavior. Legislation like this is a means to begin legislating other aspects of the Internet as well.

-Remo

[tremorfireheart]

I would say that this legislation comes from a knee jerk reaction. Somewhere in the chain the executive branch employee made a stupid mistake. Now the legislative branch is trying to point fingers at the software company rather than having the individual take the fault. Why did any one put such tender information to cause this kind of an uproar on a computer with any kind of internet access? Of course our files are shared when we upload them or put them in shared access folders. The iota falls unto the one who installs the products to know what exactly the product does before they install it.

[man_w_balls]

Exactly - reality check! It sucks to have a Congress & President who thinks every problem needs to be solved with legislation instead of individual responsibility.
Like "Oh no, I made an error, where was the law to protect me from my own stupidity?"
People should actually learn from their mistakes and accept responsibility.

[ExWinUser]

To "man_b_walls"
"bill introduced in March by Rep. Mary Bono Mack, a California REPUBLICAN!!!!!!!!!!!"

[kehandley]

To "ExWinUser"
"CONGRESS & President!!!!!!!!!!!!!!"

[ferricoxide]

You know, it's kinda funny. I've been traveling in Europe a lot this year. It seems over here, the attitude about things is, "you're a big boy, do what you want. But, if it comes back to bite you on the ass, it's on you". Used to be that way in the US, too, but then colleges turned into lawyer-factories.

[C.Schroeder]

I'm sorry, if you install a P2P software client and point it at a directory for sharing files or put files in the directory it created, how is it that you don't understand the client shares the files in that directory? The proposed legislation sounds analogous to hot coffee warnings, and we all know how useful that has been. <cough> Maybe we should consider certain classes of software to require a user permit process akin to a driving permit to legally hold the user responsible for their own actions, or is the software in question more like a lawn mower - you don't need a permit, but if you misuse it you WILL get hurt (and the click-wrap license ensures it is your fault).

I think in this case Bit-torrent actually has the upper hand, because it is a two step process, i.e. loading the .torrent file into the client and then sharing the actual file. You can't claim you "accidentally" shared a file, especially if you originated the .torrent file.

[darfjono]

You have got to be kidding me. I think the government should just stop trying to make any sort of law when it comes to technology. They'll just Do It Wrong anyway.

[ministafari]

Rofl USA has no control over the internet. And never should. Legislation to contain copyright infringement mabee is spreading from the music and film industry. Whining about lost revenue. Shut it make your millions, and leave the free internet alone. Spend your time on AIG and Friends , the real thieves in this economy.

[myles taylor]

What upsets me the most is the these laws hurt the people who obey the law and not the people who break it. Why don't lawmakers get that? That's why we have millions and millions of laws and why it never really changes anything.

[why do i need a name?]

sort of like gun laws, no?


Back to being on topic, this is silly. How many of you have GPS systems in your car that every time you turn it on you have to press the screen to acknowledge that you shouldn't do stupid things? Do you really want this to happen every time you start your browser, ftp client, etc?


But someone said it earlier, knee jerk reaction to "protect" us from ourselves. Oh, how I wish that Congress was only in session for 2- months a year, then they'd have to focus on the important stuff.

[ExWinUser]

Another teabagger (Republican) trying to teabag the rest of us free thinkers!

[zyxxy]

West coast coders and East coast lawyers. That is mighty narrow of you.

I think Richard Stallman, Dennis Ritchie, Brian Kernighan, (and others) would belie your narrow view. Along with a large pool of West coast lawyers, particularly Mary Bono Mack, who hails from the West coast.

Happily coding here on the East coast for the last 25 years. IANAL

[mistergray]

"West Coast Coder"... what a stupid remark to put in print!

[Wookiee-1138]

It wouldn't be an unreasonable measure to take, but I doubt it would change anything.

Stupid file sharers will still be stupid.

[squimito]

So wait, let me get this straight. The specs regarding the helicopter was released via a P2P application sitting on a defense contractors machine..... and why is our military doing business with a company that obviously has little or no internal network security? Locking down the ability to install programs on any corporate network is standard practice. Again, if we are entrusting national secrets, defense plans, and overall safety of our President to a third party company shouldn't we check things like internal security of the company?

[byl01]

Finally, somebody with a right idea! Only I'd ask a different question: What kind of an idiot would put top secret files and P2P on the same machine? (And what kind of an idiot would forget to make it clear to all employees that this is a no-no?) So, we are not talking about the Congress trying to regulate the Internet. We have something much worse - the Congress trying to make everyday life idiot-proof. And I thought Americans were supposed to be competitive, self-reliant, and with enough common sense. Where did it all go?

[why do i need a name?]

to byl01

this happens all the time. People who have laptops that aren't locked down (many, many of them) install software when the laptop is at home, poof. bad people get access to things.

The issue is the policies of the people with the systems and not legislation. You have sensitive stuff, don't do any P2P on that machine, got it?

[TotallyMadeUpName]

It's a little early to be blaming Congress for this since they are only holding a hearing on the bill. Let's give credit where credit is due. "Rep. Mary Bono Mack, a California Republican" introduced this poorly thought out bill. It is now up to the House Energy subcommittee to realize that the bill is a piece of garbage.

[Michichael]

Republicans. Democrats. get rid of both of them.

[Dalkorian]

Retardicans can cry and warp things all they want, but it's one of them proposing this atrocity. I hope this piece of legislative excrement is recognized as the idiotic ranting that it truly is.

[Michichael]

Hmm, I see a striking resemblance to the hot coffee in the lap incidence. *gasp* could it be? Are we legislating to protect stupid people?!

I swear to god, I hope every current politician gets swine flu and has to give up their seats to people with integrity and intelligence. This current popularity/financing contest system is so busted we're becoming stagnant.

[d3vildog69]

This could get bad.. very quick...

[Pete Bardo]

Yes, this is a ridiculous idea. Any message that shows every time you start a program will be completely ignored by the user. It's like asking "Are you sure you want to do this?" when you delete a file. I'm never sure, but I always answer yes--admittedly, sometimes it takes longer to say yes, but yes is ultimately the answer.

But then again, Republicrats are famous for this. Propose a bill that has no chance of passing to make your constituents think you are supporting it. It's still in committee--who knows why it's the House Energy committee. What's this have to do with Energy anyway?

And, yes, Declan. There are actually intelligent, productive people who don't live in California--and there are more than enough idiots that do.

"[B]etter overseen by West Coast coders voluntarily adding warning messages than East Coast lawyers making it illegal not to do so?" As you note yourself, Rep. Mack is from California, which was on the West coast the last time I was there. I suspect at least some East coast lawyers are better informed than to confuse the capability to transfer files over the Internet with the unauthorized sharing of sensitive files.

[Kyanar]

That's a ridiculously broad definition of P2P applications they have there. According to this draft, whenever you start Apache or IIS, it will need to ask you for permission to share files. I imagine that if they try to push this we may have the first time ever that Microsoft and the FSF will agree on something.

[agreddon]

Okay, exactly what sort of coma do you have to be in not to realize that file-sharing software shares files? Not to mention letting your users install software on their system as opposed to IT managers?

[mikeburek]

So can I still download programs written outside the US? They don't have to follow US law.

Will every computer science students learning to write an FTP program have to include this warning in their code?

What percentage of code has to be produced outside the US for a program to be considered outside or inside US jurisdiction?

[sharmajunior]

I need the government computers to display a message every time they boot saying "You are an Idiot!"