House Committee Passes "Informed P2P User Act"

← Back to Stories (view on slashdot.org)

House Committee Passes "Informed P2P User Act"

Posted by ScuttleMonkey on Friday October 2, 2009 @05:12AM from the is-this-really-the-most-pressing-issue dept.

An anonymous reader writes "This week the House Energy and Commerce Committee passed the 'Informed P2P User Act' and has sent it along to the full House for consideration. The bill, which appears to have heavy support on both sides of the political fence, simply states that P2P software must not install extra software or prevent users from removing it, in addition to being 'clear and conspicuous' about which files are being shared and getting user consent to share them. 'Rep. Henry Waxman (D-CA), the powerful committee chairman, opened the markup session by warning about "the danger of inadvertent sharing of sensitive information through the use, or misuse, of certain file sharing programs. Tax returns, medical files, and even classified government documents have been found on these networks. The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved."'"

27 of 235 comments (clear)

Min score:

Reason:

Sort:

Why P2P by AnotherBlackHat · 2009-10-02 05:15 · Score: 5, Insightful

Why is this limited to P2P software?
1. Re:Why P2P by ZekoMal · 2009-10-02 05:21 · Score: 4, Insightful
  
  Because then companies like Sony couldn't screw with us.
2. Re:Why P2P by kevinNCSU · 2009-10-02 05:26 · Score: 5, Insightful
  
  Did someone forget to inform this senator that we (the US) no longer own the internets?
  Did someone forget to inform you that p2p software generally installs on a machine in a physical location and therefore is subject to the laws and regulations in that location? Just because your machine is able to talk to machines in a different country doesn't mean your machine is somehow above the laws of the country you live in.
3. Re:Why P2P by ajs · 2009-10-02 05:28 · Score: 5, Insightful
  
  Why is this limited to P2P software?
  Because almost every other type of unintentional sharing of files (if not all) are already covered by electronic privacy laws.
  However, in the case of applications which are designed to share files, there's a legal gray area, where the author can claim that they have no obligation to have disclosed which files were being shared, and that the user consented to sharing their files by installing file sharing software.
  This bill would close that loophole.
4. Re:Why P2P by commodore64_love · 2009-10-02 05:39 · Score: 2, Insightful
  
  And open a new one where the FBI (or RIAA investigators) can simply "ask" the program, "What files were shared?", get a convenient generated list, and find all the evidence they need to make your day in court miserable.
  
  --
  "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
5. Re:Why P2P by girlintraining · 2009-10-02 05:49 · Score: 4, Insightful
  
  And open a new one where the FBI (or RIAA investigators) can simply "ask" the program, "What files were shared?", get a convenient generated list, and find all the evidence they need to make your day in court miserable.
  And if my computer lies? Nobody said my computer has to be programmed to tell the truth.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
6. Re:Why P2P by Mister+Whirly · 2009-10-02 06:32 · Score: 2, Insightful
  
  Dear everyone - this is Slashdot. Yes, some people will do and say things you don't like here. Get over it.
  
  --
  "But this one goes to 11!"
7. Re:Why P2P by gnieboer · 2009-10-02 07:08 · Score: 5, Insightful
  
  True, all P2P apps have to know what files they are sharing. But here's where I see bill's raison d'etre...
  "being 'clear and conspicuous' about which files are being shared and getting user consent to share them"
  NOW, when the RIAA sues everyone:
  The software maker is free and clear ("We added the consent to share box as mandated by law")
  And the person sharing Rocky 17 CAN'T say "I had no idea that file was being shared", which has been a defense in the past.
  So (IMHO) when we talk about big lobbying groups, the RIAA would like it, and the software makers are willing to put up with the other provisions because now they are off the hook from the big P2P lawsuit.
Unwanted software by conureman · 2009-10-02 05:17 · Score: 3, Insightful

I'd like to see criminal penalties for bundling undisclosed and unwanted software with any application. See if that gets past the lobbyists.

--
The cost of that cleanup, of course, will be borne by taxpayers, not industry.
1. Re:Unwanted software by Dog-Cow · 2009-10-02 06:16 · Score: 2, Insightful
  
  You are an idiot.
  Upon installation, disclose to the user that additional programs are included and ensure there is a way to opt out of the installation of those other programs.
  In other words: the user.
Stupid old men. by Lord+Kano · 2009-10-02 05:18 · Score: 4, Insightful

How do they expect to enforce this law on companies that produce software outside of the US?
Apparently they still don't understand how this internet thing works.
LK

--
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Ummmm by MikeRT · 2009-10-02 05:18 · Score: 4, Insightful

even classified government documents have been found on these networks
If they're finding classified documents on the public internet, that means that they have a bigger problem like government employees disregarding security guidelines by putting them on unclassified networks.
1. Re:Ummmm by kevinNCSU · 2009-10-02 05:29 · Score: 2, Insightful
  
  Yea, I get the feeling that's just a sensationalist flag the media likes to wave to make the story more interesting. I think the real reason here is kids installing p2p software without the parents knowledge and the sharing the my documents folder or the whole C: drive including all the parents tax returns and other personal information.
Waste of time by Shagg · 2009-10-02 05:23 · Score: 2, Insightful

The same users that are dumb/ignorant enough to share their tax and medical records are the same ones that won't bother to read any "clear and conspicuous" warnings. They'll either not understand it or hit "OK" without reading it. You can't write laws that eliminate stupidity.

--
Unix is user friendly, it's just selective about who its friends are.
1. Re:Waste of time by Anonymous Coward · 2009-10-02 05:30 · Score: 1, Insightful
  
  Sure you can, force everyone to take some basic scam / computer literacy classes to get a computer permit that lets you use a computer. Then do retests every 5 years or so to make sure people are up to date with the latest information. of course this will never happen and won't solve 100% of the problems but if this law existed and was strictly enforced it would cut down on computer stupidity.
2. Re:Waste of time by girlintraining · 2009-10-02 05:43 · Score: 2, Insightful
  
  You can't write laws that eliminate stupidity.
  Doesn't stop them from trying.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
Ulterior motive? by Steve+Cox · 2009-10-02 05:28 · Score: 4, Insightful

It could be that this bill is being passed simply to remove a set of excuses people might use when caught using P2P for sharing copyrighted material - hence the name of the bill.
If the software plainly states that it will be sharing a file with other people, then you cannot say 'I didn't know I was sharing it'. Likewise, you cannot say that it installed without your knowledge nor can you say it installed but you couldn't uninstall it.
This is of course, only possible if the writers of P2P software actually give two hoots about the bill.....
Steve.
Liar, Liar. by girlintraining · 2009-10-02 05:30 · Score: 4, Insightful

The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved.
Sure it is. Now, how about taking a closer look;
the term "peer-to-peer file sharing program" means[...]
to designate files available for transmission to another computer
to transmit files directly to another computer; and
to request the transmission of files from another computer.
Well, that's basically "using the internet". And using the definition of "protected computer", if you can add a tcp/ip stack to your toaster, it's a protected computer. So what will it be illegal to do using anything with a microprocessor and can communicate with the outside world? Also, "authorized user" -- I suspect a lot of EULAs are going to be updated so that every company that has a piece of networkable software installed on your system is now also an authorized user. Unintended consequences are a bitch, aren't they? Your system is now legally required to be insecure and full of backdoors. ...prevent the reasonable efforts of an owner or authorized user from blocking the installation [of a] program or function thereof
So installing is now okay. 'Using' not available for comment. So we can still f*ck with it at the operating system level, or neuter it in memory -- messing with the code after installation or during runtime isn't covered. Oops.
to fail to provide a reasonable and effective means to disable or remove from the protected computer...[excessive legalese deleted]
Translation: Installers should come with uninstallers. We need a law for this? And without a definition of what "reasonable and effective" constitutes -- well, need I say more? Anyone try uninstalling Norton Antivirus lately? It's quicker just to nuke the drive from orbit, and it's the only way to be sure you got everything. Can I expect federal pound me in the ass prison time for all the Norton executives? No? Why -- oh, right... they're rich. But you there, little open source developer -- we know you're evil. I mean, you don't even have a brand identity!
Yeah... this ends well.

--
#fuckbeta #iamslashdot #dicemustdie
Re:Spill the beans by ajs · 2009-10-02 05:30 · Score: 3, Insightful

Ok, so who funded this bill and why?
Almost certainly groups like the RIAA and the MPAA.
Their goal is in ratchet up the personal liability of the users who use these systems. By forcing applications to be much more explicit about what's being shared, they reduce the number of cases they lose against file sharers on the grounds that they didn't know what they were sharing.
Re:Spill the beans by Smegly · 2009-10-02 05:30 · Score: 2, Insightful

One possible reason: Makes services like Freenet illegal. For example donating disk space and bandwidth to encrypted files where the user-node does not actually know what they are helping to deliver sounds like it would violate being "'clear and conspicuous' about which files are being shared and getting user consent to share them".
No "Common Carrier" status for P2P nodes here...
Mod Parent Down by geekoid · 2009-10-02 05:33 · Score: 2, Insightful

People should not be modded up for not reading the article.

--
The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
Relevant Quote by Kindgott · 2009-10-02 05:39 · Score: 5, Insightful

"Anyone who says that the solution is to educate the users hasn't ever met an actual user."
-- Bruce Schneier

--
If there's anything more important than my ego around here, I want it caught and shot immediately.
Re:Mod parent up by MBGMorden · 2009-10-02 05:56 · Score: 2, Insightful

Notice that this didn't ONLY ban spyware. It had stipulations that state that when a P2P app is installed it clearly indicates what is being shared. This will just prevent Joe Sixpack from installed AwesomeShareItAll v3.1 where it just shares out your entire hard drive without indicating it.
Personally, I just don't see too much evil in this bill.

--
"People who think they know everything are very annoying to those of us who do."-Mark Twain
Re:Spill the beans by fuzzyfuzzyfungus · 2009-10-02 06:00 · Score: 2, Insightful

Freenet could, barring a truly weird judicial interpretation, comply pretty easily.

The only "shared folder" is the folder, of user allocated size, where freenet stores its encrypted chunks. Each of those chunks is one of the shared files. All freenet would have to do is say "When you install freenet, all files in folder X will be shared with other freenet nodes, as well as any files you explicitly upload". The fact that the user does not and cannot figure out what exactly the encrypted chunks are is neither here nor there.
Re:Mod parent up by Bill_the_Engineer · 2009-10-02 06:33 · Score: 2, Insightful

Yeah but it will also stop us from using FreeNet and other censorship-resistant, anonymous sharing networks. Read more here:
Please explain your position.
How would informing the P2P user about what is being shared on that user's computer prevent the user from using FreeNet and other anonymous sharing networks?

--
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
Re:Mod parent up by adolf · 2009-10-02 07:47 · Score: 5, Insightful

Naah.
Freenet stores its data in encrypted files and refers to them with hashes, right? I mean: It's just files on a filesystem, isn't it? So, all the software has to do to stay in compliance is state which of those files are being shared.
It doesn't state that it must decrypt the files. Or that the content of them must be disclosed. It would just need to report to the user the same stuff that already gets reported to Freenet at large.
Doing so is neither against this bill, nor against the spirit of Freenet, nor in any way any significant technical hurdle to overcome.
(Unless I'm very mistaken, in which case I welcome any corrections.)

--
Kid-proof tablet..
Re:Spill the beans by SeaFox · 2009-10-02 08:39 · Score: 2, Insightful

Isn't it sad that now whenever any piece of legislation is crafted we automatically assume someone "bought" it and has ulterior motives to it's existence than what the bill would have you believe.