Slashdot Mirror

← Back to Stories (view on slashdot.org)

House Committee Passes "Informed P2P User Act"

Posted by ScuttleMonkey on from the is-this-really-the-most-pressing-issue dept.

An anonymous reader writes "This week the House Energy and Commerce Committee passed the 'Informed P2P User Act' and has sent it along to the full House for consideration. The bill, which appears to have heavy support on both sides of the political fence, simply states that P2P software must not install extra software or prevent users from removing it, in addition to being 'clear and conspicuous' about which files are being shared and getting user consent to share them. 'Rep. Henry Waxman (D-CA), the powerful committee chairman, opened the markup session by warning about "the danger of inadvertent sharing of sensitive information through the use, or misuse, of certain file sharing programs. Tax returns, medical files, and even classified government documents have been found on these networks. The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved."'"

17 of 235 comments (clear)

  1. Why P2P by AnotherBlackHat · · Score: 5, Insightful

    Why is this limited to P2P software?

    1. Re:Why P2P by ZekoMal · · Score: 4, Insightful

      Because then companies like Sony couldn't screw with us.

    2. Re:Why P2P by kevinNCSU · · Score: 5, Insightful

      Did someone forget to inform this senator that we (the US) no longer own the internets?

      Did someone forget to inform you that p2p software generally installs on a machine in a physical location and therefore is subject to the laws and regulations in that location? Just because your machine is able to talk to machines in a different country doesn't mean your machine is somehow above the laws of the country you live in.

    3. Re:Why P2P by ajs · · Score: 5, Insightful

      Why is this limited to P2P software?

      Because almost every other type of unintentional sharing of files (if not all) are already covered by electronic privacy laws.

      However, in the case of applications which are designed to share files, there's a legal gray area, where the author can claim that they have no obligation to have disclosed which files were being shared, and that the user consented to sharing their files by installing file sharing software.

      This bill would close that loophole.

    4. Re:Why P2P by girlintraining · · Score: 4, Insightful

      And open a new one where the FBI (or RIAA investigators) can simply "ask" the program, "What files were shared?", get a convenient generated list, and find all the evidence they need to make your day in court miserable.

      And if my computer lies? Nobody said my computer has to be programmed to tell the truth.

      --
      #fuckbeta #iamslashdot #dicemustdie
    5. Re:Why P2P by gnieboer · · Score: 5, Insightful

      True, all P2P apps have to know what files they are sharing. But here's where I see bill's raison d'etre...

      "being 'clear and conspicuous' about which files are being shared and getting user consent to share them"

      NOW, when the RIAA sues everyone:
      The software maker is free and clear ("We added the consent to share box as mandated by law")
      And the person sharing Rocky 17 CAN'T say "I had no idea that file was being shared", which has been a defense in the past.

      So (IMHO) when we talk about big lobbying groups, the RIAA would like it, and the software makers are willing to put up with the other provisions because now they are off the hook from the big P2P lawsuit.

  2. Spill the beans by oldhack · · Score: 4, Interesting

    Ok, so who funded this bill and why?

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
    1. Re:Spill the beans by icebike · · Score: 4, Informative

      Even more interesting is the provision right up front in section 2.a.2 exempting preloaded software on new computers as long as somewhere in the 40 pages of tiny print the purchaser is told that a back-door sharing program is installed.

      So preloaded sharing programs and spyware installed by Sony is ok then...

      The bill is 7 pages, people. READ IT.
      http://energycommerce.house.gov/Press_111/20090930/hr1319_ains.pdf

      --
      Sig Battery depleted. Reverting to safe mode.
  3. Do OS-included programs count? by davidwr · · Score: 4, Interesting

    Do sftpd and Windows File Sharing count? The bill better be carefully worded or the law of unintended consequences and vendors screaming "waitaminuteididn'tknowmyproductqualified" will be the end result.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  4. Stupid old men. by Lord+Kano · · Score: 4, Insightful

    How do they expect to enforce this law on companies that produce software outside of the US?

    Apparently they still don't understand how this internet thing works.

    LK

    --
    "Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
  5. Ummmm by MikeRT · · Score: 4, Insightful

    even classified government documents have been found on these networks

    If they're finding classified documents on the public internet, that means that they have a bigger problem like government employees disregarding security guidelines by putting them on unclassified networks.

  6. In Other News... by bbsguru · · Score: 4, Funny

    ... the installation of viruses and worms on computers you don't won is now illegal. Massive layoffs are expected in the BotNet industry...

  7. Ulterior motive? by Steve+Cox · · Score: 4, Insightful

    It could be that this bill is being passed simply to remove a set of excuses people might use when caught using P2P for sharing copyrighted material - hence the name of the bill.

    If the software plainly states that it will be sharing a file with other people, then you cannot say 'I didn't know I was sharing it'. Likewise, you cannot say that it installed without your knowledge nor can you say it installed but you couldn't uninstall it.

    This is of course, only possible if the writers of P2P software actually give two hoots about the bill.....

    Steve.

  8. Liar, Liar. by girlintraining · · Score: 4, Insightful

    The purpose of H.R. 1319 is to reduce inadvertent disclosures of sensitive information by making the users of this software more aware of the risks involved.

    Sure it is. Now, how about taking a closer look;

    the term "peer-to-peer file sharing program" means[...]
    to designate files available for transmission to another computer
    to transmit files directly to another computer; and
    to request the transmission of files from another computer.

    Well, that's basically "using the internet". And using the definition of "protected computer", if you can add a tcp/ip stack to your toaster, it's a protected computer. So what will it be illegal to do using anything with a microprocessor and can communicate with the outside world? Also, "authorized user" -- I suspect a lot of EULAs are going to be updated so that every company that has a piece of networkable software installed on your system is now also an authorized user. Unintended consequences are a bitch, aren't they? Your system is now legally required to be insecure and full of backdoors. ...prevent the reasonable efforts of an owner or authorized user from blocking the installation [of a] program or function thereof

    So installing is now okay. 'Using' not available for comment. So we can still f*ck with it at the operating system level, or neuter it in memory -- messing with the code after installation or during runtime isn't covered. Oops.

    to fail to provide a reasonable and effective means to disable or remove from the protected computer...[excessive legalese deleted]

    Translation: Installers should come with uninstallers. We need a law for this? And without a definition of what "reasonable and effective" constitutes -- well, need I say more? Anyone try uninstalling Norton Antivirus lately? It's quicker just to nuke the drive from orbit, and it's the only way to be sure you got everything. Can I expect federal pound me in the ass prison time for all the Norton executives? No? Why -- oh, right... they're rich. But you there, little open source developer -- we know you're evil. I mean, you don't even have a brand identity!

    Yeah... this ends well.

    --
    #fuckbeta #iamslashdot #dicemustdie
  9. Relevant Quote by Kindgott · · Score: 5, Insightful

    "Anyone who says that the solution is to educate the users hasn't ever met an actual user."
    -- Bruce Schneier

    --
    If there's anything more important than my ego around here, I want it caught and shot immediately.
  10. Aimed at Freenet? by acid06 · · Score: 5, Interesting

    Apparently, this bill is actually aimed at things such as the Freenet Project.
    On Freenet, you actually don't know what is stored on your own computer (and thus, what you're sharing) as everything is encrypted.
    Apparently, this effectively outlaws Freenet.

  11. Re:Mod parent up by adolf · · Score: 5, Insightful

    Naah.

    Freenet stores its data in encrypted files and refers to them with hashes, right? I mean: It's just files on a filesystem, isn't it? So, all the software has to do to stay in compliance is state which of those files are being shared.

    It doesn't state that it must decrypt the files. Or that the content of them must be disclosed. It would just need to report to the user the same stuff that already gets reported to Freenet at large.

    Doing so is neither against this bill, nor against the spirit of Freenet, nor in any way any significant technical hurdle to overcome.

    (Unless I'm very mistaken, in which case I welcome any corrections.)

    --
    Kid-proof tablet..