Back in 2003, the House Committee on Government Reform, then chaired by Rep. Tom Davis (R-VA), held a hearing entitled “Overexposed: The threats to Privacy and Security on Filesharing Networks.” That hearing tried to answer a number of questions: why personal information was available on p2p networks, what effect spyware was having on consumers, and what sort of risk p2p networks created for dangerous viruses? While Chairman Davis paid lip service to the potential benefits of file sharing, the tone of the proceedings was one of overwhelming danger, not cautious optimism.
Yesterday the same House Committee held very similar hearings on almost exactly the same topic. Again the committee focused on the danger of inadvertent file sharing, and while now-chairman Henry Waxman (D-CA) said that “the purpose of this hearing is not to shut down p2p networks,” he suggested that Congress might have to step in to regulate p2p companies.
Admittedly, the problem these hearings addressed is real. In the early days of p2p file sharing, when p2p programs' user interfaces didn't make it clear just what a user was sharing online, it was pretty easy to share a 'My Documents' folder without even realizing it. But fearing regulation, p2p companies began policing themselves, and in late 2004 the two main p2p trade associations self-imposed warnings to consumers about dangerous content. The largest p2p networks have built friendly user interfaces to prevent inadvertent file sharing. LimeWire's Chairman Mark Gorton, who testified at yesterday's hearing, showed that his company's software had a folder prominently showing which files a user is sharing and how many times those files have been uploaded. Furthermore, the monitor tab on the upper left also shows the files that have been uploaded, and users are warned whenever they attempt to share potentially sensitive data like the 'My Documents' folder.
(picture courtesy Softpedia)
In short, as p2p networks have evolved they have continued to cut down on the problem of inadvertent file sharing. The problem hasn't been solved, but the major p2p companies have demonstrated a good-faith effort to find a solution. Yet we are still having the same hearings today as we had four years ago, with the same issues addressed and the same fears raised – so why?
The most likely reason is that Congress is conflating two problems: inadvertent file sharing, which is a security issue, and intentional piracy, which is a copyright issue. Mr. Gorton addressed this latter problem in his own testimony:
“In addition to the problem of inadvertent file-sharing, P2P networks are plagued by child pornography and copyright infringement…The regulatory framework that surrounds the Internet has not kept pace with technical advancements, and currently, no effective enforcement mechanisms exist to address illegal behavior on P2P networks”
Internet Service Providers, ISP's, are a unique point of control for every computer on the Internet. Universities frequently function as their own ISP's, and a handful of universities have implemented notice based warning systems that result in the disconnection of users engaged in illegal behavior who ignore multiple warnings. These universities have sharply reduced child pornography and copyright infringement on their campus networks. Similar policies could be mandated for all ISP's in the United States.
It's really outside the scope of this post to debunk these sorts of claims (and besides, EFF has already done so more extensively, and John has done so more effectively). In general, content filtering systems are either ineffective or restrict lawful use of copyrighted content.
Of course, some have tried banning all p2p applications entirely. ICARUS (Integrated Computer Application for Recognizing User Services), a program developed by the University of Florida in 2003 kicked users off the UF ISP who attempted any kind of p2p file sharing, legal or not. A user caught using a program that acted as a server (such as Kazaa) was automatically disconnected for 30 minutes. Second time offenders were kicked off for five days, and third time offenders were subject to the school's judicial process. Of course, the problem with this is that there's an entire universe of uses for p2p software that is perfectly legal. No student should face expulsion for downloading a song they were entitled to copy.
ICARUS is still around, though now it's called cGrid and licensed commercially to other schools for a $1,000,000 installation fee and $250,000 a year. Additionally, cGrid now detects file sharing over email, IM, and invitation-only FTP servers (I can only imagine how hard it is to make digital movies at the University of Florida right now). The result is that an attempt to stop illegal content sharing results in destroying very useful technologies like p2p. I imagine this is not the kind of solution Mr. Gorton would support.
Of course this solution, and the piracy it seeks to stop, has nothing to do with inadvertently sharing personal documents, and nothing to do with the stated purpose of this hearing. Filtering copyrighted content on the Internet would not stop people from accidentally sharing a 'My Documents' folder, and while software like cGrid might stop music piracy, it would also stop the innovation and collaboration that remains essential to the Internet. Inadvertent file sharing and intentional piracy are issues important enough to merit separate solutions.