Anti-File Sharing Lobbyists/Lawyers Shove Each Other Aside To Blame P2P Rather Than Dumb Guy For Congressional Leak
from the try-harder dept
A couple years ago, some entertainment industry lobbyists hit on a new idea for trying to get Congress to legislate against file sharing software: figure out ways to blame it for stupid employees. More specifically, figure out a way to blame it for stupid employees... in the government. So, those lobbyists have worked hard to highlight every single time some sort of sensitive government information was leaked via file sharing programs, and then even got Congress to investigate file sharing programs, rather than government security policies or how the government deals with stupid employees who put sensitive information on home computers that also have file sharing software installed improperly (set to share everything). The latest is that they were even able to get a ridiculously poorly thought-out law proposed that would cause problems for nearly every software you use online. Brilliant.So, of course, as the news broke that there was a leak of a Congressional ethics investigation, because a staffer put the document on his or her home machine that had file sharing software on it, the usual crowd of folks wasted no time at all in highlighting the use of P2P software and presenting file sharing as if it (rather than dumb employees and bad government security) was a huge national security threat and (of course) to urge Congresss to pass laws against file sharing programs. The one thing in common? All of those calls come from people who get paychecks from the entertainment industry.
Funny, I don't see them calling for laws that would lock down and secure laptops, even though government employees lose thousands of laptops every year -- many with sensitive information. I don't see them calling for laws against email software, though I would bet that a lot more sensitive information is leaked by people simply emailing it to the wrong party. They don't call for laws against the telephone, even though people leak info over the phone. What? No laws against dining in restaurants where you might hear some info from folks at the next table? This has nothing to do with file sharing software. It has everything to do with poor security setup and dumb government employees. The claims that this happens so often are misleading. The federal government employs nearly 3 million people. We hear about these sorts of "leaks" once every year or so. Out of 3 million people, if anything, I'd be amazed there are so few leaks.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: congressional ethics, file sharing, leak, p2p
Reader Comments
Subscribe: RSS
View by: Time | Thread
Then again, I believe I heard this from some cable news talking head, and they usually know nothing about technology, so I'm not sure if that's the correct story.
[ link to this | view in chronology ]
Welcome to Washington
[ link to this | view in chronology ]
Re: Welcome to Washington
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I thought not.
[ link to this | view in chronology ]
I thought not.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I know it is a longshot, but is there perhaps some measure of truth to the assertion that some P2P programs can be traps for the unwary? Sony was rightly criticized when it engaged in the rootkit "game". How is it different in any meaningful degree if a software provider distributes a program prepared in such a manner that it may cause users to unintentionally expose to the world the entirety of their data files?
Quite frankly, neither of the two lawyers about whom you speak give a "rodent's rear" about P2P software, per se. What they do care about is the use of such software to facilitate/encourage the unauthhorized downloading and distribution of copyrighted files, as well as software developers (whether P2P or otherwise) distributing product that can easily compromise the computer's of even people who exercise due care when installing such software.
[ link to this | view in chronology ]
Re:
If I hack someone to bits with a hatchet, no-one cries foul on the hatchet manufacturers.
"How dare you let that person misuse a tool like that! Sure, I know they ignored the warning label, the warning sign, the warning safety-cap and the warning Wacky-Waving-Inflatable-Arm-Man, but I think we all know who was responsible here" : This message brought to you by the Anti-Hatchet/Pro-Chainsaw Alliance
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Blame the tool
As with everything, it depends WHO you are and who you pay.
(Not defending the tobacco companies, they should all rot 4ell.)
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
So if this employee had used MS Outlook to send a copy of the file to herself and somehow had sent it to an external mailing list, by your logic they should investigate email applications as they're dangerous.
You complete and utter moron. If you're going to shill for idiotic ideas at least try to do so intelligently.
[ link to this | view in chronology ]
Re:
A rootkit, installed surreptitiously by a "reputable" company like Sony, so that a person may listen to a CD that they have bought and paid for is a far cry from a P2P program downloaded and installed. Isn't it? I mean, come on, if you can't see the difference, you're a bit daft and shouldn't be making such long-winded arguments.
Just to ensure you do understand:
In the rootkit case, I want to listen to this kickass new CD. I pop it in the CD drive on my PC, plug in my headphones, click "I agree" on some window that pops up, thinking "who really reads these things - they're too damned long!" (and it wasn't even buried in the EULA, if I remember correctly), and rock out. And now, my machine is kitted. Open to Sony (and the world!) to see. There has been nothing plainly stated that I'm opening myself up.
In the case of a P2P application, things are just a smidge different. I go out and willingly download a P2P client, like Azureus, uTorrent, Kazaa, etc. I then install it. After the install, a wizard pops up that says "I can scan your drive for files and folders to share. Would you like me to do that?", to which I can answer yes or no.
Your example would have been correct if Sony had said upon install "Would you like me to rootkit your PC so everything you do and have on it can be accessed from the internet?" But, they didn't. I hope you see the difference. It's about choice. I chose to install the P2P client, and Sony just hijacked my PC.
Big difference, don't you think?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
eDonkey
Ok! ok! I'm a cruel person. I know.
[ link to this | view in chronology ]
Bittorrent.
[ link to this | view in chronology ]
Re: Bittorrent.
[ link to this | view in chronology ]
Older P2P networks.
All those things could be made trivial if they used virtual spaces to share things like the virtual discs that exist in the MAME project. But they are hard to implement. In that case people should be instructed to use a virtual machine.
There are technological solutions that would make P2P technologies more secure in the case of "accidental sharing", but what congress appears to want is to take out P2P all together and not to fix the problem.
Solution for government and people who wants to work at home with confidential data:
Use a virtual machine to work at home, those files can be encrypted and even if they are transferred to somewhere else the data will still be secure or at least give time to prepare for the fall out. So no employee should ever use confidential data without a virtual machine that would replicate the security of the office.
All major OS's have virtualization solutions and some are even free and can be modified to operate inside a player only.
A great example of that is virtual appliances see the sources bellow :)
turnkeylinux.org
bitnami.org
www.vmware.com/appliances
You think those smart people in the government would have already thought about that a long time ago.
[ link to this | view in chronology ]
How would one "here" info?
Doesn't one "hear" something?
[ link to this | view in chronology ]
Re:
good little info!
[ link to this | view in chronology ]
of course, P2P is a information sharing technology. to make it illegal would be banning freedom of speech so hopefully the courts strike down any law like that.
[ link to this | view in chronology ]
How Convenient!!!
But wait… of that 10 person ethics committee, two more are also co-sponsors of H.R. 1319: Ben Chandler and Kathy Castor. So if three of ten people on this Committee that suffered the breah, including the chair, are cosponsoring H.R. 1319, the informed p2p user act, the p2p excuse seems awfully convenient.
But wait... the bill has been referred to the Energy and Commerce committee, where two more of the original ten person ethics committee, Butterfield and Welch (along with Castor) have it for review.
So when five out of ten people on this Ethics committee, including the chair, have a great deal to do with (and have their staffs working on) the Informed P2P User act, you might think that someone there might actually bother to take the issue seriously... unless, of course, this is just a scapegoat to build support for H.R. 1319, and the leak to the Post happened the same way it almost always does: INTENTIONALLY. I have no way of knowing if these members have been co-sponsors all along, or if, perhaps, they recently became cosponsors in light of this breach. Nevertheless, p2p software and so-called "hackers" are an awfully convenient scapegoat when taken in context with the Ethics committee member relationships to H.R. 1319.
[ link to this | view in chronology ]
Re: How Convenient!!!
[ link to this | view in chronology ]
Re: Re: How Convenient!!!
[ link to this | view in chronology ]
Re: Re: Re: How Convenient!!!
But given the broken nature of our mainstream media due to the laws in place and the broken nature of our laws (ie: thanks to those laws bandwidth in America is falling behind due to a lack of competition, intellectual property rights last WAY too long both patents and copyrights and our mainstream media censors this stuff from the public) I have little hope that anything will change for the better without huge protests by enough people forcing our government to make a meaningful change.
[ link to this | view in chronology ]
Guns -n- P2P
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
In this case the legislation being talked about is H.R. 1319. I was introduced in the House in March, referred to committee, and has since emerged from the committee in amended form and is being forwarded to the House floor for vote.
Of course, the Senate would also have to craft its own version, consider and debate it in committee, and then likewise pass it on to the Senate floor for vote.
If each bill passes and diverge in any respect, the Senate and House bills would then be referred to a Conference Committee where the two versions would have to be reconciled and re-voted upon by both the House and Senate before the resultant bill would be in condition for submittal to the President for signature.
For those might actually prefer to talk about this matter with some authority, H.R. 1319, as reported out of committee to the House floor, can be found at:
http://republicans.energycommerce.house.gov/Media/file/Markups/FullCmte/093009-Data_P2P/P2P_0 06_xml.pdf
If after reading it one believes it has noteworthy defects and can marshall cogent arguments concerning those defects, they he/she may wish to consider a rather radical action...contact his/her representatives in Congress, identify the defects, and then articulate the significance of the defects and how they can be ameliorated. Of course, contacting various industry associations tracking the bill is also a legitimate course of action.
What a concept; actually reading a bill and then participating in the political process instead of just whining and calling everyone who might have a different perspective "stupid", "shills", "morons", "douchebags", etc.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
The reason is the problem is not with the program is with the people who use it. Do we really need laws to say to people how to do everything?
Firts it was P2P is for pedophiles and criminals.
P2P finances terrorrism.
Now is P2P risk national security.
LoL c'mom.
[ link to this | view in chronology ]
Re:
There is a need if you want to expound with some measure of authority that you know the subject matter about which you are expressing an opinion.
...Do we really need laws to say to people how to do everything?
This is not what the proposed bill does. It proposes to impose obligations on developers and providers calculated to provide fair warning to downloaders/users about the software itself. "Notice" laws are commonplace, ranging across a number of fields including, for example, SEC notices, drug warning labels, etc.
They are not for the purpose of telling people how to do everything. They are about trying to ensure providers are fairly informing the public.
[ link to this | view in chronology ]
Re: Re:
Well, the laws currently in place are for the purpose of channeling money away from poor people and giving it to rich people. So why should I believe that future laws will be designed to fix this?
The current laws in place have set up a regulatory structure that hands control over airwaves, infrastructure, etc... to entities that censor very important news and viewpoints (ie: the info we talk about on techdirt, at least it censors critical viewpoints like the viewpoint that intellectual property lasts way too long and there is plenty of news that gets censored from mainstream media). The regulatory structure in place (without the Internet) also makes it difficult for independent artists to get promoted by handing over airwaves to special interest groups to control them. A lot of important topics get censored from the public. All the laws in place are uniformly designed to favor the rich and the powerful at public expense. So why should I believe that new laws are going to be any different?
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Like everybody's been saying.. Its WHOM your targeting that matters, not what. The P2P is just an excuse to bolster support for a bill that will basically do nothing (for now).
As for calling your congressman/senator? Yes, if they get 100,000 phone calls in one month FOR/AGAINST something, they'll take heed or lose their position.
[ link to this | view in chronology ]