About this Author
Ernest Miller pursues research and writing on cyberlaw, intellectual property, and First Amendment issues. Mr. Miller attended the U.S. Naval Academy before attending Yale Law School, where he was president and co-founder of the Law and Technology Society, and founded the technology law and policy news site LawMeme. He is a fellow of the Information Society Project at Yale Law School.
Ernest Miller's blog postings can also be found @
Listen to the weekly audio edition on IT Conversations:
The Importance Of ... Law and IT.
Feel free to contact me about articles, websites and etc. you think I may find of interest. I'm also available for consulting work and speaking engagements. Email: ernest.miller 8T gmail.com
In the Pipeline:
Don't miss Derek Lowe's excellent commentary on drug discovery and the pharma industry in general at In the Pipeline
« The Future of Copyright, the Future of Technology |
| Hatch's Hit List #21 - TiVo to Go »
August 06, 2004
State AGs Warn Filesharing Companies: Your Technology Too Dangerous!
Earlier today, I discussed the first media report of a letter from the state attorneys general to various P2P companies (States Warn Email Providers). Now, I have an actual copy of the letter and is it clueless. Read the 8-page (4 pages of content, 4 pages of signatures) missive for yourself: Letter from National Assoc. of Attorneys General to P2P United, Aug. 5, 2004 [PDF]. Read on for the annotation...
We are writing to encourage your companies to take concrete and meaningful steps to address the serious risks posed to the consumers of our States by your companys peer-to-peer (P2P) file-sharing technology. By addressing such problems today as the use of P2P networks to disseminate pornography, invade privacy and infringe copyrights, P2P software may one day realize its potential as a means for facilitating a wide range of collaborative, project management, business planning, and academic/education activities. At present, P2P software has too many times been hijacked by those who use it for illegal purposes to which the vast majority of our consumers do not wish to be exposed.Sweet paternalism. Is there any particular reason why consumers can't protect themselves? Are there not laws by which consumers can sue over defective products? Aren't there some class action litigation lawyers willing to sue a company providing a dangerous product and reap their multi-million dollar share of the liability?
We have carefully considered your response to the issues raised by P2P software as presented during the June 15-18, 2004 Summer Meeting of the National Association of Attorneys General and the June 8-9, 2004 National Association of Attorneys General Internet Conference. However, we find that this response fails to address the issues raised by P2P software.And I find that this letter fails to address the critique by the P2P companies. It would be nice if the state attorneys general would be willing to engage in debate and show why the responses are inadequate or why the critique was flawed.
Our consumers need to be provided with the information necessary to understand this technology and to make informed decisions concerning its use. P2P file-sharing technology works by allowing consumers to download free software that enables them to directly share files stored on their hard drive with other users. This type of direct access to ones computer differentiates P2P file-sharing technology from garden-variety e-mail accounts and commercial search engines such as Google and Yahoo.When Google stores a gigabyte of your email, that is nothing to be concerned with. In any case, what the state attorneys general are saying is that they don't like it when citizens can easily publish to the world. It is dangerous when citizens have the same power to distribute information that the government and corporations do.
One substantial and ever-growing use of P2P software is as a method of disseminating pornography, including child pornography. While at least some of your companies do provide filters to help screen out unwanted files, including presumably those containing pornography, those filters appear to work by focusing on language in the files description or the files title rather than on the files content. P2P users interested in disseminating and receiving offensive or illegal material, such as child pornography, can simply use an innocuous file title and/or description in order to bypass those filters. Consequently, P2P users need to be made aware that they are exposing themselves, and their children, to widespread availability of pornographic material when they download and install P2P file-sharing programs on their computers.You know, unlike when they connect to the web, where there is never an innocuously-named pornographic image to be found, or when they use email where pornographic spam is so rare as to be endangered.
The state AGs also make it sound bad that the filters only work on words in the filename. Do the AGs know something about image recognition that I don't? Is there a filter that can look inside the file?
Furthermore, P2P file-sharing technology can allow its users to access the files of other users, even when the computer is off if the computer itself is connected to the Internet via broadband. P2P users, including both home users and small businesses, who do not properly understand this software have inadvertently given other P2P users access to tax returns, medical files, financial records, personal e- mail, and confidential documents stored on their computers. Combating identity theft is one of our priorities, and many of our States have enacted laws to stop it. Consequently, P2P users need to be properly educated so that they will not inadvertently share personal files on their hard drives with other users of your P2P file-sharing technology. 1Okay, the famous "when the computer is 'off'" but connected to the internet it can share files line. Yeah, I'd like me some of that computer. Imagine the money I'd save on my server farm electrical bill.
Actually, this paragraph suffers from serious cluelessnes. I'm unaware of any filesharing program that changes what is shared depending on whether the computer is being actively used or not. Either you're sharing private information or you're not. Is protecting private information part of a more general problem? Should people feel safe about identify theft if they don't use P2P programs? Or, perhaps, is this part of a bigger problem and a broader educational campaign is the proper response? Maybe we should teach people about protecting themselves against identity theft in general, with P2P programs as only part of the problem. Note also, that the state AGs don't actually blame a specific instance of identity theft on P2P, since most identity theft takes place through other channels.
Footnote 1: This problem is exacerbated by the default settings that you use as part of the installation process of P2P software. One default setting designates each and every file in a users hard drive for sharing with other users of P2P software. A second default setting leaves a users computer continuously accessible to the Internet. We would urge your companies not to select such default settings as part of your software installation process.Default settings that "you" use. P2P United doesn't provide software, so I'm not sure what these default settings mean for such an organization. And why not point out the specific company? Which companies are using such bad defaults, if bad defaults they are? Why shouldn't filesharing programs default to on until terminated? I think what the AGs are complaining about here is that it has been difficult to shut down some filesharing programs. But that's not really a default.
The illegal uses of P2P technology are having an adverse impact on our States consumers, economies, and general welfare. There are serious concerns that P2P software is replacing Internet chat rooms and e-mail as a medium of choice for the dissemination of pornography, especially child pornography. Market forces and technological limitations of the Internet (e.g., the need to pay for web space and bandwidth) have combined to make peer-to-peer software a more attractive alternative to the Internet as a means of disseminating pornography. Peer-to-peer users and distributors of child pornography particularly believe that their anonymity on P2P networks protects them from detection by law enforcement. According to a January 25, 2004 New York Times Magazine article, [c]yber networks like KaZaa and Morpheus have become the Mexican border of virtual sexual exploitation. The Federal Trade Commission, the United States General Accounting Office, and the Judiciary Committee of the United States Senate, among others, have all taken testimony or issued reports on the increasing use of P2P software to disseminate pornography.This paragraph is really full of bullshit. It would be nice to have some firm figures here, instead of "concerns." What percentage of pornography distribution takes place via P2P as opposed to email, FTP, HTTP, NNTP, etc.? It is isn't a particular large percentage, or they would have mentioned it. Yes, pornography distribution has increased as P2P has increased, but that doesn't mean much in an absolute sense.
And what is this talk of "market forces" and "technological limitations of the Internet" making P2P a "more attractive alternative to the Internet"? Hello, clueless state AGs. I hate to break it to you, but P2P uses the internet. It isn't an alternative to the internet, it is part of it. Perhaps they meant the "web," but even that doesn't make sense.
By the way, the NY Times article cited (mirror) was considered so sensationlistic that the Times had an internal investigation discovering several errors. The reference to P2P is actually part of an entire paragraph devoted mostly to pornography on the web. There is no evidence provided as to why P2P is any worse than the web. It would be nice if the state AGs refrained from cheap sensationalism themselves.
P2P file-sharing programs also are being used to illegally trade copyrighted music, movies, software, and video games, contributing to economic losses. The Business Software Alliance estimates that its members lost $13 billion in revenue last year due to software piracy. According to a February 20, 2004 CNN article, U.S. software companies lose up to $12 billion a year in piracy according to the Software and Information Industry Association. Music companies lost more than $4.6 billion worldwide last year, according to the RIAA [Recording Industry Association of America] and movie industry officials pegged their annual losses from bootlegged films at more than $3.5 billion.And this is relevant to P2P, why? What percentage of these figures is due to piracy in the US (you're state AGs after all, and you can't enforce in China, for example) and what percentage of that is due to P2P? Bueller? Bueller?
The article further reveals that [t]he entertainment and computer industry have tried to stem piracy by making CDs and DVDs harder to duplicate. But the rise of free file-sharing networks on the Internet has made it easy for millions of individuals to distribute songs, movies, and software worldwide. Similarly, a March 28, 2003 USA Today article described a recent hearing of the California Senate Select Committee on the Entertainment Industry in which committee chairman Kevin Murray, D-Los Angeles, downloaded the KaZaa media desktop player in under 20 seconds, then downloaded numerous songs and the Oscar-winning movie Chicago, which hasnt been released on DVD.This is truly bizarre. Wasn't there some consumer rights concern for improperly labeled CDs that had DRM and wouldn't play in CD players? And isn't there a law against anti-circumvention devices already? And Chicago was available, because of P2P? If they're trying to say something more than that P2P is used for copyright infringement, it beats me what it is.
Some of your companies have taken initial steps to warn users of P2P software that it may not be employed for illegal ends, which is commendable. However, more needs to be done by your companies to warn your P2P users as to the specific legal and personal risks they face when they use P2P technology for the illegal ends of disseminating pornography and sharing copyrighted music, movies, and software.And what is illegal about disseminating pornography? I thought that was legal. Perhaps I missed the memo where the Supreme Court overturned the First Amendment. As for the warnings, what exactly do the state AGs propose and will they enforce it for email programs, browsers and other tools of copyright infringement?
We have, in the past, initiated Internet-related actions to stop individuals from disseminating unwanted spam, including deceptive e-mail designed to lure unsuspecting adults and children to pornographic web sites. We will, as appropriate, continue to initiate such actions in the future to stop deceptive and illegal practices by users of the Internet, including users of P2P software.Well, gee, I hope so. Nice to see that state AGs still believe in doing their job.
However, the undertaking of enforcement actions against individual users does not excuse your companies from fostering deceptive practices on our consumers that invade their privacy and threaten their security. Nor do they excuse your companies from avoiding software design changes that deliberately prevent law enforcement in our States from prosecuting P2P users for violations of the law.And these deceptive practices are, specifically, what? And these privacy invasions are, specifically, what? And, these security threats are, specifically, what?
We view with alarm reports that P2P software is being used by your companies as a means of transmitting unwanted spyware and adware that is bundled with the P2P software. Spyware aids an individual or a corporation in gathering information about P2P users without their consent or in asserting control over P2P users computers without their consent. In the past, we have initiated enforcement actions against Internet web sites that, without the knowledge of our consumers, placed cookies on their computers designed to track their use of the Internet. We would ask you to take concrete and meaningful steps to avoid the infringement of the privacy and security of our citizens by bundling unwanted spyware and adware with your software.2Gee, why don't the state AGs go after the spyware directly? Most of the spyware is installed based on a clickwrap license. Perhaps state AGs could come out and say that these clickwrap licenses are bogus.
Footnote 2: It also has come to our attention that P2P file-sharing technology is being used as a means of transmitting computer viruses and worms because conventional virus protection programs, such as those marketed by Novell, do not scan files exchanged via such technology. If such is the case, then it would be incumbent upon your companies to warn your users of this risk.When are the state AGs going to force Microsoft to include prominent virus warnings? Can the AGs point to any P2P virus that comes close to the damage Windows viruses have caused?
We view with equal alarm reports that at least some P2P file-sharing services are adding encryption features to those services. The addition of such encryption features will make it more difficult, if not impossible, for law enforcement to police users of P2P technology in order to prosecute crimes such as child pornography. Encryption only reinforces the perception that P2P technology is being used primarily for illegal ends. Accordingly, we would ask you to refrain from making design changes to your software that prevent law enforcement in our States from investigating and enforcing the law.Translation: We like privacy, we don't like technology that protects privacy. Please.
Finally, we are concerned that the filters currently in use are inadequate as a means of protecting P2P users, and their children, from unwanted and offensive materials, such as child pornography. We believe that meaningful steps can and should be taken by the industry to develop more adequate filters capable of better protecting P2P parents and children from unwanted or offensive material. Not warning parents about the presence of, and then reasonably providing them with the ability to block or remove, obscene and illegal materials from their computers is a serious threat to the health and safety of children and families in our States.A threat to health! And safety! What meaningful steps can be taken? It would be nice if the state AGs mentioned one or two. Surely their combined brain power is up to coming up with one or two feasible ideas that don't have pernicious side effects.
We take seriously our responsibility to protect our citizens from misleading or deceptive practices, and to ensure that our citizens are given the information necessary to making an informed decision. And, we take seriously the need to investigate and prosecute violations of our laws wherever they may be taking place on the Internet, in the brick and mortar world, or on P2P networks.Well, I'm glad they take their responsibilities seriously and all, but complaining and not providing actual solutions doesn't seem very serious to me. It also doesn't seem very serious to me when they make claims that computers can distribute information when they are "off" and that P2P is an alternative to the internet. Nope, not serious at all.
We believe that it is in no ones interest for P2P technology to be used in order to promote unlawful or deceptive activities. Rather, we believe that concrete and meaningful steps can and should be taken to address the problems we have raised in this letter. It is only by taking such steps that P2P networks will be able to realize their innovative potential as a 21st century virtual collaboration and project management tool for regional or nationwide academic, business, home, and governmental activities.That internet. So dangerous, but so full of promise. If only it was centralized for better control of illegal activity. Only then could the internet reach its full innovative potential.
We look forward to working closely with you to proactively address these problems.Uh, yeah. Sounds great.
+ TrackBacks (0) | Category: File Sharing
- RELATED ENTRIES
- Kitchen Academy - Course II - Day 23
- Kitchen Academy - Course II - Day 22
- Kitchen Academy - Course II - Day 21
- Kitchen Academy - The Hollywood Cookbook and Guest Chef Michael Montilla - March 18th
- Kitchen Academy - Course II - Day 20
- Kitchen Academy - Course II - Day 19
- Kitchen Academy - Course II - Day 18
- Salsa Verde