Legislation to Bar Fed Workers from Downloading P2P Software Introduced in House

A highly classified house ethics committee report outlining inquiries involving dozens of members of Congress was recently leaked over the Internet after a junior committee staff member saved it on the hard drive of his home computer, on which he happened to have peer-to-peer (P2P) file sharing software installed.  There is no evidence the staffer intended the report, which detailed investigations that included financial dealings, travel and campaign donations, to be shared with other P2P software users around the world.  But in an official attempt to combat such leaks, US Rep. Edolphus Towns (D-N.Y.), an avid critic of self-regulation of P2P software use, recently introduced a new bill titled The Secure Federal File Sharing Act.  If adopted, the new Act would bar government employees and contractors from downloading, installing or even using P2P file sharing software, such as LimeWire, without official approval.  In response to the most recent leak, the bill would also require the White House to develop rules for employees working on home or personal computers.  In order to use file sharing networks, an agency head or CIO would have to make a special request to use the P2P software.  Furthermore, agencies would be obliged to establish P2P use policies, require that employees and contractors comply with them, and then create security mechanisms to detect and remove prohibited software.  In 2004, the White House Office of Management and Budget advised federal agencies simply not to use any P2P software.  As evidenced by the most recent embarrassment, this "advice" was not sufficient and now hopes that putting the prohibition into federal law will grant it much greater weight.  Critics of P2P software complain that personal data including social security numbers, medical records and tax returns are being shared because users are unaware of how the software operates, primarily because inadvertent filing sharing occurs (for example, when a user wants to share music or video files from a specific location or folder on his/her PC, a variety of other personal data and files, in all different formats, may also be shared).  Security industry experts appearing at Congressional hearings earlier this year testified that file sharing software has resulted in the release of personally identifiable information associated with members of the U.S. Military, including social security number of master sergeants, medical records and even surveillance photos.  In addition, information accidentally released from a Fortune 100 company included thousands of e-mails, contact addresses, phone numbers and passcodes.  Rep. Towns' goal is to "put a referee on the field" in terms of regulating use of such software in response to what he deems as the file-sharing industry's unwillingness and/or inability to ensure user safety.  It appears he will also dedicate resources to encourage the government to launch a national consumer education campaign about the dangers associated with the use file-sharing software.  Rep. Towns also proposed that the Federal Communications Commission and Federal Trade Commission look to aid in preventing this growing problem.  Right now, however, it is unclear what kind of influence is statutorily granted to the FCC, if any at all.  Regardless, it will also be very interesting to see if or when the specter of enacting this new bill into law will affect future P2P file sharing program use in the commercial sector, or lead to additional policy and regulatory initiatives in the area