Tell Congress to Protect Our Personal InformationLearn More About Unauthorized Access to Data
When last we spoke to you, back in May, about HR 1319, it had recently been introduced and was just having a hearing. The bill's sponsors want you, the consumer, to be protected from software that can share the private and valuable files on your computer with others via the network. The original bill, in name only, focussed on P2P file sharing software, but the language of the bill actually did very little to limit its scope. Today, Public Knowledge has obtained the bill's new language and tomorrow the bill will be marked up in full Committee, likely with little complaint.
Except for ours.
The "manager's amendment" of the bill replaces the entire previous bill's language. Bills usually get this process at a subcommittee level, but this one didn't. It was introduced, had a hearing, and now we're at full committee markup without a subcommittee markup. It happens.
There are many changes to the bill, but fundamentally, the same problems persist:
Legislating Software Design: The bill is aimed at a specific technology and kind of application instead of simple non-tech-focussed consumer protection and disclosure principles. Instead it's aimed at legislating the design and workings of common software. It's the exact kind of thing that has all kinds of unintended and unforeseeable consequences.
Over / Under Inclusive Definition: No matter how narrow the definition of "covered file-sharing program" may seem, it's going to include more and less than is intended or desirable. Over inclusive: bill would include basic operating systems like Windows 7 and Mac OS X that enable file sharing; iTunes shares media files as well. Under inclusive: bill would not include applications that simply upload the entirety of a user's hard drive to the web.
"Initial Activation" Needs Clarification: The amendment, just like the previous bill, requires the software to notify the user at installation and "initial activation of a file sharing function." The problem remains that there are a number of interpretations of what this means, here are three: A. The first time an application is installed and launched; B. Every time the application is launched; or C. Every time the feature is enabled. Unless the language is made clear, developers not wanting to incur penalties will err on the side of notice, which means the most notifications.
Applies to Software Already Written: Software that has already been written and is still being distributed, but not maintained by a developer or manufacturer may fall prey to the provisions of this bill. Unless otherwise exempted, this would require developers to update their older software at great cost, unless they wanted incur penalty of law.
Interferes with User and Administrator Choice: This bill would require a fundamental change in how much software operates. Users, especially system administrators, make informed choices about the applications that will meet their needs -- especially those that "just run" without user interaction. In many cases, how an application installs, launches, and operates behind the scenes is part of their decision, and this bill would interfere with how they run their systems.
At the moment, there doesn't seem to be a lot of angst over this language. We haven't heard that developers or software manufacturers are putting up much, if any fight over this language, even though many operating systems offer filesharing, some even turned on by default. I'm really not sure how those commercial developers of scripts and behind the scenes daemons are going to manage with this new regulation. Oddly enough, it may be that the P2P app devs are the most equipped to not running afoul of this bill, as an industry leader testified that they probably already comply.
You can tune into the markup in the House Energy and Commerce Committee and we'll probably have some tweet updates, so stay tuned.