Lawmakers seek more info on P2P security threats

Lawmakers from the House Oversight and Government Reform Committee have asked the Federal Trade Commission to respond to a series of questions about the security threat that computer-to-computer file-sharing programs present to consumers. A bipartisan group of 19 members of the panel, led by Chairman Rep. Henry Waxman (D-Calif.) and ranking Republican Tom Davis (R-Va.), has sent a letter asking the agency to define the security risks that peer-to-peer networks pose and how they compare to those posed by other online activities. The inquiry follows up on a July hearing held by the committee which followed a committee investigation on the topic. The hearing and the investigation suggested that the threat from P2P networks was greater than originally thought, the letter stated. “In a series of searches using common search terms through a popular P2P program, Committee staff obtained numerous documents that by any reasonable measure would be considered highly sensitive or confidential,” it stated. “Included in these documents were personal bank records and tax forms, attorney-client memos, corporate strategy documents, corporate accounting documents, government emergency response plans, and even military operation orders.” The request also mentioned specifically the FTC’s May 2005 findings, which noted that P2P “file-sharing program distributors appear to have made substantial progress in conveying risk information to consumers" and that the FTC would "hold distributors to their promises to provide consumers with risk information." The committee’s investigation and hearing were prompted by a report from the U.S. Patent and Trademark Office that said several distributors of popular P2P networks had "repeatedly deployed features" that trick users into sharing some of their files. Besides assessing how risk from P2P compares to other online activities, the group of lawmakers asked the agency by Nov. 1 to notify them of any additional ongoing studies of P2Ps, information regarding the code of conduct the file-sharing companies have agreed to and how they relate to identity theft worries. “We are aware of the Commission's past work on P2P file-sharing and commend the agency for its efforts to educate the public about the risks posed by file-sharing,” the letter stated. “In light of the Committee's recent investigation and hearing, however, we believe the FTC should expand its efforts to protect consumers from inadvertent P2P file sharing.”