Distributed Computing Industry Association
Distributed Computing Industry Association

DCIA Testifies at Congressional Hearing

CEO Addresses Problems with H.R. 1319 and Outlines Actions to Avoid Inadvertent File Sharing

DCIA Testifies at Congressional Hearing
Washington, DC, May 05, 2009 --(PR.com)-- The Distributed Computing Industry Association (www.DCIA.info), a trade organization with one-hundred twenty-five Member companies, including peer-to-peer, cloud computing, and social networking software developers and distributors (P2Ps), Internet service providers (ISPs), content rights holders (CRHs), and service-and-support companies, represented the emerging distributed computing industry at a U.S. House of Representatives legislative hearing today on H.R. 1319, the "The Informed P2P User Act," and took issue with the legislation introduced by Congresswoman Mary Bono Mack (R-CA), Congressman John Barrow (D-GA), and Congressman Joe Barton (R-TX).

The session, convened by the Committee on Energy and Commerce Subcommittee on Commerce, Trade, and Consumer Protection focused on issues related to H.R. 2221 "The Data Accountability and Trust Act" and H.R. 1319. Speaking on behalf of the DCIA was its CEO Marty Lafferty. Following is the text of his verbal testimony.

"Chairman Rush, thank you for holding this important hearing. I'm Marty Lafferty, CEO of the Distributed Computing Industry Association.

"Both of the bills under consideration have far-reaching consequences. Our area of expertise relates primarily to H.R. 1319.

"The DCIA is a non-profit trade group focused on P2P and related technologies.

"Our mission is to foster commercial development of these technologies so that their benefits can be realized by all participants in the distribution chain – including content rights holders and Internet service providers.

"We currently have 125 Member companies, including P2P, cloud computing, file-sharing, and social-networking-software distributors; broadband operators; content providers; and service-and-support companies.

"P2P has evolved greatly in the eight years since Napster first brought the term "P2P File Sharing" to prominence.

"Fully licensed ad-supported P2P, subscription P2P, paid download P2P, commercial enterprise P2P, P2PTV, hybrid P2P, and live P2P streaming now deserve to be separated from the narrow sub-set of functionality associated with "file sharing."

DCIA Member companies increasingly use P2P for the delivery of authorized entertainment and corporate communications content where rights-holders, rather than end-users, introduce files or live streams for online delivery.

We strongly urge the Committee to apply the term "File Sharing" – without the P2P prefix – as a more accurate descriptor for the focus of H.R. 1319.

The Committee on Oversight and Government Reform held a hearing on this topic in July 2007, at which one of our Member companies testified.

Within weeks of that hearing, the DCIA established the Inadvertent Sharing Protection Working Group.

Over several months, we recruited participants among leading P2P and other tech-sector companies, and engaged with FTC staff, to address issues associated with unintended publishing of confidential data by file sharers.

This effort began by providing demonstrations for FTC staff of how current file-sharing programs work in terms of users uploading material for distribution.

It continued through an iterative process involving private sector and regulatory participants to develop a program of voluntary best practices – for file-sharing-software developers – to protect users against inadvertently sharing personal or sensitive data.

This program was announced in July 2008.

Its summary, included in our written testimony, begins by defining terms relevant to 1319, such as “recursive sharing,” “sensitive file types,” and “user-originated files.”

It then outlines seven steps that are required to be in compliance: 1) default settings, 2) file-sharing controls, 3) shared-folder configurations, 4) user-error protections, 5) sensitive-file-type restrictions, 6) file-sharing status communications, and 7) developer principles.

The principles address feature disablement, uninstallation, new-version upgrades, and file-sharing settings.

In August 2008, the DCIA announced that compliance monitoring would begin in December to allow developers time to integrate required elements of the ISPG program into their planned upgrades and new releases.

Compliance monitoring resulted in reports from top brands that use P2P for downloading, live streaming, open-environment sharing, and corporate intranet deployments, and for both user-generated and professionally produced content.

Specifically, seven leading representative P2P program distributors submitted detailed reports to FTC staff in February 2009. In March, the DCIA prepared and submitted a summary.

We also noted that software implementations of the popular BitTorrent protocol typically require users to conduct a deliberate conversion process from whatever native file-format their content is in to a torrent file before it can be published, thus minimizing this risk of user-error.

The entire report plus data tables of individual company submissions are in our written testimony, but here are highlights:

All respondents now have clearly-disclosed install default-settings that only permit sharing files downloaded from the network. They do not share user-originated files by default…

…100% provide complete uninstallation of their file-sharing software that is simple to do and explained in plain language – for example, by using the standard “Add/Remove Program” in Windows…

…And 6 of out of 7 – all where this item is applicable – now offer a simple way to stop sharing any folder, subfolder, or file, by using easily accessed controls.

In April 2009, Committee staff invited the DCIA to participate in redrafting H.R. 1319. We formed a DCIA Member sub-group to conduct this work. This process is now underway and we would be glad to coordinate this effort with staff.

Among our greatest concerns is that the bill as drafted would have unintended consequences.

The present draft goes way beyond the specific concerns discussed here and would apply to additional functionality and technologies that have nothing to do with "recursive sharing of sensitive file types."

Applying these requirements to numerous products, services, and companies would be burdensome and counter-productive.

To the extent that legitimate consumer concerns persist in the area that the bill intends to address, we strongly believe they can best be handled by ongoing self-regulation – under the oversight of the appropriate federal authority – as we initiated with the ISPG.

As we voiced to staff when we were first asked our reaction to the bill, we remain opposed to the passage of this legislation, both on principle and now also because of difficulties encountered in attempting a redraft.

This bill, no matter how revised, would unnecessarily burden US-based technology firms with innovation-freezing constraints, while being unenforceable against overseas competitors whose software is available to US consumers.

Of great concern also is how it might stifle yet undeveloped new and potentially very useful and valuable software applications.

On the other hand, the DCIA has committed to industry self-regulation through the ISPG to address the subject matter of this bill and is making substantial progress.

Rather than a problematic new legal measure, we believe that formalized requirements – for compliance with that process – will be more effective in achieving the stated purpose of the bill.

The DCIA will charge the ISPG with responding to additional concerns that may be raised in this hearing, and as may be further delineated by staff following up on it.

We look forward to working with the Committee on these issues in a productive manner that will benefit all of your constituencies."

About the DCIA

The Distributed Computing Industry Association (DCIA) is a non-profit trade organization focused on commercial development of peer-to-peer (P2P), cloud computing, file-sharing, and related distributed computing technologies.

DCIA Membership is organized into three Groups: Content, Operations, and Platform. The DCIA conducts working groups and special projects, such as the P3P Working Group, (P3PWG), P4P Working Group (P4PWG), Inadvertent Sharing Protection Working Group (ISPG), P2P Digital Watermark Working Group (PDWG), Consumer Disclosures Working Group (CDWG), P2P PATROL, and the P2P Revenue Engine (P2PRE). It also publishes the weekly online newsletter DCINFO.

###
Contact
Distributed Computing Industry Association
Kelly Larabee
410-476-7965
www.dcia.info
ContactContact
Categories