A new tech battle brews in D.C.

CNET News.com's Declan McCullagh has the skinny on the latest assault the U.S. Congress is planning against peer-to-peer computing.

Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
Declan McCullagh
5 min read
Because Sen. Ernest "Fritz" Hollings, D-S.C. is retiring, the entertainment industry has been forced to locate new champions in the U.S. Congress. It has found them in three key members of the U.S. House of Representatives: Lamar Smith, R-Texas; Howard Berman, D-Calif.; and John Conyers, D-Mich.

The like-minded trio has quietly drafted a bill arguably as intrusive as Hollings' plan. They seem to be trying to target peer-to-peer clients, but you wouldn't know it from their proposal.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

The fine print says huge categories of software--including Web browsers, instant messaging clients and e-mail utilities--that are offered for download must contain a warning that it "could create a security and privacy risk."

And the catch? If the companies or individuals who offer the software for download don't comply with the requirement, they will face criminal penalties such as fines or prison terms of up to six months. Even, that is, if the software is actually secure and poses no security risk.


Imagine what that means in practice. Any program that lets someone else send data to your computer--such as a remote Web site setting a cookie--or use your computer to search other computers' contents over the Internet would be covered.

Microsoft, AOL, Yahoo and anyone else that offers such software would have to put warnings up, or their executives would face prison time. The editors of the popular open-source sites SourceForge and CPAN would have to follow suit. So would Download.com, which News.com publisher CNET Networks owns.

This is not merely a theoretical concern. Because Smith is the chairman of the subcommittee that oversees copyright laws, he's in a unique position to shepherd this scheme into law, possibly even before Congress adjourns this year. A scheduled Oct. 2 vote was postponed, because the subcommittee ran out of time, but Smith's aides say he's aiming to try again this week or next.

Legislative high jinks
Some background: The same mandatory download warnings existed in another bill, H.R. 2752, which Conyers and Berman drafted and then introduced in July.

Now, apparently at the behest of the MPAA, Congress may criminalize the unrestricted distribution of broad categories of software.
Other sections of the July bill were especially prickly, such as the idea that music fans should serve jail time for downloading even one illegal MP3 file. It suffered an unlamented, ignominious demise--the expected fate, after all, because all its sponsors were Democrats.

In response, Berman and Conyers tried to preserve parts of their radioactive bill by injecting them into an otherwise uncontroversial, bipartisan proposal, H.R. 2517, which was previously intended to nudge the FBI toward more copyright prosecutions and to create an "Internet Use Education Program"--basically a propaganda office the U.S. Department of Justice would run that would warn everyone not to violate copyright laws.

True, these ideas are hardly the best use of taxpayer dollars, but they're not likely to cause a firestorm of public outcry, either. (Another section that made it in: a sure-to-please-Hollywood penalty that says videotaping movies in theaters would be against the law.)

With the support of Smith, an influential House Republican, Berman and Conyers are hoping to replace that generally innoucous bill with their "amendment in the nature of a substitute." Jeff Lungren, a spokesman for Smith, told me on Friday: "We're still working on this legislation to reach a consensus--and one that will receive solid support from both parties. We are not commenting on what, if any, changes might be made." He added that he hopes to "move the bill later this month."

Lungren wouldn't say who's supporting the download notification penalties or who's involved in the negotiations.

For its part, the Recording Industry Association of America claims that it's not pushing the three politicos in this direction, and I believe them. Mitch Glazier, the RIAA's senior vice president and lobbyist, says "notice is a good idea, and quite frankly, P2P services ought to be doing it voluntarily...So, we support the chairman, we like the concept--but agree that it is overly broad in its current form."

For its part, the Recording Industry Association of America claims that it's not pushing the three politicos in this direction, and I believe them.
The last remaining potential culprit is the Motion Picture Association of America and its member companies, which were behind the original Hollings bill last year and which other lobbyists tell me are behind this one, too. (Walt Disney lobbyist Preston Padden once told me that Hollings' Consumer Broadband and Digital Television Promotion Act represented "an exceedingly moderate and reasonable approach.")

An MPAA spokesman declined to comment.

Unfortunately, this has become Congress' usual pattern: A knee-jerk response that overreacts to a perceived technological problem. Instead of taking a thoughtful, careful approach, clue-impaired Congress critters do things like enact the Communications Decency Act and the Digital Millennium Copyright Act, which SunnComm Technologies used last week to threaten a Princeton University student. (Trivia: Did you know that on Sept. 11, 1997, a House committee voted to ban all encryption products without backdoors for the FBI?)

Now, apparently at the behest of the MPAA, Congress may criminalize the unrestricted distribution of broad categories of basic and popular software, regardless of whether the programs actually create security or privacy vulnerabilities.

Jonathan Potter, head of the Digital Media Association that represents companies such as AOL, Amazon.com, Apple Computer, RealNetworks and Yahoo, opposes the replacement bill.

"We have communicated to Chairman Smith and representatives Conyers and Berman, in writing and in person, our companies' strong concerns that the anti-P2P provision seems to penalize a much broader class of software applications than was intended," Potters said. "They have asked us to work together to bridge our differences, and we have agreed to try our best."

We'll see. Berman and Conyers are probably lost causes--after all, Berman is the fellow who introduced a bill last year that would give copyright holders the right to assail a peer-to-peer node they suspect may be distributing their intellectual property without permission. Conyers has already chosen which side he'll line up with on this issue.

On the other hand, perhaps there's still time for Smith to realize that he may not want to become known as the Fritz Hollings of 2003.