FTC p2p workshop
p2pnet.net News Feature:- Information quality improvement specialist Seth Johnson and statistical consultant Jay Sulzberger both have a keen interest in p2p file sharing – the technology and the issues.
That’s why they’re both also committed to New Yorkers for Fair Use.
The Federal Trade Commission has a workshop slugged Peer-to-Peer File-Sharing Technology: Consumer Protection and Competition Issues slated for December 15 and 16.
Free and open to anyone who wants to go, it’s the latest in a series of efforts to, "assess the impact of new and significant technologies on consumers and businesses,” the FTC says on the web site, going on:
“P2P file-sharing technology enables individuals to share files, including music, video, or software. Because the files do not reside in a central location – they are stored on the hard drives of users – P2P file-sharing technology allows for faster file transfer and conservation of bandwidth.”
Johnson and Sulzberger both want to be panelists.
Why?
Read their letters >>>>>>>>>>>>>>>>>>>>>>>>
Federal Trade Commission’s Peer to Peer Filesharing Workshop
FTC File No. P03 4577
By Seth Johnson
Distributed Search Applications Not Correctly Defined
A matter of some concern regarding the FTC’s workshop on "P2P filesharing technology" arises from its usage of the term "P2P" or "peer to peer." Observing that Napster’s centralized data servers were a legal target, some Internet users declared that the use of a central server was unnecessary, because the decentralized architecture of the Internet was inherently not subject to the legal theory behind the charges levied against Napster. As a result, downloadable applications like KaZaA, Grokster and Gnutella took on the label "P2P" to distinguish them from Napster, when in fact the ability for any computer to directly communicate with any other is built into the Internet infrastructure. In addition, the facts that these applications allowed users to open up access to their directories, and that they presented lists of files which users could select to initiate transfers, have often obscured the fact that the applications themselves do not transfer the files, and that the ability to give other users access to local directories is a feature built into ordinary operating systems.
This is why "P2P filesharing" is not an appropriate name to describe these applications. These applications simply provide the same function that Napster provided with a centralized server: the ability to find files on the Internet. They are decentralized search engines. They do not perform the file transfers and they do not themselves make peer to peer possible. They allow users to implement a search engine that is distributed across many machines, and the Internet itself does the rest.
The description of "P2P filesharing applications" presented in this workshop’s call for participation offers nothing to distinguish KaZaA, Grokster or Gnutella from the basic functions of the Internet and ordinary, generally used operating systems. It also makes no mention of the core functionality that these applications actually do provide: search and discovery of the locations of files. Sharing files among a group of users is a basic network capability that operating systems and networks already provide.
Address Nature of P2P; Include Designers and Developers
Among the goals presented by the FTC for this workshop are learning about P2P, including how it works, and discussing self-regulatory, regulatory, and technological responses to a set of risks which the workshop associates with these consumer-friendly decentralized search engines. I suggest that the testimony of those who designed the Internet and those who exercise its basic functions as a matter of their daily productive lives, will provide a stronger framework for understanding the real nature of these risks. One name that should be recommended is David Reed, one of the original architects of the underlying infrastructure of the Internet. He is well-prepared to comment on the relationship between the architecture of the Internet and the capacities for innovation for which it provides. Another name that might be considered is Bram Cohen, the author of BitTorrent.
A cursory survey of Sourceforge.net will show a great variety of projects whose authors can testify to their dependence on the peer to peer architecture of the Internet, and to the fact that accessing and distributing of files among peers is an unalterable component of their work. The participation of voices representing development projects such as these is a critical consideration for this workshop.
Conceptual Framework will Produce Limited Understanding
Discussion of consumers’ private interests should not be confused with copyright issues. Even greater risks ensue when discussions of filters, privacy, security, adware, viruses, exposure to undesirable material and impairments of computer function are mixed with copyright issues. The result of addressing copyright concerns in the manner of protecting private consumer interests can only be that both copyright and innovation will suffer. Technological developments that affect the capacity of individuals to publish, use, and develop new uses for information will often signal new issues for copyright policy, issues which touch on areas that are necessarily out of the scope of the FTC’s mandate for rulemaking or promulgating norms.
In particular, among the risks mentioned in the workshop’s call for participation is that of exposure of end users to liability to charges of copyright infringement. Addressing this risk within the conceptual framework that the call for participation appears to exhibit, and in terms of the kinds of responses that it cites for consideration, can reasonably be expected to lead to a very limited understanding and an encouragement of prescriptive responses that are not well-advised.
More fundamentally, addressing copyright issues within this conceptual framework will result in owners of computers and makers of applications losing their capacity to develop and make use of their computers and the communications infrastructure.
Modify the Structure of the Workshop
It may be that the structure that the workshop will eventually take is to some extent exhibited in the questions presented in the call for participation and the way it contemplates certain risks with regard to consumers’ use and understanding of the features of decentralized search applications. Inasmuch as this is true, it would be advisable to adjust the structure of the workshop to more precisely reflect the nature of the subject matter. The scope of the questions should also be expanded and adapted to admit a proper examination of the relationship of the risks to the nature of the technology and the interests of flexibility and innovation; and I would urge the FTC to adapt the conceptual framework and format of the workshop to reflect this purpose more greatly.
Describe Internet Architecture and Include Developers
Opportunity should be provided to describe the architecture of the Internet and how it fosters innovation, and to more precisely define the nature of the applications that are the focus of the workshop. The set of questions on uses of "P2P filesharing" technology should be expanded to admit testimony of those who develop Internet applications.
Address Technology and Copyright Separately and Extensively
The questions listed in the set addressing the impact of "P2P filesharing" on copyright holders would in fact warrant an extensive process of public inquiry in themselves. Many of these questions address areas that do not pertain specifically or solely to the consideration of the impact of peer to peer technology on copyright holders. The FTC would be well advised to report on the areas alluded to by these questions separately and extensively.
Describe Nature of Risks Correctly; Decouple from Narrow Focus on Decentralized Search Applications
The sets of questions addressing identification and disclosure of risks to consumers should be adapted so that the nature and source of the risks are not misconstrued, and so that a more encompassing understanding of the sources of the risks and of prospective solutions can be developed. The questions as a whole exhibit a narrow focus on a set of applications whose characteristics are not properly recognized and understood. The set of questions addressing technological solutions should be decoupled from a narrow focus on specific applications that provide decentralized search capabilities, and should be expanded to admit a broader analysis.
General Note
The solutions currently identified in the call for participation do not appear to provide for a well-designed response to the full scope of risks and implications elicited by this workshop’s areas of consideration. One major source of these risks that some will mention is the undue influence on the market and on copyright policymaking of interests such as market dominant software manufacturers, publishers and the recording and motion picture industries. Monopoly interests in the operating system arena in particular interfere severely with consumers’ access to, understanding of and choices with respect to software that can provide far more robust protections than they generally make use of presently.
Thank you,
Seth Johnson
Committee for Independent Technology
Seth Johnson is an Information Quality Improvement consultant in New York City. He was first exposed to computing in the early 1980’s, on a Radio Shack Color Computer. He lends most of his energy to New Yorkers for Fair Use, pursuing numerous causes in the field of information freedom.
>>>>>>>>>>>>>>>>>>>>>>>>
Jay Sulzberger
My name is Jay Sulzberger. I ask that I be on one of the panels dealing with mitigation of risks, risks said by some to be particular to "P2P networks".
I indicate below some of the positions I will argue for if I get on a panel.
There are two meanings to the words "peer-to-peer (P2P) file-sharing network". The first, original, and primary meaning is the Net we have today, as envisioned by Licklider at ARPA in the early Sixties of the Twentieth Century. A new, secondary, and misleading meaning is the small number of widely used systems for swift indexing, presentation of the catalog, and distribution of, mainly, popular songs. Some of the songs are under standard mass market restrictive copyright rules, others lie in the public domain, and some are licensed under less restrictive copyright rules. The details of the flow of bits, packets, data, and meta-data are less important than the breathless and seemingly endless articles on the "P2P phenomenon" assume/imply/declaim; there are many private and public and part-private part-public networks, with various patterns of bit-flows, built on the Net, e.g., Akamai, CPAN, DNS, DoubleClick, mailing lists, various
VPNs, the recent un-designed net and sub-nets of blogs, and more. We who have used the net for decades know that the net is a peer to peer network. My computer can transmit and receive information, that is, files, to and from your computer, without dealing with any third party, at the levels of law or money or custom. This is the original meaning of "peer to peer". That some people, for love or money, have built and published software, riding atop the Great Peer to Peer Net, which makes the collection and distribution of the Bootylicious works of Destiny’s Child, and other music, particularly easy, is not surprising, and it is not new. Usenet meets the most stringent criteria which define the small set of applications now called peer to peer, and Usenet was, if memory serves, up and running by 1980.
I shall not address your questions individually, but rather I will attempt a general answer to the question, "How come so many home machines are so badly infested by parasite programs?"
This question is the right question to ask, because in this form it allows of better answers, which suggest better remedies.
Asking whether P2P applications [new terminology] are a better substrate for worms, viruses, key-loggers, etc. than http daemons and browsers as commonly used five years ago, frames the question too narrowly, and imposes a statistically incorrect and legally labile distinction. The right partition lies at the level of the OS, and at the level of law and custom and culture. Today if you run a source secret OS, such as any of the recent Microsoft OSes, you have almost no practical control over what is running on your hardware, and legally and economically, no recourse, so long as you run the incompetent OS. By an odd interpretation of copyright law, you are not legally permitted to seek effective repairs of your OS. Thus there is no market in effective repairs of Microsoft’s defective product. Certainly many companies sell partial and inadequate remedies in the forms of "anti-virus", "firewall", "ad-blocker", etc. software. These companies enjoy the advantage that their products never succeed at their tasks; you will always need to update the after-the-mass-infestations lists of virus fingerprints, and every add-on firewall is soon defeated by the traditional cooperation of worm writers and
Microsoft’s reliable team of devil may care designers and coders. Yet for computer sophisticates there is an effective remedy. On low cost IBM personal computer style hardware, you may today run a free operating system, such as GNU/Linux, or one of the free BSDs. In practice, among those who run such free operating systems, the rate of infestation is significantly lower, certainly a factor of one hundred times lower, than among those who run Microsoft OSes. In addition we spend much less time fiddling trying to harden our systems. Many distributions, such as Knoppix, a variant of Debian GNU/Linux, are decently defended out of the box. There are two reasons our systems are better than Microsoft’s source secret systems:
- The design of Microsoft’s OSes is less good than the design of today’s free Unices. Our execution is better too.
- We know we can own our own computers. We know we can get practical control of our systems. We know that if a problem arises we can, with complete probity, and without legal trammels,
a. attempt a fix on our own lonesome
b. ask friends in private to help
c. ask for help in public at meetings and on mailing lists and web sites of individuals and tribes of the Free Software Nation
d. buy a solution already developed
e. pay for development of a solution
The design incompetence of 1 could be corrected by Microsoft, but has not been for years. But no vendor of a source secret OS can offer the home user full use of the powers enumerated in 2. These freely exercisable powers, of course, are just the beginning of the benefits that a larger and more free market in OSes provides. We know the productive power of free software: we have more than one OS stack, and we are steadily improving what we have produced over the past twenty years, and we are now starting to build completely new systems, which will offer yet further increments of ease and power and delight.
The root cause of the plagues of parasites suffered by millions of home users today is that most buyers of home computers do not know that they have a choice of operating systems. The distinction between "P2P" and "server client" is evanescent and unclear (what level of transport of data and meta-data are we talking about, on what time scale), while the distinction between an OS stack which is transparent to many thousands of eyes, and an OS stack which is legally a black box, is the relevant distinction here. If the OS is transparent, as the GNU/Linux, and the FreeBSD, NetBSD, and OpenBSD systems are, then there is some hope of effective remedies using regulatory, statute, and common law, and a more free market, and tribal cooperation. If the OS is source secret, it is, by design, not transparent, and there is no affordable legal means of forcing the vendor to give practical powers of control to the home user, and certainly, there can be no legal market in repaired, or improved, versions of the OS, nor can voluntary non-profit associations openly cooperate to improve the position of the home user.
The grave danger of an attempt at special regulation of "P2P networks" is that such regulation result in a system of government management of every part of the net, from the lowest level protocols to the highest levels of user-machine interfaces. Because of the lack of a stable principled distinction between "P2P" and the Net itself, it is likely, if "P2P regulations" be imposed, that the threat of litigation and/or police intrusion would attend the publication of even the smallest shell script that calls any net service, such as http transport, ftp, rsync, ssh, net sockets, etc.. If I get on a panel at the FTC’s December 2004 meeting on P2P. I will argue against any regulation targeted at P2P, but I will argue for enforcement of the ordinary rules about fraud, conversion of resources, wiretapping without warrant. I will further argue that the FTC should take action to cause Microsoft and hardware vendors to honor the Refund Clause of the Microsoft EULA. Bill Gates and I agree that such action would quickly result in many people running more competent free OSes. Such action toward enforcement of the EULA lies squarely within the ambit of the FTC, and would not infringe in any way on my freedom to publish shell scripts, cooperate in improving free OSes, etc..
In short, if I am empanelled, I will make my arguments mainly from the "Owners and Makers" position. I will seek to show that minimally burdensome enforcement of common rules of contract, consumer protection, and anti-trust, will accomplish much to reduce all the risks asked about in the FTC’s call for response. I will also argue that any direct regulation of P2P as such would establish a principle fatal to our present freedom of the net. I will even argue against any regulations arrived at by agreement between lobbying groups for "P2P" and the government, on the further particular ground that such regulation would erect barriers to entry into the field of Internet Applications to the unfair benefit of present companies, and the detriment of nascent for profit and non-profit systems which make use of the net.
The FTC can do some things to help most home users understand that they can gain legal and practical control over the computers in their houses. But the FTC in its actions must strike at the right level, else the remedy will be worse than the disease.
There is an ogg file, and a transcript, of my testimony before the most recent Library of Congress’s Committee on Exemptions to the Anti-Circumvention Clause of the DMCA at
http://www.nyfairuse.org/audio/cro.dmca/track4.ogg
http://www.nyfairuse.org/cro.dmca
Many of my positions may be triangulated from
http://www.panix.com/~jays/what.is.drm.3
http://www.panix.com/~jays/tunney.letter.revised.0
I am a working member of New Yorkers for Fair Use:
For other panel members I suggest:
- Steve Bellovin, security expert and early author of Usenet software
- Bram Cohen, head of the BitTorrent project
- Brett Wynkoop, friend, email expert, master Unix sysadmin
- Seth Johnson, friend, philosopher of information freedom and political organizer
- Michael Smith, friend, head of LXNY, New York’s Free Software Organization. [Disclosure: I am the Corresponding Secretary of LXNY.]
Thank you for reading this!
I remain, as ever, your obedient servant, viewer with alarm, and citizen of the United States of America,
Jay Sulzberger
Jay Sulzberger is an independent statistical consultant, most recently for the City of New York Human Resources Administration.
===================
Peer-to-Peer File-Sharing Technology: Consumer Protection and Competition Issues
December 15 & 16, 2004 – 9:00 am.
FTC Conference Center
601 New Jersey Avenue, NW
Washington, DC 20001
