Senate considers bill to limit peer-to-peer security risks
- By Wilson P. Dizard III
- Dec 17, 2003
A bill requiring federal agencies to curb the security risks caused by peer-to-peer file sharing is scheduled to go to the floor of the Senate next year.
HR 3159, the Government Network Security Act of 2003, would require agencies to develop and implement plans for protecting federal systems from the security and privacy risks posed by peer-to-peer file sharing. It also would require the General Accounting Office to assess the plans' effectiveness.
The House passed HR 3159 on Oct. 8. The Senate Governmental Affairs Committee approved the legislation without amendment Nov. 10, clearing the way for floor consideration of the bill. Because the Senate and House versions of the bill are identical, there would be no need for a conference committee to resolve differences.
Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee, introduced the bill along with Rep. Henry Waxman (D-Calif.), the committee's ranking member. Davis' committee held hearings in May on the risks of peer-to-peer file sharing, focusing on computer security for the general public and child pornography issues.
The bill has 28 House co-sponsors. The Senate Governmental Affairs Committee passed the legislation in a business meeting without hearing evidence from witnesses.
HR 3159 would give federal agencies six months to develop and implement their plans for controlling file-sharing risks. It allows agencies the flexibility to use technology, such as firewalls, or other means, such as employee training, to control the risks.
Tens of millions of computer users have downloaded peer-to-peer file sharing programs such as Kazaa, usually to exchange music files. But the programs can allow outsiders to insert malicious spyware, adware and viruses, and to download personal information from users' systems. During the hearings and consideration of the bill, lawmakers expressed concern that peer-to-peer file sharing could jeopardize national security data or files containing citizens' personal data.
The House committee said in a fact sheet on the bill that it had found peer-to-peer file sharing at federal agencies that use classified data, such as an Energy Department laboratory, a NASA research facility and Labor Department headquarters.