Bill would require guard from threats due to file sharing
- By Gail Repsher Emery
- Sep 25, 2003
Federal agencies will have to protect their computers and information from the security risks of peer-to-peer file sharing programs, according to a new House bill.
The House Government Reform Committee passed the bill today.
Peer-to-peer file sharing programs are Internet applications that allow users to download and directly share electronic files from other users on the same network.
Millions of people trade music, images and documents over these networks at a time, according to Rep. Tom Davis, who introduced the bill Wednesday, along with co-sponsor Rep. Henry Waxman.
Davis, a Republican from Virginia, is chairman of the House Government Reform Committee. Waxman, a Democrat from California, is ranking member of the committee.
They introduced the Government Network Security Act of 2003 to close a loophole in the federal government's efforts to protect the security and privacy of its computers, Davis said.
"While most of the news coverage on file sharing focuses on the ability of users to illegally trade copyrighted music, movies, and videos, another less publicized dark side to this technology is the risk it poses to the security of computers and the privacy of electronic information," Davis said. "Few people recognize these risks. Using these programs is similar to giving a complete stranger access to your personal file cabinet."
According to the legislation, file-sharing programs can threaten security by:Exposing classified and sensitive information stored on computers or networks.Acting as an entry point for viruses and other malicious programs.Consuming network resources, which can slow network performance.Exposing information about host computers, which hackers can use to select targets.
Through a couple of simple searches on one file sharing program, committee staff easily obtained tax returns, medical records, confidential legal documents and business files, according to Davis' office.
The House and Senate have addressed the risks of file sharing through technical and non-technical means, including firewalls and employee training. The legislation would require executive branch agencies to take similar steps.
"File sharing technology is not inherently bad, and it may turn out to have a variety of beneficial applications," Davis said. "However, as our committee has learned, this technology can create serious risks for users. This bill takes a common sense approach to protect the computers and networks of the federal government and the valuable information they contain."