“Secure Federal File Sharing Act” would bar government employees and contractors from downloading, installing, or using file-sharing software without official approval.
Finally somebody in Congress has realized that there is a real problem when govt employees install P2P software on the same PC that contains sensitive information.
U.S. Representative Edolphus “Ed” Towns (D-NY), Chairman of the House Oversight and Government Reform Committee, has introduced the “Secure Federal File Sharing Act.” The bill will restrict the use P2P software by federal employees and contractors, requiring official approval before its use.
It was a number of high profile data breaches that led to the bill’s introduction.
Last year it was the financial information belonging to Supreme Court Justice Stephen Breyer along with the names, dates of birth, and Social Security numbers of 2,000 others.
Back in March it was the entire blueprints, engineering upgrades, and avionic schematics’ of President Obama’s helicopter, “Marine One”;
More recently, it was the highly confidential “Committee on Standards Weekly Summary Report” that detailed ongoing ethics panel investigations of some 33 lawmakers and several staff members.
“We can no longer ignore the threat to sensitive government information that insecure peer-to-peer networks pose,” said Chairman Towns. “Voluntary self-regulations have failed so now is the time for Congress to act.”
House rules already require that “employees must protect the confidentiality of sensitive information from disclosure to unauthorized individuals or groups,” but many apparently don’t realize this can happen when using improperly configured Direct Connect P2P programs.
It occurs as the House is still considering the Informed P2P User Act (HR 1319) that would “prevent the inadvertent disclosure of information on a computer through the use of certain `peer-to-peer’ file sharing software without first providing notice and obtaining consent from the owner or authorized user of the computer.”
That bill requires file-sharing programs to provide “clear and conspicuous notice of which files are to be made available to another computer.” It would also make it illegal to prevent the authorized user of a computer to block the installation of a P2P file-sharing program, disable or remove the program.
“The time has come to put the proper file sharing restrictions in place. I believe my legislation will help prevent these types of inadvertent security breaches from occurring in the future, and I look forward to working with my colleagues to pass this essential legislation,” added Chairman Towns.
I can only say that it’s about darn time.
The problem has never been P2P, it’s been a clear case of operator error.
Stay tuned.
jared@zeropaid.com
Related
- House Committee Approves P2P Security Bill
- House Committee Takes Up P2P Protection Bill
- House Passes “Informed P2P User Act”
- Congressman Proposes Banning P2P from Govt PCs
- US House Passes Bill Targeting Net Song Swappers
