There is more to P2P software than its detractors would have you believe.
By Erik J. Heels
First published 11/1/2004; Law Practice magazine, “nothing.but.net” column; publisher: American Bar Association
When I was in high school, I sold my first car, a 1972 Dodge Dart, so that I could purchase my grandmother’s old car, a pristine 1969 Oldsmobile F85. The Dodge had a reliable slant six engine, but its body was rusting out. Once, when the Dodge stopped running, my brother Mark, who can fix just about anything, diagnosed the problem. The ignition module’s screws had literally rusted off, leaving it ungrounded and nonfunctional. Mark then proceeded to fix the problem, with a hammer and a screwdriver, by making two new holes in the engine compartment and re-attaching the ignition module. (There are not many car problems that can be fixed with a hammer and a screwdriver.) So when I bet Mark that I would advertise the Dodge for sale and sell it to one of the first three callers, he, knowing the car’s issues, was skeptical. The advertisement I placed in the paper had a headline something like this: “FREE LOBSTER DINNER with the purchase of a 1972 Dodge Dart.” Much to Mark’s surprise, I sold the car on the third call. I included a gift certificate to a local lobster restaurant in the package. Thus I learned an early lesson about packaging.
The entertainment industry has done a good job of packaging (in press releases and in lawsuits) peer-to-peer (P2P) software applications as tools of criminals. But there is more to P2P software than its detractors would have you believe. P2P applications allow users on separate networks and computers to communicate with each other directly without the need for a central server. So any application that requires two people (or organizations) to share information can be implemented in a P2P model. This includes email, instant messaging, phone calls, and file transfer, just to name a few. See O’Reilly’s openp2p.com site for more examples (http://www.openp2p.com/pub/q/p2p_category).
In 1994, I wrote about the wrongful prosecution of David LaMacchia for wire fraud (in what would probably be a DMCA case today). The LaMacchia case was an example of the prosecution using an old law (wire fraud) to prosecute an act (setting up a bulletin board where users uploaded/downloaded copyrighted software) that was not covered by current laws (i.e. not illegal). In the last ten years, the “solution” pursued by prosecutors and music industry lobbyists has been to draft overly broad new laws that cover not only the bad actors but also all legitimate users. As a result, the DMCA is law today. And if P2P detractors get their way, the ridiculously broad “Induce Act” (S. 2560, 108th Cong., 2d Sess., 2004), may be enacted, making P2P software illegal.
I believe that users and lawmakers need to be educated about the legitimate uses of technologies such as P2P software. Stretching old laws past their limits is not the answer; drafting overly broad new laws is not the answer; the answer is somewhere in between. If certain bad acts need to be prohibited, then Congress should enact narrowly tailored laws to address the specific bad acts. And while there can be considerable debate about whether or not the targeted “bad acts” are, in fact, bad, and whether or not it is good public policy to enact a particular law or not, there can be no denying the many legitimate uses of P2P technology.
In the 1980s, the youth of America cried “I want my MTV” in order to get the new all-music cable television station added to basic cable packages across the country. Today, their rallying cry is “I want my P2P.” And while I no longer qualify as one of America’s youth, here’s why I want my P2P.
1. I want to be able to organize the movies and songs I’ve purchased and access them from my computer, stereo, television, or PDA at home, in my car, or at work. I have hundreds of movies and songs in my home, stored on vinyl LPs, cassette tapes, VHS tapes, CD-audio disks, DVD-video disks, and other media. I have converted only a small portion of these to digital formats, and I would gladly pay money for a product or service that enabled me to complete this task. P2P software could help me synchronize the songs I listen to at home, in my car, and at work.
2. I want to be able to purchase and listen to music that I like on whatever device I choose. I am frustrated by broadcast radio stations that don’t tell you the name and artist of each song that they play. I would like to be able to find the top 40 songs from any genre and any time period and purchase them as MP3s. If I could purchase MP3s of all of the albums rated five stars by Rolling Stone magazine (http://www.rollingstone.com/reviews/album?pageid=rs.Reviews), I would do so. Apple’s iTunes demonstrates that people are willing to pay $0.99 for digital versions of songs, but songs purchased from iTunes are in a proprietary format (AAC) and come with limited rights (e.g. one can burn a certain playlist only seven times) (https://www.giantpeople.com/435.html). Silly. I will never purchase a song from iTunes (or MSN, Real, or any other company peddling DRM-encumbered files) because I am not getting the full digital music file. I am getting something less. This would bother me less if artists were producing albums where every song was great, but the last great album in my collection is Fleetwood Mac’s Rumours (1977). Most albums today have one or two songs out of ten that are worth purchasing. I would purchase an entire album of great songs and rip it to MP3s if I could, I would purchase individual MP3s if I could, I would purchase a top-40-style compilation of MP3s if I could. But I can’t. This frustration is, I believe, what leads many people to use P2P software for its most well-known purpose: sharing MP3 files.
3. I want to be able to use the best software for my communication needs. This may involve using P2P software for making phone calls, which is possible today with Skype (http://www.skype.com/). This may involve using P2P software for backing up key data, as envisioned by PBS’s Robert X. Cringely (http://www.pbs.org/cringely/pulpit/pulpit20040909.html). And I want to be able to do this without being labeled a criminal by Congress or a pirate by the music industry.
4. I want to be able to use P2P software to download software updates. I was recently looking for a compilation of open source software for Windows when I discovered the OSSwin Project (http://osswin.sourceforge.net/). The OSSwin project page lists two CD compilations of open source software, the OpenCD (http://theopencd.sunsite.dk/) and the Open Source Software CD (http://pmw.myip.org/oss/). The Open Source Software CD appeared to be more comprehensive and more frequently updated, but downloading the 653 MB disk image (a “.iso” file) would take about 11 hours on a 128 Kbps connection (http://www.onlineconversion.com/downloadspeed.htm). Even if you had 11 hours, the client might crash, the server might stop responding, and you might have to start the transfer all over again. Realizing this, the author of the Open Source Software CD makes the software available via the BitTorrent P2P network. To download the file, you have to download the BitTorrent P2P application (http://bitconjurer.org/BitTorrent/).
When you start downloading a Bit Torrent file (e.g. http://pmw.myip.org/oss/image.iso.torrent), the BitTorrent application also starts using some of your bandwidth to upload data to other BitTorrent users. So each BitTorrent downloader becomes an uploader and there is no one central server bearing the load of serving up any particular file. Recently, a website was set up (http://www.sp2torrent.com/) by Downhill Battle (http://www.downhillbattle.org/) to demonstrate how BitTorrent could be used to distribute, in this case, Microsoft’s much publicized Windows XP Service Pack 2 patch. Of course, Microsoft DMCA-ed sptorrent.com but the point has been made. Hopefully.
5. I want to be able to share my personal digital content with friends and family. I currently do this by maintaining my personal digital content on a webserver that is running weblog (Movable Type, http://www.movabletype.org/) and photo album (Gallery, http://gallery.menalto.com/) applications. But the webserver uses a client-server model, which is overkill for what I need. In order to share my personal digital content with a few dozen people, I have to set up access control (e.g. usernames/passwords, IP address restrictions) on the websever, draft content locally on a client computer, and upload the content to my server. Thus I have two copies of all of my personal digital content, one on the client (the development version) and one on the server (the production version). I could put the server in my house and use the same machine for both development and production, but then I’d have to install even more software to protect this server from outside threats (e.g. by using intrusion detection software) while still making the server accessible to my friends and family (e.g. by using dynamic DNS software). What I should be able to do is simply create a space on my local computer where certain files (e.g. weblog entries, photo albums) are shared. I should be able to control who has access to these files (friends and family) and who does not (everybody else). I should be able to create “invitations,” perhaps as a self-extracting executable application with buit-in access controls, and email them to my friends and family for my shared personal digital content.
6. I want to be able to share client files with clients on a P2P-based extranet. Extranet software is too hard and too expansive to set up. It shouldn’t be this way. I don’t want to use a client-server model for an extranet, because that is overkill. I don’t want to email sensitive files to clients, because that is inefficient and insecure. I don’t want to outsource my extranet to a third-pary provider, because this is too expensive and creates new privacy and security issues. Do you trust your ISP (or ASP) with your data? Really? I should be able to create a client-specific area on my computer that can only be accessed by my clients. There is a huge opportunity for a company to create a P2P-based extranet. The closest extranet-like P2P product available today is WASTE (http://waste.sourceforge.net/), but Waste has a colorful history (https://www.giantpeople.com/416.html) that makes it an inappropriate platform for a P2P extranet.
Despite the packaging, the flaws on my old rusty Dodge were easy to spot and the buyer knew what he was getting. The flaws of the anti-P2P arguments are not as easy to spot. Before you dismiss P2P applications as the functional equivalent of safe-cracking tools, I would encourage you to pop the hood, examine the engine, and take a test drive. Any car can be used as an escape vehicle for a bank robbery, and many P2P applications can be used for illegal activities. But banning all P2P applications from the Internet makes about as much sense as banning all cars from the road.