Washington, D.C. – The House Committee on Oversight and Government Reform is showing new concern regarding applications that promote and peer-to-peer (P2P) file sharing, following reports that Internet users are able to share and trade bank records, health files and other sensitive data in addition to pirated music and movies.
Government officials claim that this is not a first time offense, rather an ongoing observation in instances of data breaches via P2P networks.
Among the instances cited were:
– February 23 was the release date of a paper written by a Dartmouth College professor in which he claimed that during a two week period he was able to search a P2P network and uncover tens of thousands of medical files which contained personal items such as social security numbers and names of individuals who were trying to be treated for cancer, mental health issues and even AIDS.
– A February 26 broadcast by the Today Show, which discussed the inadvertent sharing of personal files via P2P networks, claimed that 150,000 tax returns, 25,800 student loan applications, 626,000 credit reports and multiple social security numbers had been easily accessed over a P2P network.
– On the February 28, a Pittsburgh television station reported that the blueprints and avionics package for the President’s helicopter, Marine One, had been made available via a P2P network in an apparently unintentional move by a Maryland defense contractor.
The Committee sent letters to Attorney General Eric H. Holder Jr. and FTC Chairman Jon Leibowitz requesting information regarding what exactly has been done by the Justice Department and the FTC to prevent the illegal use of P2P networks. The letters also ask for information how American citizens are being protected from the dangers of P2P networks. The letters cite the recent fighter Jet hack and even information on individual tax filings that have leaked onto the Internet. The committee is requesting a “full briefing” on these issues.
The chairman of Lime Group, the company that owns LimeWire, Mark Gorton, was placed in the spotlight two years ago when the subject was discussed in Congress hearings. During the hearings, Gorton claimed that he had no idea how much classified data was being traded via LimeWire. He also stated that he intended to make changes to the site to prevent the trading of such sensitive data.
A letter was sent to Gorton by Committee Chairman Edolphus Towns and Darrell Issa, which requested information on exactly what had been done to cease illegal activities on the LimeWire network. “Nearly two years after your commitment to make significant changes in the software, LimeWire and other P2P providers have not taken adequate steps to address this critical problem,” the letter stated.
The committee indicated the possibility of legal action against LimeWire, if the changes have been insufficient so far.
LimeWire is required to answer the government’s questions by early next month. The company claims to understand the importance of Internet Safety. So far, the firm said there have been software upgrades: In the current version of the LimeWire client, users must designate all files which are exposed. And rather than having their data exposed unintentionally, they must opt in to share.