Secure Federal File Sharing Act

Introduced in the House by Representative Edolphus Towns (D-NY10) on November 17, 2009, as H.R. 4098, the Secure Federal File Sharing Act was referred to the House Committee on Oversight and Government Reform and placed on the Union Calendar on March 11, 2010. On March 23, 2010, Representative Towns moved to suspend the rules and pass the bill by a roll call vote (House Vote #183 in 2010), which occurred following forty minutes of debate.^[9] The results of the vote yielded 408 Ayes, 13 Nays, and 8 Present/Not Voting.^[10]

The bill was introduced into the Senate on March 25, 2010, and referred to that chamber's Committee on Homeland Security and Governmental Affairs.^[6] On June 14, 2010, Senator Claire McCaskill (D-MO) introduced a companion bill, S.3484, to H.R. 4098. This bill was read and referred to the Senate Committee on Homeland Security and Governmental Affairs.^[11]

On May 10, 2010, MeriTalk, a U.S. government IT network, released a report on federal file sharing in which 200 federal government employees and security officials were interviewed to understand their file transfer practices. Of those interviewed, 58 percent were aware of their agency's policies for secure file transferring, and 43 percent reported that they consistently followed the file sharing policies. Furthermore, 71 percent said they were concerned with the current security of federal file transfers, yet 54 percent admitted to not monitoring their own file transfer protocol. The majority of these federal personnel also admitted to using insecure methods for transferring files between agencies and within the agencies themselves: 66 percent used physical media like USB flash drives, 60 percent used FTP, and 52 percent used personal email accounts like Gmail or Yahoo.^[12] The report recommended that organizations should develop and enforce government-wide standards and educate management and users.^[13] Only a small portion of the information the government transfers is classified; however, much of it is sensitive because it can contain private information about the public such as medical records and social security numbers.^[14]

The Electronic Frontier Foundation stated, prior to the introduction of this bill, that a government-wide restriction on peer-to-peer file sharing would limit the government's ability to take advantage of potentially useful file-sharing software. To support its opinion that peer-to-peer filesharing can be useful, the foundation offered as examples licensed music services and video gaming companies, which use peer-to-peer tools.^[15]