Within the span of a few days in late March 2005, separate events surrounding peer-to-peer computing starkly illustrated the dichotomy between steady advances in P2P technologies and the murky legal and ethical climate that surrounds them.

Those events included the release of a new P2P technology that will enable a user community to filter out mislabeled or corrupt files and the appointment of US Senator Orrin Hatch (R-Utah)—who introduced legislation in 2004 that would have greatly hindered P2P development—to the chair of a key intellectual property Congressional subcommittee. The key event, however, was the 29 March argument before the United States Supreme Court in MGM v. Grokster (http://www.eff.org/IP/P2P/MGM_v_Grokster/, a case which the P2P community expects to be a landmark for US policy.

If the Court agrees with the entertainment industry plaintiffs that the vast majority of P2P uses infringe on content providers' IP rights, observers say it will virtually cripple P2P research in areas stretching well beyond swapping pop music and movies. However, if the Court's decision is similar to its 1984 decision favoring the proliferation of video cassette recorders (notably the Sony Betamax), then industry executives expect a new wave of financing and research that will further enrich the technology.

"If the Supreme Court came back with a very negative ruling, it would hurt a broad swatch of technologies," says Greg Bildson, chief technology officer and chief operating officer of LimeWire (http://www.limewire.com/english/content/home.shtml, an open source P2P Gnutella network client rapidly gaining in popularity. "It could essentially outlaw the iPod and lots of other things. I can certainly think of scenarios where the legal climate could be made so onerous we'd be scared of developing LimeWire."

Yet one other veteran observer of the technology policy arena is more sanguine that both the Supreme Court and the Congress will temper their efforts to rein in P2P possibilities, and the technology and entertainment industries will muddle through as they did with VCRs.

"I think people are trying to figure out how to marketize the phenomenon, but if it were an easy issue, we wouldn't be having any dispute about it," says Mike Godwin, legal director for Public Knowledge (http://www.publicknowledge.org/), a technology policy watchdog group. "I'm not sure what the answer is. If history is any guide, there is an answer, and that does involve ultimately accommodating the technologies, but we haven't seen it yet."

Godwin suggests that today's P2P applications are confusing because they're tapping features that were built into the Internet from the start. This forces everyone to become aware of an Internet capability that's always been available. "Because it feels new to them," he says, "they feel they can target this through lawsuits or various technological measures or something else. But it's very hard for them to craft a response that doesn't look like it's attacking the Internet itself or computers themselves."

The Court could decide the case some time in June, although it could also direct the attorneys for both sides to submit for further questions. "I wouldn't be surprised if the Court held it over for reargument," Godwin says.

The Court had some tough questions on how or if technology developers could be held liable for inducing users to infringe on IP rights. Until the case is decided, Godwin believes most efforts, including technological innovation and legislative efforts to address P2P issues, will either move forward very slowly or stall completely.

Mike Halm, project director for LionShare, an ambitious P2P initiative at Penn State University (see "Colleges Taking File-Sharing into Their Own Hands"), concurs with Godwin's assessment that the policy arguments are just now catching up to the technology.

"I've been around long enough to remember computing when it was the Old West," Halm says. "There wasn't a problem having an FTP server up or giving somebody an account so you could do some collaborative research."

However, as P2P became more popular, end users began looking for music instead of scientific files and P2P applications became a morass of proprietary code riddled with adware and spyware. Security concerns and intellectual property issues completely supplanted the open vision of people like Halm.

Intellectual property issues aside, two of the most vexing problems in advancing P2P networks are the proliferation of files that are not what they're labeled to be and the virtual anonymity of P2P users. As a result, spammers can flood P2P networks with unsolicited ads. Bad files can come from almost anywhere and their perpetrators are almost impossible to catch.

Two researchers at Cornell University recently unveiled a new approach to building a more trustworthy P2P network, an open source application called Credence (http://www.cs.cornell.edu/People/egs/credence/). Credence's creators, assistant professor Emin Gün Sirer and graduate student Kevin Walsh, opted for a system that would rate a given network object instead of a given peer node for trustworthiness. The reason, they explain, is that nodes can be inhabited by different people over time—or even taken over by spammers—but the data in the object itself never changes.

The Credence approach uses a cryptographically secure, voluntary, and anonymous voting mechanism. Over time, clients with similar votes for a file's legitimacy will dynamically form a sort of community enabling quick correlation of trust. Likewise, a client that consistently answers contrarily (such as a spammer voting for a file's trustworthiness when everybody else is voting against it) will receive an equally significant negative weighting, whereas an inconsistent voter will have less statistical weight. Theoretically, the more users who join a Credence system, the more accurate an overall rating each file will receive.

"Somebody will put out an advertisement, say, for an iPod—that's a common one," Walsh says. "It's the same advertisement under hundreds of thousands of different names trying to lure people into downloading it."

Credence will instantly recognize this object as a misleading file, identifying it via a hash of the file contents.

"It's forcing spammers to put a lot more effort into generating more spam on a daily basis instead of allowing them to put out the same spam under different names," Walsh says.

Walsh estimated 2,000 users had downloaded Credence in its first two weeks of availability. Sirer says he's more interested in seeing how the program scales and how honestly users vote than he is in its commercial potential. Nevertheless, he believes a reliable method for reputation checking is essential if the P2P paradigm is to become robust enough for critical communications.

"There has been a lot of academic work," Sirer says, "but I'm not really familiar with anything that has been deployed or released. That's why we were in a hurry to get the system out the door."

Sirer sees P2P as a trend toward building more resilient services. Centralized systems tend to be fragile, he says. "It's easy for a single failure in the network to cut access to an entire server. P2P allows greater ability to build systems that will self-organize or heal around failures." He predicts a broad range of P2P infrastructure services emerging in the next decade.

Developers of the new-generation P2P applications generally consider the open source development model to be critical to their success. For one thing, open-sourcing a P2P application helps keep it free of unwanted software downloads such as spyware. Additionally, plaintiff attorneys find it difficult to seek damages from someone who creates a technology and sets it free into the open source community.

LimeWire, for instance, is open source. The company opted for a business model much like the Norwegian Web browser Opera, which features a free advertising-supported version and an ad-free version users must pay for. Bildson calls this model "straightforward, something users can support."

LimeWire 4.0, released in 2004, also guarantees no bundled software with the downloads. The number of users and downloads has increased rapidly since then.

"The fact LimeWire is open source helps to keep us honest," Bildson says. It encourages members of the open source community to monitor the application's development. It's also helped the company to attract academic researchers such as Sirer and Walsh, who used their own LimeWire client for the Credence project.

LimeWire's developers are also continuing to work on broadening its features to help it compete with another popular open source P2P application, BitTorrent (http://www.bittorrent.com/). BitTorrent is especially popular with users looking to share large files or file sets such as collections of government documents. It lets multiple users upload portions of the requested documents to a requester instead of forcing one user to upload one entire request.

"Historically, LimeWire and Gnutella have probably done a better job at smaller files and not as good a job at larger files," Bildson says. "We have some active development going on right now to specifically address that, but BitTorrent certainly has some smart approaches to the large file issue."

Such competition might only expand the applications for which network users are employing the new technologies. For example, Thad Anderson, a second-year law student at St. John's University in New York City, runs a site—outragedmoderates.org (http://www.outragedmoderates.org/)—that helps people download large collections of primary-source US government documents without mass media filtering. Anderson uses BitTorrent to reduce the amount of time and effort a requester needs to spend accumulating documents. He estimates he has spent US$700 since launching the site in June 2004. Friend-of-the-court briefs have named his site as a prime example of how P2P benefits go far beyond swapping songs and movies. Additionally, Anderson says, the rapidly expanding P2P landscape is now featuring tools, such as the Prodigem hosting service (http://www.prodigem.com/), that let nontechnologists facilitate information exchange in their own expertise areas.

"At first, it was just an idea I had, that this would be a cool way to distribute this stuff," Anderson says. "The more I've learned about the technology, the more I can think about the potential of it. The reason my site was cited in the ACLU's [ MGM v. Grokster ] amicus brief was that it is an example of how people use it for free speech."

As proof of its vitality and utility to public discourse, Anderson says his site has accounted for 790,000 downloads since February. "And I'm running this out of my apartment in Queens on a Gateway 2000 from 1999. It's very low-tech. If I can figure this out, anyone can."