Yesterday, Salon published an interesting article about some of the difficulties Gnutella networks have with "bad actors", Gnutella clients that abuse the network (Gnutella bandwidth bandits). As Gnutella is an open protocol, anyone can create a client program that can connect to a Gnutella network. This client program may not be well-behaved. Indeed, in the early days of Gnutella, many of the first clients did bizarre things to the network. In any case, this Salon article points out that bad actors still exist and they can severely degrade the performance of Gnutella networks.
The solution that some Gnutella developers support is to begin to add some rules to Gnutella networks, such as only permitting digitally signed clients to participate in the network. Unfortunately, Salon's article didn't address some of the legal issues such solutions raise ...
The Gnutella protocol was designed from the beginning to be fully decentralized with no single point of control. One of the main purposes of this design feature was to frustrate legal attacks against a Gnutella network. Unlike Napster, a Gnutella network would have no single actor that could be sued and would result in shutting down the network. Individual nodes might be shutdown, but the network would continue. Without some centralization to enforce rules, however, it is very difficult to ensure the participants in the network do not become "bad actors," acting in such a way to benefit themselves at the expense of the network as a whole. The tragedy of the commons becomes a real potential drawback of pure decentralized networks.
Unfortunately, adding centralized elements to the protocol erodes the legal protection decentralization provides the network. For example, the use of so-called "supernodes" to increase scalability also creates new legal liabilities. A supernode is usually a Gnutella node with high-bandwidth capability that acts as a proxy for slower Gnutella nodes. This increases the efficiency of the network as a whole. It also opens the supernode up to liability for copyright infringement, even if the supernode is not itself distributing copyrighted material. Following the precedent set in the Napster decision, merely caching a collection of pointers to copyrighted materials can lead to both contributory and vicarious infringement liability. High-bandwidth supernodes thus make perfect targets for legal action.
The issue of digital signatures also raises legal problems for Gnutella networks. Who will control these signatures? Such control must be centralized. It is likely that the organization that controlled the issuing of digital signatures would themselves become a target of legal liability, especially once Hollywood begins to ask them to revoke the digital signatures of copyright scofflaws. Depending on how the signature system were implemented, software developers who participated might also become legally liable.
Adding centralized elements to P2P networks vastly increases their efficiency and scalability. This is why Napster worked so well. Unfortunately, such centralization also vastly increases legal liability. P2P developers should consider the network architecture they adopt very carefully.
For more information on legal liability and peer-to-peer networks, please see this excellent white paper by Fred von Lohmann of EFF (IAAL: Peer-to-Peer File Sharing and Copyright Law after Napster).
Slashdot readers respond (Closed Gnutella System to Prevent Bandwidth Hogs).
InfoAnarchy takes a brief look at the issue (Gnutella Self-Regulation).