The New York Times' technology blog, BITS, discusses why DMCA takedown notices being sent to universities around the country are stupid. Under the Digital Millennium Copyright Act (DMCA), a party that feels its content is being infringed need only suggest that infringement may be going on and may then send a "takedown notice" to the infringing party's internet service provider. There are no evidentiary requirements and no standard of doubt (no "probable cause," no "reasonable doubt," not even "preponderance of the evidence"), so the owner of a copyrighted work can send a takedown notice — and the ISP can comply — even if the content isn't legally infringing. Under the DMCA, an accusation of infringement is enough to get ISPs — which largely don't know the law and are afraid of getting into legal wrangling — to turn off the Internet pipes to the infringer.

From the article:

Many universities pass those letters directly on to students without questioning the veracity of the allegations. The R.I.A.A. in particular follows up some of those notices by threatening legal action and forcing alleged file-sharers into a financial settlement.

But the study, released Thursday by Tadayoshi Kohno, an assistant professor, Michael Piatek a graduate student, and Arvind Krishnamurthy, a research assistant professor, all at the University of Washington, argues that perhaps those takedown notices should be viewed more skeptically.

The paper finds that there is a serious flaw in how these trade groups finger alleged file-sharers. It also suggests that some people might be getting improperly accused of sharing copyrighted content, and could even be purposely framed by other users.

The RIAA and MPAA, the trade organizations for the music and movie industries, respectively, have successfully lobbied to have Congress place line-items into federal university funding legislation requiring public universities to police their networks for copyright infringers and/or allow the RIAA and MPAA to have access to their networks to catch infringers. This is incredibly stupid because of (1) the privacy issues concerned (after all, FERPA strictly limits disclosure of student records to only the student, if the student is over 18) and (2) the fact that colleges are not in the business of policing for copyright violations. The article demonstrates how the RIAA and MPAA's own tools for finding violations can be easily misdirected, resulting in false positives.

Last year, the University of Nebraska agreed to comply with RIAA requests to hunt down file-sharers — for a price. The university estimated that it cost them $11 per accusation to find the culprit, and that if the RIAA wanted them to do a job that wasn't theirs to begin with, the university would charge the RIAA for it.

Posted by Mark at 3:54 PM | Permalink | Comments (0) | TrackBacks (0)

Laws make sense and are enforceable only if they don't prohibit activities we do every day. A law prohibiting taking showers wouldn't make much sense because people need to shower. In that case, people would take showers and risk being arrested, as the necessity for a shower is greater than the fear of arrest. In this article via Boing Boing, John Tehranian writes for the Utah Law Review on the disconnect between what we do everyday with intellectual property and what is being outlawed by rights-holders. Tehranian says that the demands of rights-holders are ridiculous, and if the law were enforced 100% of the time, we would all be liable for millions of dollars' worth of copyright infringement:

There is nothing particularly extraordinary about John’s activities. Yet if copyright holders were inclined to enforce their rights to the maximum extent allowed by law, he would be indisputably liable for a mind-boggling $4.544 billion in potential damages each year. And, surprisingly, he has not even committed a single act of infringement through P2P file sharing. Such an outcome flies in the face of our basic sense of justice. Indeed, one must either irrationally conclude that John is a criminal infringer—a veritable grand larcenist—or blithely surmise that copyright law must not mean what it appears to say.

Have you ever whistled a song in public? Copied an email or article without attribution? You've committed a crime. Bad laws turn otherwise law-abiding citizens into criminals for no good reason. Strengthening copyright laws isn't better for society and it certainly doesn't increase a content provider's likelihood of continuing to provide you with content in the future. It just nets them money from lawsuits. If the RIAA were really concerned about infringement, they wouldn't have a settlement hotline. Instead, they function like the Mexican police ("How much you got?"), settling for whatever people have instead of what they are "legally" entitled to.

Posted by Mark at 1:39 PM | Permalink | Comments (0) | TrackBacks (0)

On Monday, Microsoft released a statement (or a press release? Or something?) claiming that Linux -- the Unix-derived open-source operating system developed by Linus Torvalds and countless others around the world -- infringes on 235 patents held by Microsoft. The IT world, which consists largely of Linux devotees, scoffed at Microsoft's claims. Torvalds, in an interview with Information Week, said that Microsoft's assertions don't hold water. Why? Because Microsoft chose the Court of Public Opinion as the location for this battle, not a court of law. It's because, says Torvalds, "They'd have to name the patents then, and they're probably happier with the FUD than with any lawsuit." FUD stands for "fear, uncertainty, and doubt" and is a marketing technique designed to make a consumer doubt the competition's product. Here, Microsoft's claims of patent infringement are designed to scare away potential Linux users, who might have considered using Linux as a viable, production operating system but will now be so scared by the prospect of patent infringement lawsuits that they'll turn tail and run, ostensibly to Microsoft.

Patent infringement suits are about three things: (1) taking down the competition, (2) setting an example for other companies, and (3) maybe making some scratch in the process. SCO, the patent-holding company that currently owns the rights to Unix (which was actually invented by AT&T/Bell Labs in 1970), tried this tactic with Linux, insisting that Linux contained code drawn from Unix. SCO wanted royalties. This was how they financed themselves: selling "licenses" to software they owned and suing companies that refused to buy these licenses. SCO had been successful in getting smaller companies to settle out-of-court, but then it took on more that it could handle: IBM. IBM used Linux extensively and even developed its own proprietary Linux distributions. Rather than settle out-of-court, IBM was willing to go all the way with SCO. SCO was unable to actually prove that Linux contained Unix code and thus was forced to drop the suit.

Microsoft's tactic is different. Rather than make money from Linux, it would like to destroy Linux. In a May 2007 survey, Netcraft reported that 56% of web servers ran Apache, a web server program that runs on Linux. (It also runs on Windows, but a lot less well.) Apache's next-biggest competitor was Microsoft, whose IIS program commanded only 31.49% of the web server market. Why does Microsoft lose market share to Linux? A couple of reasons:

1. Price. Linux distributions -- even enterprise-level ones that cost money -- don't cost as much as Windows Server. Not factoring in crazy volume discounts, Windows Server 2003 R2 costs $1,000 in its "standard" version. Red Hat Linux, by contrast, costs $349. Several countries -- that's countries are moving to adopt Linux as the government standard because it's cheaper.
2. Customization. Linux is infinitely customizable because users have access to make crazy modifications if they want. Microsoft is completely closed off. No one is allowed access to the source code. Microsoft has said that Windows Vista Server's code will be a "black box" that no one will ever have access to. Ostensibly, this makes it less hackable. Except that it doesn't.
3. IT people don't need colors. Part of the reason Microsoft proliferates in the desktop environment is its ease of use. Linux is a little harder to use, but IT folks don't care; they can adapt to anything, and if it's cheaper, all the better.
4. Open standards. Linux uses open-source standards, whereas all of Microsoft's stuff is closed-source. This means that one day, Microsoft can decide to withhold your information from you until you cough up some more money, because only Microsoft has the keys to what it's locked you out of.

Posted by Mark at 9:37 AM | Permalink | Comments (0) | TrackBacks (0)

Demanding that YouTube remove 160,000 videos last month clearly wasn't enough. Viacom International, the parent company of MTV, Comedy Central, and Paramount, is suing Google -- YouTube's parent company -- to the tune of ... one billion dollars!

The suit, filed in the U.S. District Court for the Southern District of New York, alleges, "YouTube has harnessed technology to willfully infringe copyrights on a huge scale, depriving writers, composers and performers of the rewards they are owed."

The key word here is willfully. Did YouTube "willfully" -- and not merely negligently -- infringe upon Viacom's copyrights? If it had willfully done so, then why did it comply with Viacom's DMCA takedown requests?

The key case here will most likely be MGM v. Grokster, 04-480 (2005), where the U.S. Supreme Court held that "one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties." In other words, the failure to foresee that a device may be used for infringement in the future is neither contributory nor vicarious infringement. The creation of a device specifically for the purpose of infringing is an act of contributory or vicarious infringement. YouTube has "substantial non-infringing uses," including distributing licensed content as well as content in the public domain. Therefore, we can conclude, based on that fact, that YouTube was not created specifically for the purpose of infringing.

But what about when the manufacturer is aware that infringement is happening by way of his or her device? The Court addressed that, as well:

Accordingly, just as Sony did not find intentional inducement despite the knowledge of the VCR manufacturer that its device could be used to infringe, mere knowledge of infringing potential or of actual infringing uses would not be enough here to subject a distributor to liability. Nor would ordinary acts incident to product distribution, such as offering customers technical support or product updates, support liability in themselves. The inducement rule, instead, premises liability on purposeful, culpable expression and conduct, and thus does nothing to compromise legitimate commerce or discourage innovation having a lawful promise.

There is no evidence to indicate that YouTube ever actively encouraged users to pirate content.

Furthermore, the Court held in MGM that, in order to be found guilty of contributory or vicarious liability, a manufacturer must have "had specific knowledge of infringement at a time when they contributed to the infringement and failed to act upon that information." Again, Viacom demanded that 160,000 specific videos be removed from YouTube, and YouTube complied.

Viacom's argument is incredibly weak, and this looks like a ploy for (1) media attention, or (2) an attempt to get a settlement out of Google. Google, however, is smart enough and has enough money that it may just take this case to court in order to get a ruling which says that Viacom is crazy. People who accuse others of infringement love out-of-court settlements, because it means that they don't have to go to court, where most infringement-accusers end up losing and then set a precedent for allowing other infringement suits to be thrown out in the future.

Posted by Mark at 10:38 AM | Permalink | Comments (0) | TrackBacks (0)

In 1998, the U.S. Congress passed -- and President Clinton signed -- the Digital Millennium Copyright Act, one of the most horrific pieces of legislation to come out of the swamp along the Potomac.

The DMCA set up a bunch of ridiculous copyright restrictions, not the worst of which was making it a crime to break any copy-protection for any reason at all. This means that, if a content provider has disabled access to content above and beyond the restrictions of the law, you have to break the law -- that is, the DMCA -- in order to exercise your rights under the law. Federal judges have found the DMCA to be anticompetitive (in that it allows companies to lock down content and make themselves the sole vendor of services for a particular product, which is antitrust) and contrary to the public good (the DMCA errs on the side of protecting intellectual property over benefiting the public; in StorageTek v. CHE, a federal circuit court of appeals wrote, "[T]he DMCA must be read in the context of the Copyright Act, which balances the rights of the copyright owner against the public’s interest in having appropriate access to the work").

Ten years later, Congress -- which gets more money than you might think from content providers like The Walt Disney Co. -- decided to clean up the DMCA. In steps H.R. 1201, the FAIR USE Act, which simulatenously tries to fix the DMCA and continues the annoying trend of using cutesy acronyms as titles of bills.

Things it does:

• Puts into cold, hard legislation the language of 1984's Sony v. Universal, which held that any device that was capable of "substantial non-infringing uses," even if it could be used to also infringe upon copyright, was not an illegal device on its face.
• Makes it not a crime to break copy-protection in instances in which breaking the copy-protection is required to exercise the rights you had anyway, but lost because a private content-provider decided it didn't want you to have them, including breaking copy-protection on works that are in the public domain (and are thus not subject to copyright law).
• Places limits on statutory damages from infringement, so that groups like the RIAA can't demand outrages sums of money for copyright infringement.

Great! But as Ars Technica pointed out when the bill was released on Feb. 27, there's more work to be done. While I disagree with their statement that the FAIR USE Act does not make "any 'fair use' of digital goods legal, regardless of anti-circumvention laws" (which, clearly, it does; cf. §3(b), in which exemptions are made for fair use and archival purposes), I do agree that the bill doesn't go far enough in that it does not allow for "making personal use copies of encrypted materials."

Nevertheless, it's a step in the right direction.

Posted by Mark at 12:16 PM | Permalink | Comments (0) | TrackBacks (0)

Remember two years ago, when Marvel, creator of Spider-Man, X-Men, and a bunch of other comic book characters, sued NCSoft, maker of the MMPORPG City of Heroes? Marvel alleged that players of City of Heroes were creating superheroes that were infringingly close to characters copyrighted by Marvel. The case was thrown out when it was discovered that Marvel was creating Marvel-like characters and then complaining that the game allowed the creation of such characters. Since no actual damage could be demonstrated, the case was thrown out.

Now, Marvel wants, in the words of Cory Doctorow, to continue putting ideas "in a lock-box to which it will control the key." In 1981, Marvel and DC Comics jointly filed to trademark the word "super hero." If this isn't the most asinine thing I've read so far this year, then it's pretty close. No one has really discovered this fact until now, when Marvel's press releases for a "science of super heroes" exhibit at the California Science Museum in Los Angeles contained the ubiquitous "TM" after the word "super heroes."

A Los Angeles Times op-ed points out why this is a terrible idea:

In trademark law, the more unusual a term, the more it qualifies for protection. We would have no quarrel with Marvel and DC had they called their superheroes "actosapiens," then trademarked that. But purely generic terms aren't entitled to protection, at least in theory. The reason is simple: Trademarks restrict speech, and to put widely used terms under private control is an assault on our language.

Once a trademark is granted, it remains in effect until someone proves to the feds that the term has lost its association with a specific brand, as happened with "cellophane" and "linoleum." That's why Johnson & Johnson sells "Band-Aid brand adhesive bandages," not simply Band-Aids(TM).

Why is a word trademarked? So that people will associate a particular word with a particular company or product and buy more of that product. This gives the company incentive to create more of this product, which is theoretically good for everyone.

Marvel is doing no such thing. It is using its legal leverage to shut out competitors:

The government's action means that any company wishing to market a comic book, graphic novel or related item with any variation of "super hero" in the name or title must get permission from Marvel and DC. Dan Taylor, the Costa Mesa-based creator of the "Super Hero Happy Hour" comic, learned about this absurdity two years ago when he was contacted by lawyers for Marvel and DC, prompting him to rename his series to the more pedestrian "Hero Happy Hour."

Patents, trademarks, and copyrights are granted to give an artist an incentive to continue producing art or inventions by giving him a monopoly on producing that art or those inventions. But corporations see copyrights, patents, and trademarks as doing something else: instead of innovating or competing in the "free market" that these corporations love to talk about, they get the government to step in and shut down their competition for them.

Take Lexmark, for example. Lexmark charges way too much for toner cartridges. So, another company steps in and takes advantage of Lexmark's poor business model and offers to refill toner cartridges for cheaper than Lexmark would. In a free market economy, Lexmark would have to lower the price of its toner cartridges if it wanted to stay competitive. But in a United States where ridiculous laws like the DMCA exist, Lexmark can call up the government and order its competition to shut down. How? Because the other company is infringing on a copyright held by Lexmark regarding a piece of software in the toner cartridge. Instead of sucking it up and changing an old-and-busted business model, Lexmark uses the law to stifle competition and continues using an old-and-busted business model. It's easier and cheaper to stifle than to innovate.

So it goes with Marvel and DC Comics. If you want superheroes, you have to come to us. Anything else isn't the same. The theory is that a comic without a "super hero" is somehow a comic of lesser quality; since only Marvel and DC can legally use the word "super hero," then anything that is not Marvel or DC is somehow of lesser quality. This is a horrible misuse of trademarks and I hope that someone takes Marvel and DC to court to shut down this blatant disregard for art, the law, and the public domain.

Posted by Mark at 12:29 PM | Permalink | Comments (0) | TrackBacks (0)

Four years ago, Amazon.com patented "One-Click Shopping." At about the same time, a British company patented the "hyperlink." Companies routinely patent ridiculous inventions or processes so they can use those patents as leverage in the future. Junk technology patents are so common that Slashdot even has a category just for junk patent stories. The patent system is broken, as a recent study revealed that there are mistakes in 98% of U.S. patents that might affect that patent's enforceability; but beyond those mistakes, patents are issued for things at are either clearly prior art (one of the things that is un-patentable is an invention that has already been widely used before you tried to patent it; this is called "prior art")

Here are some things that have been patented in the last year:

• Microsoft: "Pausing television programming in response to selection of hypertext link"
• Amazon: A system for allowing users to post reviews of products they have purchased
• Nintendo: A system that causes a video game character to hallucinate and became temporarily "insane"
• Amazon: "Contextual presentation of information about related orders during browsing of an electronic catalog"
• Amazon: "Using customer viewing histories to generate recommendations"

And, today, Cingular was awarded a patent for the emoticon:

The method and system described in the patent allows a user of a mobile phone (or other device) to select a displayable icon, such as an emoticon, that indicates the mood or emotion of the user or conveys other information independent of text. In some embodiments, the selected displayable icon is inserted into a text message or screen, such as an instant message, chat screen, or user text field.

Realistically, Cingular is not going to sue everyone who uses a smiley face in an IM conversation without paying them first, although that is now their right. Patents are used as leverage, but they can also be used to stifle innovation and create collusion. A sample conversation between an executive at Cingular and an executive at Yahoo:

Cingular: Hey, what's going on?

Yahoo: Oh, nothing much. There's a lot of problems with our software, but I decided to take the morning off. I'm playing Yahtzee now. Man, it's so hard to get a Yahtzee! It's like, I get four of a kind and then I can't get a fifth one, and I already have four of a kind, so I have to take a 0 for the Yahtzee.

Cingular: That's great. Listen: you heard that we got the patent for emoticons, right?

Yahoo: What? They actually awarded you that patent? I thought it was ridiculous when Amazon got the patent for customer reviews, but I guess anything's possible. Are you guys still spending lots of money defeating patent reform?

Cingular: Hells, yes! Innovation is expensive, and it costs me valuable time that I could be spending at the golf course or watching Desperate Housewives on my video iPod.

Yahoo: Desperate Housewives?

Cingular: Okay, so it was a screener copy of King Kong that I got from BitTorrent.

Yahoo: Wait a second -- isn't that illegal?

[Laughter.]

Cingular: Oh, man, you crack me up. Seriously, though: we've got the patent on emoticons and we were wondering something.

Yahoo: Yeah?

Cingular: We don't want you offering VoIP or anything like that Google Talk. If people start making phone calls over the Internet, then they won't pay us exorbitant cell phone fees on an archaic rate structure with Draconian penalties for doing anything we don't like.

Yahoo: Okay, but what's in it for us?

Cingular: Well, when we start our litigation against instant messaging companies for using emoticons without paying us, maybe . . . well, all I'm saying is that maybe Yahoo will be accidentally left off the list.

Yahoo: Ohh, I see. So, if we kill voice over the Internet so that you can retain your outdated business model, you won't sue us for using a technology that was dubiously patented by you?

Cingular: I wish you could see me touching my nose with my finger.

Yahoo: Well, since there's no voice calls over the Internet, there won't be any video calls over the Internet, so it looks like I'll never see it!

[Laughter.]

Cingular: Hey, you want to come over to my mansion in Sunnyvale tonight? We're going to invite Nokia over, ply him with whiskey, and then convince him to disable all the cool technology in his new phone unless the customer pays us an outrageous subscription fee.

Yahoo: Dude, that sounds awesome! But I can't; Microsoft, Google, and me are getting together to talk about how we can get a market foothold in Iran. We figure we'll just censor everything but the "death to Israel" websites.

Cingular: Oh, man, dude. I don't know; that sounds like more fun than beating up on Nokia.

Yahoo: Well, there's tons of totalitarian regimes that need Internet access. I'll call you next time we talk with one. Hey, we're going to visit Saudi Arabia next week. Wanna come?

Cingular: Awesome! I'll be there. Okay, I have to go write up a patent for using a non-Roman font to insert the letters of my sorority into my instant messenger profile. I'll talk to you later.

Yahoo: Okay, dude. Later.

Posted by Mark at 11:16 AM | Permalink | Comments (2) | TrackBacks (0)

The Motion Picture Association of America (MPAA) is being accused of illegally copying a film submitted to it for a rating. You'll recall, of course, that MPAA is one of the bodies behind more Draconian copyright infringement laws. But when it comes down to it, MPAA feels that the laws shouldn't apply to it, only to smaller entities that can't match MPAA's litigation power.

In the end, intellectual property disputes are all about who can out-sue who. Small companies that want to make money with ridiculous patents sue other small companies, which give in and settle out of court. This creates a war chest for the other company, which it will then use to sue larger companies. Cf. SCO, the company that holds the copyright on Unix, an operating system originally developed by AT&T in 1970. SCO makes its money licensing software and suing companies that refuse to license its software. SCO made a big mistake when it tried to sue IBM, alleging that IBM used Linux -- which allegedly contained code taken from Unix -- in some of its software distributions. SCO eventually dropped the case, though, when IBM refused to settle and SCO was unable to prove that Unix code was used in the creation of Linux. IBM, unlike the other companies SCO dealt with, called SCO's bluff, and SCO was forced to concede that it didn't have any winning cards.

How'd you like that poker metaphor?

The MPAA admitted making unauthorized copies of This Film Is Not Yet Rated, an expose of how the MPAA rating system works. (Incidentally, the rating system is very convoluted. Ratings are not enforcable by law, although they are enforcable by theater chains' own policies. As movie theater companies consolidate, diversity decreases. I think in the Berkeley/Emeryville/Oakland area, all the major theaters are owned by either United Artists -- a member of the Regal Entertainment Group, which includes Regal Cinemas, Edwards Cinemas, and the movie-ticket website Fandango -- or AMC. Many theater chains have a policy of not showing unrated films, meaning that if a director wants his film to be distributed commercially, he'll have to cough up the thousands of dollars required to get a rating from MPAA. This conglomeration of large theater chains allows MPAA to extort money out of anyone who wants to get a film distributed. Don't want to pay? Fine. You don't get a rating. And if you don't get a rating, then no one will show your film. This isn't such a problem for films produced by major studios, but if you're a more indie filmmaker, then the cost of getting a rating can be as much as the cost of your entire production.)

Posted by Mark at 1:16 PM | Permalink | Comments (0) | TrackBacks (0)

Via Slashdot comes an article from Groklaw about DRM's effects on computer security. If you've been following DRM stories for years, it's a good read. If you're a DRM novice who can't quite remember what "DRM" stands for, it's a good read. Author Victor Yodaiken sums up what DRM is and what content-providers want it to do.

At its core, DRM -- which stands for "digital rights management" -- is about control. Content providers want to control how you view their content and make sure that you don't use that content in a way that they don't want you to. Sometimes, this control is designed to prevent copyright infringement. Sometimes, it's designed to make the Internet and computers behave like old markets so that content companies don't have to innovate and create new business models.

But my favorite sentence from the whole article is this one: "DRM is being introduced as if there was no role for computers except as personal entertainment devices and as if computer users were purely consumers of prepackaged 'content.'" Sony-BMG introduced DRM into its CDs in December without any care as to how the DRM would affect computer security. All that Sony-BMG cared about was locking down content and preventing users from using the content in a way that Sony didn't want them to. And if users' security is compromised, Sony-BMG throws up its hands and says, "Not my problem."

And, finally, from Cory Doctorow's Microsoft DRM talk, here's an explanation of why DRM just doesn't work. In this example, Alice and Bob want to exchange messages without Carol intercepting those messages:

Enter keys: a cipher that uses a key is still more secure. Even if the cipher is disclosed, even if the ciphertext is intercepted, without the key (or a break), the message is secret. Post-war, this is doubly important as we begin to realize what I think of as Schneier’s Law: “any person can invent a security system so clever that she or he can’t think of how to break it.” This means that the only experimental methodology for discovering if you’ve made mistakes in your cipher is to tell all the smart people you can about it and ask them to think of ways to break it. Without this critical step, you’ll eventually end up living in a fool’s paradise, where your attacker has broken your cipher ages ago and is quietly decrypting all her intercepts of your messages, snickering at you.

Best of all, there’s only one secret: the key. And with dual-key crypto it becomes a lot easier for Alice and Bob to keep their keys secret from Carol, even if they’ve never met. So long as Alice and Bob can keep their keys secret, they can assume that Carol won’t gain access to their cleartext messages, even though she has access to the cipher and the ciphertext. Conveniently enough, the keys are the shortest and simplest of the secrets, too: hence even easier to keep away from Carol. Hooray for Bob and Alice.

Now, let’s apply this to DRM.

In DRM, the attacker is also the recipient. It’s not Alice and Bob and Carol, it’s just Alice and Bob. Alice sells Bob a DVD. She sells Bob a DVD player. The DVD has a movie on it – say, Pirates of the Caribbean – and it’s enciphered with an algorithm called CSS – Content Scrambling System. The DVD player has a CSS un-scrambler.

Now, let’s take stock of what’s a secret here: the cipher is well-known. The ciphertext is most assuredly in enemy hands, arrr. So what? As long as the key is secret from the attacker, we’re golden.

But there’s the rub. Alice wants Bob to buy Pirates of the Caribbean from her. Bob will only buy Pirates of the Caribbean if he can descramble the CSS-encrypted VOB – video object – on his DVD player. Otherwise, the disc is only useful to Bob as a drinks-coaster. So Alice has to provide Bob – the attacker – with the key, the cipher and the ciphertext.

Hilarity ensues.

DRM systems are broken in minutes, sometimes days. Rarely, months. It’s not because the people who think them up are stupid. It’s not because the people who break them are smart. It’s not because there’s a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn’t a secret anymore.

And that is the problem with DRM: the recipient of the message is also the "attacker," the person who is clandestinely trying to intercept the message. Content providers want people who buy DVDs to be able to watch those DVDs, but not take the content off those DVDs. DRM schemes as we know them are inherently screwy because, as Doctorow says, "they provide their attackers with the ciphertext, the cipher, and the key." It's very schizophrenic and it doesn't work. Either content providers have to completely lock down their content and prevent anyone from viewing it, or they have to remove the DRM and let the information be open to anyone. To do otherwise is to pretend that there is real security and real freedom, when in fact there is neither.

Posted by Mark at 9:52 AM | Permalink | Comments (4) | TrackBacks (0)

With its broadcast flag defeated in (1) court, because a court ruled that the FCC does not have the authority to regulate digital devices, and in (2) Congress, because Congress refused to take up the RIAA and MPAA's fight to have the FCC regulate digital devices, everyone thought that the content cartels had learned their lessons.

Not so much.

The Electronic Frontier Foundation has copies of draft legislation that would make it illegal to manufacture any analog-to-digital device that does not allow DRM restrictions to be placed on it. EFF refers to this as the "analog hole," since analog devices cannot, by their nature, be restricted in their use in the same way that a TiVo or an HDTV can, since the latter are digital devices. VCRs, cassette players, and non-digital televisions dabble in analog formats; that is, formats that use the properties of electrical or magnetic impulses (frequency and amplitude, e.g.) to store and transmit data. In this way, people can transfer copies of old VHS tapes to their computers by using some device that turns the analog signal into a digital signal (a signal that uses only electrical impulses themselves and not any properties of those impulses to store and transmit data; the impulse is either on or off, 1 or 0, with none of this amplitude or frequency stuff). A digital signal can then be stored on a device that stores digital information, like, oh, say, a computer hard drive, a CD, or a DVD. Up until now, Hollywood had no way of regulating analog-to-digital transmissions. But, with this legislation, they would have complete control over analog-to-digital devices.

No device that did not respect some sort of DRM scheme would be allowed to be sold. And guess who would decide on the DRM scheme? Yes, kids, your friends at RIAA and MPAA would decide on the DRM scheme. And if you think it won't be the most restrictive scheme possible, a scheme that goes way beyond the bounds of copyright law, you'd be kidding yourself and also possibly living in another universe.

The RIAA and MPAA's whole business model now is to be as restrictive as humanly (or technologically) possible. This means locking down content so that you can only view it or listen to it in exactly the way the MPAA or RIAA want you to view it or listen to it. If they don't want you to fast-forward, you won't be able to fast-forward. If they don't want you to be able to save the content for viewing later, you won't be able to save it for later. If they don't want you to be able to copy the content to a CD or DVD for your own personal use, you won't be able to do that. You will do only what record or movie industry executives want you to do. Not only will you like it, but you'll keep coming back for more, because the companies that constitute the RIAA and MPAA essentially have monopolies on content.

[Via Boing Boing, of course.]

Posted by Mark at 4:39 PM | Permalink | Comments (1) | TrackBacks (0)

If you're one of the misguided fools who believes that digital rights management (DRM) is a good idea, then what would you think if DRM were spyware?

Mark Russinovich's Sysinternals blog reveals that a CD published by Sony installed spyware on Russinovich's computer. The spyware, like all spyware, goes to great lengths to hide the fact that it exists and a uses Windows process-sounding name so that, in the event it is discovered, the user (who probably isn't very computer literate) thinks it's a legitimate Windows process that shouldn't be deleted.

Russinovich first became suspicious when he found evidence of a rootkit on his system. A rootkit is designed to hide files and processes from Windows. After doing a lot of stuff that I could never begin to understand, he discovered that the rootkit came from a company called "First 4 Internet." After doing some research (that part I understood), he found out that the software is DRM software and that First 4 Internet's clients are, among others, Sony. The DRM software is designed to hook into the computer's CD-ROM drivers. Delete the DRM files and your CD-ROM drive disappears from the list of devices.

The problems with this are many-fold. First, copyright law does not allow a company to hack your computer in order to protect its copyright. Second, as Russinovich notes, "the software is poorly written and provides no means for uninstall." The software can actually have an adverse effect on your computer. You are being punished when you purchase copy-protected music. Music industry executives have concluded that you will probably copy the music from the CD, which is your right to do as the buyer of the CD. They have further decided that you will probably share this copyrighted music with others, and to forestall such a thing from happening, they have taken measures above and beyond the bounds of copyright law to prevent you from sharing that music online. They have placed software on your system without your knowledge, and indeed, have gone to great lengths to hide from you the fact that such software is on your computer. If this software were to screw up your system, you would have no recourse. The software is unsupported and uninstallable. And it appears to be poorly written. Who knows what else it might do? Who knows how a hacker might exploit this software for his own nefarious use?

Don't buy music from Sony/BMG. The only way to stop DRM is to refuse to buy music from publishers who put DRM on their CDs. The only way the music cartel (and, in the sense that economists use the word as it applies to an oligopolistic market, the RIAA qualifies as a cartel) will listen is if they're hit in the pocketbook. Refusing to buy DRM-crippled music shows them that consumers will not tolerate being forced to use their legally purchased products at the pleasure of music industry executives.

[Via Boing Boing.]

Posted by Mark at 10:08 PM | Permalink | Comments (0) | TrackBacks (0)

How many people who have been sued by the RIAA have been innocent? The RIAA's tactics for finding file-sharers are sketchy, especially given that they use IP addresses to identify people. IP addresses, like email addresses, can be falsified and are unreliable. And yet the RIAA files thousands of "John Doe" lawsuits in which they name a defendant by IP address, then tell an ISP to find out the person's name. This is all without a subpoena or a warrant, by the way, because ISPs are pushovers. And so the RIAA identifies the person and basically blackmails them:

RIAA: Either you pay us some amount of money or we'll financially destroy you by putting you through expensive litigation.
Grandmother: But I never shared files.
RIAA: We don't care whether you shared files or not; our software says you did, and we refuse to acknowledge that our software could be wrong. Due process could reveal this fact, but you don't have the money for a trial, right?
Grandmother: Right. Ouch, stop kicking me in my hip. That's my bad hip.
RIAA: I'm afraid I can't stop kicking you in the hip. The DMCA allows me to kick you in the hip, so I'm going to do it. Also, I punched your cat and made it into a stew.

One woman, tired of being the object of frivolous litigation and secure in the knowledge that she didn't do anything wrong, is filing a counterclaim against the RIAA. Tanya Andersen "is a 42-year-old single mother of an eight-year-old daughter living in Tualatin, Oregon. Ms. Andersen is disabled and has a limited income from Social Security," says the counterclaim. The counterclaim further alleges that the RIAA's activities violate Oregon's Unlawful Trade Practices Act (ORS 646.605 et seq.), the Oregon Racketeer Influenced and Corrupt Organizations (RICO) Act (ORS 165.715 et seq.), and the federal Computer Fraud and Abuse Act (18 U.S.C. 1030).

Finally, someone is challenging the sketchy tactics of the RIAA. And it's significant that her lawyer chose to use Oregon's RICO Act, in part, to justify the counterclaim: RICO Acts were enacted for prosecuting mobsters. And that's precisely what RIAA is: the mafia, but legalized. They use the same strong-arm extortion tactics, and if you don't like them, then we'll inflict (financial) damage upon you. Hopefully, Ms. Andersen's example will spur other people to take the RIAA to court rather than give in to the mafia-like tactics of the RIAA's Settlement Support Center.

[Via Slashdot.]

Posted by Mark at 11:18 PM | Permalink | Comments (0) | TrackBacks (0)

A federal appeals court ruled in May that the FCC lacked the authority to institute a broadcast flag, but it said that Congress could require broadcast flags. Congress, not one to turn down bribes from the motion picture and recording industries, is hard at work crafting legislation that turns your digital TV, TiVo, or PC tuner into a slave of the MPAA or RIAA.

Here's what Dan Glickman, head of the MPAA, has to say about the broadcast flag:

The broadcast flag does not inhibit copying, nor does it prevent redistribution of programming over a personal home network--it only restricts unauthorized redistribution of programming over the Internet and other digital networks.

Dan Glickman is lying to you! The broadcast flag is not a thing whose function will be determined by Congress. The broadcast flag is like a checklist of things that you can't do with a particular program, and this legislation would require that any device capable of receiving a digital TV signal must respect that checklist. So, if a content provider doesn't want you to be able to time-shift the content (something that is your right to do), you won't be able to tape a show and watch it later. If a content provider doesn't want you to be able to format-shift the content (something that is your right to do), you won't be able to copy a show to your hard drive or to a DVD. ABC, CBS, Fox, Paramount, Warner Brothers, Sony, or whoever provides the content are the people who will check off within the broadcast flag what you can and cannot do with it.

So, in short, the broadcast flag inhibits whatever a content provider wants it to inhibit. And this can definitely (and will definitely) include copying and redistributing the programming over any network, whether it's local area network or Internet.

Do not believe what Dan Glickman says! Earlier in the year, legislators, having unsuccessfully introduced a broadcast flag law into Congress as a separate bill, tried to sneak it into an omnibus spending bill. Thankfully, it was removed by -- what's this? -- legislators who had some sense.

As EFF spokesman and Boing Boing contributor Cory Doctorow observed in a recent talk to engineers at Hewlett-Packard,

Copyright is a limited monopoly over the public copying, performance, display and adaptation of original works. Copyright governs the ability of commercial entities and a few noncommercial entities to make copies, dis-play them, etc.

Copyright does not confer the right to control “remote viewing” -- the ability to store a show in one place and watch it in another. It does not confer the right to control time-shifting. It doesn’t confer the right to control regional playback, as with DVDs that can only be viewed on a US player or a European players. Copyright does not confer the right to control re-sale or lending of lawfully acquired works.

In short, a broadcast flag would be a violation of copyright law. The intent of "preventing piracy" is a red herring. The real intent is to allow media companies to have complete control over a copyrighted work, as though copyright itself were a law of nature. (Turns out that copyright, not the absence of copyright, is the abnormality. Read Larry Lessig's Free Culture for a Brief History of Copyright Law.)

Posted by Mark at 12:20 AM | Permalink | Comments (0) | TrackBacks (0)

A judge today dismissed the RIAA's suit against the mother of a 13-year-old girl accused of file sharing. This mother was one of three moms who refused to settle out of court with the RIAA's "conference center." The conference center is like the Mexican police:

RIAA: Okay, that's ten shared songs at $10,000 each. That will be $100,000.
Defendant: But I don't have $100,000.
RIAA: So how much do you have?
Defendant: I have $5,000.
RIAA: We'll take that, then. And we'll make it $2,500 if you'll become a spokesperson for the new Napster and tell the world what great people we are. And then we'll kill you.

In the past, the RIAA has filed suits against anyone and everyone, and it's been profitable, since the money they get from the settlements more than pays for the costs of going after file sharers. But the moms who refuse to settle may put an end to the practice: there's a chance that a court might rule in favor of the moms, and in that case, the RIAA's technique would cease being profitable, and thus they would stop.

Patricia Santangelo was the first person to refuse to settle out-of-court with the RIAA. She contended that she didn't know how the files got on her computer, as she is pretty computer illiterate, and said that the account name didn't belong to any of her kids. The ruling today, however, concerns Candy Chan, mother of Brittany Chan. The U.S. District Court for the Eastern District of Michigan threw out the RIAA's lawsuit against Candy Chan back in May. The court dismissed the suit "with prejudice," meaning that the RIAA could no longer pursue a case against Candy Chan, but it could pursue a case against others.

To give you an idea of the kind of people the RIAA are, their next move was to file a motion to bring action against Brittany Chan, the defendant's daughter. Today, the judge denied the RIAA's motion. It's a funny business practice, isn't it? How many other industries make money by suing their customers? And they wonder why music sales have gone down. No one wants to do business with these people!

And now, on to TiVo. TiVo is a subscription-based service that allows you to record things from cable with a hard drive instead of a VCR. You can record at a particular time, you can cut out commercials, you can fast-forward and rewind. Back on Sept. 13, Cory Doctorow of Boing Boing -- along with lots of TiVo users -- noticed something peculiar going on with TiVo: it wouldn't save certain shows or allow users to move the shows with TiVo2Go.

Then, on Sept. 16, TiVo said that DRM had been enabled for certain shows by accident. Whoops! Even though TiVo said that it was an accident, DRM was still enabled for certain programs. Sounds like some content providers made TiVo an offer it couldn't refuse.

On Sept. 24, reports surfaced that TiVo was charging users $150 if they tried to cancel their newly-crapified service. Apparently, what was merely an "accident" was a mandatory "update" to the TiVo software that detected broadcast flags. These flags introduced new restrictions to certain programs and users were unaware and unable to opt-out of these restrictions. So one TiVo owner decided to cancel his service. He signed up for TiVo back when it did X, and now it wasn't doing X anymore, so he didn't want it. TiVo then charged him $150 as an "early cancelation" fee. Apparently, the download of a software update also caused him to be entered into a new contract for which the "early cancelation fee" was $150. Read any EULA and you'll find that it gives the licensor the right to alter the software at any time, for any reason, without voiding the contract. Read those EULAs! They're designed to take rights from you and make you do whatever the licensor wants you to do. ABC doesn't want you to be able to save Lost? So you won't, no matter what you -- the person who's paying TiVo and who owns the machine -- want.

And now the content companies are trying the broadcast flag again, only this time they're being sneaky about it: "One especially sneaky way to get an amendment passed is to smuggle it into a reconciliations bill. Reconciliation is the mirror image of appropriations. Appropriations is about taxes; reconciliation is all about making cuts. Because Congress dearly loves to appear thrifty, reconciliations has special fast-track status. It can't be filibustered, it's almost impossible to amend once agreed upon, and it only needs a plain majority to pass."

Posted by Mark at 8:43 PM | Permalink | Comments (2) | TrackBacks (0)

BRUSSELS -- The European Court of Justice today ruled that users of Microsoft Windows cannot uninstall anything from their computers. This ruling comes on the heels of a Finnish ruling that users have no legal right to be able to play CDs in their computers.

The case before the ECJ involved Jarmo Järvenpää, an investment banker from Helsinki. Mr. Järvenpää called Microsoft customer support in an attempt to get MSN Messenger removed from his machine. MSN Messenger is an instant-messaging program that, according to statistics obtained by SEDHE, is used by no one.

"I tried and tried to get de Myessenger off of my compyooter, vid no luck. So I called up cyustomer supoort, and ven I said I vanted to remyoove de program, dey sent de police to my house," said Mr. Järvenpää, whose accent has been reproduced phonetically. The police arrested him, citing a little-known EU stipulation that mandates that users cannot do anything to their machines that software vendors do not want. "An end-user of a machine is granted a license by the operating system manufacturer to use said machine. The software manufacturer, not the end-user, is the legal owner of said computing machine, and as such, the end-user is not entitled to do anything to that machine that is prohibited by the software manufacturer," says EU regulation 656-5827-B.

Finnish intellectual property lawyer Tarja Hämeenniemi says that the regulation is bogus. Her accent has also been reproduced phonetically. "De ting is dat de major softvare cyoompanies lobbied to have dis regulation inserted. Dis vay, dey can exercise complete control over deyend-eeyuser. Dis is de fyooture of intellectual property rights," she said.

While the director of Microsoft Finland could not be reached, SEDHE managed to get in touch with the director of Microsoft Sweden, which is just as good. The director, Mr. Weds Cheshif, was less than forthcoming: "Ve heve a poolicy of not tooking about spercific ishyoos vile dey're in de leeteegation phase. All vee can say at deesa point eez dat ve are vorking hard tyoo maintain de control over our eenteelectual property, and eef dat reeqivires de prosecyootion of some people, den so be it. Bork, bork, bork!"

Publicity directors of other companies we contacted similarly framed the issue in terms of intellectual property rights. "Well, of course they are," said SEDHE Intellectual Property Editor H. Simon Gregory. "That's the easiest way for a company to get rights that it doesn't have: scream 'copyright infringement' and suddenly everyone's listening, especially other media companies, who lobby for ridiculously restrictive regulations that breach a person's rights to use the things he bought in the way he wants. Then, this person must go to court and spend time and money proving that he has the rights that he has, anyway. Suddenly, he's the bad guy!"

The ECJ ruling means that end-users must contact the manufacturers of their operating systems in order to get permission to do anything to their machines. In the case of users of Gentoo Linux, the end-user must telephone everyone who ever worked on Gentoo and ask their permission. If just one person says "no," the end-user cannot modify his machine. Even a cool case-mod like ultraviolet lights would be prohibited. A statement from France-based Vivendi Universal said that the issue was terrorism. "We cannot allow terrorists to take control over our property for their nefarious terrorist purposes. And if you don't believe that, then replace the word 'terrorist' with 'pornographer.' And if you don't believe that, call our PR department and we'll come up with a different excuse," the statement said.

Posted by Mark at 12:29 PM | Permalink | Comments (0) | TrackBacks (0)

Stanford University law professor Lawrence Lessig penned a piece for Foreign Policy in which he predicts that DRM (digital rights management) efforts will spell the end of the public domain:

So, for example, the United States has radically increased the reach of copyright regulation. And through the World Intellectual Property Organization, wealthy countries everywhere are pushing to impose even tighter restrictions on the rest of the world. These legal measures will soon be supplemented by extraordinary technologies that will secure to the owners of culture almost perfect control over how “their property” is used. Any balance between public and private will thus be lost. The private domain will swallow the public domain. And the cultivation of culture and creativity will then be dictated by those who claim to own it.

The theory behind "public domain" is that creative work belongs to no one. Its natural state is to belong to everyone. But the state, recognizing that it benefits everyone if an artist is able to make some money off of his art and thus produce more art, grants the artist a monopoly for so many years. This monopoly is what we call "copyright." Once the monopoly expires, the work enters the public domain, meaning no one has an exclusive license to redistribute the work.

Gradually, media companies have increased the length of the copyright term. The Sonny Bono Copyright Term Extension Act of 1998 now allows a work created today to be copyrighted for 120 years! No one knows the problems with copyright law better than Lessig, who, in addition to writing several books on the issue, has argued copyright law in front of the Supreme Court. In the case Eldred v. Ashcroft, 01-618 (2003), Lessig argued on behalf of his client, Eric Eldred, that extended copyright to 120 years does not comport with the Constitution's requirement that copyrights and patents be granted for "limited Times." The court didn't buy his argument and sided with the government. (Admittedly, Lessig's argument, that Congress didn't have the power to extend copyright to such a long time, was pretty weak. Clearly, the Constitution does give Congress the power to do whatever it wants with copyright. The Court acknowledged that "the CTEA does not violate the 'limited Times' restriction of the Copyright Clause because the CTEA's terms, though longer than the 1976 Act's terms, are still limited, not perpetual, and therefore fit within Congress' discretion." In his book, Free Culture, Lessig admits that he used an argument that didn't make the CTEA matter to the justices. It does pain me to say it, because I don't like the CTEA at all, but the Court made the best decision with regard to the law.)

Anyway, getting back to the public domain. In Foreign Policy, Lessig suggests that anti-piracy efforts will spell the end of the public domain. This is probably true. DRM is an anti-piracy measure, but DRM doesn't know what "fair use" or "public domain" are. Fair use is defined in 17 U.S.C. 107, which states that an author's exclusive right does not extend to "criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research." To be classified as fair use, a work must be used (1) in one of the ways above, and (2) in a substantially non-commercial way. In evaluating fair use, the intent of the use must be taken into account. Do I want to copy an episode of South Park and redistribute it on the Internet, or do I want to play it for my satire class to show them what "lampoon" is? (Cf. "The Passion of the Jew.") The latter use is fair use, since it is being used for teaching and does not affect the value of the work commercially (i.e. because students have already seen the work in my class, they won't refrain from watching it on TV or purchasing it on DVD); the former is not, as the former affects "the potential market for or value of the copyrighted work" (instead of buying the DVD or watching it on TV, I'll download it from the Internet). DVDs have encryption on them to prevent piracy, and thanks to the DMCA, cracking an anti-piracy protection is a crime. What does this mean? It means that I have to break the law in order to do something allowed by law. The DMCA set up a no-win scenario (or, for Larry, a Kobayashi Maru scenario): I can't exercise my fair use rights to the work because of encryption, but neither can I break the encryption in order to exercise my fair use rights, because that would be a crime.

What do the content providers think of "fair use"? They hate it. They absolutely loathe it because it allows people to use their stuff without paying for it. In an RIAA Powerpoint presentation delivered at an Aug. 12 NARM convention in San Diego, Mitch Bainwol, CEO of the RIAA, refers to fair use as "theology." Theology?! It's in the damn law! It's not a question of believing in fair use or not believing in fair use. It's written down! It's there! You can read it! It exists! You don't need faith to believe in fair use; you need some reading glasses!

Also, consider that works being distributed as eBooks have DRM built into them, even if they're in the public domain! In Free Culture, Lessig demonstrates this using the book Middlemarch, which is in the public domain:

When my e-book of Middlemarch says I have the permission to copy only ten text selections into the memory every ten days, what that really means is that the eBook Reader has enabled the publisher to control how I use the book on my computer, far beyond the control that the law would enable.

DRM on public domain works breaks the law because it continues to grant the author an exclusive license to the work. DRM on copyrighted work can break the law because it doesn't allow for the exercise of fair use. Once I buy my CD of Bette Midler's greatest hits, it's mine. I own it. It's a tangible thing and I own it. But if there's DRM on the CD, then I do not own it! The music publisher still owns it and is generous enough to allow me to play the CD. Assbag.

The only reason that content companies put DRM into their stuff is because they can. Do you think for a minute that they didn't put DRM in VHS tapes because they respected you as a customer? Not on your life, pal. It's because they didn't have the technology to do it back then. The goal of a content company is the same as any other company: profit. They want to force you to keep coming back to them for content, upgrades, service, parts, whatever. DRM tells you, the consumer, in no uncertain terms that you view content at the pleasure of the company that's provided it for you. If they don't want you to do something with the content, then you won't. And you'll like it. And you'll come back for more.

But maybe there's a bright side to this. Maybe companies' Draconian DRM tactics will backfire and consumers, used to doing whatever they want with whatever they bought, will opt not to buy CDs with ridiculous DRM built into them. Or they'll become amateur hackers and figure out ways around the DRM. As Larry Lessig concludes at the end of Free Culture:

My point is not the idiotic one: Just because people violate a law, we should therefore repeal it. Obviously, we could reduce murder statistics dramatically by legalizing murder on Wednesdays and Fridays. But that wouldn't make any sense, since murder is wrong every day of the week. A society is right to ban murder always and everywhere.

[...]

When at least forty-three million citizens download content from the Internet, and when they use tools to combine that content in ways unauthorized by copyright holders, the first question we should be asking is not how best to involve the FBI. The first question should be whether this particular prohibition is really necessary in order to achieve the proper ends that copyright law serves. Is there another way to assure that artists get paid without transforming forty-three million Americans into felons? Does it make sense if there are other ways to assure that artists get paid without transforming America into a nation of felons?

DRM is designed to make information behave like a tangible thing. Mariah Carey's new hit single must be exactly like a refrigerator. The problem is that it's not. And DRM allows content providers to force information to behave like a refrigerator. It gives corporations a government-sanctioned excuse to be lazy, to stop innovating, to force new markets to behave like old ones.

Lessig's concern in Foreign Policy is that the public domain will disappear as the distinction between "public" and "private" becomes blurred to the point where "private" swallows "public" and consumers are forced to pay for everything. Something will have value only if it has a price. I maintain that it doesn't have to be this way. Like a dystopic novel, this is a warning: you can stop this future from happening! When Foo Fighters publishes a CD full of DRM, don't buy it. When Velvet Revolver publishes a CD with DRM, don't buy it. Declare that the market is made of producers and consumers, and if the music industry wants to retain you as a consumer, it had better afford you some respect by letting you do what you want with the stuff you own. And if it won't, then you'll go somewhere where you're being respected and not having business practices shoved down your throat under penalty of law.

Posted by Mark at 6:59 PM | Permalink | Comments (4) | TrackBacks (0)

If there is one piece of legislation that's detrimental to liberty, it's the USA PATRIOT Act. If there are two pieces of legislation that are detrimental to liberty, they are the USA PATRIOT Act and the Digital Millennium Copyright Act (DMCA).

Signed into law in 1998, the original intent of the DMCA was to protect copyrighted works from piracy and hacking. Under the DMCA, it is a federal crime to circumvent electronic anti-infringement protection, like the kind you might find on the copy of Warcraft III you cracked. Makes sense, right?

But the DMCA has been abused by corporations seeking to maintain a monopoly on their products. "Anti-infringement" protection has become "anti-competition" protection as corporations lock down their products, forcing you to come to them whenever you have problems.

Thankfully, the courts are working. Whenever corporations file lawsuits to have the DMCA protect crazy things, judges see right through them. In the most recent case of the DMCA being used to stifle innovation and competition, we have a company called StorageTek, which makes automated tape cartridge libraries for backing up data. StorageTek required its clients to have StorageTek service all of its machines, due to the fact that the machines used proprietary software.

In steps Custom Hardware Engineering & Consulting (CHE), which figures out how to intercept the error messages sent by this proprietary software and diagnose problems with the machines. To do this, CHE has to crack password protection software designed to prevent unauthorized reconfigurations of this proprietary software.

As expected, StorageTek sued, alleging violations of the DMCA, since the software was copyrighted and there was an anti-circumvention scheme in place. CHE defended itself by saying that the existence of such an anti-circumvention scheme constitutes antitrust; in designing software that should only be altered by StorageTek, the company has locked anyone else out from repairing the machines. While it's clear even to Judge Magoo that this is an antitrust violation (an attempt to lock out competition in a given industry), the trial court in this case refused to grant an injunction to CHE, since it believed that CHE did not have a good chance of winning the case on the merits.

Huh? That's a stupid baby opinion. Thankfully, an unnamed Circuit Court of Appeals reversed the trial court's decision:

That result follows because the DMCA must be read in the context of the Copyright Act, which balances the rights of the copyright owner against the public’s interest in having appropriate access to the work.

Maintenance is not prohibited by the Copyright Act, and in examining whose interest is at stake, the court concluded that, in this issue of maintenance, the public's interest in accessing the work in order fix it trumps the copyright owner's rights. CHE's cracking of StorageTek's protection software does not violate the DMCA, since there is no danger that CHE will steal the proprietary software. The DMCA, therefore, cannot prohibit third-party maintenance of a protected "work." (I put "work" in quotes because I don't believe that software code can be copyrighted. Software code is a set of instructions, not a work of art, and as such, should be covered by patents, not copyrights. See my previous post about patents and copyrights.)

Slowly but surely, our activist, liberal, baby-killing federal courts are doing the right thing and curbing the excessive power that the DMCA gives to copyright-holders.

Posted by Mark at 3:15 PM | Permalink | Comments (8) | TrackBacks (0)

Via Boing Boing comes an article from the Sydney Morning Herald (registration required) that describes a way in which Microsoft is going to shove DRM down your throat, and you'll like it! Apparently, Windows Vista will intentionally make protected content fuzzier than it ought to be unless the monitor is equipped with High-bandwidth Digital Content Protection (HDCP):

Stephen Speicher, who writes a weekly column for the tech blog engadget, said: "If you're one of those rare people whose display is equipped with HDCP, you're fine. However, in the world of computers, such users are few and far between."

The technology is known as PVP-OPM, or Protected Video Path - Output Protection Management.

Speicher said while HDCP had become a de facto standard for display copy-protection in televisions, its penetration in the computer display market was very low.

"Whether you're plunking down money for one of the new ultra-fast LCD displays with 4ms response times or you're becoming the envy of the neighbourhood with Dell's UltraSharp 2405FPW widescreen display, you're buying a monitor that won't play nice with premium content in Longhorn (the code name for Windows Vista)," he said.

So, Microsoft is going to lock down content -- or at least make it a little more annoying to view -- unless you cough up for a new monitor that ensures that you won't steal protected content. Isn't this going a little overboard? Again, who is Microsoft kidding? Hardcore h4xx0rz that want to pirate content will pirate content, and if Microsoft throws a hurdle in their way, they'll find a way to jump over it. It certainly happened with the Genuine Advantage program, which was cracked in 24 hours.

The Library of the Future (brought to you by the MPAA)

Imagine the DRMed library of the future, every music, film, and software company's wet dream: You go into the library, but once you step into the library, a burly man follows you around and looks over your shoulder while you're reading, just to make sure that you're not taking notes about what's in the book, or if you are, that you're only taking one note every twenty-four minutes, and no more than seven notes per individual book. And no memorizing anything, or else the burly man will punch you in the head until you forget what you saw in that book, or that film, or heard in that audio recording. You may have paid $27.50 per month for a membership to the library, but you're certainly not going to do anything with those books that the publishers don't want you to do.

Oh, and to watch any films produced by Sony, you need to pay $8 extra for special glasses that allow you to view the film; without them, the picture looks garbled. And Sony's special glasses won't work for Warner Bros. films, so if you want to view those, you'll need to pay $8 more for Warner Bros. glasses.

Did I mention that you'll be naked? Because if you aren't, there's the possibility that you could steal some of the stuff from this library. And yes, there's a rectal check on the way out. But, hey, it's worth all of this to get your cultural content, right? Well, yes. Because this library is the only place that contains any cultural content anymore. It's the law. Written by Rick Santorum and co-sponsored by Orrin Hatch, the law was re-written so that the only place that any art or media could be put on display was this library, which is owned and operated by a consortium that includes the MPAA and the RIAA. No books, films, or audio recordings are allowed outside of this library. Why? Because we have to protect the artists. If you were allowed to wander around town with a book, then you could give it to someone else. And does Bill O'Reilly get any benefit from you re-selling that copy of The No Spin Zone? Heck, no. So why should he even work at all? It just makes good business sense: everything should be paid for. No public domain, no fair use. That only encourages infringement. And only terrorists, commies, and homogays enjoy infringement.

And sodomy. Delicious sodomy.

Posted by Mark at 6:14 AM | Permalink | Comments (0) | TrackBacks (0)

Boing Boing linked a few days ago to a website showing screenshots from a terrible bootleg copy of Star Wars Episode III. There was a line of blur toward the top of the screen, extending all the way across the picture, which was a studio timecode that had been blurred out.

Here's a DVD case for a bootleg copy of the film, which includes the credits from the film Armageddon on the back, as well as some hijacked art from starwars.com (you can download the art on the back of the pirated DVD, "Rise Lord Vader," as a desktop wallpaper, although whoever made this DVD box had other intentions for it).

So why would anyone pay for this crap? MPAA operates under the assumption that we're all rational consumers. A "rational consumer" is a consumer who takes only price into account when making a decision about buying something. In a perfectly competitive market, this makes sense. The definition of a "perfectly competitive market" is one where there are thousands of sellers all selling exactly the same thing for, it turns out, exactly the same price (a single firm in a perfectly competitive market could lower its price, but it wouldn't be able to make enough money to have an economic profit, since there are literally thousands of other firms selling the same thing at a higher price and making more money off the deal. Like most things in economics, a "perfectly competitive market" is something invented by the folks at the College Board and the textbook companies. The graphs look nice, but they bear little resemblance to reality.

In reality, consumers do make distinctions based on factors besides price because items for sale do differ in quality. If I were a rational consumer, I would pay $5 for the bootleg DVD instead of $24.95 for the real DVD. But as a consumer concerned with quality, I want the assurance that I'm watching a real copy of the film, as well as a copy without quality problems (like a timecode in the middle of the screen). Why people would buy these pirated DVDs I'll never know, probably because they don't know that they're of terrible quality.

I'll download a 700 MB AVI of a movie I want to watch, but if I want to watch the movie again and again, I'll just buy it. The same goes for MP3s: if all I can find is low-quality versions of songs I want, I'll just buy the album (especially if I can't find the whole album. Do you know how hard it is to find all of the tracks for Music for a Darkened Theatre, Vol. 2 on the file-sharing networks? No one has it!).

We consumers make quality distinctions and we won't buy crap unless we're duped into thinking it's not crap. That's why people buy junky cars all the time: it's not because they want a junky car; it's because they've been led to believe it's not a junky car.

Posted by Mark at 1:48 PM | Permalink | Comments (5) | TrackBacks (0)

Back in 2002, Lexmark, the maker of cheap, dopey printers, sued a company called Static Control Components. Lexmark's laser printer toner cartridges contained a chip that measures (approximately) the amount of toner left in a cartridge. Companies that buy toner cartridges from Lexmark can get them at a discount using Lexmark's "Prebate" program, whereby a business agrees to send a used cartridge back to Lexmark for re-filling. The program specifies that these businesses may only buy their cartridges from Lexmark, and software on the chip and in the printer itself ensures that customers don't violate this agreement.

In steps Static Control Components (SCC), which manufactures a chip that breaks the encryption on Lexmark's toner chip, allowing consumers to use third-party toner cartridges instead of Lexmark's. Lexmark sued under the Digital Millennium Copyright Act (DMCA), alleging that SCC's technology is being used to "circumvent a technological measure that effectively controls access to a work" that is copyrighted. In this case, Lexmark's control programs are copyrighted.

Lexmark provided three theories of liability:

First, Lexmark alleged that SCC violated the copyright statute, 17 U.S.C. § 106, by reproducing the Toner Loading Program on its SMARTEK chip. Second, it alleged that SCC violated the DMCA by selling a product that circumvents access controls on the Toner Loading Program. Third, it alleged that SCC violated the DMCA by selling a product that circumvents access controls on the Printer Engine Program.

The Sixth Circuit Court of Appeals, in Lexmark v. Static Control Components (03-5400), didn't buy this argument. The case was appealed to the Supreme Court, but the Court rejected it.

Which brings me to my point: why is software copyrightable? The United States Code makes an explicit distinction between copyrights and patents:

17 U.S.C. 102:

(a) Copyright protection subsists, in accordance with this title, in original works of authorship fixed in any tangible medium of expression, now known or later developed, from which they can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or device. Works of authorship include the following categories:

(1) literary works;
(2) musical works, including any accompanying words;
(3) dramatic works, including any accompanying music;
(4) pantomimes and choreographic works;
(5) pictorial, graphic, and sculptural works;
(6) motion pictures and other audiovisual works;
(7) sound recordings; and
(8) architectural works.

(b) In no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work.

Take a look at that last paragraph. Copyrights are not supposed to be extended to inventions or devices which engage in some sort of utilitarian function. What is a computer program? Is it a literary work? No. Is it a musical work, a dramatic work, a pantomime, a sculpture, a motion picture, a sound recording, or an architectural work? I believe we can all agree that it is none of those. But, of course, these are just examples of things that are copyrightable; the list is not all-inclusive.

Is a computer program an "idea"? Well, certainly, but so is a sculpture. Is a computer program a "procedure"? Yes, at its most basic, a computer program is nothing more than a set of instructions. Here is a computer program:

10 PRINT "I AM GOING CRAZY"
20 GOTO 10
30 RUN

This is a set of instructions written in BASIC. In BASIC, the computer goes through lines of code sequentially until it's told to stop. The above program tells the computer to display the words I AM GOING CRAZY. The computer then moves on to the next instruction, which tells it to go back to line 10. It again displays I AM GOING CRAZY, then moves on to the next instruction, which tells it to go back to line 10. (Line 30, RUN, tells the computer to execute the program.) You get the idea. This will cause the computer to continue displaying the words "I am going crazy" until someone turns it off. The computer is helpless to do anything other than that which it is told. It is executing a series of instructions, and this is a "procedure." It is also a "process," "system," and "method of operation."

Why, then, is software protected by copyrights? Let's take a more sophisticated piece of software, like WarCraft III. It has some literary and artistic elements, and those can be copyrighted: the names, characters, music, and storyline can all be copyrighted. The code which powers the game, however, must be patented!

Why copyright protection, then? Because software manufacturers lobbied for it. And because copyright protection is stronger than patent protection. If you copyright something today, you hold an exclusive right to reproduce that work for the length of your life and 70 years afterward. If you copyright something anonymously, under a pseudonym, or for hire, then you hold a copyright for 120 years after its creation [15 U.S.C. 302]! Companies like Walt Disney have lobbied extensively to keep copyrighted materials out of the public domain (cf. the Sonny Bono Copyright Term Extension Act, which extended copyright protections by 20 more years), paying Congressmen lots of money to extend copyrights just as they are about to expire. A patent, on the other hand, is enforcable for only 20 years after the date the patent was issued [35 U.S.C. 154(a)(2)].

Or maybe I'm wrong and software should be copyrighted. Any ideas?

Posted by Mark at 3:56 PM | Permalink | Comments (0) | TrackBacks (0)

As if Congress weren't already in the MPAA's pockets, given the recent Family Craptacular Act of 2005 that President Bush signed into law yesterday, Congress is also in the pockets of ... the for-profit weather data industry?

That's right, folks. Sen. Rick Santorum (R-PA) has, ironically, done one of the gayest things a senator could ever do. This time, the pandering isn't even covert. It's the opposite of that. Some might say it's covert.

Last week, Santorum introduced S.786 into the Senate, "To clarify the duties and responsibilities of the National Oceanic and Atmospheric Administration and the National Weather Service, and for other purposes."

What are these duties? Apparently, they are to collect a whole lot of meteorological data. And then guess what Santorum doesn't want the National Weather Service to do? Give you these data for free! Currently, the NWS, a government agency, provides meteorological data for free. Under Santorum's revised "duties," the NWS would be prohibited from giving away meteorological data for free -- or in any other way "that might influence or affect the market value of any product, service, commodity, tradable, or business," since NWS competes with private-sector weather data companies.

I think this is probably the most asinine thing I've ever heard in my entire life. Pity the poor private-sector weather collection agencies. Sure, you can have your storm warnings -- for five dollars. Hey, we're just trying to make a living!

The old laws of economics once said that if you aren't making money doing something, it's time to do something else. The new laws of economics say that if you're not making money doing something, lobby Congress to enact legislation that will allow you to make money doing whatever it is you're doing. For example, if you're a guy in charge of a private-sector weather agency, and you're not making money because NWS provides its data for free, don't go into another line of work! Just find the most easily paid-off Congressman you can and lobby him or her to write legislation that eliminates your competition! (See also Digital Millennium Copyright Act [DMCA], in which media companies forced new markets and technologies to behave like old ones, so they could continue using old-and-busted business models instead of innovating.)

Also, EFF points out that you already pay for NWS information, since it's a taxpayer-funded agency. Santorum's bill would still allow -- and indeed, require -- NWS to provide weather data to private weather companies. Under Santorum's plan, then, you would pay twice for meteorological data.

For this reason (and others, definitely), Rick Santorum is a SEDHE Villian of the Forever.

Posted by Mark at 10:06 AM | Permalink | Comments (1) | TrackBacks (0)

Via Boing Boing comes an amicus brief in the MGM v. Grokster case from the Free Software Foundation.

The first lines struck me immediately:

At the heart of Petitioners’ argument is an arrogant and unreasonable claim -- even if made to the legislature empowered to determine such a general issue of social policy -- that the Internet must be designed for the convenience of their business model, and to the extent that its design reflects other concerns, the Internet should be illegal.

This is what I've been saying all along: that content providers want a business model that is convenient for them, and if they have to choose between developing a new one or forcing new technology to conform to the standards of the old one, they will choose the latter.

When the ability to "separate" infringing from non-infringing communications is within the realm of technological possibility, even if only through one possible network design, a centralized server-client architecture, that route must be chosen. Failure to adopt that technical architecture by software designers creating network protocols and applications establishes secondary liability for later acts of infringement of which the technical designers were unaware and over which they had no control.

A similar argument was made by the computer science professors, viz., that a network is designed with efficiency in mind, not ability to break the law. P2P networks were used for file-sharing because they handled large loads well and didn't require centralized servers (thus, less overhead). Petitioners suggest that since the designers of file-sharing software did not use a client-server network -- which would be able to filter infringing content -- then that software must be infringing because it was not designed using a network architecture that could prevent infringement. The problem here is that we have no idea what the intent of the software designers was. And most software designers will strive for efficiency without even considering other implications.

FSF later notes that petitioners are seeking government assistance for "an unprecedented and unwarranted extension of their monopolies."

This Court has consistently held that copyright holders do not have unlimited power to control all or even most uses and distributions of their works. Extension of control beyond the limits set by the distinction between expressions and ideas, and the principle of fair use, is constitutionally prohibited, as this Court has repeatedly taught.

Thus petitioners do not have the ability to control every use of their works, since the purpose of copyright law in the first place is "the general public good."

FSF concludes that decisions about changing copyright law to reflect new technological innovations should be made by Congress, not the judidicary. Although if the DMCA and Orrin Hatch's loathsome Inducement of Infringement of Copyright Act are any indication of what Congress will offer, I'd rather take my chances with the Supreme Court. At least they're not taking money from MPAA and RIAA.

Posted by Mark at 11:32 AM | Permalink | Comments (0) | TrackBacks (0)

Cory Doctrow reports:

Ian Hogben discovered that his HP laptop stores a whitelist of allowed Mini-PCI cards in its BIOS. If the WiFi card you buy isn't on the whitelist, your laptop won't boot. The anticompetitive implications for this are stunning: if you don't go to HP on bent knee before shipping your cards, they'll lock them out of their hardware and none of their customers will be able to use your card. Not to mention what happens when new cards are invented after your laptop leaves the factory: sorry, no modern hardware for you, your laptop only works with museum pieces. [Original story.]

Cory is absolutely right. While your car's owners manual says that the dealer's power steering fluid is recommended, everyone knows that the dealer's fluids are more expensive and are probably just re-branded versions of regular products, anyway. Now, imagine a dystopic future in which your car wouldn't function unless it was using only the fluids specified by the dealer. You'd get super-pissed! That's exactly what's happening here. Microsoft got busted for this kind of practice ("Either you include our Internet browser or we're taking away your license to sell Windows"). Hopefully HP will, too.

Posted by Mark at 3:20 PM | Permalink | Comments (2) | TrackBacks (0)

Cory Doctorow of Boing Boing is a sometimes lawyer who often works for the Electronic Frontier Foundation and deals with civil liberties in digital spheres. You may remember him as the author of this summer's smash-hit "DRM Talk," given by Cory to some programmers at Microsoft.

Boing Boing produced some fascinating -- and terrifying -- examples of Your Rights Being Infringed over the weekend. In this first example, a man is taking photographs in a MUNI station in San Francisco (I assume this is a bus or train station) and some police come over and ask him to stop. He asks them to tell him where in the law it says that he can't take photographs. They admit that there is no such law, but they ask him to please stop, anyway, in the name of "security." This first example relies on people not knowing what their rights are.

In this second example, a Boing Boing reader is in Manila, Philippines, where it is state policy to use "searching for bombs" on trains and buses as an excuse to confiscate any home-created optical media. The CDs and DVDs you burned at home -- even if technically legal, even if for work or fair use -- taken! All in the name of preventing IP theft. Fortunately, Manila is not the U.S., but if MPAA and RIAA have their way, it may be, soon.

Posted by Mark at 9:50 AM | Permalink | Comments (1) | TrackBacks (0)

So it's come to this. The U.S. Supreme Court has granted a writ of certiorari to the Grokster case, which proves to be the next landmark legal decision in copyright law (the first being Sony v. Universal, 464 U.S. 417 (1984), the so-called Betamax case). In that case, the Court ruled that the Betamax did not infringe upon the copyrights held by respondents Universal City Studios and Walt Disney Company. The Court didn't buy the argument that "supplying the 'means' to accomplish an infringing activity and encouraging that activity through advertisement are sufficient to establish liability for copyright infringement." And finally -- and most importantly -- the Court ruled that "[t]he sale of copying equipment, like the sale of other articles of commerce, does not constitute contributory infringement if the product is widely used for legitimate, unobjectionable purposes, or, indeed, is merely capable of substantial noninfringing uses." The notion that "an article of commerce" may be able to infringe copyright but can still be legal as long as it has "substantial noninfringing uses" is what has allowed things like photocopiers, VCRs, CD burners, and so on and so forth.

At issue in MGM v. Grokster, 03-55894 (2004) is "whether distributors of peer-to-peer file-sharing computer networking software may be held contributorily or vicariously liable for copyright infringements by users." The Ninth Circuit Court of Appeals didn't believe so, and ruled in August 2004 that Grokster was not liable for contributory infringement.

The Ninth Circuit Court observed, rightly, that ever since "the advent of the player piano, every new means of reproducing sound has struck a dissonant chord with musical copyright owners, often resulting in federal litigation."

Contributory infringement

It wouldn't be a federal court case without prongs, and MGM v. Grokster is no exception. In order to prove contributory infringement, the following three prongs must be met: "(1) direct infringement by a primary infringer, (2) knowledge of the infringement, and (3) material contribution to the infringement." The lack of any one prong means that the activity does not constitute contributory infringement.

No one disputes the element of direct infringement, so that's one prong. Two more to go until we've got contributory infringement.

The "knowledge" prong gets tricky, because if the device in question is not capable of "substantial non-infringing uses," then "the copyright owner need only show that the defendant had constructive knowledge of the infringement." "Constructive" in this case means that, although the defendant did not, in reality, actually know that infringement was occurring, the situation was such that the defendant could probably surmise that infringement was occurring, since the device had no non-infringing uses.

But, "if the product at issue is capable of substantial or commercially significant noninfringing uses, then the copyright owner must demonstrate that the defendant had reasonable knowledge of specific infringing files and failed to act on that knowledge to prevent infringement." "Reasonable" means that the defendant had rational or appropriate knowledge. It is a higher standard of knowledge: the defendant could not merely surmise that infringement was occurring, since non-infringing activity could also be occurring; therefore, he had to know that infringement was taking place.

The Circuit Court determined that Grokster was capable of "substantial non-infringing uses," even though the respondents insisted that a majority of the activity on Grokster's network was illegal. That doesn't matter, though, since, "in order for limitations imposed by Sony to apply, a product need only be capable of substantial noninfringing uses." The law says nothing about quantity of noninfringing use. Boo-yah!

Thus, the standard is "reasonable knowledge of specific infringement": Grokster had to know that copyright infringement was taking place. Did they? The Ninth Circuit Court's argument is sketchy here, although ultimately they conclude that Grokster did have knowledge of specific infringement.

And what of "material contribution"? In the Napster case, the Circuit Court ruled that "Napster provides the site and facilities for direct infringement." Grokster is different because of its distributed architecture: "even if the Software Distributors 'closed their doors and deactivated all computers within their control, users of their products could continue sharing files with little or no interruption.'" Thus, it is here that the argument fails: Grokster does not materially contribute to infringement, and thus, it does not meet the third prong of the test, meaning that there is no contributory infringement.

And the Ninth Circuit adds, "The technology has numerous other uses, significantly reducing the distribution costs of public domain and permissively shared art and speech, as well as reducing the centralized control of that distribution."

Vicarious infringement

Okay, maybe Grokster didn't contribute to infringement. But maybe, through negligence -- by not doing something they could have done -- they indirectly contributed to infringement. This is "vicarious infringement," and Grokster is being charged with that, too.

Time for more prongs. To prove "vicarious infringement," there must be "(1) direct infringement by a primary party, (2) a direct financial benefit to the defendant, and (3) the right and ability to supervise the infringers." The "direct financial benefit" in this case is advertising revenue, since Grokster (and Kazaa, another respondent) uses ad-supported software (this is the one and only time I'll be on spyware's side). The Court also did not dispute the existence of "direct infringement." That's two prongs down.

Does Grokster have "the right and ability to supervise the infringers"? Not really. "It does not appear from any of the evidence in the record that either of the defendants has the ability to block access to individual users," the Court said. "The nature of the relationship between Grokster and StreamCast and their users is significantly different from the nature of the relationship between a swap meet operator and its participants [a reference to another case determining a relationship between an infringer and a potential infringee; cf. Fonovisa v. Cherry Auction, 76 F.3d 259 (1996)], or prior versions of Napster and its users, since Grokster and StreamCast are more truly decentralized, peer-to-peer file-sharing networks." They fail to meet the third prong, so there's no vicarious infringement.

And so, the case is over in the Ninth Circuit Court of Appeals, with the respondents urging for a renovation of copyright laws, which the Court said would be "unwise," since it "would also alter general copyright law in profound ways with unknown ultimate consequences outside the present context." Now here's a great paragraph which I will quote here, without citations. It describes exactly what copyright law does and what it doesn't do:

Further, as we have observed, we live in a quicksilver technological environment with courts ill-suited to fix the flow of internet innovation. The introduction of new technology is always disruptive to old markets, and particularly to those copyright owners whose works are sold through well-established distribution mechanisms. Yet, history has shown that time and market forces often provide equilibrium in balancing interests, whether the new technology be a player piano, a copier, a tape recorder, a video recorder, a personal computer, a karaoke machine, or an MP3 player. Thus, it is prudent for courts to exercise caution before restructuring liability theories for the purpose of addressing specific market abuses, despite their apparent present magnitude.

And so the case will be heard by the Supreme Court on March 25. Rehnquist himself voted against the Betmax decision back in 1984, but I'll bet he has a VCR now. This time, the case is more sound, as the Ninth Circuit Court stuck to the letter of the law, something that will please Justice Scalia (although it doesn't bring in larger Western, male, heterosexual traditions -- which are perfectly acceptable as law -- so he might cry just a little bit). This case is different from Betamax in that the words of the law are clear: Grokster does not meet all the requirements for vicarious or contributory infringement. The Supreme Court will not have to fashion a brand-new interpretation of the law to fit a brand-new situation as it did in 1984.

And if the Court rules that file-sharing on a peer-to-peer network is illegal, how else will Clarence Thomas get his episodes of Sex and the City?

For more information, please visit EFF's big page of MGM v. Grokster case files.

Posted by Mark at 11:00 AM | Permalink | Comments (1) | TrackBacks (0)

Both Boing Boing and Slashdot reported on California Senate Bill (SB) 96, which would punish any person who

sells, offers for sale, advertises, distributes, disseminates, provides, or otherwise makes available peer-to-peer file sharing software that enables its user to electronically disseminate commercial recordings or audiovisual works via the Internet or any other digital network, and who fails to exercise reasonable care in preventing use of that software to commit an unlawful act with respect to a commercial recording or audiovisual work[.]

The phrase "reasonable care," says Jason Schultz of the Electronic Frontier Foundation (EFF), is dangerously ambiguous:

"Reasonable care" could mean anything from the forced design and/or redesign of software to mandated filtering and digital rights management (DRM) -- even the forced installation of spyware to monitor user behavior. Moreover, SB 96 would effectively overrule the Betamax protections that the Supreme Court has provided technology companies for more than 20 years. That kind of seismic shift would destabilize some of California's most successful companies.

Of course, any state law that conflicts with a Supreme Court ruling is null, since the Supreme Court's interpretation of the law trumps state laws. Still, the phrase "reasonable care" means that a corporation designing a product will err on the side of too much restriction, rather than be complicit in copyright violations. This is the same thing going on in network television, where broadcasters err on the side of too much censorship rather than face the wrath of an irrational FCC controlled by the Parents Television Council.

The problem with this law is that the Internet is designed to disseminate information. As Cory Doctrow notes, "This, of course, includes email, IM, Web-browsers, and every other tool for exchanging data on the Internet. Nice one, Kevin! Maybe once you've passed this one, you can introduce a bill to make Pi equal to 3 and then execute everyone who insists otherwise." Doctrow alludes here to an old urban legend which claims that an Alabama state law changed the value of pi to 3 in order to agree with the Bible. The point is nevertheless well-taken: attempting to constrain the Internet to fit the form of older types of communication is a ridiculous notion which will send science back to the stone age. And even then, AOL TimeWarner will demand seven cents for every communication sent by throwing rocks, since they hold a patent on rock-throwing technology.

Posted by Mark at 10:33 AM | Permalink | Comments (5) | TrackBacks (0)

Mike commented the other day about software patents:

Reverse-engineering a refrigerator -- a mechanical device -- is a little bit different from reverse-engineering a video game, a work of artistry. Video games, and even more utilitarian computer programs, are more akin to music, movies, and books, methinks -- three media in which the institution of the copyright is rarely challenged, except the continuing (and necessary) squabbles over what constitutes "fair use."

Consider: the manufacture of a refrigerator requires a capital expense for equipment, raw materials, and perhaps even a skilled workforce. Not to mention a tangible, bricks-and-mortar distribution network. Even if I were to reverse-engineer the latest Frigidaire, I'd be in no position to compete for floor shelf at the local Sears.

Pirating computer programs, on the other hand, takes only patience, caffeine, a certain knowledge of computer language, and (for distribution) an Internet connection -- a much lower barrier of entry. A computer program is not a tangible thing that is manufactured; it's a collection of bits. It's information.

I would disagree in the case of video games and computer programs. I would think that they fall under the guise of a patent rather than a copyright. Consider that writing a piece of software takes a capital expense for equipment (the machinery on which the software is written and tested), and a skilled workforce. Software also has a tangible distribution network. The only difference between a refrigerator and a computer program is that I have the resources to make a computer program that is as good as anything Microsoft can come up with. A refrigerator requires more machinery than I probably possess (although if I were a talented engineer, I could probably come up with something resembling a refrigerator), but all I need to make a computer program is myself and some software.

Consider that I am allowed to take my refrigerator apart, but I am not allowed to take my copy of Windows XP apart. Software, I feel, should be subject to the same patent laws as a refrigerator. Windows XP is no more a work of art than the computer upon which it is "written."

Posted by Mark at 4:40 PM | Permalink | Comments (1) | TrackBacks (0)

Did you know that when you buy The Sims, you're not buying a video game at all? To buy the game itself outright would mean that you own the game and can do anything you want with it. Electronic Arts, the company that makes The Sims, does not want you to have the ability to do whatever you wish with the product you bought.

What you have purchased is a license to the product. This means that you, the undersigned, agree to use the product only in the manner specified in the license agreement. The End-User License Agreement (EULA) for Windows XP Home Edition is ten pages long (some of which is in French) -- single-spaced. Here are some of the things Microsoft will graciously allow you to do with the software just legally purchased:

You may install, use, access, display and run one copy of the Software on a single computer, such as a workstation, terminal or other device ("Workstation Computer").

You may permit a maximum of five (5) computers or other electronic devices (each a "Device") to connect to the Workstation Computer to utilize one or more of the following services of the Software: File Services, Print Services, Internet Information Services, and remote access (including connection sharing and telephony services).

You may also store or install a copy of the Software on a storage device, such as a network server, used only to install or run the Software on your other Workstation Computers over an internal network; however, you must acquire and dedicate an additional license for each separate Workstation Computer on or from which the Software is installed, used, accessed, displayed or run.

Aw, thanks, Bill Gates. Now here's a list of things you may not do:

You may not reverse engineer, decompile, or disassemble the Software, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation.

You may not rent, lease, lend or provide commercial hosting services with the Software.

Software identified as "Not For Resale" or "NFR," may not be sold or otherwise transferred for value, or used for any purpose other than demonstration, test or evaluation.

Unlike a refrigerator, which you may disassemble and re-sell to your neighbor, Windows XP is non-disassemblable and non-transferrable. Unless, of course, your jurisdiction has a law expressly allowing you to decompile software, which it probably doesn't.

Two examples

The software world, perhaps more than any other world, is filled with copyright law, intellectual property law, and contract law. Bitter disputes are fought over who owns what and how much. Take two examples of intellectual property law and software gone horribly wrong.

Software patents are, ostensibly, used to assure that the maker of software gets compensation for his work. Otherwise, what is the incentive to make software at all? If he isn't going to get paid for it, then his opportunity cost is infinite and he'd be better off digging graves. We should compensate the makers of software so that they keeping making software.

Patents, though, have long lives, lives which sometimes outlast their creators. Patents also become commodities which have value and can be bought and sold. A patent entitles its holder to royalties whenever anyone wants to use that patent. This is called a "license."

In 1970, AT&T invented the Unix opreating system, and since that time, it has become the bar-none standard for high-impact computing. In the early 1990s, Linus Torvalds and others developed the Linux kernel, which may or may not have been based on Unix code. Over the years, the patent for Unix had been sold to a company called SCO. SCO makes all of its money by licensing Unix and suing companies that don't purchase licenses for Unix. SCO spent the last several years suing companies which used Linux without a license from it. SCO claimed that, since Linux was a derivative work of Unix (something never definitively proven), it was entitled to license Linux.

Fortunately, the business powerhouse IBM was one of the companies sued. IBM has more money than SCO could ever dream of, which means that it would see the suit to the bitter end. Most of the time, large patent-acquisition corporations sue smaller entities, banking on the fact that the smaller entity will run out of money and settle out of court. This reduces the entire debate to the question of not who is right, but who has more money.

The second case of IP gone wrong comes from Marvel. It's a great comic book company, but it's gone off the deep end this time.

City of Heroes is a massively multiplayer online role-playing game (MMORPG) that allows players to create their own superhero characters. Apparently, a lot of uncreative people made superheroes that were very similar to Marvel superheroes. Marvel sued NCSoft Corporation and Cryptic Studios, the owners of City of Heroes, for "vicarious" copyright infringment by designing software that makes it easy to infringe upon the rights Marvel holds to its characters.

What's next? Every time Little Timmy wants to dress up like Superman, he has to pay DC Comics a $15 licensing fee? Well, not quite. Fred von Lohmann of the Electronic Frontier Foundation says that Marvel's legal claims are shaky:

From a trademark point of view, it is difficult to see how these kinds of noncommercial activities could satisfy the "use in commerce" threshold imposed by federal trademark law. Copyright lawyers will reason that these activities, even if technically infringing, are almost certainly sheltered by defenses like fair use or de minimis non curat lex. Marvel, for its part, will doubtless say that its legal beef is with the operators of "City of Heroes," not the players (pay no attention to that pesky complaint, that's just legal mumbo jumbo).

As von Lohmann goes on to say, Marvel's attempt to extort its fans "is both unprecedented and unnecessary." If Marvel wins, then "[t]hose who want to appropriate characters and objects from their favorite movies, comics, games or television shows will be limited to virtual worlds either operated or licensed by the corporations that own those cultural objects." Marvel has created cultural icons and now it demands that every instance of those icons being used be regulated. Either you go through Marvel, or you think of something yourself. And if that thing you think of is too close to something Marvel already has, then you're done for.

Again, the point of a trademark, like a patent, is to give an incentive to Marvel to keep producing cultural content. Game players are not selling stories containg Marvel characters, nor are they insisting that they own the rights to these characters. They're just using the characters for their own personal entertainment -- well within the purview of "fair use."

Posted by Mark at 12:16 PM | Permalink | Comments (2) | TrackBacks (0)

The Senate is attempting to get H.R. 2391 passed. H.R. 2391 is an amalgamation of several other copyright-related bills. It replaces Orrin Hatch's Inducement of Copyright Infringement bill, which was effectively killed earlier this year. Just what does H.R. 2391 do?

Title I: Alters requirements of "prior art." If you could prove that an invention patented by someone else was already widely in use before that person claimed he patented it, the patent was invalid (this prevented a person from claiming creation and ownership of an already popular, unpatented invention). H.R. 2391 makes a stipulation that if an invention was jointly created, then one of the inventors may lay claim to a patent if it qualifies as prior art!

Title II: Requires the undertaking of a program in which "[t]he public should be educated about the security and privacy risks associated with being con nected to certain peer-to-peer networks." It also authorizes the Department of Justice to send warning letters to Internet Service Providers.

Buried deep within Title II is Section 208, which criminalizes using "audiovisual recording devices" in movie theaters, requiring a sentence of not more than three years in prison, or a fine, or both.

Also buried deep within Title II is Section 210, called "enhancement of criminal copyright infringement." As one suspects, it increases the criminal penalty for copyright infringement.

Still located in Title II of this bill is Section 212, the "Family Movie Act of 2004," which authorizes the creation of "family-friendly" copies of motion pictures (see previous post about the technology called ClearPlay), even if the copyright-owner doesn't want such copies to be created.

Title III: "The Protecting Intellectual Right Against Theft and Expropriation Act of 2004." Section 301 allows the Attorney General to commence a civil suit against anyone who infringes copyright, where the standard of evidence is a preponderance of the evidence.

Title IV: "The National Film Preservation Act of 2004." This isn't too bad. It does what it says it's going to do: preserve films in the National Archives.

Title V: "Preservation of Orphan Works Act." Just like it sounds.

Title VI: "The Enhancing Federal Obscenity Reporting and Copyright Enforcement Act of 2004." Not as sexy as it sounds. Changes requirements for reporting obscenity incidents to Congress and copyright certification.

Title VII: Specifies further what "counterfeit labels, illicit labels, or counterfeit documentation or packing" means in 18 U.S.C. 2318.

And that's the bill in a nutshell. Some parts are good, others bad. I suppose that's what you get from an omnibus bill like this one. The problem, of course, is that in order for the good parts to be passed, the bad parts must be passed, also.

While the article about this at Wired claims that, "under the proposed language, viewers would not be allowed to use software or devices to skip commericals or promotional announcements 'that would otherwise be performed or displayed before, during or after the performance of the motion picture,' like the previews on a DVD," such language is not to be found in the bill. This language instead comes from a Congressional Report about Digital Rights Management Legislation which refers to the Family Movie Act, noting, "The filtering cannot result in a fixed copy of the altered version, and no changes, deletions, or additions are to be made to commercial advertisements or promotional announcements that would otherwise be performed or displayed before, during, or after the performance." Under the proposed language, the manufacturer of a filter cannot create a filter designed to skip advertisements or announcements. Wired, it seems, misinterpreted that part, since skipping advertisments was never the intent of the law, anyway.

Posted by Mark at 9:34 AM | Permalink | Comments (0) | TrackBacks (0)

Sen. Orrin Hatch's Inducing Infringement of Copyrights Act of 2004, formerly the INDUCE Act, has been put into THOMAS, Congress' database of legislation. The bill is actually very short, so here is the text of it:

To amend chapter 5 of title 17, United States Code, relating to inducement of copyright infringement, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

This Act may be cited as the 'Inducing Infringement of Copyrights Act of 2004'.

SEC. 2. INTENTIONAL INDUCEMENT OF COPYRIGHT INFRINGEMENT.

Section 501 of title 17, United States Code, is amended by adding at the end the following:

'(g)(1) In this subsection, the term `intentionally induces' means intentionally aids, abets, induces, or procures, and intent may be shown by acts from which a reasonable person would find intent to induce infringement based upon all relevant information about such acts then reasonably available to the actor, including whether the activity relies on infringement for its commercial viability.

'(2) Whoever intentionally induces any violation identified in subsection (a) shall be liable as an infringer.

'(3) Nothing in this subsection shall enlarge or diminish the doctrines of vicarious and contributory liability for copyright infringement or require any court to unjustly withhold or impose any secondary liability for copyright infringement.'.

As many news outlets have reported (Wired News, ZDNet), the bill makes anyone who "induces" any copyright violation liable in such a violation. When Hatch introduced the bill on the Senate floor last week, he offered an eight-page rationale (PDF), insisting that it is the makers of file-sharing software who encourage "children" to break the law! While Hatch uses the word "children" throughout his introduction, he sort of defines "children" to mean "children and college students": "These programs are used mostly by children and college students -- about half of their users are children." Is Hatch attempting to confuse congressmen and voters, implying that file-sharers "corrupt and exploit the innocence of children" by tempting them with file-sharing software? Does he mean college students or does he mean ten-year-old girls with frilly pink bows on their dresses? Clearly, he wants us to believe the latter, while the former is actually true.

According to a Pew Internet & American Life Survey conducted in 2003, "29% of Internet users have 'downloaded music files to their computer so they can play them any time they want,' and about 4 percent of Internet users do so on an average day." Additionally, the demographic group that does most of the downloading (in the Pew survey, downloading and sharing were analyzed separately) is hardly "innocent": "more than half of all Internet users between the ages of 18 and 29 have ever downloaded music and almost 10% of those in that age group are online downloading music on any given day." The survey also concludes that "students are also more likely to be music downloaders than nonstudents. Fifty-six percent of full-time students and 40% of part-time students report downloading music files to their computer. Only a quarter of non-students report downloading files."

People who provide files for downloading (sharing) have similar demographic profiles: "Not surprisingly, [file-sharers] are more likely to be younger, with 31% of the youngest adults aged 18 to 29 sharing files" and "[m]ore than a third (35%) of fulltime students and 28% of part-time students share files, while 18% of non-students report the same behavior."

"The children" is a trope being used to pass this bill.

Posted by Mark at 11:03 AM | Permalink | Comments (0) | TrackBacks (0)

After I read the rest of Cory Doctrow's Microsoft Research DRM Talk, I was struck by a point he made in the second half:

New media don't succeed because they're like the only media, only better: they succeed because they're worse than the old media at the stuff the old media is good at, and better at the stuff the old media are bad at. Books are good at being paperwhite, high-resolution, low-infrastructure, cheap and disposable. Ebooks are good at being everywhere in the world at the same time for free in a form that is so malleable that you can just pastebomb it into your IM session or turn it into a page-a-day mailing list.

The problem with Jack Valenti, the MPAA, the RIAA, and anyone who supported the DMCA (maybe if we charged royalties for the use of the letters "M" and "A" that would shut them up) is that they're living in the past. They expect new media formats -- the VCR, the CD, the DVD, the MP3, the eBook -- to behave like old media formats (the record, the cassette tape, the motion picture, the TV program, the print book). The problem is that new media formats open up a whole new host of opportunities for the consumer. The VCR, for example, allowed me to record One Life to Live while I was work and keep up on the intrigue going on in whatever town that's called on that show -- all without having to be there to watch it! The CD improved the quality of my music and allowed me to put more music into the same space. The DVD outdid the VHS tape by improving my picture quality and letting me watch a gazillion other things like director commentary, "making of" specials, and trailers. The MP3 outdid the CD in portability. I don't even carry around the few CDs I own anymore; all of my music is on my iPod, and it sure beats walking around with only one CD. I've got 3 gigabytes of CDs, however much that is. And I know people who have a lot more.

But, like all innovations, these new things can be used for the forces of evil. Cars killed people. People used the motion picture camera to make pornography. Xerox machines could be used to counterfeit things. Airplanes flew into the World Trade Center, but is anyone arguing that airplanes should be removed from American society because they can kill huge numbers of people? Of course not! Americans want innovation, and with innovation comes freedom. Americans, as President Bush is ready to point out to anyone who's listening, are a freedom-loving people. If a new technology can be be used for illegal purposes, but will offer a whole host of new conveniences (i.e. freedoms), then Americans will take the chance and opt for the convenience, even though these new innovations could be used for evil purposes. Our laws are the same way. Sure, some criminals can weasel their way out of jail by using the Fourth Amendment to their advantage, but that doesn't mean that we think the Fourth Amendment is bad. We would rather uphold everyone's rights rather than deny everyone those rights because a few people will use those rights to evil ends.

The DMCA, DRM, and the new INDUCE Act all remove the convenience and innovation of new kinds of media simply because that innovation could be used for, as the INDUCE Act argues, child pornography, or to violate copyrights. Although, when it comes to motion pictures, TV, or music, the ultimate concern is the bottom line: people might be able to steal content. Doctrow recounts Jack Valenti's Congressional testimony in 1982, where he told them "that the VCR was to the American film industry 'as the Boston Strangler is to a woman home alone.'" Copyright holders have opposed technology every time that a new technology has appeared. Why? Because it's a threat to their pocketbooks, which are invested in the old way of doing things. If people could suddenly makes their own VHS tapes, Valenti predicted, then it would be the end for movie studios. That never happened. In fact, movie studios embraced VHS and developed content specifically for that format. It made them far more money than they could have dreamed of -- because they didn't dream. They weren't innovative. When you're "The Man," innovation is a threat.

Doctrow also talks about how the market can squelch DRM. People decide what they want to buy, and the decision has been clear: people don't like DRM. Doctrow says:

When MP3 rolled around and Sony's Walkman customers were clamoring for a solid-state MP3 player, Sony let its music business-unit run its show: instead of making a high-capacity MP3 walkman, Sony shipped its Music Clips, low-capacity devices that played brain-damaged DRM formats like Real and OpenAG. They spent good money engineering "features" into these devices that kept their customers from freely moving their music back and forth between their devices. Customers stayed away in droves.

Customers are used to freedom. They want the ability to do whatever they want with the stuff they've bought. Customers, too, are operating on archaic notions of property: "This is mine, I bought it, it belongs to me, and I can do whatever I want with it." But customers will determine whether or not an innovation is "good" by virtue of their purchase of it or not. Content providers had better cater to customers' notions of property, or else they'll soon find customers "stay[ing] away in droves." Customers certainly aren't going to conform to the RIAA's notion of property; they'll go somewhere else.

Case in point. The iPod is a fantastical machine, but it has built-in limitations. You can only transfer songs from your comuter to the iPod. It doesn't go the other way. I found this out and was pretty upset with Apple. That doesn't make sense: what if I want to move a song back on to my computer? So, I looked on the Internet for an alternative to Apple's iTunes as a method for managing my music. And I came upon EphPod, which allows you to freely move your music between the computer and the iPod. This is capitalism at its most basic: I have a demand for a product, and Apple supplies me with a product. I don't like, so I'll go somewhere else.

Now that content providers like RIAA and MPAA have failed at capitalism, they're going to bring the government in. They know now that people hate DRM. It's like calling up Mitsubishi and asking permission to drive your car. Mitsubishi will say, "Do you promise not to run anyone over?" You'll say, "Yes," and Mitsubishi will allow your car to operate for an hour. After that, it quits working.

Rather than step up to the promise of new technology and its prospects for innovation (but also illegality), content providers will use the law to lock new technology into the paradigm of old technology. EBooks will be treated like regular books, MP3s like CDs, and DVDs like VHS tapes.

The public has already gotten a taste of what digital media can do, and it's not willing to give it up. If RIAA and MPAA wanted to stop the proliferation of digital media, they should have stopped it ten years ago. Now it's a part of our lives, and for it to be taken away will be akin to prohibition. Remember how well that worked?

At its heart, this debate is about money. "Intellectual property" is a great facade and a really big, neat-sounding word. But it's a proxy for "control." Content providers want to exercise as much control as they can over their content, extorting the most money they can out of consumers. If consumers have complete freedom over the content they have purchased, then perhaps they will use the content in ways that the Old Guard can't exploit. By locking down technology and keeping in the realm of what MPAA and RIAA can do, it is ensured that no one else will be able to use their content in any way except that which is dictated by them. They will have the keys to innovation and will choose to lock that room forever, since they cannot control what's inside. They're not visionary enough to come up with new ways to exploit the uses of new forms of technology, so it's better for them that no one else be able to, either.

Copyright law in this country cannot be dictated by a few Old White Men who would rather live in the past than the future. People must be allowed to innovate; they must be allowed the freedom to innovate and use new technologies in ways dictated by those technologies. This reminds me of The Fountainhead, where architect Howard Roark's designs are too forward-thinking for the common people. They are radically different and don't use any "classical" elements, they don't draw on the past. Roark believes that a building should stand on its own, without having to draw from the past: form follows function, and a skyscraper is not a Greek temple. Let it be said, then, that an MP3 is not a phonograph and an eBook is not a papyrus scroll.

Posted by Mark at 2:33 AM | Permalink | Comments (0) | TrackBacks (0)

How timely! In the Betamax case (Sony Corp v. Universal Studios, et al.), the Supreme Court said that Congress would have to use its judgment to create new laws that regulate copyright and new technology. Well, here it is, and it's a doozy. The author of the above article reminds us that this new law could override the Betamax decision and create that new legislative oversight for videotape recording that the dissenting justices in Sony v. Universal wanted.

This isn't the first time that the threat of child pornography has been used to squelch seemingly illegal activity. In 2002, the Supreme Court found parts of the Child Pornography Prevention Act unconstitutional. The Court said that virtual child pornography is not the same as actual child pornography: the child in question must actually be under age for the content to be illegal; it's not enough that he or she "appears" or is made to appear that way. The above article, from CNET News.com, offers the same concern:

At a minimum (the Induce Act) invites a re-examination of Betamax," said Jeff Joseph, vice president for communications at the Consumer Electronics Association. "It's designed to have this fuzzy feel around protecting children from pornography, but it's pretty clearly a backdoor way to eliminate and make illegal peer-to-peer services. Our concern is that you're attacking the technology."

Posted by Mark at 7:27 AM | Permalink | Comments (0) | TrackBacks (0)

Here's a question I bet you'd never thought to ask yourself: why is it perfectly legal to share your paper copy of, say, Don Quixote de la Mancha, but not your eBook? Your Adobe (or Microsoft) eBook Reader has special protections built into it, one of which could be a lock-down on sharing. The eBook can't be read by any other computer but yours. Here's another example. I just bought a copy of the latest Britney Spears CD, and I want to share it with my friends. If I give my friend the CD to listen to, that's perfectly legal. If I put them on my computer and share them with him, or burn a CD for him, that's illegal! Why is one form of sharing acceptable, but the other is not?

It's a question of money and scale. If I share my copy of Don Quixote with someone else, the game is zero-sum. There is only one copy of the book to go around, and if I give it to him, that means I don't have it. I can't reproduce the book. Or could I? Given enough money, I could buy desktop publishing software and a commercial printing press and then print copies of Don Quixote. But that's a bad example, because that would be perfectly legal. Miguel de Cervantes, who died in 1616, no longer has exclusive rights to Don Quixote. The work is in the public domain, which means that no one can proclaim that the book is his exclusive property; it belongs to everyone.

Let's take something that is copyrighted, like John Grisham's The Firm, a tantalizing tale of a corrupt law firm and the young, hotshot attorney who tries to bring it down. I paid $7.99 to buy the book. John Grisham, as the author, got some of that money. So did Bantam Dell, the publishing company which printed the physical book. Grisham couldn't do it on his own, since publishing a book is prohibitively expensive for a single person. So, he calls up a publishing company and says, "If you print my book, I'll give you such-and-such percent of the revenue." Bantam Dell says, "Okay," and prints the book. When I buy The Firm, I can lend it to my friend, but again, that's a copy of the book that I'll have to surrender for a while. I can't make more copies, because that would be prohibitively expensive for me.

The computer changes all that. The computer makes the preferred format electronic (as with an eBook), so the only thing you have to do is manipulate electrons. Fortunately that's exactly what a computer does. You can become your own publisher for only the cost of a computer and an Internet connection, which is much less expensive than the cost of a commercial printing press. In doing so, you have taken the place of the publisher: you are now producing copies of books. The only problem with this situation is that John Grisham, who owns the exclusive rights to his books, never said you could publish his books. You have just violated copyright law. This is a clearly delineated situation of a copyright violation: you don't own the rights to The Firm, so you can't publish it, because one of the consequences to having the rights to something is being able to charge whatever you want for it (in the publishing industry, anyway). It's just as if John Grisham owned a hardware store and I walked in and stole one of his hammers. His ownership of the hammer means that he has the right to choose to sell it to others or not. He has chosen to sell it to others -- but for a price. I took it without paying him for it.

Under the old, paper system, the prohibitive expense of publishing a book prevented piracy. But computers are not that expensive (unless it's a liquid-cooled, dual processor G5. Yikes!), so the barrier to stealing no longer exists. This is why companies like Adobe and Microsoft have installed DRM into their eBooks: because they know that you have the opportunity to easily share an eBook with others – you will, effectively, be republishing the book, but without paying John Grisham. At the same time, though, you have the right to share your book with others! The problem is that fair use laws were designed for a system in which actual reproduction was out of the question for the regular consumer. Now, it's not. Do we have to change our fair use laws? Allowing the consumer the complete freedom to use his eBook in whatever manner he sees fit may allow him to use the eBook in ways which violate the law, like sharing it with others, effectively republishing it (remember that digital duplication is perfect; there is no loss of quality when copying files. Every copy is exactly like the original).

The Supreme Court dealt with this very issue in 1983. Universal Studios and Disney sued Sony for its production of the Betamax, which allowed consumers to tape copyrighted content from the TV and watch it later. The case, Sony Corp. v. Universal Studios, et al. , 464 U.S. 417, 1984, would decide the fate of the newly-created Video Tape Recorder (VTR). Universal alleged that "VTR consumers had been recording some of [Universal's] copy-righted works that had been exhibited on commercially sponsored television and thereby infringed [Universal's] copyrights, and further that [Sony was] liable for such copyright infringement because of their marketing of the VTRs." The District Court sided with Sony, concluding that the use of a Betamax was fair use: "It emphasized the fact that the material was broadcast free to the public at large, the noncommercial character of the use, and the private character of the activity conducted entirely within the home." As long as the use was noncommercial (meaning the user didn't charge others to view it), it was okay. When the case came to the Supreme Court, it resulted in a 5-4 decision, with current Chief Justice (but then a regular Justice) William Rehnquist on the dissenting side. Justice Blackmun, who authored the dissenting opinion, noted that the Copyright Act of 1976 grants a copyright holder the exclusive right "to reproduce the copyrighted work in copies or phonorecords." There are exemptions to this law, but says Justice Blackmun, but the Copyright Act does not "[suggest] any intent to create a general exemption for a single copy made for personal or private use."

In the end, the Supreme Court had to make a choice: create a brand-new exemption for "home-use recording," or stick to the letter of the law and say, "Nope, there's no provision for home-use recording." The problem with the latter, stricter approach, is that there's no such provision because home-use recording was virtually impossible until the Betamax! A single consumer did not feasibly have the resources to reproduce a copyrighted work in his own home for his own purposes. The law was thus enforced by a financial barrier: a single person couldn't reproduce a whole work within the scope of fair use. Now, though, there was no barrier to reproduction. The Supreme Court, acting almost as a legislature, created an exemption for home-use recording.

Technology has changed again. Books can be as easily reproduced now as videotapes could be in 1984. Justice Stewart noted back then that it was impossible to manage how a person would use his VTR; that is, there was no way for Universal to be sure that you were using the VTR to record its content within the scope of your fair use rights. Now, there is, and this time, the law has caught up with the technology.

CDs became copy-protected, but the copy-protection technology was always cracked. Files could be shared. The Digital Millennium Copyright Act of 1998 (DMCA) was passed to make it illegal to circumvent copy-protection devices. Let's take that eBook, for example. I am allowed, under fair use, to quote passages from that book for use in reviews or in an academic environment. But the eBook (as some eBooks do) doesn't allow me to copy any of the text to my computer clipboard. Let's be clear, here: the software has just violated my fair use rights. At this point, I have no legal recourse. If I attempt to circumvent the copy-protection and exercise my rights, I will have violated the DMCA, which prohibits circumventing copy-protection devices. I'm not trying to share this eBook. I'm not trying to republish it, as it were. I'm merely trying to exercise the rights I have under the Constitution, and Adobe won't let me!

Fair use allows me to do any number of things within my own home: I can make copies of CDs, DVDs, or VHS tapes as long as I don't share them. DVD copy-protection prevents me from doing that. If I try to crack the copy-protection, I've broken the law. I must break the law to exercise my rights. That's a bit strange, isn't it? It's no wonder the DMCA isn't regarded very highly by civil rights organizations, including the ACLU and the Electronic Frontier Foundation.

When it comes to print media, there are no laws regulating how I may use the copy of The Firm I just bought. This is because financial barriers exist; there is no need for a law. On my computer, however, there are no financial barriers, so laws are necessary to regulate how I may use . . . well, my copy of The Firm I just bought. But what if I don't want to republish the work as my own? What if I just want to have the same ability to use it as I do my paper copy? Fair use doesn't distinguish between digital or print media. And what about my eBook of Don Quixote? If I bought a printing press, I could print as many copies of that as I wanted, and Miguel de Cervantes couldn't stop me. But the Adobe eBook Reader will stop me, even though my republication of that work violates no laws, since the work is in the public domain.

The U.S. is pushing for digital TV to be the standard, and with that, the Motion Picture Association of America (MPAA), a trade group composed of the major movie companies, is pushing for a broadcast flag to be inserted into all shows which would regulate what you can do with that show when it hits your TV. Theoretically, it could prohibit you from copying an episode of Dawson's Creek, which would take away your fair use rights. The Supreme Court ruled in 1984 that you have the right to tape that show, but if the MPAA has its way, that right might be taken away.

The laws should not change just because the format has changed. Fair use makes no distinction between format. Companies that insert DRM into their products assume that I'm a pirate from the moment I buy their products, but it's a minority of people who share files and crack DRM for malicious reasons -- and crack DRM they will, for they're smart people who aren't afraid of breaking the law. The Fifth Amendment guarantees that I will "not be deprived of life, liberty, or property without due process of law." When I go to the store to buy a DVD player and a new copy of Wet, Hot American Summer, I'm deprived of my liberty as soon as I walk out of the store.

Scott contributed to some of this article, but he doesn't have a webpage, and I'm not about to link to his email.

For a better analysis of DRM, read this discussion.

Posted by Mark at 5:10 AM | Permalink | Comments (0) | TrackBacks (0)

I don't know how I got on WinXP News's mailing list, but I'm glad I did. The lastest edition came to my inbox (Hotmail, of course) with a startling article out of the European Union. BBC News reports that the EU just signed a directive giving copyright holders sweeping new powers to prevent "intellectual property rights." Though the directive doesn't specifically target music or software piracy, those things are encompassed; counterfeiters and copiers of any sort of copyrighted property face stiff sentences.

But that's not the scariest part. The article reports, "The directive allows companies to raid homes, seize property and ask courts to freeze bank accounts to protect trademarks or intellectual property they believe are being abused or stolen. Civil liberty and lobby groups feared that the music industry will also use the law to mount raids on the homes of people who swap songs via file-sharing systems such as Kazaa." Whoa! Raids? By private companies? We're that much closer to the future horror of Johnny Mnemonic (which was not only horrifying because of the corporate control of the state, but also because of Keanu Reeves and Ice-T).

How did this directive get through? Answer: "The European law was shepherded through the European Parliament by MEP Janelly Fourtou, wife of Jean-Rene Fourtou who is boss of media giant Vivendi Universal." Ho-ho! I guess it pays to have your hand in the EU Parliament jar when you're the president of one of the largest media companies in the world.

The European Union is a nasty place. In some cases, it fights tooth-and-nail against businesses (like Microsoft), but in this case, due to some back-patting, it has sided with business. I wish it would make up its mind.

Posted by Mark at 12:26 PM | Permalink | Comments (0) | TrackBacks (0)

Let�s all be reasonable here: the act of file sharing over large networks using our favorite file-sharing programs � Kazaa, Limewire, Morpheus, Grokster, and iMesh (all of which contain spyware, by the way) � is completely and explicitly a violation of copyright laws. I make no bones about my file sharing; I am actively engaging in the violation of federal laws. I don�t buy this nonsense from people who claim that the Recording Industry Association of America (RIAA) is a big, faceless monster, so it�s okay, or that they screw their member artists out of most of their money, so it�s okay. While it is a big, faceless monster and it does screw artists out of most of their money, this does not mean that file sharers have some sort of legal or moral justification for stealing from its member companies (RIAA is a trade organization, and its member companies are major recording labels).

That said, let�s talk about the RIAA. Months ago, the RIAA announced that it was going to begin actively prosecuting file sharers in a mass litigation campaign. A circuit court informed them that their tactic � sending out mass lawsuits from Washington � was illegal. Score one for the file sharers: RIAA could not file a reverse class-action suit, which slowed it down a little. It is now forced to file individual suits and file them in the state in which the offenders live.

Another piece of good news: the RIAA only knows users� IP addresses, which are publicly and readily available. ISPs are not required to give identifying information about these owners of these IP addresses unless the RIAA obtains a subpoena for this information. It must also prove that infringement is occurring to be able to secure a subpoena; it cannot issue blanket subpoenas in every case.

One of its interesting tactics is that the RIAA is targeting users randomly instead of targeting the biggest sharers. This is how the group managed to file suit against 12-year-old Brianna LaHara, the opposition�s best new hope, for the suit has engendered a barrage of negative PR against the trade group.

Major recording labels have also responded to this negative PR, lowering prices on CDs down to $13. Expect prices to go down further as systems like Apple�s iTunes become more popular (and MP3 players, too. It's much more convenient to carry my 10 GB of music with me instead of 37 jillion CDs).

But the fundamental problem underlying the RIAA issue is that people are distributing copyrighted material without the holders of the copyright being paid for it. While this may seem okay in the case of the RIAA, it sets a bad precedent for the future. It creates the illusion that when people create things, they create them for everyone and that things be free. Sure, it�s a great fantasy, but there are people who make their livelihoods from creating books and films and songs and deserve payment for the use of what is their creation (it�s the same with inventions and patents). But, of course, when faced with getting something for free or paying for it, everyone chooses �for free.�

Posted by Mark at 11:24 AM | Permalink | Comments (1)