October 27, 2008

DMCA link-blogging

I was thinking of taking the DMCA off the blog description, as it's been a while since I wrote about it. But today is a veritable DMCA-fest due to the ten year anniversary. For old times sake:

EFF: Unintended Consequences: Ten Years Under the DMCA
Extensive report of chilling effects (I'm mentioned :-))

Wired Threat Level Blog: 10 Years Later, Misunderstood DMCA is the Law That Saved the Web
A dubious praise of the take-down provisions, and then discusses anti-circumvention (goes into censorware, and N2H2 censorware company, and I'm not mentioned! :-()

Freedom to Tinker DMCA Week, Part I: How the DMCA Was Born
Good history, for those interested in the policy origins and maneuvering.

Public Knowledge: 10 Years of the DMCA
Looks like it's not going to rehash what's been said, but unearth uncommon examples.

Note: I know the DMCA anti-circumvention cycle has started. Sigh ...

Posted by Seth Finkelstein at 10:58 PM
May 09, 2007

My AACS Encryption Key Controversy _Guardian_ column

AACS Encryption Key Controversy article: http://technology.guardian.co.uk/weekly/story/0,,2075530,00.html

"What freedoms will we incinerate to protect a business model?"

I go through the history of these sorts of controversies, attempting to place this one in context from the strong-cryptography debate involving Pretty-Good-Privacy (PGP) and RSA encryption, to the predecessor DVD DeCSS lawsuit (as well as doing my small - very small - part to correct some myths which have grown up around them).

Then I try to convey the "paracopyright" problem, that copyright has spawned a kind of "Official Secrets Act" regarding access control systems,

I also attempt to explain what's going on in terms of the DMCA legal reasoning, but I'm not sure I'll make much headway there.

Posted by Seth Finkelstein at 07:33 PM | Comments (5)
February 27, 2007

FAIR USE Act

I support the FAIR USE Act (per EFF)

But then, you knew that already ...

Finally, the bill would loosen the grip of the DMCA, which restricts circumvention of digital rights management (DRM) restrictions even for lawful uses. The FAIR Use Act adds 12 exemptions, including the ability to circumvent for classic fair use purposes like news reporting, research, commentary, and criticism.

Broader DMCA and copyright reform remains absolutely necessary, but if passed this bill would be a big first step in the right direction.

Unfortunately, I doubt my blogging about it will do any good, because of preaching to choir (or to the "opposition researchers", but same thing).

[Update: memesterbation (linking because everyone else is linking ...) ]

Posted by Seth Finkelstein at 08:26 PM | Comments (2)
November 23, 2006

DMCA 2006 Circumvention Rulemaking - no more censorware exemption

Per AP, the US Copyright Office has now issued the 2006 anticircumvention exemptions for the Digital Millennium Copyright Act (DMCA).

Sigh ... the attackers won.

http://www.copyright.gov/1201/docs/fedreg_notice.pdf

"Although the notice of proposed rulemaking made clear that proponents of renewal of an existing exemption must make their case de novo, proponents in the current rulemaking proceeding made no attempt to make any factual showing whatsoever, choosing instead to rest on the record from three years ago and argue that the existing exemption has done no harm, that nothing has changed to suggest the exemption is no longer needed, and that if anything, the use of filtering software is on the rise. In a rulemaking proceeding that places the burden of coming forward with facts to justify an exemption for the ensuing three-year period on proponents, one cannot assume that the elements of the case that was made three years ago remain true now. Nor is there any evidence in the record that there has been any use of the exemption in the past three years, or that there would be likely to be any use of an exemption during the next three years. While this is not necessarily fatal, nevertheless a record that reveals no use of an existing exemption tends to indicate that the exemption is unnecessary. Together, the absence of any quantification of the current scope of the problem along with the absence of any demonstration that the existing exemption has offered any assistance to noninfringing users leaves a record that provides no basis to justify a recommendation for renewal of the exemption."

Posted by Seth Finkelstein at 10:08 PM | Comments (1)
August 04, 2006

Circuit City says it does not violate DMCA, does not copy commercial DVD's

According to a story making the rounds of the bogosphere, "Circuit City Flouts The DMCA For A Tenner"

Well, well, well! Look who's violating the Digital Millennium Copyright Act! For only a couple of fins, Circuit City will take your DVD and an iPod and flagrantly breach copyright at your behest.

When I read that story, it struck me as unbelievable. I could not imagine a large chain store setting up a DVD duplication service, without authorization. These people aren't going to fight the MPAA just for fun.

So I called Circuit City for some fact-checking.

According to Bill Cimino, Circuit City Director of Corporate Communications:

"The sign is incorrect and not authorized and we are in the process of making sure the sign is removed"

"We offer two services. In a small number of stores, we will transfer your commercial CD's to a DVD, and in other stores, we will transfer your home VHS to a DVD. We do not transfer pre-recorded VHS or DVD, to DVD"

Folks, apply common sense. It's a lot more believable that someone got service details wrong, or even did some under-the-table moonlighting, than that a large corporation has an official DVD-copying service.

Posted by Seth Finkelstein at 05:42 PM | Comments (5)
July 10, 2006

"CleanFlicks", copyright infringement, and DMCA

The "CleanFlicks" case concerning bowlderization versus copyright is prompting much tech/law discussion, see e.g. Joe Gratz and Ed Felten

Brief Summary:

Side 1: Companies, e.g. "CleanFlicks", which take existing movies and make version with offense parts cut out.
Side 2: Movie studios, etc.
Legal Issue: Is a bowlderization service a violation of copyright, even if the company buys an unaltered copy first, and is doing it For The Childen?

Court's answer, so far: Yes (note this is different from the "Family Movie Act", which addressed making on-the-fly alterations, not permanent copies).

In terms of having something original to add to the commentary pile, I'd just like disagree with my pundit brethren regarding the speculation that the reason the movie studios didn't bring a DMCA claim against the bowlderizers was that the studios did not want to inflame social conservatives against the DMCA. That doesn't make sense, as social conservatives have more than enough to be outraged in the lawsuit itself (and now, the unfavorable decision). Such fine distinctions as the exact nature of the legal claims are very much inside baseball, details. No, I believe the reason a DMCA claim was not made has much more to do with not presenting a court with the fabled sympathetic DMCA circumvention defendant, one charged with circumvention but making fair use in a socially approved cause (and you can't get more sympathetic than For The Children, that's better than even prestigious academic researchers!)

Think it through: If the studios win on the copyright claim, there's no need for a DMCA claim. If the studios lose on the copyright claim, they could then bring a DMCA claim. So they have nothing to gain from starting with a DMCA claim, and risk enormous loss in having a court possibly scale back the extent of the DMCA (especially given the temptation to be swayed by the perceived virtues of the defendant). Thus, it's strategically obvious what to do based simply on risk/reward ratio.

Anyway, politics makes strange bedfellows, err, parlorguests.

Posted by Seth Finkelstein at 03:11 PM
June 23, 2006

DMCA chilling effects and its discontents

Another pro-DMCA paper which trivializes the Digital Millennium Copyright Act (DMCA)'s chilling effects on research has prompted a rebuttal comment from Ed Felten:

DMCA boosters can repeat the speech-was-not-chilled claim as often as they like, but it's still false. There are two big examples of the chill. First, WE ACTUALLY DID WITHDRAW THE PAPER FROM PUBLICATION at the Information Hiding Workshop. Second, ONE OF MY COLLEAGUES LOST HIS JOB BECAUSE OF THE PAPER. Sorry for yelling, but I'm sick of having this lie repeated.

At the time we filed our suit, the RIAA and SDMI had not withdrawn their threats -- they told the press that they had never objected to our paper (which was false) but they refused to tell us that they would not sue if we published the paper. And note that the RIAA and SDMI were not the only two parties that had threatened us. The other party, Verance, had done nothing to withdraw their threat. It was only after we filed our lawsuit that all of them promised definitively not to sue.

In fact (before recent posts about it) *I* didn't know about the person who lost his job because of the paper, and I've probably followed the case more closely than 99.9+% of anyone interested.

But sadly, the issue is intrinsic to the politics of the pro-DMCA argument. To wit: If the DMCA hurts "good" people, there's a problem. So DMCA advocates are driven to say it only hurts "bad" people - and thus any "good" people affected must be either a) not really "good" or b) not really affected. It's problematic to impugn the high status which accrues to a Princeton professor, so that leaves attacking the effects.

To fair, from the outside it's sometimes hard to distinguish truth from hype. This is one reason I believe wolf-crying "journalists" do much harm, by raising phony alarms (but then, I'm bad at politics). And many people have very misleading ideas about how much support is available for civil-liberties defense (see, e.g. the CyberPatrol case - "What I found out was that those organizations, through no fault of their own, were able to give me a lot of sympathy and not enough of anything else, particularly money, to bring my personal risk of tragic consequences down to an acceptable level, despite, incredibly, the fact that what I had done was legal.")

I really don't know how to counter this. I get too much grief myself, even from activists who should know better, when talking about the risks of the DMCA.

Update: Bill Herman has a long rebuttal to the pro-DMCA paper.

Posted by Seth Finkelstein at 09:18 AM
May 12, 2006

Solveig Singleton - The DMCA Dialectic: Towards Constructive Criticism

Solveig Singleton has written a "pro-DMCA" report, in part replying to an earlier Tim Lee "anti-DMCA" paper. The pro-DMCA arguments are being extensively criticized e.g. by EFF and Ed Felten's (not) "Happy Endings". Against my better judgment, I looked at the report, and immediately spotted some deeply flawed discussion of Linux and the decryption of DVD's (DeCSS). For whatever good it'll do, since I know something about the topic, I'll toss this into the rebuttal of the DMCA defense. Solveig Singleton states:

Tim Lee's recent paper for the Cato Institute unfortunately contains a number of errors: ... Describing the DVD-CCA, which licenses CSS keys, as having neglected the development of Linux players, and attributing the development of DeCSS to this failure. First, CSS keys are licensed to anyone willing to comply with the license and pay the $15,000 application fee. Licensed Linux players include software such as Linspire, and LinDVD, as well as hardware such as MediaReady Digital Media Center product line from Video Without Boundaries, and have been available for a number of years. Furthermore, DeCSS was developed as a Windows product and the thesis that it was developed primarily to support Linux as opposed to simply break DRM is highly dubious.

1) The development of a free software Linux DVD player was indeed driven by lack of availability of licensed Linux DVD players at the time (let's not quibble over whether to call that "neglect" or not).

Below are the relevant refutations from Matthew Pavlovich's trial testimony

A. After getting to the point where we had gotten to where we needed to begin the DVD project, I spun a sister project off from Utah GLX that became known as the Linux Video project or for short, LiViD.
Q. Why did you start LiViD?
A. Quite frankly, I wanted to play DVDs on my Linux box. I received documentation for a hardware decoder that worked with my video code at the time and I wanted to be able to utilize that decoder chip and the DVD drive and movies I bought under Linux.

2) While the DeCSS program is what led to the court case, the history shouldn't be read apart for the whole development project for a Linux DVD player, which was inarguably about playing DVD's on Linux.

Q. Was DeCSS part of or connected to the LiViD project?
MS. MILLER: Objection, your Honor, no foundation.
THE COURT: Overruled.
A. Yes, the DeCSS has actually a long history of being related to the LiViD project. The CSS project or CSS process has a few phases, the authentication between a decoder or the piece whether it be hardware or software that takes the DVD data and converts it here in audio and video presentation and the actual decryption where it decrypts the encrypted content.
The first part of that process was the authentication and that was written and released for and under the LiViD project. DeCSS utilized the CSS routines from the LiViD project as a piece of DeCSS. DeCSS, the source code was later translated, the core functions were used in the decrypting part of the DeCSS for the Linux video player.

3) And the Windows aspect means less than one might think.

A. The file system found on DVDs is the UDF support for Linux was in infancy at the time, so one would need to have access to read the data before being able to decrypt the data on the disk, so yes someone would have to use windows or an operating system that supported UDF to develop DeCSS.

That one paragraph took me a page, and more time that I should have spent on it, to dissect. One other note, going back to Solveig Singleton:

Commentary on the DMCA at this point needs to be less strident and much more constructive. If the process for deciding which applications should be exempted from the DMCA is not working well in some areas, how could it be improved? Exactly how could the exemption for security and encryption research be strengthened without transforming anyone with a little technical skill and an ideological bent against DRM into a "researcher?" Or is it rather the hope of critics that this would happen?

Solveig, am I someone with "a little technical skill and an ideological bent", or a researcher? (for the purposes of a lawsuit, these are obviously disjoint categories - it's trivial to joke "both", but one can't be a little bit sued). That's not a completely rhetorical question. If the apologism algorithm is to trivialize the DMCA issues against high-status people (Felten), and to sneer at the DMCA issues against low-status people (DeCSS), that's a poor start from which to call for less strident and more constructive commentary.

Posted by Seth Finkelstein at 08:03 AM | Comments (1)
April 13, 2006

EFF: "Unintended Consequences: Seven Years under the DMCA"

EFF has released a new DMCA report :

Unintended Consequences: Seven Years under the DMCA

I'm mentioned:

Censorware Research Obstructed

Seth Finkelstein conducts research on "censorware" software (i.e., programs that block websites that contain objectionable material), documenting flaws in such software. Finkelstein's research, for example, revealed that censorware vendor N2H2 blocked a variety of legitimate websites, evidence that assisted the ACLU in challenging a law requiring the use web filtering software by federally-funded public libraries.

N2H2 claimed that the DMCA should block researchers like Finkelstein from examining it. Finkelstein was ultimately forced to seek a DMCA exemption from the Librarian of Congress, who granted the exemption in both the 2000 and 2003 triennial rulemakings. The exemption, however, has not been a complete remedy, since it is limited to the act of circumvention, and does not permit researchers to create or distribute tools to facilitate research.

Posted by Seth Finkelstein at 12:03 PM | Comments (2)
April 04, 2006

Censorware in Australia, "YesterDMCA", DMCA and censorware work

Collected noteworthy items, on censorware/DMCA and my past work.

Electronic Frontiers Australia (no relationship to US EFF) has a report out opposing a proposal by an Australian political party to require mandatory ISP censorware, if that party gets into power.

http://www.efa.org.au/Issues/Censor/mandatoryblocking.html

My work is cited in the middle of the report (sometimes it seems that that I'm more cited in Australia than my own country!).

Last week, the DMCA Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures had a hearing on censorware, as part of that process. As a very small milestone in my quitting activism, let the record show I did not testify. The experiment was run, the measurement's been done, the bad guys won :-(.

Speaking of the DMCA, a doggerel take-off song I wrote a while back, "YesterDMCA", has been recorded and posted to the web, by Quentin Smith. For the brave of heart:

"YesterDMCA" - audio

And touchingly, Domoni at templeofme.com wrote many kind words about my censorware work (concluding: "While I was an administrator I fought censorware locally. Seth fought it globally. I know what I'm about to say isn't enough. It's all I have to give. Seth, you have my respect. Thanks."). Thank you.

Posted by Seth Finkelstein at 02:26 PM
January 20, 2006

Two More Weeks To Make DMCA Reply Comments (February 2, 2006 deadline)

EFF: http://www.eff.org/deeplinks/archives/004329.php

The U.S. Copyright Office received 74 comments proposing exemptions to the DMCA's anti-circumvention provision as part of its triennial DMCA rulemaking proceeding. In this and subsequent posts, we will summarize the key exemption proposals made in this first round of comments. If you can offer specific factual or legal arguments in support of these proposals, we urge you to file a reply with the Copyright Office before the February 2, 2006 deadline. For a helpful guide to filing replies, see Seth Finkelstein's Winning (DMCA) Exemptions, The Next Round. ....

Posted by Seth Finkelstein at 12:41 AM
January 04, 2006

DMCA 1201 Anti-circumvention rulemaking reply comments open

[I've updated to 2006 my reply comment "round 2" DMCA guide:
http://sethf.com/publications/dmca-guide-2.php
]

The U.S. Copyright Office - Anticircumvention Rulemaking (for the Digital Millennium Copyright Act) is now accepting REPLY Comments on Anticircumvention Exemptions:

The Copyright Office is conducting a rulemaking proceeding mandated by the Digital Millennium Copyright Act, which provides that the Librarian of Congress may exempt certain classes of works from the prohibition against circumvention of technological measures that control access to copyrighted works. The purpose of this rulemaking proceeding is to determine whether there are particular classes of works as to which users are, or are likely to be, adversely affected in their ability to make noninfringing uses due to the prohibition on circumvention of measures that protect access.

Before considering submission of a reply comment, please read about the scope of this rulemaking.

As a part of the rulemaking, interested parties were invited to submit comments in November 2005. These comments are available for viewing from our comments page.

Reply Comment Period

The Copyright Office will be accepting reply comments from January 4, 2006, until 5:00 P.M. EST on February 2, 2006. Persons who oppose or support any exemptions proposed in the initial comments now have the opportunity to respond to the proposals made in the initial comments and to provide factual information and/or legal argument addressing whether a proposed exemption should be adopted. ...

Sigh ...

Posted by Seth Finkelstein at 11:57 PM
December 19, 2005

DMCA 1201 Anti-circumvention rulemaking COMMENTS POSTED

[Scoop? Scoop? Not a news echo! You heard it here first!]

The U.S. Copyright Office - Anticircumvention Rulemaking (for the Digital Millennium Copyright Act) has now posted the Comments on Anticircumvention Exemptions:

Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures that Control Access to Copyrighted Works

The Copyright Office received 74 comments in response to its notice of inquiry in this rulemaking. A significant number of these comments do not adhere to the requirements of the Office's Notice of Inquiry. For example, a number of commenters have failed to propose a "class of works," have proposed broad classes without factual support for such a class, have not identified a causal connection between a noninfringing use and the prohibition on circumvention, or have not identified an access control that would implicate the prohibition of circumvention. While the value of such comments to this statutory inquiry is questionable, the Copyright Office has decided to post these comments.

It should be noted, however, that the reply comment period is an opportunity to be responsive to the initial proposals, and the Office will only consider reply comments that provide additional facts and/or arguments in further support of or in opposition to genuine proposals for exemptions contained in the comments that appear below. The only mechanism for raising new proposed exemptions at this time is the discretionary petition process discussed in the last paragraph of the Notice of Inquiry.

Sigh ...

Posted by Seth Finkelstein at 05:31 PM | Comments (2)
December 04, 2005

DMCA Exemption Non-Participation

First, one note: Someone said it wasn't clear if I had in fact not made a DMCA exemption proposal. The die is cast, the deadline passed, I did not submit anything. It breaks my heart, but it also means I won't be (as much of) a target as a point-man, and on the balance, that seems to be the right decision.

On the topic of participation, Ed Felten wrote:

Many people decided not to submit exemption requests in this round, because of the way previous rounds have been handled. For example, the EFF argues that the process is so strongly tilted against exemptions, and the Copyright Office tries so hard to find excuses not to grant exemptions, that there is no point in asking for one. Even Seth Finkelstein, the only person who has had any real record of success in the process, decided to sit out this round. I submitted requests for research-related exemptions in 2000 and 2003; and having seen how those requests were handled, I sympathize with the skeptics' position.

Nevertheless, I think it's worth asking for this exemption, if only to see whether the Copyright Office will acknowledge that copy protection technologies that install spyware or otherwise endanger the security or privacy of citizens are harmful. Is that too much to ask?

Way down in the post's comments, Fred von Lohmann (EFF attorney) explained:

Just a brief clarification: EFF's view is that the DMCA exemption process is broken for the kinds of exemptions consumers are interested in (exemptions needed for lawful uses of CDs and DVDs). With respect to consumer-related uses, the various presumptions erected by the Register of Copyrights makes an exemption effectively impossible to get.

We continue to believe that the process could prove useful for exemptions aimed at non-consumer users (like Ed and Alex). We'll have to wait and see what the Register recommends. I will note, however, that Ed asked in 2003 for a very similar exemption for studying CD copy protection, only to have it rejected for formalistic reasons.

My view concurs with EFF's view, but I approach it from my own unique perspective. There's an unreasonable burden one needs to surmount. Recall this sentence from EFF's report: "Meeting these onerous requirements generally requires the assistance of specialized copyright attorneys, technical experts, researchers, and industry analysts.".

Now, if you are a technical expert, AND have the assistance of specialized copyright attorneys ("We'd like to thank Aaron Perzanowski and Deirdre Mulligan of the Samuelson Clinic at UC Berkeley, whose great work made this possible."), with the reputational protection of a position at a prestigious university, as well as an extensively-read platform for positive publicity, *plus* a substantial fan-base of support - well, GO FOR IT!

Unfortunately, these advantages aren't common.

And more deeply, any process that depends on finding people with such a combination of qualities, as a prerequisite for preserving fair-use rights, simply sets the bar too high. It doesn't do what needs to be done. This is all part of the overall battle of the shifts in the right of fair-use vs the extent of the limited monopoly granted to copyright owners.

That all being said, I'm by no means calling for a boycott of the process (indeed, I was just nominally being supportive of other exemption attempts). And though I hardly speak for EFF, it's safe to say they aren't trying for a boycott either. I've tried to help people where I could, to understand the process and increase their chance of success. But on the other hand, I think there's value in describing the adverse conditions which make a mockery of the idea of a "safety valve" for user's rights.

Posted by Seth Finkelstein at 11:54 PM
November 30, 2005

EFF: DMCA Rulemaking Broken

DMCA Triennial Rulemaking: Failing Consumers Completely is EFF's posting on their report "documenting why we believe the process is so broken that we have decided not to propose any [consumer-oriented] exemptions this time."

I concur. I wholeheartedly agree with the sentiments.

The most relevant part of the report concerning public participation is the section:

B. Impenetrable Complexity, Impossible Burdens.

For example, any individual interested in participating meaningfully in the 2006 rulemaking procedure must begin by reading the 6-page 2005 Federal Register Notice, the 30-page 2003 Determination and Final Order, the Register's 200-page recommendation memorandum in the 2003 proceeding, and the 18 page Final Rule issued in 2000. Each of these documents is written by and for those familiar with many of the most complex and arcane provisions of the Copyright Act.

Moreover, the Copyright Office requires that those seeking DMCA exemptions:

[long list of requirements]

Simply put, this does not facilitate participation by members of the public. Meeting these onerous requirements generally requires the assistance of specialized copyright attorneys, technical experts, researchers, and industry analysts. Without expert assistance, individual digital consumers cannot reasonably gather the expertise and devote the time necessary to participate successfully in the DMCA rulemaking process.

Even with expert assistance, the burdens imposed by the Copyright Office on participants often prove nearly insurmountable. ...

I hereby attest: I went through those burdens, and EFF is not exaggerating or hyping. The description nearly insurmountable is accurate. The process is broken, and DMCA reform must come from other avenues.

Posted by Seth Finkelstein at 07:53 PM
November 11, 2005

"Catch 1201" - DMCA Exemption Proceedings Paper

This doesn't seem to be widely echoed, so I'll help out.

Catch 1201: A Legislative History and Content Analysis of the DMCA Exemption Proceedings Bill D Herman
Oscar Gandy

Abstract:
17 USC Section 1201(a)(1) prohibits circumventing a technological protection measure (TPM) that effectively controls access to a copyrighted work. In the name of mitigating the innocent casualties of this new ban, Congress constructed a triennial rulemaking, administered by the Register of Copyrights, to determine temporary exemptions. This paper considers the legislative history of this rulemaking, and it reports the results of a systematic content analysis of its 2000 and 2003 proceedings. [...]

We then conduct a content analysis of the first two proceedings, conducted in 2000 and 2003. Exemption proponents generally interpret the law's intent in terms of policy goals such as fair use, whereas opponents see jurisdictional, procedural, and definitional obstacles to the granting of exemptions. The Register of Copyrights' interpretation of the law closely resembles that of opponents and, on more than one key point, she refers proponents back to Congress. We conclude that the Register has constructed a venue that is hostile to the interests of noninfringing users; in light of congressional rhetoric to the contrary, this constructs a catch-22 for many who earnestly wish to engage in otherwise legal activities.

[Via ShoutingLoudly]

I'm mentioned:

"In the case of the circumvention to gain access to lists of websites blocked by content-filtering software, [Marybeth Peters, Register of Copyrights] even commends the exemption's proponent, Seth Finkelstein, as providing an example to teach future proponents how to meet the burden of proof: The case made by Mr. Finkelstein for this exemption is also instructive for the manner in which it met the requisite showing. [...]"

Posted by Seth Finkelstein at 09:17 AM
November 02, 2005

Copyright Office Now Accepting DMCA 1201 Anticircumvention Comments

[Not a news echo!]

http://www.copyright.gov/1201/comment_forms/index.html

"The Copyright Office is conducting a rulemaking proceeding mandated by the Digital Millennium Copyright Act, which provides that the Librarian of Congress may exempt certain classes of works from the prohibition against circumvention of technological measures that control access to copyrighted works. The purpose of this rulemaking proceeding is to determine whether there are particular classes of works as to which users are, or are likely to be, adversely affected in their ability to make noninfringing uses due to the prohibition on circumvention of measures that protect access."

"The deadline for electronic submissions is 5:00 P.M. E.S.T Thursday, Dec. 1. Commenters are strongly encouraged to submit comments well in advance of the deadline to allow sufficient time to correct any format defects and resubmit comments before the deadline."

[ See also: http://sethf.com/publications/dmca-guide.php ]

Posted by Seth Finkelstein at 12:49 PM | Comments (2)
October 27, 2005

EFF Deeplinks: "Want to Take a Bite Out of the DMCA? Now's the Time"

http://www.eff.org/deeplinks/archives/004089.php

"As part of the Digital Millennium Copyright Act (DMCA), Congress instructed the U.S. Copyright Office to consider every three years whether we need exemptions to the DMCA's blanket ban on circumventing "technological protection measures" (aka Digital Rights Management or DRM) used to lock up copyrighted works. So if you want to make a legitimate use of a piece of media, but have been turned back by DRM and the DMCA, now is your chance to take your case to the Copyright Office and try to make the world a happier and safer place for the next three years. As two-time-successful-exemption-requester Seth Finkelstein says: "The lawsuit you prevent may be your own."

[Echoed for an obvious reason :-)]

http://sethf.com/publications/dmca-guide.php

Posted by Seth Finkelstein at 07:22 PM
October 12, 2005

Australia's "DMCA" Exemptions Submissions

It turns out my work has been helpful in terms of a submission to the Australian "Committee to inquire into and report on technological protection measures (TPM) exceptions". That is, the government of Australia is going through a process similar to the US Library of Congress, considering exceptions to "a liability scheme for certain activities relating to the circumvention of `effective technological measures'."

I didn't want to mention this until the material was on the site. But the submissions have now been posted. There's one from Danny Yee, which reads:

Dear secretary,

I wish to request an exemption for
Compilations consisting of lists of websites blocked by censorware ("filtering software" applications.

...

As background to understanding this exemption, I recommend the submission to the Library of Congress inquiry by Seth Finkelstein, available at
http://www.sethf.com/anticensorware/legal/dmcacom.php
With the permission of the author, I append an excerpt from that submission.

I'm happy to see my efforts help make a difference.

Posted by Seth Finkelstein at 11:57 PM
October 06, 2005

Follow the DMCA Boinging ball, not quite to Australia

http://lwn.net/Articles/154546/

Apply now for DMCA exceptions - Yhe Digital Millennium Copyright Act includes a provision allowing the Library of Congress to exempt certain activities from the anti-circumvention clause ... See also Seth Finkelstein's guide on writing DMCA exemption requests.

Not directly connected, but on the same topic, it turns out that Australia had a somewhat similar exemption requests for comments

On 19 July 2005 the Attorney-General, The Hon Philip Ruddock MP, asked the Committee to inquire into and report on technological protection measures (TPM) exceptions.

The Committee invites interested persons and organisations to make submissions addressing the terms of reference by 7 October 2005 if possible.

Per "export" of the DMCA from the US to Australia:

Chapter 17 of the Australia-United States Free Trade Agreement deals with intellectual property rights. Article 17.4 stipulates the parties' obligations in relation to copyright.

Article 17.4.7 requires the Parties to create a liability scheme for certain activities relating to the circumvention of 'effective technological measures'. The Parties may introduce exceptions in the liability scheme as specified in Article 17.4.7(e)(i) to (vii) or pursuant to Article 17.4.7(e)(viii).

Deja Vu. In a bad way.

Posted by Seth Finkelstein at 11:54 PM | Comments (1)
October 04, 2005

My DMCA Guide Updated

I've updated my DMCA exemptions guide:
"How To Win (DMCA) Exemptions And Influence Policy"
http://sethf.com/publications/dmca-guide.php

It was originally written for the 2003 proceedings. The relevant references are now revised for the 2006 proceedings.

Thanks to someone I'll just refer to as "The Big Boinger" for a bit of encouragement, and better yet, publicity.

Note, regarding issues of unsustainable activism, this updating was extremely high on the curve of reward per unit risk. Nobody was going to sue me for a little rewriting. Objectively, I did have far more to gain than I had to lose (and even so, it was difficult in a sense). It doesn't compare to censorware decryption research.

Let me pre-emptively note, for well-meaning critics, that it would be an unreasonable inference to think that just because this outcome was an overall good result, a large amount of risk would yield a better result. That fallacy has been what's gotten me into deep trouble all along.

Posted by Seth Finkelstein at 11:59 PM
October 02, 2005

DMCA 1201 Anti-circumvention rulemaking THIRD ROUND BEGINS

[Almost a scoop! But not a news echo! You heard it here first!]

Here "we" go again ...

U.S. Copyright Office - Anticircumvention Rulemaking:

The purpose of this proceeding is to determine whether there are particular classes of works as to which users are, or are likely to be, adversely affected in their ability to make noninfringing uses due to the prohibition on circumvention of access controls. This page contains links to published documents in this proceeding.

The Notice of Inquiry in this third anticircumvention rulemaking requests written comments from all interested parties, including representatives of copyright owners, educational institutions, libraries and archives, scholars, researchers and members of the public, in order to elicit evidence on whether noninfringing uses of certain classes of works are, or are likely to be, adversely affected by this prohibition on the circumvention of measures that control access to copyrighted works.

My DMCA testimony, and almost single-handedly actually winning one of the few exemptions in the last round (which note, still must be re-argued this round!) was one the high points of my net activism. But sadly, personally it was a pyrrhic victory.

Posted by Seth Finkelstein at 11:41 PM | Comments (4)
July 15, 2005

Proposition: OPT-OUT controls are not DMCA access controls

Having wasted entirely too much time being sucked-into, err, now thought about the Internet Archive / DMCA circumvention issue at great length, I think I've come up with a closely-reasoned argument for the Internet Archives' control system not to be subject to the DMCA:

Proposition: OPT-OUT controls are not DMCA access controls

The DMCA reads:

(B) a technological measure ''effectively controls access to a work'' if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.

The Internet Archive's robot.txt control look superficially like a DMCA access control. But I'd say at a detailed level, it doesn't qualify. Crucially, the default in the Internet Archive is to gain access, and it does the inverse - in the ordinary course of its operation, it requires the application of information, or a process or a treatment, with the authority of the copyright owner, [i.e., retrieving a robots.txt file] to DENY access to the work.

Of course, in a very abstract sense, one could say these are equivalent in terms of logical negation. But I'd argue that if, by explicit design decision (which is the case here), failure of the process leads to permission rather than denial, then it can't qualify as a DMCA 1201 access control method. Even if it's an access control method in a broader sense, not every access control method should be taken to fit the DMCA's definition.

This seems to capture an intuitive argument.

Disclaimer: I'm not a lawyer, this is not legal advice, I make no assurances a "hacker"-hating judge would care.

Posted by Seth Finkelstein at 11:25 AM | Comments (3)
July 14, 2005

Internet Archive DMCA "Circumvention" - Access vs. Copying

Further on the Internet Archive DMCA circumention topic, Jonathan Weinberg writes

... if there's a technological protection measure here, it looks like copy protection rather than access protection, which puts defendants in the clear. ...

Did the law firm's banging on the Internet Archive with requests for the page circumvent a "technological measure" that in the ordinary course of its operation "require[d] the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access"'

I don't think so. This language describes technology that mediates access - that allows access to some people and not to others, depending on whether the person seeking access had properly applied "information, or a process or a treatment," so that the copyright owner authorized him to get access. Think pay-per-view. Think DivX. The Internet Archive server that the law firm banged on, by contrast, was running code designed to prevent anybody from downloading a copy of the pages in question. ...

As we DMCA-fans know, there's a whole subgenre devoted to issues of access vs copying, and the merger thereof, since there is a stand-alone access control circumvention prohibition, but not a stand-alone copy control circumvention prohibition. However, I don't see where "access" requires "some people and not to others". I mean, I see the argument being made - that an "access" of zero is not access control, but copy control. But take a look at the House legislative report, where it clarifies that copy control is after one has a copy (so initially obtaining a copy is access control, my emphasis below):

Subsection (b) applies when a person has obtained authorized access to a copy or a phonorecord of a work, but the copyright owner has put in place technological measures that effectively protect his or her right under Title 17 to control or limit further use of the copyrighted work.

Let's put it this way - while the programmer part of me thinks that making repeated requests so that an eventual connection time-out leads to getting desired data, is a really neat, err, "work-around" - the reader-of-many-DMCA-cases part of me thinks that's exactly the sort of action that judges tend to view with a jaundiced eye (at least when done by programmers!).

Now, I don't think that the above necessarily means there is a DMCA violation here. But again, the argument is harder than it looks at first glance.

Posted by Seth Finkelstein at 11:59 PM
July 13, 2005

Internet Archive DMCA Circumvention Lawsuit

The Internet Archive is a wonderful organization which keeps historical records of websites ('The Wayback Machine"). In Healthcare Advocates, Inc. v. Harding, Early, Follmer & Frailey, they are involved in a lawsuit alleging a violation of the DMCA. See William Patry for details and discussion.

The basic DMCA aspect of the case seems to be the Internet Archive uses (current website) "robots.txt" exclusion files to block access to archived material (they talk about "removing documents", but it's really "block access", not deletion). The defendants in the case were able to get to historical versions of the website in question anyway. The court complaint is unclear about exactly what happened. After thinking about it, the following is my speculation as to the technical aspect of the sequence of events (some material below taken for the lawsuit).

1) Fact - In order to decide whether to display the history version of a website, the Internet Archive queries the current website for the contents of the "robots.txt" file (to see if that file prohibits the display or not).
2) Fact - The check is supposed to be done once per day.
3) Fact - There was a bug in this check, which led to the lawsuit.
4) SPECULATION - The bug in the check was that if an attempt to retrieve the "robots.txt" file failed, that failure would be treated as if no "robots.txt" file existed, and that means no block on display (i.e. everything could be displayed for that attempt).
5) SPECULATION - At the time, this bug could be triggered by repeatedly attempting to retrieve pages from the historical site (which would, at the time, trigger repeated retrieval attempts of "robots.txt", some of which might have failed).

Hmmm ... I hate to say it, but if the above is a correct reconstruction, it does begin to at least arguably look like an access control circumvention under the DMCA. The Internet Archive relies on external files to "control access" to archived website content. The defendants here found that sometimes it appears to the Internet Archive as if the external file wasn't present, via an implementation flaw.

I think it comes down to whether buggy "technological measures" still count under the law, and if taking advantage of a malfunction counts as circumvention by the user. It seems to be a much tougher case than it first appeared.

Posted by Seth Finkelstein at 01:38 PM
June 21, 2005

Blizzard v Bnetd Oral Argument

I listened to the oral argument for the Blizzard v BnetD case. The following are my impressions about the hearing (see also Groklaw, via Copyfight). Note for background and my perspective, I devoted the time to listen to it all, because it's necessary knowledge for my estimating the risks that I might someday be sued (I've abandoned censorware decryption research), and how such a case might evolve.

A quick summary of the issues being appealed: The programmers (of the BnetD software in the case title) violated DMCA 1201(a)(1) and DMCA 1201(a)(2) anti-circumvention provisions, the DMCA 1201(f) reverse-engineering exemption doesn't apply, shrinkwrap license prohibitions can override reverse-engineering rights.

Some people think that in complicated technical cases, the judges are idiots. But in much of the material I've read, the judges seem to have a good sense the technical background. The problem isn't that they're stupid (which feeds into the idea that if we could just explain it all to them, they'd agree with civil-libertarians). Rather, it's often that they're not favorable. As was said in another case:

"As soon as the judge says 'hacker,' you know you've lost," University of Minnesota law Professor Dan Burk said. "There is an attempt to paint defendants as unsympathetic, low-priority, on the fringe--to make it seem like nobody respectable is going to be harmed except for weird hacker types."

And that was the subtext I perceived in the oral argument here. The judges didn't say 'hacker', though, but they seemed to be trying to make up their minds as to whether anybody respectable was going to be harmed. The legal conflict expressing that social determination boiled down to whether "public policy" supports allowing reverse-engineering against an obvious mass-license "contract" forbidding it, and whether the DMCA's reverse-engineering exemption should be interpreted broadly or narrowly.

In two sentences, the argument was:

Company lawyer: If you allow this reverse-engineering, "piracy!" will be rampant.
Progammer's lawyer: Reverse-engineering is necessary for innovation, these programmers didn't pirate anything.

And as I heard it, the judges clearly understood that was the argument.

The programmer's legal team had a tough task getting out from under the many precedents that appeared to go against their position - the DeCSS cases, Bowers v. Baystate (shrinkwrap against reverse-engineering). They did a valiant jobs, in my view (while the opposition spent a notable amount of time praising those precedents as exactly applicable to this case). But I think at the end it's just going to come down to whether the judges believe public policy should support such reverse-engineering rights or not. And the track-record for that sort of determination is not good.

Posted by Seth Finkelstein at 12:42 PM
June 16, 2005

Macrovision Files Lawsuit Against Sima and Interburn, over DMCA, more

"Macrovision Files Lawsuit Against Sima and Interburn's DVD Copying Products"

SANTA CLARA, Calif.--(BUSINESS WIRE)--June 15, 2005--Macrovision Corporation (Nasdaq: MVSN) announced today that it has filed suit against Sima Products Corporation ("Sima") and Interburn Enterprises Inc. ("Interburn"). The lawsuit charges that Sima's "Video Enhancers," which are principally used to allow consumers to make unauthorized copies of copyrighted DVDs, infringe Macrovision's patented copy protection technology and also violate the Digital Millennium Copyright Act ("DMCA"). These products include, but are not limited to, products currently marketed under the names CT-1, CT-100, CT-2, CT-200, and SCC-2. The lawsuit further charges that Interburn products infringe Macrovision's intellectual property and the DMCA.

(via Importance Of and CoCo).

Many months ago, I wrote about about exactly this issue of GoDVD!, DMCA, Macrovision:

... Here's the interesting issue - the DMCA basically mandates Macrovision in recorders. Macrovision, technically, is basically a "bug" in the video signal. So ... does selling signal-enhancing equipment like the GoDVD! (which specifically corrects that bug) violate the mandate? According to the letter of the law, I'd say no. On the other hand, this looks very much like what a hostile judge would view as a loophole. Or at least fodder for a quick amendment. The DMCA was definitely trying to outlaw the anti-Macrovision functionality which is part of the GoDVD! box.

I suppose the upshot is that even if it's true now that the GoDVD! box does not violate the Macrovision section of the DMCA, I'm not optimistic as to how long it will remain true.

We are about to find out ... I have my opinions, but the only ones which count are the court's opinions. I'll also note that even if the targeted companies have a reasonable legal defense, funding that legal defense may bankrupt them.

Posted by Seth Finkelstein at 08:04 AM
April 11, 2005

Note To Some Library Folk - You Cannot Hack The DMCA

[In the US, the DMCA, hacks you]

Theshiftedlibrarian - Could the DMCA Exemption for Libraries Lead the Way through the DRM Maze? (thanks, Bruce Umbaugh) quotes a mistaken belief: "The DMCA already has a built-in exemption for libraries and other such nonprofit entities, which means it looks like you're free to convert those problematic encrypted WMA files into MP3 so that the majority of your patrons will be able to access and play said files in a noninfringing manner."

And asks: "... grants are due in June, and this year there's finally a "dream big" one that my organization could apply for. I've already pitched a half dozen ideas, two of which we're probably going to submit and one of which a member library is going to submit. But what if we submitted a grant to actually do what Ben proposes? What would the implications be? Is it realistic?"

Kill this now. I am not a lawyer, but I do know the DMCA cases very, very, well. Don't even think about it. The DMCA provision for libraries is extremely limited, having to do with evaluation of works. The above idea is another version of the problem of "substantial-non-infringing use" versus the DMCA. So far, sadly, the DMCA wins.

Posted by Seth Finkelstein at 11:59 PM | Comments (2)
February 10, 2005

Tecmo vs. Game Hobbyists - YADL! (Yet Another DMCA Lawsuit)

Here we go again. YADL! (Yet Another DMCA Lawsuit).

Plaintiff: "Tecmo" (a video-game company).
Defendant(s): Programmers and website creators (Mike Greiling, Will Glynn)
Target: Game modifications, (including "to make Tecmo Characters appear naked.")

These all follow a pattern.

The corporation issues a press release about the Threat To Civilization As We Know It, i.e. "Ignoring the situation will ultimately hurt future gaming experiences for both casual and hardcore gamers,".

The programmers and hobbyists get accused of mopery, popery, snookery and mookery, I mean, "copyright infringement, circumventing copyright protection systems in violation of the Digital Millennium Copyright Act (DMCA), and passing off and unfair competition".

The free-speech side fights the good fight, points out it's an outrage, it's an atrocity, that it violates our social concepts of what is fair to use: "This complaint is absurd. ... . It's not competing in any way with Tecmo's product. In fact, you have to own Tecmo's product to use this stuff." (I'm skipping over the whole DMCA / fair use legal hack).

Sigh. Is there really any point in my writing much on this, except to me-too? It'll all be said, repeatedly, by many people, some far more qualified and more loveable than I am.

Two semi-original notes:
The coverage-swarm seems to have been triggered by the company press release. It's at the root of the echo chamber, even though the lawsuit seems to have been filed on January 21.

I don't know how many of these DMCA lawsuits there have to be, for certain people to admit my censored censorware research involved very serious legal risks (in some cases, it probably never will happen ...).

Posted by Seth Finkelstein at 11:59 PM | Comments (3)
January 14, 2005

Making Fair Use of cut-and-paste restricted PDF files

PDF files with usage restrictions often pose a problem regarding how to exercise one's fair-use right to quote excerpts. Back last March, I wrote about how to do "permission arbitrage", in a post "Making Fair Use of the Report on "Big Media" Meets The "Bloggers"" (there's a certain amount of irony there ...).

It seems as relevant now as it was then, so I'll repost it today.


[Repost]

Dowbrigade has sad comments on difficulty in making fair use of the Shorenstein Center report "Big Media" Meets the "Bloggers": (link credit Dave Winer)

The weird thing is the extent to which the authors have gone to make sure this milestone article in the academic history of the Blogosphere is unbloggable. Excerpts or selections of the text cannot be saved, or copied and pasted. The document cannot be converted to another format or saved as anything else. ... The selection below were typed out by the Dowbrigade, letter by letter.

It takes a very twisted view for a court to believe things like this do not impinge fair use rights ...

The encryption used here is well-known, and trivially within my technical ability to decrypt. But given what happened to the last guy who programmed about PDF files and decryption (the name Dmitry Sklyarov might ring a bell), I'll let someone else take the risk of an unquestioned DMCA 1201(a)(2) violation.

Instead, I'll note a very simple way to get usable text from the restricted file. Observe that printing is allowed. Now, one does not have to get fancy with OCR or images. Simply do a version of the "analog hole". The document can be printed. The printing process has the ability to print to a file. Use that option. That is, print the document to a file instead of directly to a printer. This produces a file in a different format.

There's a "Do not remove this tag under penalty of (DMCA) law" bit of code in that file, which handles the security for usage restrictions. HOWEVER, the text of the document itself is in the clear here! All that's needed is to make it more usable. So extract the whole text chunk from any line in the file where the line starts with a left parenthesis or ends with a right parenthesis (no text chunk has a segment with more than two lines)

That is, cough, I meant to say,

perl -n -e 'print $1 if (/^\(([^)]+)/ || /([^)]+)\)$/);' < shorenstein.ps

[I think I'm allowed to write the English statement, but in peril with the Perl statement, at least under current court precedents]

All done. You now have a file of text which, though not all that pretty in formatting, is quite amenable to cut-and-paste.

Does even this post violate the DMCA? Is it trafficking in "technology" that "is marketed by that person ... for use in circumventing a technological measure that effectively controls access to a work protected under this title."?

You guys at Harvard will defend me, right? Right? Right? ...

Disclaimer: No encryptions were broken in the making of this post.

[UPDATE (from March 2004): I found a simpler, better, procedure (all the following are standard Linux programs)

Use the program xpdf to generate the postscript print file. This program obeys the usage restrictions itself, but does NOT insert the usage restriction code in the generated print output.

Then use pstopdf13 to generate a PDF file from the print file (the default 1.2 version didn't work well, 1.3 works better).

This new PDF file is not usage restricted!

Then run pdftotext over this new file ... and presto, a pretty text version!

I'm really worried now ...
]

Posted by Seth Finkelstein at 09:32 AM | Comments (5) | Followups
October 13, 2004

GoDVD!, DMCA, Macrovision (from Cites & Insights November 2004)

[Note: Blog items may be sporadic due to problems with my net connection, and time available]

Walt Crawford's "Cites & Insights" high-quality library 'zine has already put out the November 2004 issue.

Besides the discussions of open-access, WikiPedia, etc, one item struck me as deeply interesting (note for this one, the quoting of me arises because I found it so interesting, not the other way around, really):

INTERESTING & PECULIAR PRODUCTS in Cites & Insights 4:12 ended with an item on the Sima GoDVD!, a box that "enhances" analog video so you can convert it to digital form to burn to DVD -- and in the process apparently undoes Macrovision copy protection. I noted that Macrovision's president had suggested that GoDVD! violates DMCA and commented "but that's the wrong law: GoDVD! operates entirely in the analog domain, and VHS is an analog medium, so DMCA simply doesn't apply." Seth Finkelstein, who reads more of the law than I ever will, corrected that sentence. Section 1201k of DMCA relates to "Certain Analog Devices and Certain Technological Measures," and is in effect a provision that protects Macrovision copy protection, called "automatic gain control copy control technology" in the law. It outlaws manufacture, import, offering to the public, providing or otherwise trafficking in VHS VCRs, 8mm analog camcorders, Beta VCRs, 8mm analog VCRs if they ever become popular (sell 20,000 copies in a calendar year in the U.S.), or any other analog VCR using NTSC format. My sentence was wrong--but it can still be argued that GoDVD! doesn't violate DMCA. After all, it isn't a VCR or a camcorder; it's just a video enhancement box.

My emphasis on the last sentence. Here's the interesting issue - the DMCA basically mandates Macrovision in recorders. Macrovision, technically, is basically a "bug" in the video signal. So ... does selling signal-enhancing equipment like the GoDVD! (which specifically corrects that bug) violate the mandate? According to the letter of the law, I'd say no. On the other hand, this looks very much like what a hostile judge would view as a loophole. Or at least fodder for a quick amendment. The DMCA was definitely trying to outlaw the anti-Macrovision functionality which is part of the GoDVD! box.

I suppose the upshot is that even if it's true now that the GoDVD! box does not violate the Macrovision section of the DMCA, I'm not optimistic as to how long it will remain true.

Posted by Seth Finkelstein at 01:40 PM | Comments (2) | Followups
October 03, 2004

Blizzard v. BNETD circumvention, permission, and reverse-engineering

At Copyfight, Donna Wentworth notes concerning the Blizzard v. BNETD case and reverse-engineering:

A reader over @ Freedom-to-Tinker observes that "This ruling even implies that the only way to do it is to ask the copyright holder for explicit permission. I'd love to see that: 'Mr. Software developer, I'd like your permission to become your competitor.'" Me too. And pigs growing wings.

Just to clarify people's understanding, that's mixing up two parts of the decision. It's confusing, because the discussion is interleaved, switching back and forth between circumvention itself and the reverse-engineering defense. The relevant passage (my notes in brackets):

The Court finds that the defendants' actions constitute a circumvention of [a work protected by] copyright under the DMCA. It is undisputed that defendants circumvented Blizzard's technological measure, the "secret handshake" between Blizzard games and Battle.net, that effectively controlled access to Battle.net mode. It is true the defendants lawfully obtained the right to use a copy of the computer programs when they agreed to the EULAs and TOU. The statute, however, only exempts those who obtained permission to circumvent [i.e. allowed to decrypt] the technological measure, not everyone who obtained permission to use the games and Battle.net. See Universal City Studios, Inc. v. Corley, [...] (court rejects argument that because DVD buyer has authority to view DVD, buyer has authority of copyright owner to view DVD in a competing platform; court finds that argument misreads - 1201(a)(3) because the provision exempts from liability those who would "decrypt" -- not "use" -- an encrypted DVD with the authority of copyright owner). The defendants did not have the right to access Battle.net mode using the bnetd emulator. Therefore, defendants' access was without the authority of the copyright owner.

A rough translation of the above is "Just like unauthorized Linux DVD players violate the DMCA despite a buyer having a right to view a DVD, unauthorized game emulators violate the DMCA despite a buyer having a right to use a game" (n.b., I am paraphrasing, not agreeing).

This is all concerned with saying that the BNETD emulator is indeed a DMCA circumvention violation, before even discussing reverse-engineering. The "permission" refers to the fact that to be a circumvention violation, the decryption must be "without the authority of the copyright owner". One argument in defense of the legality of independent Linux DVD players, or here, open-source emulators, is that by purchasing the DVD or the game, that purchase is a grant of authority of the copyright owner to decrypt the DVD or game in order to use it (otherwise, what are you buying?). But the courts have so far said that this argument is wrong. You buy the ability to use the DVD or game, but not to decrypt it. The new decryption-right remains with copyright-owner, who can license that right separately. So if you buy a DVD, and want to view it on a Linux machine, but there are no authorized Linux players, tough luck. In essence, for encrypted copyright material, you've subject both to copyright AND the new decryption right ('paracopyright"), which are different sets of laws.

The reverse-engineering is a horror, but it's a different horror.

Disclaimer: I am a programmer, not a lawyer. I just study the DMCA with great personal interest (as in, I don't want to get sued, personally).

Posted by Seth Finkelstein at 08:30 PM | Comments (2) | Followups
October 01, 2004

Blizzard v. BNETD circumvention technical note, pseudo Broadcast Flag

I again read through the Blizzard v. BNETD case, partially because of Ernest Miller's comment:

It is isn't clear to me that the "secret handshake" is circumvented. Blizzard games send an encrypted packet with a key. The BNETD servers ignore the key (not that they would be able to do anything with it). If that constitutes an access control device, there is not much that wouldn't.

The key (err, pun unintended) to this part is to realize that Blizzard basically put a password validation routine for a game feature in a location external to the game, their server. So abstractly, there's the official Blizzard Battle.net routine which is something like:

int validate_key (struct handshake *key) { super-sekrit-magic-yada-yada-.... }

And the emulator stub:

int validate_key (struct handshake *key) { return 1; /* true */ }

According to the court, congratulations, you've just violated the DMCA. This is exactly the sort of interpretation that, had I proposed it, some optimistic lawyers would have told me that no, no, don't confuse it with the Broadcast Flag, see section 1201(c)(3):

o (3) Nothing in this section shall require that the design of, or design and selection of parts and components for, a consumer electronics, telecommunications, or computing product provide for a response to any particular technological measure, so long as such part or component, or the product in which such part or component is integrated, does not otherwise fall within the prohibitions of subsection (a)(2) or (b)(1).

And the trick there seems to be in the phrase "does not otherwise fall within". Apparently, implicit in the Court's reasoning, if you know something is an encrypted password, you have some sort of affirmative duty of care to validate it. And if you just ignore it, that's circumventing it.

I can't say I'm happy about that. But I can't say I'm surprised at it either.

And I really, really, wish people would take into account this sort of court attitude when I talk about my reaction to my own risk of being sued :-(.

Posted by Seth Finkelstein at 11:59 PM | Followups
September 30, 2004

Blizzard v. BNETD (Davidson v. Internet Gateway) Fair Use/DMCA horrors

Blizzard v. BNETD (formally "Davidson & Associates v. Internet Gateway") is a case about the right to reverse-engineer and build a open-source network game emulator. A district court decision has just been issued (via Ed Felten). In sum, it's a horror on every item, and rules solidly against programmer's interests.

Some of the parade of horrors:

The quasi-Libertarian like-it-or-lump-it view of a contract of adhesion:

The parties in this case did have unequal bargaining power because Blizzard is the sole seller of its software licenses; however, the defendants had the choice to select a different video game, to agree to the terms and gain the software and access to Battle.net, or to disagree and return the software for a full return of their money.

The "If you have to ask, you can't afford it" principle (that is, if you're skilled enough to reverse-engineer a program, you're presumed to understand you're forbidden to do it!)

Also, the defendants are not unwitting members of the general public as they claim. They are computer programmers and administrators familiar with the language used in the contract, and have the expertise to reverse engineer and understand source code.

You can click away your fair use rights (my emphasis):

The Federal Circuit in Bowers stated that the First Circuit recognized the contractual waiver of affirmative defenses and statutory rights, therefore, the defendants could contractually waive their fair use right to reverse engineer. Id. The Court finds the reasoning in Bowers persuasive. The defendants in this case waived their "fair use" right to reverse engineer by agreeing to the licensing agreement. Parties may waive their statutory rights under law in a contract.

Open Source [Update2: or Free Software] counts against you in terms of a DMCA defense:

The bnetd emulator had limited commercial purpose because it was free and available to anyone who wanted to copy and use the program.

Interoperability exemption is narrow:

Finally, the development and distribution to others constituted copyright infringement and persons who commit copyright infringement cannot benefit from the exemptions of &sec; 1201(f). See 17 U.S.C. &sec; 1201(f)(2)-(3). "Sections 1201(f)(2) and (3) of the DMCA are not broad exceptions that can be employed to excuse any behavior that makes some device 'interoperable' with some other device." Lexmark Int'l Inc. v. Static Control Components, Inc., 253 F.Supp.2d 943, 970 (E.D. Ky. 2003).

On and on ... Read it and weep.

It's a huge burden to read through dozens of pages of a court case, and then try to figure out something original and insightful to say while a bunch of other people are trying to do the same thing. I'm inclined to stop doing it. But this one was "worth it" tonight :-(.

[Update: See also Ernest Miller's take, Major DMCA/EULA Loss - District Court Clueless in BNETD Case]

[Update2: See also the BNETD v. Blizzard netradio show, where I'm one of the guests]

Posted by Seth Finkelstein at 11:55 PM
August 18, 2004

Internet Archive, DMCA Exemptions, and Press Echo Chamber

Last week, the Internet Archive got some press for DMCA exemptions. That's last week, not last year. Being that the DMCA exemptions were announced last October, this puzzled me. As a DMCA exemption winner myself, with much grief, the topic is very dear to my heart.

It turned into a minor case study of echoing.

We start with the base article, from The Inquirer:

Internet Archive has copyright problems
DMCA exempt for now

By Nick Farrell: Wednesday 11 August 2004, 07:17
[TheInquirer]
The US Internet Archive, which makes archival copies of software and data, said it was technically impossible to do its job because of the Act which forbids copying software. ...

This week the group announced on its site here that the Copyright Office has ordered a temporary exemption for the group's work.

This article is not quite correct, as once more, the exemption were announced in October 2003. And the Archive announcements page shows the particular page was posted on January 08, 2004.

But now the fun begins.

Echo - broadbandreports

Echo - FARK

Echo - LawMeme

Echo - LISNews

Echo - CD Freaks

Echo - Techdirt (but points for at least wondering about the age of the story)

echo, echo, echo, echo ...

All of this generated from one item that arose from a reporter writing about something which was in fact many months old.

And the moral of the story is: Nobody should ever tell me that the paucity of favorable coverage I've received was due to my censorware work not being worthy. That's a rationalization. Because it's too easy to kick me when I'm down, than to admit I was let-down.

Posted by Seth Finkelstein at 11:59 PM | Followups
July 29, 2004

"ACMD" (reverse DMCA) in Apple vs. Real Networks

The copyfight Daily Memo today is about the DMCA legal posturing between Real Networks and Apple over interoperability. Yadda, yadda, naughty-naughty, potkettleblack.

Me too.

I'm amusingly reminded of the SF story "Narapoia", where a character has a feeling that he's following someone, combined with a "strange feeling that people are plotting to do me good". Apple is upset that a rival *encrypts* files to Apple's proprietary format. That is, usually companies complain when people *decrypt* their proprietary format, making files formerly encrypted now free. But here, Apple doesn't want files being put into their proprietary format.

I don't see this as a DMCA violation. Apple wants an "ACMD" (reverse-DMCA). Nobody shall encrypt a file, without the authority of the DRM systems owner ...

Posted by Seth Finkelstein at 11:59 PM | Comments (3) | Followups

Apple FairPlay, DMCA, and circumvention arguments

Ernest Miller discusses the DMCA and encoding songs in Apple FairPlay digital restrictions management:

However, if I use Real's Helix DRM to encode my music, then shift the DRM to FairPlay with Real's new software, I now have a FairPlay-encoded file without having signed a contract with Apple giving them authority to change FairPlay. If Apple now changes FairPlay restrictions, they would be doing so without the authority of the copyright holder, that is, me. So, I should, theoretically, be able to sue Apple for changing FairPlay restrictions under the DMCA.

My take: This is a convoluted version of an old "argument" sometimes put forth that purported to show that the DeCSS case was invalid. The story ran like this:

"The DMCA talks about decoders. But it doesn't say anything about encoders. Suppose I take a DVD movie for which I am the author and which I own the copyright. I then encode my own DVD movie with the *CSS* algorithm (that is, I use only an *encoder*, not a *decoder*). I now have a CSS-protected DVD. Thus every DVD player counts as a circumvention device, because they can play my DVD without my authority as the copyright owner! *GOTCHA!*"

What's wrong with this? Though of course it's appealing to the programmer mindset, I think the formal flaw is in the definition of "circumvent". The courts will look to the design of the system, grounding that in the "authority of the copyright owner".

The argument then basically reduces down to "Assume I get a unlicensed FairPlay encoded file of my own. If Apple changes FairPlay, that's now a circumvention device against my rights".

Per above, I argue that if Apple changed the FairPlay system with the consent of all copyright owners which it has formally licensed the system, that change wouldn't be circumvention. Such a change won't be made into circumvention by having some unlicensed uses of the system.

And realistically, the courts are going to draw exactly this distinction, as with the Chamberlain vs Skylink (garage door opener) case.

It circles back to what I mentioned recently, that copyright isn't logical in the abstract, We've only had it pounded into us not to think about that, because to do so means you're a Commie insufficiently respectful of "property" rights.

If any logical hack can be resolved by simply saying "the defendant is a bad guy, so he loses", then the courts won't have a problem with it.

Posted by Seth Finkelstein at 01:13 AM | Comments (1) | Followups
June 22, 2004

Personal Technology Freedom Coalition

Speaking of assembling political coalitions, a "Personal Technology Freedom Coalition" has been formed to lobby for the DMCRA (a DMCA reform bill).

The Personal Technology Freedom Coalition kicked off Tuesday with a Capitol Hill press conference and support from more than two dozen organizations and companies. Supporters ranged from the United States Student Association and Consumers Union to tech giants Intel Corp., Sun Microsystems Inc. and Gateway Inc. Four major telecommunications carriers and ISPs, including Verizon Communications Inc. and BellSouth Corp., also joined the coalition.

A cynical view: Money? Money? Where are the lobbyists, I don't even see a website.

I've been thinking of this part of the DRM speech

But now we live in a world where any cipher used to fence off a copyrighted work is off-limits to that kind of feedback. That's something that a Princeton engineering prof named Ed Felten discovered when he submitted a paper to an academic conference on the failings in the Secure Digital Music Initiative, a watermarking scheme proposed by the recording industry. The RIAA responded by threatening to sue his ass if he tried it. We fought them because Ed is the kind of client that impact litigators love: unimpeachable and clean-cut and the RIAA folded. Lucky Ed. Maybe the next guy isn't so lucky.

Matter of fact, the next guy wasn't. Dmitry Skylarov is a Russian programmer who gave a talk at a hacker con in Vegas on the failings in Adobe's e-book locks. The FBI threw him in the slam for 30 days. ...

Sigh ...

Posted by Seth Finkelstein at 11:59 PM | Followups
June 15, 2004

Atari v 321 Studios, DMCA lawsuit over Games X Copy

321 Studios, which makes backup-software, is being sued under the DMCA by Atari and other Entertainment Software Association members, over 321's Games X Copy backup product (via Copyfight).

Press Release: Leading video game companies sue 321 studios

Text of complaint against 321

By coincidence, I was just going through the decision of 321 v MGM, a similar DMCA case, which 321 lost. Notable excerpts (my emphasis):

This Court finds, as did both the Corley and Elcom courts, that legal downstream use of the copyrighted material by customers is not a defense to the software manufacturer's violation of the provisions of S 1201 (b)(1).

And

Fair use and misuse are defenses only to copyright infringement claims, which are not at issue in this motion. Additionally, as this Court has already related in some detail in the summary judgment portion of this opinion, the First Amendment is not an affirmative defense to a claim under the DMCA. Therefore, as 321's proposed amended defenses are futile, this Court DENIES the motion to amend counterclaims.

Frankly, I don't think 321 Studios has a chance here.

Posted by Seth Finkelstein at 06:55 PM | Comments (2) | Followups
May 19, 2004

DMCRA hearing and points of view

Matt Rolls a Hoover has a follow-up assessment of the DMCRA hearings (remember, the confusingly-named "DMCRA", the "Digital Media Consumers' Rights Act", is the anti-DMCA). Matt collects a set of reactions, In particular, my DMCRA hearing impressions, where he summarizes:

Seth Finkelstein has his notes about the hearing at Infothought. He refers to the discussion of the DMCA rulemaking process, saying "I definitely thought I had something to say!" I thought his point of view was well represented by various panelists, including Miriam Nisbet of the American Library Association and Gigi Sohn of Public Knowledge.

Will all due respect to the fine efforts noted above, I'd like to assert it's not the same. My point of view, of how hard it was, of spending hundreds of dollars of my own money while unemployed since I couldn't get any funding support, of having to basically potentially admit liability under standard copyright, trade secret, and reverse-engineering in violation of shrink-wrap license, of making oneself a personal target - these aspects did not seem to be well-represented. And my victory turned out to ultimately be somewhat pyrrhic in its cost.

Moreover, tool-making and distribution is important in this context, so other people can reproduce and do validation, which is the essence of research. The censorware companies will just lie, and for me, there sure won't be any Slashdot story defense of "a lie about the results" (heck, I'd be lucky if there wasn't Slashdot support for attacks on me!). Perhaps that's put a bit raw, but the idea that those interests facing embarrassing exposes will lie and use legal grounds to suppress embarrassing material, should be thoroughly understood (Diebold!)

Maybe all of that is irrelevant to the focus of the hearings. But I think the fair use and technology discussions missed some important nuances.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
May 12, 2004

DMCRA hearing impressions

I've been listening to the DMCRA hearing, having it playing in the background like radio, via webcast, as I do other things (some people listen to Howard Stern, some to NPR ... I'm listening to "The Digital Media Consumers' Rights Act" hearing - isn't the Internet great?). Note thus the following is meant to be impressionistic, rather than journalistic. I was not taking notes, nor listening with rapt attention.

It would great if everyone could just take a loyalty oath at the start and thus get beyond the endless querying about whether they believe in some sort of heretical radicalism. Something like:

"I am not now, nor have I ever been, a member of the Communist Party. I pledge allegiance to copyright, and to the intellectual property system for which it stands, one compensation, responsible, with property and profit for all."

That is, one deep issue is the conflict between the controls sought by the industry, and the effects those controls have in terms of inhibiting fair use in practice. This is a complicated problem. And it's a waste of time to go around "Are you some sort of Commie?" (paraphrased, not literal) all the time.

Lessig vs. Valenti is like a cage-match :-). Lessig makes a great case to my ears, and I'll join the cheering section here (2-4-6-8, who's net copy-great, Lessig!). I'm not sure how well it goes over with those not already in the choir, though. Quite a few of the hearing audience seemed to me to be willing to grant the industry the benefit of any doubt. Strategically, fighting "pirates" with "fair use" seems unbalanced (hence the search for the "loveable hero")

Robert Moore, of 321 Studios, was surprising strong and good in his testimony. He did an excellent job of fielding many hostile questions well.

The MPAA and RIAA people don't like techs - they complain much about Hacking! Hacking! Hacking!

I'm biased, but I think technologists have something to say here. For example, Jack Valenti (mis)quoted Ed Felten. Even if this hearing was only about consumer issues, a prominent subject was whether it was possible to make usage restriction technology which somehow only permitted fair use. And what wins if that couldn't be done.

I'm really biased, but when they discussed whether or not fair use was being served by the Library of Congress Rulemaking about DMCA Exemptions, I definitely thought I had something to say!

Listening to these hearing is probably bad for me. It's always a tug to do more net-activism. Except that'll likely kill me, at least metaphorically, and probably literally, from stress.

[Update: Recommendation: See Matt Rolls a Hoover for hearing notes, excellent unpaid, I mean "citizen", journalism (thanks Derek)]

Posted by Seth Finkelstein at 04:29 PM | Followups
May 11, 2004

DMCRA hearing witness list available now

[Breaking news! Citizen journalism! Original reporting! You heard it here first (all dozen readers or so ... see previous DMCRA hearing entry about coverage)]

[Remember, DMCRA, the "Digital Media Consumers' Rights Act", is the anti-DMCA]

The witness list, that is, the people who will be testifying in the hearing, is now available, at http://energycommerce.house.gov/108/Hearings/05122004hearing1265/hearing.htm

It's an impressive line-up (more than a dozen panelists):

Lawrence Lessig, Jack Valenti (MPAA), Cary Sherman (RIAA), and more.

Witness statements aren't available there yet, but the Lessig DMCRA testimony is posted on his site.

[And if anyone is wondering, I didn't even try to be a witness here. It's above my status level, and there would be no support for me to do it anyway. Though deep down, as a person "primary responsible" for a DMCA exemption, I do think that I would have something to say.]

Posted by Seth Finkelstein at 08:44 PM | Followups
May 08, 2004

Links - 1) DMCRA hearing 2) WIPO Broadcasting Treaty

1) If you're following the DM*C*RA ( "DMCRA", the anti-DMCA) upcoming May 12 hearings, I haven't seen mention of the following important page:

Hearing - H.R. 107, The Digital Media Consumers' Rights Act of 2003
http://energycommerce.house.gov/108/Hearings/05122004hearing1265/hearing.htm

I actually called them up to try to find out more information, for some complicated reasons, and had a very small adventure in "unpaid", I mean "citizen", journalism. (Them: "Who are you with?" Me: "The Infothought blog" - that actually worked, or at least, if they were sneering, they kept it out of their voice). But no info. (it might have worth developing something if I were a "paid", I mean "not citizen", journalist. But I'm not).

2) David Tannenbaum Coordinator of the Union for the Public Domain wrote me:

I am a fan of your work, and am writing in my capacity as coordinator of Union for the Public Domain. We are a non-profit organization dedicated to protecting the public domain from threats like the WIPO Broadcasting Treaty which is about to be negotiated. If you think it is worth drawing attention to it, I was hoping that you might give the treaty a mention on your blog. ...

One of the big hurdles we face in trying to change treaties like this one is that we don't actually know where governments stand on the various provisions, until very late in the game. That's been even more true for this treaty because it so much out of the public eye.

We're trying to overcome that this time by distributing a survey that we hope volunteers will administer to their country representatives. We will then post the results on our web site.

Is there any chance you would be able to give this a mention on your blog and maybe even a link to the survey? http://www.public-domain.org/?q=node/view/30

Mentioned, linked. And for more links, he supplies:

P.S. For more information on the details of the treaty see Ernest Miller's excellent article at
http://www.corante.com/importance/archives/002925.html,
and Edward Felten's sharp analysis at
http://www.freedom-to-tinker.com/archives/000571.html.

Posted by Seth Finkelstein at 11:59 PM | Followups
May 06, 2004

DMCRA (Digital Media Consumers' Rights Act), 321 Studios, and coverage

The "DMCRA", the "Digital Media Consumers' Rights Act", is an opposition bill to the infamous DMCA, the Digital Millennium Copyright Act. It's a horrible name, since it's so easy to confuse the two. Anyway, there's an upcoming hearing on the good bill (DMCRA) to modify the bad law (DMCA). I was curious as to how coverage of this hearing was being generated. I was, and remain, extremely bitter regarding how my own DMCA efforts were virtually blacked-out of press coverage, in part quite deliberately due to the Censorware Project / Michael Sims / Slashdot grudge-holding.

It turns out all the coverage I've seen can be entirely traced to a 321 Studios press release:

A Congressional Hearing for H.R. 107, the Digital Media Consumers' Rights Act (DMCRA), has been set for Wednesday, May 12, at 10:00 AM Eastern. ...

321 Studios Founder and President Robert Moore has been asked to testify at this historic fair use Congressional hearing. 321 Studios is the developer of the award-winning DVDXCOPY series of DVD backup software -- a product now banned in the United States after a group of Hollywood studios sued the company, and two federal judges decided that DVDXCOPY was in violation of the 1998 Digital Millennium Copyright Act (DMCA).

Now follow the bouncing ball. From appearing at Yahoo News to coverage at USA today.

This didn't just happen emergently, spontaneously, representing a groundswell of opposition to copyright restrictions and support for those who fight them. Rather:

IT'S BECAUSE 321 STUDIOS SPENT HUNDREDS OF DOLLARS ON A PRESS RELEASE!

And last April, when I did my DMCA testimony, after spending hundreds of dollars in expenses out of my own pocket while unemployed for a long time, I didn't have more hundreds of dollars to spend additionally on PR. I still don't have hundreds of dollars to throw around on PR.

Oh yeah, I forgot, I do have a blog.

Posted by Seth Finkelstein at 01:55 AM | Followups
March 24, 2004

Cites & Insights - special "Broadcast Flag" edition

Walt Crawford has a special "Broadcast Flag" edition of his library 'zine (not blog) "Cites & Insights":

On November 4, 2003, the Federal Communications Commission (FCC) adopted a Report and Order and Further Notice of Proposed Rulemaking in the Matter of: Digital Broadcast Content Protection, MB Docket 02230. In English, the FCC adopted the Broadcast Flag. You can find the lengthy report (72 pages single-spaced, plus four appendices) on the web. This commentary may be long but it's far from comprehensive--and certainly not final, since the rulemaking is only a first step. My aim here is to provide a reasonable sampling of background, direct documents, and apparent consequences--and to give you some reason to believe that librarians, and those concerned with the future of digital technology in the U.S., should be concerned about the Broadcast Flag and its implications.

All worth reading, and recommended. I've not been much involved in that battle, though I've mentioned some "Broadcast Flag" strategies.

I do have one note of commentary (emphasis mine):

Paragraph 41 is also interesting as it cites limits within DMCA: nothing in this section shall require that the design of, or the design and selection of parts and components for, a consumer electronics, telecommunications, or computing product provide for a response to any particular technological measure, so long as such part or component, or the product in which such part or component is integrated, does not otherwise fall within the provisions... In other words, DMCA doesn't require new technological measures. Does that call into question the FCC's ability to impose such measures? Not according to the FCC: They limit the significance of the emphasized section to one subsection of DMCA, and deem it as not in any way limiting the FCC from imposing such requirements.

Well, sadly, basically, the FCC is right on this point (in my nonlawyer but DMCA studied view). The DMCA does not require a broadcast flag. But there's no pre-emption or affirmative limit there. That is, even though the DMCA doesn't mandate it, some other law or regulation could give the FCC the power to impose this, and that would not be a conflict. That's what the FCC is saying.

The FCC's claim to have authority over equipment-makers strikes me as broad, but there might actually be some precedent for it. But even if so, it would be on a very different basis from the DMCA.

Posted by Seth Finkelstein at 08:36 AM | Comments (1)
March 08, 2004

PDF, DMCA, and "Do Not Remove This Tag Under Penalty Of Law"

Tech Law Advisor (Kevin Heller) very kindly noted my previous "fair use" post, but the summary was just a little bit off:

Seth F. makes fair use of the report on "Big Media" Meets The "Bloggers" [pdf] by printing to file and removing some text in a nicely marked tag that says "Do not remove this tag under penalty of (DMCA) law".

Umm ... no offense meant. But the whole point of my postings is to avoid removing anything from that tag, because to do so is arguably a DMCA violation. And Adobe does not play nice with programmers who decrypt PDF's (note the Tech Law Advisor item was written before I updated my post with a procedure that could more closely be misdescribed per above).

[Not-a-digression: People don't understand why I worry so much about the impact of, e.g., a hatchet-job from Declan McCullagh, or a Slashdot-smear given the de facto support of "editor" Michael Sims. If I get into serious DMCA trouble, I'm never going to be able to defend myself from malicious press attacks.]

Anyway, if one prints (with the Adobe Acrobat reader) a usage-restricted PDF document to a file, that file begins with the following almost literal "Do Not Remove This Tag Under Penalty Of Law (DMCA)" notice:

% Removing the following eight lines is illegal, subject to the Digital Copyright Act of 1998.
mark currentfile eexec
54dc5232e897cbaaa7584b7da7c23a6c59e7451851159cdbf40334cc2600
30036a856fabb196b3ddab71514d79106c969797b119ae4379c5ac9b7318
33471fc81a8e4b87bac59f7003cddaebea2a741c4e80818b4b136660994b
18a85d6b60e3c6b57cc0815fe834bc82704ac2caf0b6e228ce1b2218c8c7
67e87aef6db14cd38dda844c855b4e9c46d510cab8fdaa521d67cbb83ee1
af966cc79653b9aca2a5f91f908bbd3f06ecc0c940097ec77e210e6184dc
2f5777aacfc6907d43f1edb490a2a89c9af5b90ff126c0c3c5da9ae99f59
d47040be1c0336205bf3c6169b1b01cd78f922ec384cd0fcab955c0c20de
000000000000000000000000000000000000000000000000000000000000
cleartomark

Is it actually illegal to remove the lines under the DMCA? Maybe. Again, talk about "Do Not Remove This Tag Under Penalty Of Law"!

Now, this is well-known, and the decryption of it can even be found in a PDF FAQ

But my observation was that for the particular document under discussion the relevant text was already in the clear at this point. So one didn't have to circumvent the PDF restrictions, merely extract the available text.

I hope the previous many lines are not illegal, subject to the Digital Copyright Act of 1998. I hope.

Posted by Seth Finkelstein at 08:18 AM | Comments (2) | Followups
March 07, 2004

Making Fair Use of the Report on "Big Media" Meets The "Bloggers"

Dowbrigade has sad comments on difficulty in making fair use of the Shorenstein Center report "Big Media" Meets the "Bloggers": (link credit Dave Winer)

The weird thing is the extent to which the authors have gone to make sure this milestone article in the academic history of the Blogosphere is unbloggable. Excerpts or selections of the text cannot be saved, or copied and pasted. The document cannot be converted to another format or saved as anything else. ... The selection below were typed out by the Dowbrigade, letter by letter.

It takes a very twisted view for a court to believe things like this do not impinge fair use rights ...

The encryption used here is well-known, and trivially within my technical ability to decrypt. But given what happened to the last guy who programmed about PDF files and decryption (the name Dmitry Sklyarov might ring a bell), I'll let someone else take the risk of an unquestioned DMCA 1201(a)(2) violation.

Instead, I'll note a very simple way to get usable text from the restricted file. Observe that printing is allowed. Now, one does not have to get fancy with OCR or images. Simply do a version of the "analog hole". The document can be printed. The printing process has the ability to print to a file. Use that option. That is, print the document to a file instead of directly to a printer. This produces a file in a different format.

There's a "Do not remove this tag under penalty of (DMCA) law" bit of code in that file, which handles the security for usage restrictions. HOWEVER, the text of the document itself is in the clear here! All that's needed is to make it more usable. So extract the whole text chunk from any line in the file where the line starts with a left parenthesis or ends with a right parenthesis (no text chunk has a segment with more than two lines)

That is, cough, I meant to say,

perl -n -e 'print $1 if (/^\(([^)]+)/ || /([^)]+)\)$/);' < shorenstein.ps

[I think I'm allowed to write the English statement, but in peril with the Perl statement, at least under current court precedents]

All done. You now have a file of text which, though not all that pretty in formatting, is quite amenable to cut-and-paste.

Does even this post violate the DMCA? Is it trafficking in "technology" that "is marketed by that person ... for use in circumventing a technological measure that effectively controls access to a work protected under this title."?

You guys at Harvard will defend me, right? Right? Right? ...

Disclaimer: No encryptions were broken in the making of this post.

[UPDATE: I found a simpler, better, procedure (all the following are standard Linux programs)

Use the program xpdf to generate the postscript print file. This program obeys the usage restrictions itself, but does NOT insert the usage restriction code in the generated print output.

Then use pstopdf13 to generate a PDF file from the print file (the default 1.2 version didn't work well, 1.3 works better).

This new PDF file is not usage restricted!

Then run pdftotext over this new file ... and presto, a pretty text version!

I'm really worried now ...
]

Posted by Seth Finkelstein at 04:05 PM | Comments (5)
February 23, 2004

321 Studios v MGM, DMCA, fair use, and the _Eldred_ pony-hunt

Last year, there was a DMCA / fair use "pony hunt" to find a way to argue that a sentence in the Eldred decision would undo the legal hack where the DMCA hacks-away fair use. Unfortunately, we are still left with a pile of manure: (my emphasis below)

http://www.eff.org/IP/DMCA/MGM_v_321Studios/20040219_Order.pdf

"This Court concludes that the challenged portions of the DCMA do not unconstitutionally burden the fair use rights of users of the copyrighted material. In reaching this result, the Court rejects as too sweeping plaintiff's claim that such users have a First Amendment right to make fair use of copyrighted works based on Eldred v. Ashcroft, 123 S. Ct. 769 (2003). The Eldred case stated that "in addition to spurring the creation and publication of new expression, copyright law contains built-in First Amendment accommodations . . . the `fair use' defense allows the public to use not only facts and ideas contained in a copyrighted work, but also the expression itself in certain circumstances." Eldred, 123 S. Ct. at 788-89. However, the Court went on to state: "[t]he First Amendment securely protects the freedom to make ­ or decline to make ­ one's own speech; it bears less heavily when speakers assert the right to make other people's speeches. To the extent such assertions raise First Amendment concerns, copyright's built-in free speech safeguards are generally adequate to address them." Id. at 789. While the Court further declared that copyrights are not immune from challenges under the First Amendment, it is a stretch to claim that Eldred mandated absolute First Amendment protection for fair use of copyrighted works. As the First Amendment bears "less heavily" in situations such as this, this Court determines that the burdens concededly imposed by the DMCA do not unconstitutionally impinge fair use rights. Although not all content on DVDs may be available in other forms, plaintiffs have conceded that it is possible to copy the content in other ways than in an exact DVD copy. This Court agrees with this analysis in Corley: We know of no authority for the proposition that fair use, as protected by the Copyright Act, much less the Constitution, guarantees copying by the optimum method or in the identical format of the original. . ."

Posted by Seth Finkelstein at 04:45 PM | Comments (1) | Followups

321 Studios (DVD-X COPY) loses (badly!) DMCA legal ruling

321 Studios, the makers of DVD backup program DVD-X COPY, have lost (and lost big) in a legal decision.

http:/ /www.eff.org/IP/DMCA/MGM_v_321Studios/20040220_eff_pr.php

Court Endorses Ban on DVD Copy Technology

Electronic Frontier Foundation Urges Digital Copyright Law Reform

San Francisco - Consumers suffered a setback to their digital rights today when a California federal court sided with the major motion picture studios in ruling that a company creating tools people can use to make backup copies of their DVDs is liable under copyright law. Citing the Digital Millennium Copyright Act (DMCA), the court ordered 321 Studios, creator of DVD backup tools, to stop selling its DVD Copy Plus and DVD-X COPY products within seven days. 321 Studios is likely to appeal the ruling.

[Source material at:
http://www.eff.org/IP/DMC A/MGM_v_321Studios/
http:// www.eff.org/IP/DMCA/MGM_v_321Studios/20040219_Order.pdf

Read it and weep, folks. In the Order, every single geek argument is slammed, and slammed hard. In particular:

"This Court finds, as did both the Corley and Elcom courts, that legal downstream use of the copyrighted material by customers is not a defense to the software manufacturer's violation of the provisions of - 1201 (b)(1)."

Fair Use is no defense to the DMCA tools provision, sayeth this Court.]

Posted by Seth Finkelstein at 04:15 PM | Followups
January 07, 2004

Cites & Insights Midwinter 2004

Walt Crawford's library 'zine (not blog) "Cites & Insights" has a very special issue in the Midwinter 2004 edition. It's a veritable guide for the perplexed, defining frequent references which appear in the publication. Well worth saving, as a handbook/reference/scorecard for the players and controversies in these topics. I even have an entry to myself:

Finkelstein, Seth
A consulting programmer and censorware activist and researcher; you'll find lots more at sethf.com, including Finkelstein's own weblog. Cites & Insights uses "censorware" rather than "filters" after reading and considering Finkelstein's arguments. He has provided valuable research results on how censorware actually works. He's also gotten into trouble in various ways, including interpersonal issues with other people in the censorware-research field (I wasn't there, I don't know the whole story) and various threats of legal action from censorware companies. Finkelstein was primarily responsible for the renewed DMCA exemption for decrypting censorware banned-site lists--but, given a lack of institutional backing and the constant threat of legal action, he's apparently dropping out of active research in that field. (Also one of the most active Cites & Insights correspondents, whose acute analysis frequently exposes my sloppy thinking and writing.)

Posted by Seth Finkelstein at 07:09 AM | Comments (1) | Followups
December 22, 2003

Jon Johansen acquittal upheld!

Jon Johansen has been acquitted again! (link credit - Lessig )

A panel of judges Monday cast aside the appeal that prosecutors had filed to a lower court decision handed down in January. That means the lower court's decision will stand, at least until another eventual appeal takes the case to Norway's supreme court.

The lower court had ruled that Johansen, now 20, did nothing illegal when he helped crack DVD copy protection codes in 1999 and then publicized how he did it. The prosecution had sought a suspended jail term, confiscation of his computer equipment and a fine of NOK 20,000 (less than USD 3,000).

This is great news. A win is always great news. It would have been very bad news if he had lost.

HOWEVER ...

This is NOT quite so great news as people will think, for two reasons:

1) Contrary to myth, Jon Johansen's DeCSS work wasn't the reverse-engineering of CSS. That part of the creation of DeCSS was done by an anonymous German.

2) With new more DMCA-type laws being proposed and passed all the time, being found innocent here, does not mean the next programmer charged, will be found innocent. That is, they'll just change the law. See my old post on Grokster, Streamcast copyright win, vs. LaMacchia case

Again, victory is good. But let's keep in mind what's been won - and what hasn't!

Posted by Seth Finkelstein at 11:51 AM | Followups
December 03, 2003

DeCSS history / Jon Johansen, MoRE

To supplement the Jon Johansen (re)trial, the DeCSS history below makes good reading for those interesting in primary sources.

From: http://www.free-dvd.org.lu/css-chain-of-events.txt

- The Truth about DVD CSS cracking by MoRE and [dEZZY/DoD] -
------------------------------------------------------------

Date: 4th of November 1999.
By: [dEZZY/DoD], [MultiAGP & German dood of MoRE]

This document is written cooperatively by the two groups that independently and simultaneously cracked the DVD Content Scrambling System, in order to straighten out mass media confusion.

DoD -> Drink or Die: "warez bearz from Russia and Beyond"
MoRE -> Masters of Reverse Engineering

[dEZZY/DoD] alone is the author of DoD DVD Speed Ripper.
MoRE is a new group and they are the authors of DeCSS.

Lately, Jon Johansen of MoRE has been pretty much all over the news in Norway, though he had NOTHING to do with the actual cracking of the DVD CSS protection. Yes, it was MoRE who did DeCSS, but the actual crack was not a team effort, MoRE didn't even exist back when the anonymous German (who is now a MoRE member) cracked it...

Most of the papers chose a headline very similar to this:
"15-year old Norwegian cracked the DVD-code".
They probably did this because they wanted to make a big Norwegian "Wooohoooo" out of it. This was also pretty much the contents of the TV show "Vestfold-sendingen" where they brought up matters from Vestfold, Norway where Jon Johansen lives.

In most newspapers they vagely included the name MoRE, and that DeCSS was a team effort, but neither MoRE nor DoD liked the headlines. Jon's comment on this matter is: "I never told the media that I had cracked the dvd encryption. What I told them, was that we (MoRE) had made an app called DeCSS which would decrypt dvd movies and let them be played off your hd, or off dvdrs if you have a dvd burner. I always used _we_ and _MoRE_ when talking to them. I never said anything about me or my position in the group.

Now that the storm is over, I see that all they were after, was to get a big story. They even included some of "my" quotes, which I never said. When media starts making up stuff, it's really sad. I know that this has been done before in Norwegian media, regarding the cooperation between a computer group at my school and the school people in charge of the network. All I can say is that I'm very sorry that the media twisted my words, and even lied, to make it appear as I had done the cracking myself. I'm pretty sure that I will do everything to avoid the media in the future, but if I'm forced to talk with them, I'll have to get them to sign an agreement. Again, I apologize on the behalf of Norwegian press, and I hope that this document will make everything clear. The truth shall set you free."

DoD DVD Speed Ripper was developed by [dEZZY/DoD] at the same time as DeCSS. The first release of DoD's app (which came out a couple of weeks before the first release of DeCSS) did not work with all (WB) titles, like The Matrix. This was known by [dEZZY/DoD] at the time of his release. MoRE decided to wait until they could fix this. In short time, [dEZZY/DoD] solved the problem and MoRE's top coder/disassembler from Germany used that information to get DeCSS working with every movie before they released it, along with a GUI. DeCSS was then the first application which decrypted ALL dvd titles, since DoD had not released a new version to the public. How MoRE got their hands on the information by [dEZZY/DoD], seems to have something to do with the Linux community...

Why Drink or Die didn't want to release a new version so soon, was because warez sites nuke programs that are too close in release (minimum 2-3 weeks). Meanwhile when DeCSS came out, it caused DoD to delay any Windows release until a GUI version of their Speed Ripper was done. However, they released a Linux version of their ripper late October 1999. As for the new Windows version of the Speed Ripper, [dEZZY/DoD] has been very busy with his education and hence the ripper is extremely delayed.

[dEZZY/DoD] already got the idea of reverse engineering a DVD player for the CSS code back in late summer 1998. He was not able to do it at the time since he did not have access to a DVDROM. In the beginning of 1999, MoRE's German member also got the idea. [dEZZY/DoD] and MoRE's German member got CSS decryption code working at the same time (middle of September 1999), without having shared info (although they knew about each other). After [dEZZY/DoD] solved "the problem", MoRE's German member, as stated above, implemented these changes and added them to DeCSS for release.

Before DeCSS was developed and released, MoRE had already sent the source for the decryption to their contact in the Linux DVD community, Derek Fawcus <derek@spider.com>. This is the reason why one of Wired's news reporters was put on the case.

[dEZZY/DoD] also had relations in the Linux DVD community (who does not want to be mentioned), but decided not to release the source code publicly (at least not for the moment).

Enjoy the software!


- Jon Johansen [MoRE]
- anonymous German cracker [MoRE]
- [dEZZY/DoD]

Posted by Seth Finkelstein at 11:59 PM | Followups
December 02, 2003

Jon Johansen Trial

Jon Johansen, one of the three people of a group creating the DVD decryption program DeCSS (note DeCSS history is not at all the common media portrayal of the lone teen cracker breaking Hollywood's codes, no disrespect intended), is now undergoing his second criminal trial. I just mentioned he's in fact one of three people in the group - the other two are staying anonymous. And as I say, it should thus be screamingly obvious why they are staying anonymous - including the German programmer "Ham" who actually did that particular DeCSS reverse-engineering.

There's coverage, of course. IP Justice has a nice press release, and a very good DeCSS Litigation Timeline. EFF has useful Johansen DeCSS case archives

Jon Johansen's been facing criminal prosecution for around four years now. My heart goes out to him on that point. A criminal trial is one of the most stressful things a person can face. And he wasn't the critical decryption programmer either, keep that in mind (again, no offense meant). People just don't get it, whenever I talk about how I don't want to go through something like that myself. It's an abstraction. They see him being made into a hero, at least getting a defense, and they tell me I'll be a hero too. But I've never, ever, gotten a defense, quite the opposite. The lack of support drove me to quit. And these sorts of risks are part of the reason.

Posted by Seth Finkelstein at 01:35 PM | Followups
November 14, 2003

Chamberlain v. Skylink - Garage Door Opener as (not) DMCA Violation, confirmed

"Chamberlain v. Skylink - Garage Door Opener as (not) DMCA Violation" case has now been decided, in favor of the freedom to open garage doors.

The earlier decision was preliminary, but this district court decision is the end of this round, no more arguments at the district court level (but there could still be appeals).

It is a great day if you're a garage door, or interested in them. Most interestingly, the basis for the decision seems to again put much stress on "expectations":

Chamberlain concedes that it never warned customers against using unauthorized transmitters but explains that it did not do so because it had no idea that other transmitters could be made to operate its rolling code [garage door openers]. ... Chamberlain's failure to anticipate such technology, however, does not refute the fact that homeowners have a reasonable expectation of using the technology now that it is available.

And

[garage door openers] transmitters are similar to television remote controls in that consumers of both products may need to replace them at some point due to damage or loss, and may program them to work with other devices manufactured by different companies. In both cases, consumers have a reasonable expectation that they can replace the original product with a competing, universal product without violating federal law.

Well, there's many people who think they have all sorts of "reasonable expectations" of what they can do with the DVD's they have purchased, but sadly, that hasn't ever seemed to sway a court (yet?).

Posted by Seth Finkelstein at 01:43 AM | Followups
November 10, 2003

SunnComm, MediaMax CD3, and the shift key - revisited

Ernest Miller has a note on Sony's CD DRM Makes a Comeback, where he describes new Sony CD copy restrictions. He then asks, rhetorically:

How long before someone like Alex Halderman writes a critique of Sony's DRM as devastating as Halderman's analysis of SunnComm's (Analysis of the MediaMax CD3 Copy-Prevention System).

That reminds me ...

Around October 31, I submitted another question to Peter Jacobs, the president of SunnComm (remember, this is the company which threatened to use the DMCA to sue over that research), using their "Ask The Prez" form.

[Begin ask-the-prez question]

At the webpage http://www.afterdawn.com/news/archive/4569.cfm a poster who is apparently an employee of SunnComm states in part:

"... we decided not to go after [Alex Halderman], and not because of the shift key, but because ultimately, the media's 'spin' would eventually become bigger (and badder) than the actual initial problem."

Would you be willing to confirm this statement? Now, I'm not asking about the shift key, I understand about the shift key, you need not tell me about the shift key. Rather, I'm asking if it is accurate that SunnComm decided not to "go after" the researcher because of the bad publicity it would generate for SunnComm (note I'm not asking if SunnComm considered that bad publicity to be warranted).

Please consider the reply for public consumption.

[End ask-the-prez question]

Unlike my last question to SunnComm, this time around there was no reply ...

Posted by Seth Finkelstein at 11:58 PM | Comments (1) | Followups
November 04, 2003

More DMCA censorware exemption press recognition round-up

I've been tracking further press of my censorware DMCA victory

I was mentioned in the EFF press release on the DMCA exemptions, which was also later echoed in the EFFector newsletter:

"EFF Pioneer Award recipient Seth Finkelstein was instrumental in lobbying for censorware exemptions to the DMCA for each U.S. Copyright Office rulemaking period."

Dave Farber accepted a posting about my DMCA victory for an Interesting-People list message

The usual suspects wrote blog entries, just for example, bIPlog and The Importance Of

I particularly enjoyed the item on the blog Penguinal Ebullience

Huge, massive, gigantic props to Seth Finkelstein, who flew out to testify at the spring hearing with his own scratch, and whose testimony utterly conflagrated the arguments of censorware maker N2H2's David Burt. I believe it would be hard to overstate Seth's influence in winning the censorware exemption.

And Lenz Blog - Seth Finkelstein's Success

Seth Finkelstein has won one of the DMCA exemptions recently granted by the Copyright Office by contributing important comments under difficult circumstances. Good news.

The obvious question, however: Why does he have to pay for his own plane ticket? Considering the impact he has made, I sure hope that won't be necessary the next time around.

James Tyre did a censorware.net piece "Censorware Exemption to DMCA Anti-circumvention Provisions In Effect For Another Three Years"

This is all pleasant. This is nice. Especially the EFFector newsletter and Interesting-People appearances, those are level 4 circulation (order-of-magnitude 10,000 readership).

At the risk of sounding like an ingrate, it still all feels a little light for the effort it took, and win. It's better to have publicity at level 4, than none at all. But my benchmark here was level 5, e.g. The New York Times, as again was given in the 2000 rulemaking to someone else (once more, I'm the "anonymous informant[s]" of that article). After all, there were many articles, including a full front-page Slashdot story on Static Control's inaccurate claim to have won - based solely on their press release (I need a press agent).

I know, the common thinking says one is not supposed to measure and analyze such things, it's not classy. But I long ago gave up any pretensions to joining high society, especially where it means denying the realities of mathematics.

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
November 01, 2003

Censorware companies unhappy about DMCA exemption ruling?

I can't prove it, and shouldn't say too much in specific, but certain indications have been that in the halls of the now-combined censorware company N2H2/Secure Computing, they were not pleased with my censorware DMCA victory

My speculation is that paragraphs such as the following, are anathema to them:

Opponents argued that circumvention is not necessary because other alternative sources for the information sought to be obtained are available, but the proponents of the exemption successfully discredited this assertion. While it is true that limited "querying" of the databases is available on some of the filtering software companies' sites, the circumscribed nature of this querying foreclosed comprehensive or meaningful results. Opponents produced evidence that many reviews of filtering software platforms reached conclusions based on these querying capabilities or by utilizing various sampling techniques, yet this evidence only proved that some parties were willing to settle for the results produced by such superficial tests. In light of the millions (or more) of potential URLs, it is indisputable that actually viewing the entire list of blocked Internet locations will produce data much more comprehensive than querying about one hundred URLs.

And

The ability to engage in legitimate research, criticism and comment about filtering software is even more compelling as a result of the recent Supreme Court decision upholding the constitutionality of the Children's Internet Protection Act (CIPA). 52 Since CIPA requires libraries to install "filtering software" in order to block access to objectionable material as a condition of receiving federal funds, it becomes all the more important for the public to understand potential problems in particular filtering programs that may be installed in public facilities. Since the Court found that an important safety valve within CIPA was the ability of a library patron to request the disabling of such software, it appears all the more important that the public be able to obtain objective information about the performance or potential limitations of such software in order to make the determination whether to request such disabling.

I wonder if I'll be more successful with my attempts to get press notice in certain circles if I phrase it along the lines of: "Don't promote me because you like me. I know you don't. Rather, promote me because it annoys the Iraqi Information Minister, err, David Burt."

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
October 31, 2003

DMCA exemptions humor from the Register of Copyrights

From deep, deep, down in the Register's recommendation for DMCA exemptions, presented for your amusement:

A few commenters submitted comments relating to source code or data file formats. These comments, however, were at times more difficult to decipher than encryption algorithms.

Posted by Seth Finkelstein at 11:59 PM | Followups
October 30, 2003

DMCA censorware exemption and my press recognition

I've gotten a few more favorable articles (though, as Donna Wentworth at Copyfight.org accurately quoted me "Wow. Static Control is doing better in terms of press with their loss than I'm doing with my win!")

The Register, DMCA exemptions boost archivists, disabled:

The Library of Congress has the job of looking at rulemaking, or how the Act is interpreted, and it has identified four areas where copyright circumvention has legitimate, non-infringing applications. The DMCA criminalises circumvention of protected copyright digital material. But thanks in part to campaigner Seth Finkelstein, the oversight body has decided that for the next three years, bypassing access control in these areas won't result in a breach of the DMCA.

And I get to be one of the heroes on the Lessig blog:

"thanks, Seth"

The Copyright Office just released its report (pdf) on exemptions from DMCA restrictions. There’s good news and bad news. Let’s start with the good. The Office granted four exemptions. One of the four was an exemption for censorware. This exemption was argued for strongly by a number of people, but none argued it more effectively than Seth Finkelstein. Based largely on his testimony, “compilations consisting of lists of Internet locations blocked by commercially marketed filtering software applications that are intended to prevent access to domains, websites or portions of websites, but not including lists of Internet locations blocked by software applications that operate exclusively to protect against damage to a computer or computer network or lists of Internet locations blocked by software applications that operate exclusively to prevent receipt of email” are exempt from the DMCA.

I’ve been an admirer of Seth’s work for a long time, and as this shows, with good reason. Thanks, Seth.

Plus a Greplaw item DMCA Exemptions announced.

Also a Slashdot "leftover" on Librarian of Congress Posts DMCA Exemptions:

Update: 10/29 15:19 GMT by T: Take a look at Seth Finkelstein's site for an idea of how being pushy can sometimes be helpful; Finkelstein has loudly pushed for the importance of DMCA exemptions, including in Congressional testimony.

I shouldn't complain about that, it's nice and better than nothing, take what you get. etc.

I still want a New York Times quote though, as was given to someone else in the old 2000 rulemaking. I'm the "anonymous informant[s]" of that article - it was very painful to be confined behind the scenes, in fact being personally attacked, while seeing other people getting all the credit. The scars (and against me, the grudges) are still there.

Posted by Seth Finkelstein at 04:33 PM | Followups
October 29, 2003

DMCA exemption and decryption-based censorware research

I'm in Wired News today: New Ways to Skirt DMCA - Legally!. They quote me:

"How sweet it is," said Seth Finkelstein, a programmer and anticensorship activist. "Without the exemption, the DMCA would make it a violation to decrypt the blacklist to find out what (filtering companies) are actually censoring. The actual contents of these blacklists are an important censorship issue.

"The Copyright Office has recognized the importance of fair use in this area affected by the DMCA," Finkelstein said. "It's not a blanket declaration of being legal, but it's an ability to argue fair use."

This is good.

The opponent to the censorware exemption, the Iraqi Information Minister, err, David Burt, is quoted as saying:

Filtering advocates had hoped the exemption would be dropped.

"I'm disappointed because I thought we had made it clear that the exemption is unnecessary to conduct meaningful evaluations of filters," said David Burt, a spokesman for Secure Computing, which purchased N2H2, a filtering company.

He cited extensive studies from the Henry J. Kaiser Family Foundation, Consumer Reports and the Department of Justice, among others, in his testimony and said that "these methods are adequate for evaluating filters."

Ah, but what did the Copyright Office already say about his objection to progress against the Iraq army decryption of censorware for research?

Opponents argued that circumvention is not necessary because other alternative sources for the information sought to be obtained are available, but the proponents of the exemption successfully discredited this assertion. While it is true that limited "querying" of the databases is available on some of the filtering software companies' sites, the circumscribed nature of this querying foreclosed comprehensive or meaningful results. Opponents produced evidence that many reviews of filtering software platforms reached conclusions based on these querying capabilities or by utilizing various sampling techniques, yet this evidence only proved that some parties were willing to settle for the results produced by such superficial tests. In light of the millions (or more) of potential URLs, it is indisputable that actually viewing the entire list of blocked Internet locations will produce data much more comprehensive than querying about one hundred URLs.

But then, last I heard, the real Iraqi Information Minister was doing OK too ...

Posted by Seth Finkelstein at 09:15 AM | Followups
October 28, 2003

DMCA censorware exemption win!

[How sweet it is ...!]

http://www.copyright.gov/1201/docs/fedreg-notice-final.pdf

The Register's recommendation in favor of this exemption is based primarily on the evidence introduced in the comments and testimony by one person, Seth Finkelstein, a non-lawyer participating on his own behalf. In addition to identifying a class of works that related to the specific facts presented, he identified the qualitative nature of the noninfringing uses for which circumvention was necessary and generally identified the technological measure which controlled access to this class. There was no dispute that the lists of Internet locations blocked by filtering software are generally encrypted or otherwise protected by an access control measure. The remedy sought was causally related to the noninfringing uses that are necessary to conduct research, comment and criticism on the filtering software at issue. Mr. Finkelstein also anticipated objections to the exemption and proved that available alternatives to the exemption were insufficient to remedy the adverse effect caused by the prohibition. The insufficiency of alternatives was supported by testimony and demonstrative evidence at the hearing in California by James Tyre. Finally, Mr. Finkelstein's succinct initial comment addressed the statutory requirements and thoughtfully analyzed each of the statutory factors required to be considered in this rulemaking.

The case made by Mr. Finkelstein for this exemption is also instructive for the manner in which it met the requisite showing. The evidence produced did not prove that a substantial number of people have utilized or were likely to utilize an exemption. On the contrary, the evidence tended to prove that very few people have had the motivation or technological ability to circumvent this technological measure, to investigate the lists of blocked sites in filtering software or to report on, comment on or criticize such lists. Although there was little need for an exemption in quantitative terms (i.e., in terms of the number of persons likely to take advantage of it directly), it was the qualitative need for an exemption that was controlling in this case; absent the ability of a few to carry out their noninfringing efforts notwithstanding the prohibition set forth in section 1201, the many would not reap the fruits of such efforts ­ the information, analysis, criticism and comment enabled by the quantitatively small number of acts of circumvention. The fact that the act of circumvention was unlikely to be widespread rebutted copyright owners' concerns of abuse and further supported the conclusion that the potential adverse effects to copyright owners would be minimal. The showing that the particular noninfringing use prevented was a result of the prohibition on circumvention and that these uses were necessary to criticism, comment, news reporting, teaching, scholarship, or research, further strengthened the argument.

Posted by Seth Finkelstein at 04:30 PM | Comments (5)

DMCA Exemptions Diary, a.k.a. more Why I Quit Censorware Research

Or, as a subtitle, "I tried it that way, and it didn't work"

[A friend suggested I add this clarification:
I post the following in the same spirit as I imagine one has when donating one's body to medical science: to help others who might be inclined to take a similar path. There are harsh realities in activism, especially if done without organizational backing and support. Let's hope that what happened to me won't happen to you.

I also checked with James Tyre regarding the mentions of him below, so I'm not breaking any confidences]

People say to me, "Seth, ignore the snipers and smearers. Don't let them get you down. Just work on building up your own reputation, and you'll succeed" (with sometimes, an unvoiced - or even voiced - addendum, that if I don't succeed, it's all my fault for not working hard enough or not doing things right). The problem with this advice, is that I've never known a proponent to ever be convinced they were wrong.

The Digital Millennium Copyright Act (DMCA) law has a provision where one can petition for certain exemptions to the "1201(a)(1)" anticircumvention provision. This is a process done every three years, starting in 2000. Then, there were only two exemptions granted, 1) malfunctioning software 2) censorware:

The [Copyright] office received 235 comments in 2000 during the first review of the DMCA, says Rob Kasunic, a senior attorney in the Copyright Office. Congress mandated a review process every three years upon approving the law in 1998. However, only two of those hundreds of comments in 2000 resulted in new exemptions, Kasunic says.

Previous Success

Seth Finkelstein, a computer programmer from Cambridge, Massachusetts, wrote one of those successful proposals.

Over the past several months, I've been carrying almost all of the burden of advocating for the censorware exemption to be renewed. This should have gotten me enormous reputation-building. Yet it's been next to nothing.

To start, I write a long renewal proposal. Then the nightmare begins. I'm offered an opportunity to testify in Washington DC in further support. I accept hastily, then privately begin to have severe doubts. I'm a programmer, not a lawyer or policy person. I'm setting myself up as a big target. James Tyre, a lawyer and long-time anti-censorware advocate, argues to me that it's important to do this. If the censorware exemption isn't renewed, that would be like an admission of error by the Copyright Office, that it shouldn't have been made in the first place. And as a carrot, there would be (reputation-building) press coverage, since this was one of only two granted exemptions and the first DMCA testimony session.

With great trepidation and wavering, I go through with it, though fearing I'm going to be demolished. I have a long hassle getting identification documents so I can fly. At this point, I've been unemployed for a long time due to the economic tech-wreck. But nobody will pony up the hundreds of dollars in travel expenses (yes, I asked various sources, nothing, I'm not representing any organization, the money isn't there). I have to pay everything out of my own pocket, and I am extremely unhappy about that, given my having been out of work for so long. I'm getting up at 4:30am in the morning to be on a 6:30am plane to DC, thinking all along how very little I want to do this. As I start to make my way through the Washington Metro, someone snarls the entire system by jumping in front of a train. Which would be an irrelevant detail except that it strongly adds to my sense of being in a tragic movie via portentous omens.

But fate smiles on my testimony. My opponent from the censorware companies, David Burt of N2H2, self-destructs. He ends up compared to the "Iraqi Information Minister" (not by me, by a lawyer, Jonathan Band, also testifying in favor of the censorware exemption). It's a great victory, for the exemption, and me.

But there's practically no PR coverage or credit at all. Oh, it's mentioned here and there, on a few specialty sites and blogs. But I don't get e.g. covered by the New York Times. That's disheartening.

When the transcript of my session is released, James Tyre mentions that it would be great to do an excerpt for a Censorware Project article, but for various good reasons irrelevant here, he can't do it himself, so could I? Likely we can get it publicized in Slashdot. But it has to go under his name, because of all the grudges against me. Since Slashdot is supporting Michael Sims as an "editor", if my name appears as the author, he'll abuse his editorial powers to trash it immediately as a submission, and nobody will go against him. We really do have to work around that problem.

I agree to write it this way, though I'm not happy about it. Note in what follows, I'm partly to blame. Right afterwards, though, I go through a two-hour long legal consultation, briefing a lawyer on all my censorware and DMCA issues, which I find emotionally exhausting (my joke about this is that sometimes I don't believe all that happened to me myself, and I lived through it!). Then in the next two days, I get bad job-hunting news twice in quick succession. While this is going on, I try to structure the article, but have trouble organizing it, and ask James Tyre more about how long it should be. It turns out we don't have the same understanding, just one of those failures of communication between two people about an editorial perspective. He wants not just some cut-and-paste excerpts, but to cover background, history of the exemption, on and on. I try, but I just can't do it. Every word seems to be rubbing my nose in my marginalization. Remember, I have to write all this, to be published under someone else's name, with Censorware Project getting the PR, all because the pettiness cannot be put aside in the slightest. I am not imagining this.

Why the hell can't it be under my name? Goddamn it, I think I do deserve Slashdot coverage Why do we have to play these stupid grudge-games?

But the upshot is that he's "miffed" at me, and I will get - no - credit - at - all here. Again, partly my fault, and I accept that. We don't hate each other. He's not wrong, I'm not wrong, But still a disheartening outcome all around.

Then I help James Tyre prepare his own DMCA testimony, which goes very well. Afterwards, he says to me, that when the transcript is posted, I'll find myself mentioned favorably in many places. However, in the context of my quest for coverage, I misconceive that remark as more metaphorical, that this time around the PR circuit, I'll get some reputation-credit. It turns out, no, he merely meant I'll be mentioned favorably many times in his testimony. Well, that's nice, I appreciate it. But in practice, nobody hears it. Not compared to the way I'm being attacked every single day.

Then I basically write all of our third-round joint reply. Everything has to be researched, referenced, footnoted with page and line numbers, on and on. Remember, I'm not being paid for any of this. David Burt, writing the censorware companies' reply, is being paid for it, it's his job. He takes the opportunity to use Michael Sims' domain-hijacking and smears, against me, to try to discredit my research via personal attack. All implicitly backed-up with famous net lawyer Mike Godwin's support of those attacks. The end of that little story is that privately, I end up being brutally flamed. But this piece is long enough so I'm going to skip over an account of that.

After all was said and done, I felt somewhere between suckered and deluded. As I thought of it, it's another case where for a project, I'd had credit dangled in front of me. But when it came time to pay off, well, nobody home. Yes, I willingly took upon myself the burden of advocating the censorware exemption. At the same time, all the talk about how it was important, how there would be coverage, i.e. I'd be building-up my reputation - in the end, it came down to a very familiar refrain: So sorry, you really did deserve better, wish it were some other way, tsk-tsk what a shame ...

The bottom line, of course, being that I don't gain in terms of myself, and insult to injury, if I write of my displeasure at such an outcome, that's accounted even worse (WHINER!, want some cheese with that whine, opening a whinery, etc. etc.).

This all was, to me, the ultimate proof that the build-up-yourself advice just does not work (at least for me). I'm putting in effort way above and beyond here, spending money out of my own pocket while unemployed, drafting DMCA reply after reply. And I can't even get favorably mentioned for it! In contrast, while I'm making myself a target, there's no downside whatsoever to any of the snipers shooting at me. Well, it's not as if, perhaps, I was doing important things, like annoying an airline captain on a plane via a "political statement" (or troll-pattern behavior) about being a suspected terrorist.

There is no organizational backing for me. There is no PR support for me. No, it is not enough for a few people to say they think it's wonderful that I do all this. After a certain point, from sheer practicality, it has to be appreciated in a manner that provides me with the means to buy food and pay rent. When potential lawsuits enter the picture, my censorware work is completely unsustainable. It's not worth it.

The next time around, as far as I'm concerned, the DMCA exemptions can go censorware'd themselves.

Posted by Seth Finkelstein at 02:19 PM
October 26, 2003

DMCA 1201 Exemptions coming up

This Tuesday is the day for the release of the DMCA exemptions, formally the Copyright Office "Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures that Control Access to Copyrighted Works"

A quick censorware DMCA exemptions reference:

Seth Finkelstein DMCA testimony
http://sethf.com/anticensorware/hearing_dc.php

Seth Finkelstein DMCA censorware exemption submission
http://sethf.com/anticensorware/legal/dmcacom.php

Seth Finkelstein DMCA censorware exemption reply
http://sethf.com/anticensorware/legal/dmcacom2.php

Seth Finkelstein / James S. Tyre DMCA joint reply to censorware questions http://sethf.com/anticensorware/legal/dmcacom3.php

And also

James Tyre DMCA testimony
http://sethf.com/anticensorware/hearing_ca.php

Posted by Seth Finkelstein at 11:26 PM | Followups
October 23, 2003

Diebold Election Systems memos, DMCA, and copyright infringement

The Diebold Election Systems memos, describing problems with their vote-counting machines, are being mirrored by Swarthmore student groups. The administration is apparently cutting-off network access to students mirroring the memos.

Edward Felten asks

Here is my question for the lawyers: Is this really copyright infringement? ... But don't the students have some kind of fair use argument?

I'm not a lawyer, and I don't play one, but I do hopefully have some insights.

The key aspect is that the take-down provision of the DMCA is an automatic escape from liability, whether or not the posting at issue is really copyright infringement. It's a situation of "shoot first and asks questions (or have defenses) later". The law says that if there's the immediate take-down on notice, there's no liability. If there isn't an immediate take-down, well then, do you feel lucky in court? So the obvious incentive is to err on the side of taking down. Or, in legalese (my emphasis):

(1) No liability for taking down generally. -

Subject to paragraph (2), a service provider shall not be liable to any person for any claim based on the service provider's good faith disabling of access to, or removal of, material or activity claimed to be infringing or based on facts or circumstances from which infringing activity is apparent, regardless of whether the material or activity is ultimately determined to be infringing.

Now, there's an open issue here of what the take-down provisions mean when people starting doing whack-a-mole. My guess is that the university is afraid that if they have "actual knowledge" that students are using this strategy, that a court may then believe in this situation that requiring endless specific notices of whackery is too much game-playing. The university could be scared a court may look to some concept of total knowledge, not compliance per-mole. And definitely not want to be a test case on the matter. All in all, again, though I'm not a lawyer, it doesn't seem like that unreasonable a thought.

DMCA, watch what you say, or have hell to pay ...


Update: Aaron Swartz asked about counter-notification. I strongly suspect that will be the next act in this drama. But it has to be done carefully, since it's under penalty of perjury. The more I think about it, the more I believe the issue driving Swarthmore's conduct is that it is trying to avoid being the deep-pocked defendant in an upcoming lawsuit.

Note Ernest Miller has new reporting on link-banning.

Posted by Seth Finkelstein at 09:59 PM | Comments (2) | Followups
October 18, 2003

Alex Halderman MediaMax CD3 paper legal threats, personal wrap-up

I've been writing much about the case where the SunnComm company threatened to sue Princeton graduate student Alex Halderman for his CD copy-protection research paper Analysis of the MediaMax CD3 Copy-Prevention System.

To conclude the series, I want to focus on a certain unintended consequence I know it'll have for me. In a paradoxical outcome, I suspect I'll get more grief, rather than less, for my own legal risks which drove me to finally quit my censorware research. That is, I can hear it already, people are not going to uniformly react along the lines of "Aha, now I see why such work is so stressful and dangerous, because of the legal threats involved". Rather I'm going to get too many reactions of "Look, the company made a lot of noise, but everyone rushed to Alex Halderman's defense, and he ended up a BIG HERO - so if you get threatened, you'll get that support too.". Unfortunately, this analysis, while superficially appealing (it means the person can feel good about berating me for being a coward, rather than feeling guilty they won't risk anything themselves to help me), isn't convincing.

Ernest Miller commented, in a Lawmeme article about the case:

I can't help but think that the immediate blogging firestorm and public outcry that occurred in response to the proposed lawsuit had something to do with the quick retraction of the threat.

I agree. As just discussed, the company was treated from the start as an "Internet laughingstock", and received intense ridicule. They were on the defensive, they were the ones who had to react to a storyline which painted them as idiots and charlatans (as opposed to the storyline they wanted, about "piracy and theft"). And I concur it made a huge difference in how much they wanted to pursue legal action.

When I talk about support, and how the lack of it has affected my own censorware work, people sometimes don't understand. One prominent activist has, privately, repeatedly flamed me for alleged vagueness in the term. But this incident is a perfect case study. The press reaction, the public outcry, in that crucial initial period, was all overwhelmingly favorable to Alex Halderman's work and plight.

However, that wasn't an accident, in my view, but flowed from the way events unfolded. Critically, researcher Halderman actually got the "first shot". That is, his work was covered favorably and extensively in its initial release. So the press already had a framework which put him in a strong position. And in contrast, this is why I keep saying it's such a problem that my own censorware research work will likely get marginal coverage, or even a hatchet-job or Slashdot-supported smear.

Imagine how differently events might have unfolded if the reporting was overwhelmingly echoing SunnComm's press release instead of laughing at it.

P.S.: As I was writing this, I happened to see Donna Wentworth's excellent DMCA v. Academic Research posting, concluding:

Eeyore has been saying this for a while now, but it bears repeating: if the Internet has opened up a new avenue for "amateur" investigation, the DMCA is closing it.

If even "legitimate" research is hampered by the DMCA, what about other kinds of research? What happens to the researcher who makes significant contributions to encryption or censorware research--but not within the traditional academic setting?

What would have happened to Alex Halderman, if he weren't a doctoral student at Princeton--and under the tutelage of Professor Edward Felten -- but, instead, next year's fifteen year-old genius, who happens to be schooled at home, with not a single lawyer-friend in sight?

[Note, that last isn't me, I'm Eeyore, and a thirty-eight year-old genius, with a lawyer-friend or two - but also more than one lawyer-enemy, and those matter too!]

Posted by Seth Finkelstein at 11:59 PM | Followups
October 17, 2003

Peter Jacobs (SunnComm DMCA bullies) - the saga continues

In a serendipitous follow-up to my last post about No Sympathy For The Devil - SunnComm's Peter Jacobs v. Alex Halderman, there's a letter by Peter Jacobs running right now in The Register

SunnComm CEO demands to be called a 'laughing stock'

I'm feeling a bit fisky:

[Begin Peter Jacobs letter - my comments in brackets]

Subject: In Britain...

does one re-write stories from other writers without talking to the principals?

[Sure! In Britain and everywhere else. It's the "echo chamber" at work. Running with the pack is always easy and safe.]

MediaMax under widespread ridicule? I think not.

[Almost no-one is going to understand what he's saying here, so he comes off like a raving lunatic. He means he doesn't consider Alex Halderman's paper to have valid conclusions. He keeps saying that, per next sentence, but nobody cares.]

You obviously didn't understand that Mr. Halderman discovered NOTHING except how to draw the press to him like a magnet.

[Umm, then why were you threatening him with DMCA charges, felony? Obviously he discovered something!]

Here's yesterday's BOSTON GLOBE article which you might consider using as a roadmap to help navigate the bandwagon you jumped on.

Boston Globe story

[I suppose that was worth a try, as a tactic. But it's hard to change the direction of the pack by pointing out a stray. Maybe he needs a blog ... ]

pj

Peter H. Jacobs
Chief Executive Officer

[End Peter Jacobs letter]

Then The Register writer goes on to say:

For the record, we did call SunnComm for comment, but the PR specialist on the phone did not make Jacobs available.

That matter aside, we turn to Jacobs' recommended "roadmap" for reporting. The SunnComm CEO objected to our use of the phrase "widespread ridicule" to describe how hundreds of stories had lambasted his company's DRM technology. So how does the "roadmap" describe the situation?

"SunnComm became an Internet laughingstock, and the enraged CEO, Peter Jacobs, threatened to sue Halderman for spreading false information about MediaMax. He even suggested the possibility of prosecuting Halderman under the Digital Millennium Copyright Act, an absurd statute that forbids attempts to bypass antipiracy systems," the roadmap writes.

Sorry for being so harsh, Peter, next time we'll call you a laughingstock as well.

Be sure to read the roadmap in full. We think you'll find it's a bit of Apples to squirrels comparison of DRM technologies.

[Ba-da-boom! Peter Jacobs isn't going to get the story told his way in this column.]

Again, it's a little like watching a tyrant get torn apart by a wild-dog pack, which he wanted to 'sic' on a villager. It's not that one approves of wild-dog packs. But I have no sympathy for his plaints of mistreatment given how he wanted to ruin Halderman's life with legal action.

Posted by Seth Finkelstein at 01:33 AM | Followups
October 16, 2003

No Sympathy For The Devil - SunnComm's Peter Jacobs v. Alex Halderman

But what's puzzling you
Is the nature of my game

- "Sympathy For The Devil" lyrics

Ordinarily, I have a great amount of sympathy for people on the wrong end of press machine. But in the case of SunnComm (the company which threatened to use the DMCA to sue a Princeton student over his research), I have no sympathy at all. None whatsoever.

Both Ed Felten and Derek Slater have excellent criticisms of the SunnComm positions. I want to point out a different dynamic at work.

I understand Peter Jacobs' (SunnComm CEO) complaint. I just don't find it pulling at my heartstrings. One major thread of his discontent is that the press echo-chamber is working against him, not for him. The pack-journalism is tearing him apart, not the grad student who he wants attacked.

If one carefully reads the SunnComm PR, the whole shift-key-as-circumvention sound bite isn't where they get to the DMCA. Instead, their core complaint is about reverse-engineering itself:

In addition, SunnComm believes that Mr. Halderman has violated the Digital Millennium Copyright Act (DMCA) by disclosing unpublished MediaMax management files placed on a users computer after user approval is granted. Once the file is found and deleted according to the instructions given in the Princeton grad students report, the MediaMax copy management system can be bypassed resulting in the copyrighted protected music being converted or misappropriated for potentially unauthorized and/or illegal use. SunnComm intends to refer this possible felony ...

That's what they use for the DMCA threat (possible felony!). In a way, it's actually worse, because this attacks the ability to critically describe how their product functions.

But they're unhappy. Because instead of being viewed as the aggrieved party of a "cat-and-mouse game that hackers and others like to play", they're portrayed as utter morons. I think they'd like a spin of being smart-good, they'd settle for smart-evil, but they've gotten stupid-evil.

It's not exactly factually right, but neither does my heart cry for them. My sympathy vanishes with the legal threats. It's less two wrongs making a right, but a "clean hands" doctrine. I'm not going to get worked-up about them getting bad press, when they've used legal threats to attempt to suppress examination of their system.

Posted by Seth Finkelstein at 11:11 AM | Followups
October 15, 2003

Slashdot Disaffect

So, yesterday I received yet another traffic-burst of "Slashdot Reflect". This is where my website gets traffic because Michael Sims is doing something abusive on Slashdot (new readers: the Slashdot "editor" who maliciously domain-hijacked the original website of Censorware Project, but Slashdot de facto supports him). The particulars of yesterday's Slashdot rant aren't very interesting to me. It had something to do with Michael Sims using the front page of Slashdot to flame a CNN article ("grossly misleading, almost propagandistic", etc). Heck, he might even be right. But hundreds of thousands of people heard him, and enough wanted to check on this sort of behavior so that I saw that "reflect".

Anyway, that's just background, to the following: The DMCA exemption proceeding rulings will be released soon (by October 28). These are where the public can petition for an exemption to the DMCA 1201(a)(1) circumvention prohibition (for circumvention as an action only, not "trafficing"). I testified some months ago, bearing the brunt of the effort for the censorware exemption.

Now, If the DMCA exemption for censorware is renewed, I believe that's a great journalistic opportunity for civil-libertarians to win a PR round over censorware companies. I had a passing thought, related to some other credit issues, of trying to get Slashdot to run an article by me, discussing that DMCA exemption process in retrospect. Not a rehash, so much as what victory here means for technical types (versus what it doesn't!), and how we could build on it. Note I don't want to talk to lawyers, I want to talk to programmers. And to be heard, not be in a corner shouting to the wind.

Then I gave myself a sanity-check. Forget it. I'm not even going to try. I quit. I don't want to devote the effort, and likely get personally attacked as my reward. It's not worth it. If there's a victory, I'm going to have enough trouble just getting recognized with some credit. (I joked to someone that the Copyright Office could write "We are renewing this censorware exemption because we [heart] Seth Finkelstein", and I'd still be helpless against either press maliciousness or stupidity).

Posted by Seth Finkelstein at 08:32 PM | Followups
October 14, 2003

The DMCA As Seditious Libel

[See also previous The DMCA As Technical Obscenity]

Continuing the repercussions of SunnComm having threatened to use the DMCA to sue Princeton student Alex Halderman over his research), Ed Felten just commented (noting my previous post):

It seems to me that an accurate, truthful research report has more merit, rather than less, if its results are relevant to a public policy debate.

Which reminded me of something Lessig recently wrote:

I'm sure there will be a world of legal support to help Halderman establish what should be an obvious point: tell the truth is not yet a crime, and (fortunately for most professors) writing even wrong papers is not either.

The DMCA doesn't say this, but it might as well: "You can't handle the truth!"

Discussing 18th century English libel law, the Columbia Encyclopedia states (my emphasis):

Severe restrictions on the press continued, however, in the form of seditious libel laws under which the government was able to arrest and punish any printer who published material in any way critical of the government. There was no clear definition of what constituted seditious libel, ... At this time, both true and false criticism of the government was considered libel. In fact, legal doctrine proclaimed that "the greater the truth the greater the libel." Only in the mid-19th cent. did truth become admissible as a defense in English libel cases.

It strikes me that we are in a similar situation today with the DMCA, except in terms of copyright business, not government criticism. That is, with regard to how a copy control systems works, the truth of a technical statement is no defense. The theory is more like "the greater the truth the greater the libel.". That is, the more accurately one describes a problem, the more harm is deemed to be done (could one defend oneself from DMCA charges by pleading a paper was wrong? Shades of Galileo being forced to recant!).

Further in this metaphor, it used to be that reverse-engineering as a defense against intellectual-property charges, functioned like truth as a defense against libel charges. But that defense has been all but taken away now, with it being severely limited in the DMCA text, and eliminated by shrink-wrap license.

Indeed, in terms of the DMCA rationale, why should truth be a defense? When words are property, their truth-value is truly irrelevant.

Posted by Seth Finkelstein at 10:36 PM | Followups
October 13, 2003

My question to SunnComm (CD paper DMCA bullies) president

Greplaw ran a story pointing out that SunnComm (the company which threatened to use the DMCA to sue a Princeton student over his research) has an "Ask The Prez" form.

The question currently on the top of the page doesn't look very "legit" to me ("I've heard your technology can be hacked. Does that mean it won't "work?"" - PR ensues). Though maybe it's just a FAQ. Anyway, I decided to submit my own query to the oracle:

Is it true that the RIAA - or other similar organization - asked SunnComm to retract the lawsuit threats against the Princeton student, because it was obvious that SunnComm would lose a DMCA case, and then that would provide a strong First Amendment precedent against the DMCA?

Let's see what, or if, they answer.

Maybe people would like to submit some interesting questions of their own, and post the replies. Or lack thereof.


Update: I must admit, they got back to me quickly. I assume the reply was public and OK to post:

No. We don't work for the RIAA. It's not so obvious that publishing proprietary file names and workarounds for someone's digital property is a losing battle. We withdrew because we didn't want our issue to leave a larger wake than it deserves given that we, too, place a high value on legitimate research and not political activism masquerading as research (which Mr. Halderman's paper was).

Thanks for writing,

pj

__________________
Peter H. Jacobs
Chief Executive Officer
SunnComm Technologies, Inc,

[Hmm ... they don't have to "work for" the RIAA to have the RIAA or similar ask them to retract. But I don't want to keep asking here]

Posted by Seth Finkelstein at 11:59 PM | Comments (2) | Followups
October 10, 2003

SunnComm v Halderman - recanted!

LawMeme brings news that SunnComm wont sue "Alex Halderman for writing a report critical of SunnComm's MediaMax CD3 DRM technology" (see also Ed Felten) There's a Princeton newspaper report, but I also found a SunnComm press release for primary source.

They have seen the light! They have had a revelation!

Where before they roared:

The act of publishing instructions under the cloak of "academic research" showing how to defeat MediaMax such as those instructions found in Halderman's report is, at best, duplicitous and, at worst, a felony.

Now they reassess:

Because SunnComm is, itself, a company which relies on research and development for its survival, we feel that bringing legal action for damages against researchers in a higher learning environment may contribute to a chilling effect on the type of research that faculty, staff, and students elect to pursue.

Look, look, no more "hackers". It's now "researchers in a higher learning environment". And they're worried about a chilling effect, not a "cat-and-mouse game". Oh, they have undergone such a change of heart!

What a difference a day makes ...

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
October 09, 2003

SunnComm v Alex Halderman (MediaMax CD3 Copy-Prevention System), DMCA notes

The following is some examination on the DMCA portion SunnComm Press Release about threatening to sue Alex Halderman for his paper Analysis of the MediaMax CD3 Copy-Prevention System. Remember, I'm not a lawyer, but have studied the DMCA extensively. They say:

In addition, SunnComm believes that Halderman has violated the Digital Millennium Copyright Act (DMCA) by disclosing unpublished MediaMax management files placed on a user's computer after user approval is granted. Once the file is found and deleted according to the instructions given in the Princeton grad student's report, the MediaMax copy management system can be bypassed resulting in the copyright protected music being converted or misappropriated for potentially unauthorized and/or illegal use. SunnComm intends to refer this possible felony to authorities having jurisdiction over these matters because: 1. The author admits that he disabled the driver in order to make an unprotected copy of the disc's contents, and 2. SunnComm believes that the author's report was "disseminated in a manner which facilitates infringement" in violation of the DMCA or other applicable law.

It sounds, from the above, that they're trying to work-up charges both of "1201(a)(1)", doing circumvention, and "1201(a)(2)", trafficking (in "technology", not "device"). I think of these as possession and dealing, though the drug analogy may not be the most felicitous.

That quoted phrase "disseminated in a manner which facilitates infringement" is an attack on using the "1201(g) Encryption Research" exemption, which is a very narrow DMCA exemption for doing circumvention:

o (3) Factors in determining exemption. - In determining whether a person qualifies for the exemption under paragraph (2), the factors to be considered shall include -
+ (A) whether the information derived from the encryption research was disseminated, and if so, whether it was disseminated in a manner reasonably calculated to advance the state of knowledge or development of encryption technology, versus whether it was disseminated in a manner that facilitates infringement under this title or a violation of applicable law other than this section, including a violation of privacy or breach of security;

Later, they state:

The act of publishing instructions under the cloak of "academic research" showing how to defeat MediaMax such as those instructions found in Halderman's report is, at best, duplicitous and, at worst, a felony.

Besides the general ranting here, it's also possible a swipe at the following exemption factor:

+ (B) whether the person is engaged in a legitimate course of study, is employed, or is appropriately trained or experienced, in the field of encryption technology;

I've seen this playbook before, since the censorware companies ran it against me in the DMCA exemption proceedings

Part of the playbook is flaming, lots and lots of flaming, and this PR piece is no exception:

Concluded Jacobs, "This cat-and-mouse game that hackers and others like to play with owners of digital property is over. No matter what their credentials or rationale, it is wrong to use one's knowledge and the cover of academia to facilitate piracy and theft of digital property. SunnComm is taking a stand here because we believe that those who own property, whether physical or digital, have the ultimate authority over how their property is used. Owning copying technology is not an unconditional 'free pass' to replicate or distribute protected work."

Just savor it: "hackers ... cover of academia ... facilitate piracy ... theft of digital property ...". I wonder if they get PR help from Jack "Boston Strangler" Valenti.

For many reasons, right now I'll offer no statement about whether this will succeed.


This moment seems like a good place for me to use the following joke:

When I describe my reasons for quitting censorware research, sometimes people say to me that I've won an EFF Pioneer Award, and thus am so honored, I shouldn't worry about prosecution. Sad to say, there are companies - and maybe judges - who will regard that as akin to being honored by the Order Of Lenin in the Soviet Union. They won't be impressed.

Posted by Seth Finkelstein at 10:44 PM | Comments (6) | Followups

SunnComm v Halderman, speech, and the DMCA

One immediate note on SunnComm suing Alex Halderman case:

RESEARCH PAPERS CAN COUNT UNDER THE DMCA!

The DMCA forbids (emphasis mine):

(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that - ...

Technical papers - even "pure speech" papers - can arguably be considered as technology under the DMCA prohibition above.

See the chilling footnote 275 in the DeCSS case:

FN275. During the trial, Professor Touretzky of Carnegie Mellon University, as noted above, convincingly demonstrated that computer source and object code convey the same ideas as various other modes of expression, including spoken language descriptions of the algorithm embodied in the code. Tr. (Touretzky) ... He drew from this the conclusion that the preliminary injunction irrationally distinguished between the code, which was enjoined, and other modes of expression that convey the same idea, which were not, id., although of course he had no reason to be aware that the injunction drew that line only because that was the limit of the relief plaintiffs sought. With commendable candor, he readily admitted that the implication of his view that the spoken language and computer code versions were substantially similar was not necessarily that the preliminary injunction was too broad; rather, the logic of his position was that it was either too broad or too narrow. ... Once again, the question of a substantially broader injunction need not be addressed here, as plaintiffs have not sought broader relief.

[Updated later - This is the footnote I really wanted, #135]

FN135. In their Post-Trial Brief, defendants argue that "at least some of the members of Congress" understood § 1201 to be limited to conventional devices, specifically 'black boxes,' as opposed to computer code. Def. Post-Trial Mem. at 21. However, the statute is clear that it prohibits "any technology," not simply black boxes. 17 U.S.C. § 1201(a)(2) (emphasis added).

Disclaimer: I am not a lawyer

Claimer: This is why I've quit. I wanted to publish a paper taking the exact same approach as the above.

AND I COULDN'T GET SUPPORT FOR IT!!!

It's too risky for me, and not worth it to continue.

Posted by Seth Finkelstein at 06:46 PM | Followups
September 17, 2003

"Copyright and Free Expression" updated report from FEPP

There's a great new updated report released from Free Expression Policy Project:

Copyright and Free Expression

FEPP's just published, revised and updated summary of the major controversies - what you need to know about how copyright today threatens intellectual freedom.

I'm acknowledged as one of the people giving feedback on the first edition of this report. And mentioned in the DMCA censorware research section:

Yet few free-expression issues today are more sweeping in their implications than censorship caused by Internet filters as they block art, information, and ideas that their corporate manufacturers decide are inappropriate, or that their keyword-based programs mistakenly target. As another activist, Seth Finkelstein, put it, "independent investigation of the snake oil claims" of filtering companies has now become "fraught with legal peril."

I've written much since the time of that quote, e.g.:

http://sethf.com/anticensorware/hearing_dc.php
http://sethf.com/anticensorware/legal/dmcacom.php
http://sethf.com/anticensorware/legal/dmcacom2.php
http://sethf.com/anticensorware/legal/dmcacom3.php

Admittedly, most of the section is about the case Edelman v. N2H2. Recall, the irony is, I actually have circumvented the encryption of the N2H2/BESS blacklist, with research I can't publish due to lawsuit chilling effects, and I can't get a backer (and in practice, nobody will hear either). As FEPP notes:

But the underlying reason for dismissing the case may have been the judge's lack of sympathy with Edelman's claim.

Exactly. This is why the attacks on me have been so harmful, because they have the potential to affect how I'd be viewed by a judge. And I just can't ignore that (nor can potential backers).

Posted by Seth Finkelstein at 12:02 AM | Followups
September 04, 2003

Chamberlain v. Skylink - Garage Door Opener as (not) DMCA Violation

Chamberlain v. Skylink, aka "Is a Garage Door Opener a Circumvention Device?" is the hot DMCA topic now. A decision has been rendered that it not automatically (pun intended), as a matter of law ("summary judgment") such a circumvention device. This is what passes for a DMCA victory nowadays ...

IP Justice has been publicizing the outcome, with comments and a case archive (Hmm, competition, there's more items there than in the EFF case archive)

I've seen commentary today from at least Ed Felten, Ernest Miller at Lawmeme and Derek Slater.

The key passage causing the most argument seems to be this (emphasis mine):

Furthermore, the homeowner has a legitimate expectation that he or she will be able to access the garage even if his transmitter is misplaced or malfunctions. During oral arguments on this motion, Plaintiff acknowledged that under its interpretation of DMCA, a garage owner violates the Act if he or she loses the transmitter that came with its Chamberlain rolling code GDO, but manages to operate the opener by somehow circumventing the rolling code. This court agrees with Defendant that the DMCA does not require such a conclusion.

I submit this is an instructive illustration of my focus on whether the court considers the plaintiff or the defendant to be a good guy or a bad guy. This passage is in essence "The defendant is not a Bad Guy. It's arguably a Good Guy. So they aren't required to be slammed".

That sort of analysis is NOT the whole of any decision, and I'd be misinterpreted if it were thought that was my view. However, reading decisions, I've come to believe that perception matters much more than lawyers like to admit, at least in public.

The following passage, a little earlier, has a slight misspeaking, but that's not the problem (again emphasis mine)

The district court in Reimerdes was looking at a set of facts quite distinct from those presented here: Plaintiff there had encoded its DVD's and licensed the software necessary to circumvent this encoding process to manufacturers of DVD players. As a result, the plaintiff in Reimerdes did in fact authorize certain circumvention of its technological protective measure pursuant to a license. It did not authorize circumvention by means of nonlicensed software.

The judge obviously meant to say decryption where she has circumvention. But again, that's just a small misuse of wording.

Honestly, what I think she's struggling to say, is that in Reimerdes (the 2600 DeCSS case) the plaintiffs were Good Guys protecting Intellectual Property threatened by Pirates/Bad Guys. But here, "activating a Garage Door Opener" (GDO) isn't Intellectual Property, the defendant isn't a Bad Guy, so the plaintiff should stop being silly.

Indeed, in a way, that's the core of the actually decision:

CONCLUSION The court concludes there are disputes of material fact concerning whether the computer program in Chamberlain's rolling code is a work protected by copyright and whether the owner of a Chamberlain rolling code GDO is authorized to use the Model 39 universal transmitter.

But to consider this a big DMCA victory only shows how bad is everything else.

Posted by Seth Finkelstein at 11:59 PM | Comments (1) | Followups
August 06, 2003

Peter Davies, DMCA, and public domain

John Palfrey nicely closes the blog circle with a post Felten replies to Davies, with thanks to Finkelstein

I have one more, less personal, note on Peter Davies IP paper. The following section seemed odd to me:

There is little UK specific work in this area, but when the US Congress was considering the relevant legislation in that country, the Librarian of Congress was asked to investigate the fears and allegations of the kind I have just set out. After a year studying the issue and asking for examples of the problem, it was reported that it had not been demonstrated that access to public domain information was hampered in the ways alleged. The view was also expressed that fears about controlled access and a pay-per-view regime were "speculative and alarmist" and that contributors to the debate had failed to show any hard evidence of the model in operation.

That's taken from the excerpt of the DMCA 2000 rulemaking. It turns out that the much more interesting full quote is from Siva Vaidyanathan 2000 DMCA testimony:

Yes, my fears are speculative and alarmist. But they are not outlandish nor inconceivable. Not every media company is as harmless as a mouse. Not every government is invested in the free flow of ideas and information.

[later]

The Digital Millennium Copyright Act grants complete power to allow or deny access to a work with the producer or publisher of that work. The producer may prohibit access for those users who might have hostile intentions toward the work. This power could exclude critics and scholars. Most likely it would exclude parodists and satirists as well.

The anticircumvention provision shifts the burden of negotiating fair use from the user, and the courts in the case of likely infringement, to the producer. The producer has no incentive to grant access to any user who might exploit the work for fair use -- including scholarship, teaching, commentary or parody. Under this regime, a user must agree to terms of contract with a monopolistic provider before gaining access. One must apply to read, listen or watch.

Posted by Seth Finkelstein at 11:58 PM | Followups
August 02, 2003

Peter Davies, Felten, DMCA liability

John Palfrey has some interesting reports about the goings-on at the Oxford Internet Institute. I found the following report of particular interest:

Second session: Peter Davies, an very impressive ex-industry lawyer who's a fellow here at OII, reviewed the Felten case. He made the very good point that IP issues have become dominated by more hyperbole than serious debate. Mr Davies and I disagreed, however, about the impact of the DMCA anti-circumvention on research. There have been multiple research projects that we've decided not to pursue or to publish, despite our belief that the information would be useful, because of our fear that the method of garnering the information could expose us to DMCA liability. The counter-point: that we wouldn't really get sued and that there's not so much to be worried about. Maybe so.

I've seen this argument many times. In fact, it's a good example of what I just discussed as stage one of the three stages of a free-speech lawsuit - "You won't get sued". For how I tend to reply, see my old blog entry about the "chicken little" copyright argument:

I have a standard offer for lawyers who write things such as the "chicken littles" paragraph above. I say: Since, according to you, there is no risk, well then, there should be no problem at all for you to agree to represent me pro bono for any relevant charges arising from my censorware work. No risk, right? So there's no risk in your making such agreement, right? Here's how you can show you believe it yourself, when there's a risk to you!

I have yet to find a lawyer, who makes derisive comments like that quoted remark, who will then take me up on that offer. ...

I was going to segue into one of my stories about lawyers telling me there was no risk to something, when it suited their advocacy position. But a quick search turned up the Peter Davies IP paper! (I love the Internet, this is why I spent so much effort in my life to try to keep it free and open). The key passage is:

I find this David and Goliath picture somewhat unconvincing because, as I said, it was Professor Felten who sued the Record industry and not the other way around, secondly there are clear exceptions permitting use of works for educational and research purposes, and thirdly, a few minutes' research on the Internet into these controversial cases reveals an astonishing volume of vitriolic comment and organised campaigning against the rightholders.

Now, I know I should be veddy polite, but it's going to take me a page just to go through in this paragraph. From the top...

Felten who sued the Record industry and not the other way around

This is improper moral equivalencing between a lawsuit assuring the ability to publish, and a lawsuit threatening the ability to publish. If the Felten lawyers had won, all that would have happened is that the RIAA would not have been able to sue the various researchers for publishing. If the RIAA had sued, all the "David"s would immediately have to deal with years of PERSONAL legal liability. The sentence above seems to require that one take no defensive legal measures when threatened.

clear exceptions permitting use of works for educational and research purposes

It's unclear if this means traditional copyright fair use, or the narrow DMCA exceptions. I think from the phrasing it's the former, but I'll deal with both. Traditional copyright fair use is not a defense to the DMCA. This has been repeated in many decisions, references if needed. The DMCA exception for "(g) Encryption Research" is a horribly complex and convoluted tangle, which is not at all clear. And hardly the basis from which to deny all potential liability.

thirdly, a few minutes' research on the Internet into these controversial cases reveals an astonishing volume of vitriolic comment and organised campaigning against the rightholders.

Let me see if I understand this clause - the vitriolic comment contributes to NOT being David and Goliath? Wouldn't a David and Goliath situation quite naturally generate vitriolic comment? (I can just hear a Monty Python type skit "Can't be vitriolic, you know, David. It's not done to be angry. The proper response to facing Goliath is a stiff upper lip. That will go a long way to showing how you're truly overmatched") As to "organised campaigning against the rightholders", well, as I write this, the techie news is filled with reaction against perhaps the largest subpoena carpet-bombing ever seen - certainly the largest that nonlawyers have ever seen. And some of that comment is extremely vitriolic.

Again, that's detailing one paragraph, and I'm tired already. I'm unable to convey the emotion of seeing the potential for years of devastating litigation, so airily dismissed.

Posted by Seth Finkelstein at 11:50 PM | Followups
July 26, 2003

Axis-Of-Copyright lawyer's definition of censorware

The "Axis-Of-Copyright" (MPAA/RIAA/etc) lawyer has an almost amusing reply in the Post-Hearing QA for the DMCA censorware exemption follow-up question, roughly about defining censorware. He gives it as:

"Compilations, not otherwise accessible, consisting of lists of websites that are employed in connection with commercially marketed filtering software applications to prevent access to Internet sites containing content deemed to be obscene, child pornography, harmful to minors, or otherwise inappropriate for display in a defined public setting."

This borders on funny in terms of how the language is loaded. It might just as well have been:

Compilations, ... of websites that are EVIL, EVIL, EVIL, and no right-thinking respectable person would ever want to see!

(in contrast, the DMCA Joint Reply Of Seth Finkelstein and James S. Tyre gives a definition of "Programs designed and optimized for use by an authority to prevent another person from sending or receiving information.")

Posted by Seth Finkelstein at 09:51 PM | Followups
July 22, 2003

DMCA Post-Hearing Questions - Replies Posted Now

The Copyright Office has now put up all the replies to the Post-Hearing Questions of Anticircumvention Rulemaking:

This page contains post-hearing questions and answers submitted as a part of a rulemaking on exemptions from prohibition on circumvention of technological measures that control access to copyrighted works (read more details). Following hearings held in April and May 2003, the U.S. Copyright Office asked follow-up questions of some of the witnesses who had testified at the hearings. The questions and responses appear below.

I mentioned this earlier, in a DMCA censorware exemption follow-up reply to the DMCA censorware exemption follow-up question, regarding the:

Joint Reply Of Seth Finkelstein and James S. Tyre
http://sethf.com/anticensorware/legal/dmcacom3.php

Frankly, this is an exhausting process. I spent hours writing the censorware reply, and nobody paid me to do it. The censorware company reply is 21 pages long, and it's David Burt's job. This is not sustainable for me.

Posted by Seth Finkelstein at 05:27 PM | Comments (0) | Followups
July 07, 2003

DMCA censorware exemption follow-up reply

In response the DMCA censorware exemption follow-up question, we submitted the

Joint Reply Of Seth Finkelstein and James S. Tyre
http://sethf.com/anticensorware/legal/dmcacom3.php

For the question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

The key definition is:

"Programs designed and optimized for use by an authority to prevent another person from sending or receiving information."

The reply is many pages long, going into great detail about the differences between censorware, spam-killing, viruses, etc.

One of the best anti-spam software packages, SpamAssassin, http://spamassassin.org/ is completely open-source. All websites, data, patterns, and so on, are open for inspection and evaluation. And it's become a better system for it. It's actually possible to see why a false positive occurred. Moreover, because of this "transparency", theit's-not-on-the-list game is not possible. So the creators have an incentive to fix problems rather than possibly deny their existence. Any idea that examining spam lists will lead to increased problem with spam, is refuted by SpamAssassin's success. Examining some spam lists is likely to be far more a scourge to companies selling poor products ("snake oil") than to anti-spam efforts.

Also some humor:

To clarify what Mr. Tyre meant, N2H2 allowed Mr. Finkelstein to have an ordinary, encrypted-blacklist, 30-day-limited, evaluation version of their software on a few occasions, typically when they did not check his background. One time their automated registration process approved him, but N2H2 later checked his background and threatened to revoke his evaluation credentials ("Letting you evaluate the product would be the same as working with the opposition. I have yet to read an article that you wrote that had anything good to say about filtering."). Currently, they will not let him have even their standard evaluation software (and are extremely nasty about their refusals too!) ...

Posted by Seth Finkelstein at 05:02 AM | Followups
July 06, 2003

DMCA censorware exemption follow-up question

[After I testified on censorware in the Copyright Office's hearings on DMCA exemptions, they recently sent a follow-up question about the topic. Here's part of the letter they sent to me, posted with permission. They also asked everyone else who testified about censorware (Jonathan Band, James Tyre, and the censorware advocates) a similar question. This isn't a public round of reply, but rather clarification of issues]

Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies

Dear Mr. Finkelstein

Thank you for appearing as a witness at our hearings on possible exemptions to the prohibition on circumvention of technological measures that control access to copyrighted works.

As we stated at the hearings, we intended to submit additional questions in writing to many of the witnesses. Based on our review of the record, we would like you to respond to the following question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

Please provide any documentation and/or citations that will support any of the factual assertions you make in answering these questions.

...

Sincerely,

David O. Carson
General Counsel

Posted by Seth Finkelstein at 11:59 PM | Comments (0) | Followups
June 29, 2003

Walt Crawford "Cites & Insights" on DMCA, censorware

Walt Crawford has some nice commentary regarding various material, especially RIAA lawsuits and DMCA censorware testimony, in his "Cites & Insights" publication for July 2003. Particularly the following section [I'm biased :-)]

N2H2, DMCA, Seth Finkelstein and all

When Finkelstein is asked whether he can provide details of how he decrypted N2H2's database, he points out that the threat of lawsuit--a very real threat based on previous occurrences--discourages him from doing so without immunity. David Burt says he's not in a position to provide such immunity, and neither is the government--thus allowing Burt to continue to say that nobody's done such decryption. He didn't say "And if you try to prove I'm wrong, we'll sue your butt." But he also didn't provide an offer to hold harmless. ...

[David Burt] makes some questionable statements, as in saying that if Finkelstein can decrypt the list, "We have ceded all control over our copyrighted material, over our database, to somebody else..." simply because Finkelstein can see it. Band points out that almost all copyright-protected material is distributed to the public--and is protected from abuse by copyright. Somehow, Burt manages to say that peer-to-peer networks illustrate the "dangers of allowing these copyright protections to be disabled." He continues to try to conflate Dialog with N2H2's censorware list, and the others aren't buying it. At one point, Band suggests that Burt's testimony reminds him of the Iraqi Information Minister...

...[James] Tyre discusses some actual examples showing the need for decryption--and also real-world examples showing the need for ongoing investigation, since censorware companies keep adding and reclassifying sites. ... As Tyre concludes, "Not because they're malicious, but because they do most of this by computer robots, not by human review, and the computer robots are stupid. Computers are not smart for this kind of work. They never have been. Some day they may well be, but they surely are not today." I'm less optimistic about "some day." There is, as always, lots more in the transcripts. You can find the HTML versions at sethf.com/anticensorware/ and the PDF versions are also readily available. What will come out of all this? Since the Supremes upheld CIPA, it's even more important that we be able to understand just what those mandatory programs are doing.

[I'll have an entry posted soon with regard to Metalitz]

Posted by Seth Finkelstein at 11:57 PM
June 19, 2003

DMCA, fair use vs "access to copyrighted material"

I don't know how long I should drag out the Eldred discussion with Derek, but the following part motivated me to write yet another item on the topic:

That's why I don't really think of this discussion as people naively reading too much into the Eldred opinion. I look at it as a starting place for the next person who gets sued.

As I just said, cough, cough, cough ...

It's exactly because of being a starting place for the next person who gets sued, that I think people are naively reading too much into the Eldred opinion!

Quite frankly, nothing is worse for such a person than a pundit-lawyer on a hobby-horse, who needs a reality-check (nothing personal to anyone involved in this discussion, just a comment/example from more "intense" times).

I think I've found a fairly concise way of illustrating where I think there's a small (very small) gain, and a large gap:

Here's the good news, regarding this part of the 2600 Appeals decision:

Preliminarily, we note that the Supreme Court has never held that fair use is constitutionally required, although some isolated statements in its opinions might arguably be enlisted for such a requirement. ...

[And the fair use discussion in Eldred fits right here. One could say that it establishes there is such a requirement. Eldred at least unarguably adds strongly to the pile of evidence in favor of that point.]

Here's the bad news. Contrast the key fair use paragraph in Eldred here:

Second, the "fair use" defense allows the public to use not only facts and ideas contained in a copyrighted work, but also expression itself in certain circumstances. Codified at 17 U. S. C. ß107, the defense provides: "[T]he fair use of a copyrighted work, including such use by reproduction in copies . . . , for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." The fair use defense affords considerable "latitude for scholarship and comment," Harper & Row, 471 U. S., at 560, and even for parody, see Campbell v. Acuff-Rose Music, Inc., 510 U. S. 569 (1994) (rap group's musical parody of Roy Orbison's "Oh, Pretty Woman" may be fair use).

With this pronouncement in the 2600 Appeals decision:

A film critic making fair use of a movie by quoting selected lines of dialogue has no constitutionally valid claim that the review (in print or on television) would be technologically superior if the reviewer had not been prevented from using a movie camera in the theater, nor has an art student a valid constitutional claim to fair use of a painting by photographing it in a museum. Fair use has never been held to be a guarantee of access to copyrighted material in order to copy it by the fair user's preferred technique or in the format of the original.

Where is there anything, anything, in what was said in Eldred, which screams that a Supreme Court opinion on the DMCA would reject that baleful phrase "Fair use has never been held to be a guarantee of access to copyrighted material ..."?

Try it as a positive assertion: "The Eldred decision establishes the contention that fair use is a guarantee of access to copyrighted material ...". See how stretched it is? How much it sounds like wishful thinking?

Posted by Seth Finkelstein at 11:32 PM | Followups
June 18, 2003

DMCA, fair use, and "traditional contours" argument

Replying to Derek, about Eldred decision meaning:

I reject the argument that the "traditional contours" argument is just a "vague phrase" without any meaning. It's not just that one phrase; it's a thread that runs through her entire argument. If none of that argument is important, then she would not have said that the lower court had erred in any way - her opinion would be equal to a categorical first amendment immunity for all copyright legislation. Given that she specifically said no such immunity exists, I don't see how one can ignore the traditional contours portion of her argument.

Consider the whole paragraph:

The First Amendment securely protects the freedom to make or decline to make one's own speech; it bears less heavily when speakers assert the right to make other people's speeches. To the extent such assertions raise First Amendment concerns, copyright's built-in free speech safeguards are generally adequate to address them. We recognize that the D. C. Circuit spoke too broadly when it declared copyrights "categorically immune from challenges under the First Amendment." 239 F. 3d, at 375. But when, as in this case, Congress has not altered the traditional contours of copyright protection, further First Amendment scrutiny is unnecessary.

Let me say, as a disclaimer, that I'm not a lawyer, not even a lawyer-in-training. But my reading of court decisions has made me very cynical. So when I encounter a passage such as the above, I don't see a ringing clarion-call for the ramparts of fair use. Rather, I hear, bluntly, a blow-off. A "But ...". Someone clucking "Now, that Circuit Court went a little too far, but don't you get any crazy ideas about First Amendment arguments overturning these laws."

The problem with Balkin's "pony-hunt" is where he's assuming exactly the conclusion he wants to reach (my emphasis:)

Does the DMCA "alter[] the traditional contours of copyright protection"? Yes, it does, in two respects. ...

Congress clearly did mess with those horizontal aspects in the DMCA, and so, under the logic of Eldred, it infringed on the "built-in free speech safeguards" of copyright law.

However, the "legal hack" argument of the DMCA is that it does not infringe on "built-in free speech safeguards" of copyright law, because it doesn't affect fair use in terms of a technical exception (as opposed to a substantive limit).

I am absolutely certain that in a DMCA Supreme Court opinion, they will analyze the issue of fair use extensively, instead of dismissing it out of hand. To this extent, I'll agree Eldred established fair use as a Constitutional requirement, rather than something which exists at the whim of Congress.

But I fear in that analysis, we are likely to see pages and pages explaining how in fact, in the court's view, the DMCA does not alter the "traditional contours of copyright protection" And the blueprint for that is in all the lower court decisions enthusiastically saying how the DMCA is not a fair use issue. Channeling Ginsburg, we'll get:

In addition to spurring the creation and publication of new expression, copyright law contains built-in First Amendment accommodations. First, it distinguishes between ideas and expression and makes only the latter eligible for copyright protection.

[Now insert: The DMCA doesn't affect idea/expression]

Second, the "fair use" defense allows the public to use not only facts and ideas contained in a copyrighted work, but also expression itself in certain circumstances.

[NOW insert: There's no right to access, fair use is merely a technical exception not a substantive limit - this is the whole argument]

I can see this very easily. Very easily indeed.

I believe people are reading into the Court's fair use discussion, something they themselves deeply believe is true, and so desperately want the Court to endorse as true. I share these feelings. But that can be a fatal error. I sadly see little evidence that the Court is saying anything DMCA-unfriendly.

C'mon. Do they sound business/copyright-power unfriendly to you?

Posted by Seth Finkelstein at 01:19 PM | Followups
June 17, 2003

Circumvention Device Definition in DMCA

[I wrote this for a mailing list, about how the DMCA defines circumvention devices]

Much as it's fun to proclaim "Magic Markers Are A Circumvention Device" (and Therefore The DMCA Is Absurd), let's not forget the technical definition in the law does take that issue into account:

* (A) is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof;
* (B) has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; or
* (C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof.

I must admit I've wondered about that part (C) - "marketed". It does seem to me to arguably cover e.g. an eBay auction that says "Magic Markers - great for circumventing CD copying restrictions". hat's odd to my techie-mindset. But it actually seems to fit the legal framework around earlier infringement-capable devices (i.e., you can in general sell a device that has an infringing use, but marketing it for the explicit purpose of infringement is a no-no).

Posted by Seth Finkelstein at 07:47 PM | Followups
June 15, 2003

Users and losers in the conflict between DMCA and fair use

Derek Slater has an extensive post on After Eldred, and comments in it:

Oh, and as for Seth's argument about the "DMCA does not limit fair use" clause - I don't buy it.  Corley, for good reason, did not read that clause to mean that the DMCA provided a fair use exception.  Its designers did not intend such an exception.

Indeed. In fact, the Memorandum Order says outright:

If Congress had meant the fair use defense to apply to such actions, it would have said so.

But I argue this is key for exactly the reasons being discussed, what Frank phrases as "how to treat technology in relation to expression". I semi-agree that the "The court clearly had trouble figuring out how to treat technology in relation to expressions". But the trouble seemed to me more in fitting the legal theory to the outcome they saw as absolutely necessary. And hence we get back to practical fiction that the DMCA does not limit fair use.

In a nutshell:

I suppose you can make those technologically inconvenient fair uses, in the abstract. But it's greatly altering the way you experience the content.

And thus we return to the DMCA argument is that there's no particular right to experience content (i.e., DMCA not affecting fair use):

Although the Appellants insisted at oral argument that they should not be relegated to a "horse and buggy" technique in making fair use of DVD movies,36 the DMCA does not impose even an arguable limitation on the opportunity to make a variety of traditional fair uses of DVD movies, ...

36 In their supplemental papers, the Appellants contend, rather hyperbolically, that a prohibition on using copying machines to assist in making fair use of texts could not validly be upheld by the availability of "monks to scribe the relevant passages."

Note that phrase even an arguable limitation. What we are doing here is reiterating at great length, with many variation on the theme, the fundamental conflict in views of fair use: substantive limit, or technical exception? In terms of a procedural reply to a copyright infringement charge, sure, there's no limitation. But regarding real-world impact on ability, such a statement would be ludicrous.

People are going ga-ga over one vague phrase in Eldred, "the traditional contours of copyright protection". But there's pages and pages of dismissal of fair use, substantively, in Corley.

This reality obliges courts considering First Amendment claims in the context of the pending case to choose between two unattractive alternatives: either tolerate some impairment of communication in order to permit Congress to prohibit decryption that may lawfully be prevented, or tolerate some decryption in order to avoid some impairment of communication. Although the parties dispute the extent of impairment of communication if the injunction is upheld and the extent of decryption if it is vacated, and differ on the availability and effectiveness of techniques for minimizing both consequences, the fundamental choice between impairing some communication and tolerating decryption cannot be entirely avoided.

In facing this choice, we are mindful that it is not for us to resolve the issues of public policy implicated by the choice we have identified. Those issues are for Congress. Our task is to determine whether the legislative solution adopted by Congress, as applied to the Appellants by the District Court's injunction, is consistent with the limitations of the First Amendment, and we are satisfied that it is.

I'd say this is sadly the inverse of "splitting the technology from the expression, divorcing the use of code from actual human experience." What the court seems to say, up and down, throughout the entire decision, is basically, in my view, that if they accept a First Amendment or fair use defense of code, in practice, it's going to allow too much to get through. So it won't be allowed.

We can't split the difference with source code versus object code. Again, in practice, the court is concerned with the effects, so source versus object is immaterial. My reading of it is that they "got" the implications, they understood all about technological mediation of experiential aspect. And they came out on the issue that, bluntly, users lose.

Posted by Seth Finkelstein at 11:55 PM | Followups
June 14, 2003

More regarding DMCA versus fair use

The 2600 Appeals Court decision is critical reading on the topic of the DMCA versus fair use Here's the problem with Balkin's "pony-hunt" in a nutshell, from that decision:

We need not explore the extent to which fair use might have constitutional protection, grounded on either the First Amendment or the Copyright Clause, because whatever validity a constitutional claim might have as to an application of the DMCA that impairs fair use of copyrighted materials, such matters are far beyond the scope of this lawsuit for several reasons. In the first place, the Appellants do not claim to be making fair use of any copyrighted materials, and nothing in the injunction prohibits them from making such fair use. They are barred from trafficking in a decryption code that enables unauthorized access to copyrighted materials.

There's the "legal hack" at work. You're not accused of copyright infringement, you're accused of DMCA violation. The fact that access for the purpose of making a copy is deemed irrelevant. That's the trick. And if the Supreme Court can swallow "limited times" which are retroactive and finite-yet-unbounded, I'm unfortunately having a hard time seeing where they won't swallow that the DMCA hasn't "altered the traditional contours of copyright protection,", under the theory that it's not really copyright. That's why I call it a "legal hack".

Posted by Seth Finkelstein at 07:38 PM | Followups
June 13, 2003

DMCA vs fair-use

DMCA/fair-use blog party!

Donna and Derek and Kerr and Balkin and Solum and Frank ...

Let me jam too.

I think understand what Balkin is saying, and also what Kerr is saying.

Here's the deep question, which is being batted around:

Is fair-use a substantive limit, or a technical exception?

The side Kerr is arguing, what some call "affirmative defense", I call the "technical exception" view. That is, it conceives of fair use as having no overarching meaning, no deep significance. It's just a procedural reply in some particular sections of copyright law. The implication here, being that if one creates a new section of the copyright law - such as the DMCA - there's no carry-over, no principle to apply. The sections of the laws are partitioned, and never the twain shall meet.

The side Balkin is arguing, I call the "substantive limit" view. Fair use is an aspect of the First Amendment. It's intrinsic to any copyright-associated law by virtue of drawing power from the First Amendment's scope and reach, as a Constitutional provision. It's a bit like an all-pervasive Holy Spirit that way (the DMCA makes baby Jesus cry).

Now, Balkin is reading the Eldred decision as having a kind of genuflection to the pervasive spirit of fair use. How he does this, from perhaps the largest copyright-grab in history, is awesome to behold. The idea is that the court says the copyright-grab is OK in part since it didn't change fair use:

But when, as in this case, Congress has not altered the traditional contours of copyright protection, further First Amendment scrutiny is unnecessary.

So, goes the thought, this is a shining reaffirmation of the importance of fair use as substantive limit. And that strengthens the argument of those who argue that the DMCA is a restriction of this substantive limit. Follow the reasoning?

Frankly, this strikes me not as making lemonade out of lemons, but rather, wading through a pile of manure and trying to find a pony.

The cyanide in this lemonade is that it in fact doesn't help much against the "legal hack" that the DMCA doesn't affect fair use:

* (c) Other Rights, Etc., Not Affected. - (1) Nothing in this section shall affect rights, remedies, limitations, or defenses to copyright infringement, including fair use, under this title.

So the DMCA defenders are going to argue that in fact "[the DMCA] has not altered the traditional contours of copyright protection". Why? It says so right there, see? "Nothing in this section shall affect ...". But, respond the DMCA opponents, fair use is a substantive limit! No, say the DMCA defenders, fair use is a technical exception ...

Roundabout, here we come, right back where we started from ...

Posted by Seth Finkelstein at 05:30 PM | Followups
May 31, 2003

Censorware circumvention and the Iraqi Information Minister

[Wrote this for a mailing-list, some time back. David Burt's worst moment.]

microlenz(at)earthlink.net wrote
> As for some of the claims made in DC that Seth F. hadn't decrypted
> the database...duhhh

That part was just hilarious. David Burt, censorware company representative, ended up being compared (not by me!) to the infamous Iraqi Information Minister:

http://sethf.com/anticensorware/hearing_dc.php

MR. BURT: Well, again, as I said earlier, it didn't have any harm because nobody has used the exemption that we know of.

MR. BAND: But Mr. Finkelstein has --

MR. BURT: Excuse me. I'm being censored here. I've got to talk. (Laughter.)

I'm a librarian; I can say that.

As far as I know, no one has used this exemption to do this kind of research. That's why there hasn't been any harm that I'm aware of. But, again, as I said, the harm could be quite bad. If the exemption were heavily used and people were trafficking these lists quite widely, the harm could be quite widespread.

MR. FINKELSTEIN: David, will you authorize me to send to the members of the Panel the complete N2H2 blacklist to prove that I have, indeed, circumvented the encryption?

MR. BURT: Again, as I said earlier, I can't make legal decisions like that for my company. I'm not empowered to do that.

MR. FINKELSTEIN: Well, then, will you reserve your characterization because of the fact that I have offered to prove it?

MR. BAND: I also, not to belabor the point, but this is a little bit like the Iraqi Information Minister saying, "No, there are no American troops in Baghdad," when, you know, the American troops were right there. You keep on saying, "No, no circumvention has occurred," when right next to you there's a guy who has said a dozen times, "I circumvented it and this is what I did." I am a little surprised. That's all I can say. (Laughter.)

MR. BURT: Well, I think it's certainly illustrative that you have compared the filtering industry to the Baath Party, what you think of it. (Laughter.) I think Mr. Finkelstein would probably agree with you. (Laughter.)

MR. FINKELSTEIN: I think more like China.

Posted by Seth Finkelstein at 05:01 PM | Followups
May 30, 2003

Cameo in DMCA "damaged, malfunctioning, obsolete" hearing

Interesting - I also have a cameo appearance in the DMCA May 2 testimony about "Damaged, malfunctioning, obsolete, other noninfringing uses"

(page 246, Joe Montoro, Spectrum Software)

One of the examples that was raised by Shawn and some other papers on our first day of hearings was Mr. Finkelstein I believe is the cost of litigation is so prohibitive against a small defendant that quite simply a lot of times a small guy can't afford to litigate these matters. At the time, that was the case. We just don't have the resources that companies with those kind of $500 million or $1 billion companies can actually come at us with.

Posted by Seth Finkelstein at 06:28 AM | Followups
May 28, 2003

CSS licensing on manufacturers vs. consumers

[I wrote this for many DMCA/DVD mailing-lists]

On Wed, May 28, 2003 at 08:20:57PM -0400, Seth Johnson wrote:
> > http://www.copyright.gov/1201/2003/hearings/transcript-may15.pdf
>
> IP Justice, EFF and Ernest Miller laid out a lot of the key, essential
> points. Most interesting of all to me was the interchange between Mary Beth
> Peters and Robin Gross on the licensing issue. Peters clearly brings up the
> contention that circumvention involves license violations as if it were a
> bugbear issue and appears totally unprepared for Robin's clear statement
> that these "licenses" do not actually constitute contracts.

I think there, Marybeth Peters was confusing shrinkwrap licenses with the licensing terms of CSS for DVD players : (emphasis added)

MS. PETERS: I had a question about this side of the aisle which had to do with tethered DVDs or space shifting, those kind of things, which appear at points to violate licenses. I just wanted a comment on how you view the various licenses that come attached with a lot of the material in digital form.

She seems to have been thinking of the common "You don't own this, you only license it" boilerplate, and under the impression that applies to DVDs too. Note the spread of the idea that material in digital format is necessarily "licensed". Good reply:

MS. GROSS: [excerpt]
Consumers are not licensees. Consumers do not -- are not parties to any contract. Their rights haven't been restricted legally in any way. The manufacturer of the DVD player and the technology company may have license agreements between them but that's between them.

The consumer is not obligated to follow the agreements in their contracts. They are not a party to those agreements. I'm a little confused when you're saying overriding licenses. People who aren't a party to contracts aren't -- they are not overriding the contract. They are simply not a party. They are engaging in activity outside of the scope of the license.

So she's talking about any contracts binding the DVD player manufactures who have licensed CSS.

However, lest this point be misunderstood, I think it's clear Robin Gross wasn't addressing whether shrinkwrap licenses were valid contracts - that's an entirely different issue.

> There's a lot on this last day that's extremely good. It's the longest
> transcript, but if you want to get a sense of the best stuff that got
> brought out in these hearings, that's the one to read.

I still like my hearing best :-). I think it's got the most "(Laughter.)" moments.

http://sethf.com/anticensorware/hearing_dc.php

MR. FINKELSTEIN: ... I would also like to say that, for all this talk of the pornography sites, since they were blacklists, they are really bad collections of pornography sites. (Laughter.)


Blog addition - James Tyre pointed out to me this moment in his hearing

http://sethf.com/anticensorware/hearing_ca.php

MR. KASUNIC: Okay. I have just a couple of questions, mostly for Mr. Metalitz. Mostly we haven't heard him talk as much. And in the interest of time I'm going to censor myself today.

MR. TYRE: You can't do that. You have to speak freely.

Posted by Seth Finkelstein at 11:59 PM | Followups
May 27, 2003

Censorware DMCA 1201 exemption CALIFORNIA hearing transcript

More censorware DMCA testimony!

Just in today. I've also put up a similarly HTML-enhanced version of the May 14, California, testimony to renew the censorware 1201 DMCA exemption

http://sethf.com/anticensorware/hearing_ca.php

This features James Tyre (civil-libertarian lawyer and a coFounder of Censorware Project) verus Steve Metalitz (lawyer for many "Axis-Of-Evil" copyright associations)

This is also good reading, if I do say so myself.

Posted by Seth Finkelstein at 03:18 PM | Followups
May 26, 2003

Censorware DMCA 1201 exemption DC hearing transcript

I've put up an HTML-enhanced version of the April 11 testimony to renew the censorware 1201 DMCA exemption.

http://sethf.com/anticensorware/hearing_dc.php

This features me (unpaid award-winning anticensorware activist), David Burt (censorware company N2H2), and Jonathan Band (lawyer for many library associations).

It's good reading, if I do say so myself.

Posted by Seth Finkelstein at 11:58 PM | Followups
May 16, 2003

California exemption hearings (DMCA) first-hand report

These mailing-list messages are good info:

DMCA Exemption Hearings at UCLA Day 1 Part n of N
http://cyber.law.harvard.edu/archive/dvd-discuss2/msg19331.html

DMCA Exemption Hearings at UCLA Day 1..Addenda
http://cyber.law.harvard.edu/archive/dvd-discuss2/msg19335.html

Update: More reporting available, by [update: redacted], hosted by Aaron Swartz at
http://www.aaronsw.com/2002/may14-1201

May 14, 2003

California DMCA 1201 censorware circumvention hearing - James Tyre today

James Tyre is testifying today in favor of the DMCA censorware exemption in the Copyright Office circumvention hearing.

Good luck!

Posted by Seth Finkelstein at 02:59 PM | Followups
April 22, 2003

Starting to go back over censorware hearing testimony

Ah memories ... More about this later:

MR. FINKELSTEIN: I'm sorry. This is just such a wonderful reply.

You say, you criticized me for not publishing details of decryption? Well, the last people who published details of their decryption for the world to see got a $75,000 lawsuit for their trouble, and that $75,000 lawsuit took place right downtown from me. So there were no fancy Internet jurisdiction issues even, when you consider that case.

Therefore, could you consider perhaps why I might be a little hesitant to publish details, given that the last people who did it got a lawsuit for it? In fact, the only reason I came out and said that I had decrypted the database was in order to try to preserve this exemption.

I keep trying to convey, this isn't my job. Nobody is paying me to come here. I took the money out of my own pocket to actually pay the plane fare back here.

David Burt is paid by the company to do this. Win or lose, he goes home after this and he gets paid and he gets a salary. If I am looking at a massive lawsuit, $75,000 -- I looked at the amount -- for publishing something versus keeping my mouth shut about how I acquired it, I think the incentive there is to keep my mouth shut about it.

Posted by Seth Finkelstein at 11:58 PM | Followups
April 14, 2003

Another piece concerning the DMCA 1201 circumvention hearings

Washington Internet Daily had an article on what happened at the Copyright Office circumvention hearing. It's not easily on-line, so I can't link to it. And it's a bit garbled in places. One reasonable part:

The questions of the 5 panelists suggested several areas the CO was examining: (1) Whether circumvention was the only way to obtain useful data on the blocking of nonpornographic sites by filtering software. (2) Whether the exemption was harming the filtering industry. Burt acknowledged that when the 2000 proceeding was conducted "we were not aware of this process." He also said he knew of no actual harm to a filtering company because he wasn't aware of any actual circumvention (that became a point of contention at the hearing because Finkelstein kept insisting he had circumvented N2H2's software, but Burt said he had no evidence of that).

Though this doesn't describe the fun part of the hearing where David Burt, N2H2 PR flack, got compared (not by me!) to the Iraqi Information Minister.

Posted by Seth Finkelstein at 11:59 PM | Followups
April 13, 2003

First-hand report of DMCA 1201 circumvention hearings

Penguinal Ebullience has a nice first-hand report of the Friday Copyright Office circumvention hearing, both sessions.

DMCA Sec.1201 Exemption Hearing #1
http://penguinal.net/archives/2003_04_index.html#000641

It matches very well with my own memory and perceptions of the hearing (though the quotes are admittedly a little paraphrased). An excellent job, well worth reading.

Seth and [Jonathan] Band operated largely as a single coherent unit during the proceedings. Seth did most of the talking, with Mr. Band occasionally translating Seth's insightful, sometimes gleefully blunt arguments into legalese. Seth did a good thing by trouncing early on the semantics game of 'filtering' versus 'censoring' : "Filtering is when you block something you don't want to see. Censorship is when someone blocks something they don't want you to see." This helped immensely, and the panel seemed very receptive of what he had to say : that the public has an inherent right to know what is being blocked from public schools and libraries, that censorware manufacturers are not receptive to complaints of malfunctioning software, and that a decryption of any given program's list of censored sites does not constitute a compromise of the ability of that program to function.

Posted by Seth Finkelstein at 11:58 PM | Followups
April 12, 2003

National Journal: Copyright Office Hears Filtering Arguments

From http://nationaljournal.com/pubs/techdaily/pmedition/tp030411.htm#2

Intellectual Property
Copyright Office Weighs Permitting Decryption of Web Filters
by Drew Clark

...

A panel of five Copyright Office officials questioned the three witnesses from many perspectives at the first hearing in a tri-annual review to consider potential DMCA exemptions. The law permits exemptions if the Copyright Office believes lawful public access to works that do not violate copyrights have been blocked.

Finkelstein said decryption of software like N2H2's Bess is necessary for examining categories of Web sites that the software blocks. Decryption has found, for example, that N2H2's database of blocked sites includes various types of "loophole" sites, including those that provide language translation, use technology to mask users' identities and cache copies of other Web sites.

"Without this exemption, [researchers] are constrained to do this investigation blindfolded," said Finkelstein, who said he is one of about a half-dozen researchers in the field. He has published his work on his Web site. "They have to go back through a minefield, probing individually" to see if a given is blocked by what Finkelstein called "censorware."

...

Posted by Seth Finkelstein at 11:58 PM | Followups
April 09, 2003

Edelman v. N2H2 - N2H2 gets case dismissed

Flash: N2H2 has gotten the Edelman v. N2H2 case dismissed for lack of "standing". See my earlier write-up on the case:

Edelman v. N2H2 dismissal hearing report
http://sethf.com/censorware/legal/edelman_n2h2_hearing.php

From the docket

4/7/03 27 Judge Richard G. Stearns . Memorandum and Order entered. granting [9-1] motion to dismiss the complaint [EOD Date 4/8/03] cc: all counsel of record. (eaf) [Entry date 04/08/03]

Update: Decision now available: http://sethf.com/censorware/legal/edelman_n2h2_order.pdf

Posted by Seth Finkelstein at 10:46 AM | Followups
April 07, 2003

Censorware DMCA exemption testimony death-match

Good vs. Evil. Right vs. Might (or at least, vs. Money). Seth Finkelstein vs. David Burt

I'm hoping for a little surprise for N2H2, but may not be able to pull it off.

More later.

Update 4/8: It's on the Copyright Office circumvention page now ( http://www.loc.gov/copyright/1201/):

At 9:30 a.m. the panel will be on the proposed class of:

Compiliations of lists of websites blocked by censorware ("filtering software") applications.

Persons testifying:
  • Seth Finkelstein supporting the exemption, and
  • David Burt, N2H2, Inc., opposing the exemption.
Posted by Seth Finkelstein at 08:15 PM | Followups
April 03, 2003

David Turner's Massachusetts Super-DMCA hearing report

I've been sitting out the Super-DMCA opposition, since my energy has been drained by censorware issues and strategizing concerning the plain-old-DMCA exemption hearings

To add just a tiny amount of help, I'd like to point people to a (currently) under-blogged item:

David Turner's Massachusetts Super-DMCA hearing report

C. Scott Ananian follow-up

Posted by Seth Finkelstein at 11:58 PM | Followups
April 01, 2003

Edelman v. N2H2 dismissal hearing. court report

Edelman v. N2H2 dismissal hearing report
http://sethf.com/censorware/legal/edelman_n2h2_hearing.php

This is my full report, with introduction and commentary.

Sigh ...

At times, Stearns seemed almost palpably hostile to the ACLU side. At one point, he intoned "What he [Edelman] really wants to do is destroy the efficacy of their [N2H2's] product".

Posted by Seth Finkelstein at 09:28 PM | Followups
March 31, 2003

Preview note on court report on Edelman v. N2H2 dismissal hearing

Today, I attended the court hearing on N2H2's motion to dismiss the Edelman v. N2H2 case. That is, N2H2 was claiming that, roughly there is no "there" there - no reason for a court to rule. Because no actual censorware decryption work had been done in the case, and hence nobody had been sued. Of course, in a way, that situation is the rationale for the case in the first place. It's a "declaratory judgment" case, concerning whether some action is permissible, before it's in fact done. These sorts of cases seem to be caught in a tension between being Catch-22's and being speculations.

The judge started off the hearing by stating that he found the case "extremely dubious", and asked the ACLU to convince him otherwise. And it didn't get much better from there. Full report to follow.

Posted by Seth Finkelstein at 11:43 PM | Followups
March 18, 2003

DMCA hearings information announced by Copyright Office

The Copyright Office has now announced information regarding public hearings for the process of determining DMCA Exemptions

This is good reading (for those who like this type of reading):

http://www.copyright.gov/fedreg/2003/hearings.pdf

The Copyright Office stresses that factual arguments are at least as important as legal arguments and encourages persons who wish to testify to provide demonstrative evidence to supplement their testimony. While testimony from attorneys who can articulate legal arguments in support of or opposition to a proposed exempted class of works is useful, testimony from witnesses who can explain and demonstrate the facts is also solicited.

I found this part amusing:

In the written comment period, the Office received nearly 400 written comments. Given the time constraints, only a fraction of that number could possibly testify at the hearings. A timely request to testify does not guarantee an opportunity to testify at these hearings. The Copyright Office encourages parties with similar interests to select common representatives to testify on behalf of a particular position.

But note elsewhere:

Depending on the number of requests to testify that we receive, it may not be necessary to conduct hearings on all four of these days. The date or dates for the hearings in California will be announced later.

And:

The Office intends to organize individual sessions of the hearings around particular or related classes of works proposed for exemption.

I think this means that the DVD issues are only going to get so much time during the process.

Posted by Seth Finkelstein at 11:54 PM | Followups
March 09, 2003

PCWorld.com - Copyright Office considers exemptions to DMCA

PR! I'm quoted in the following PCWorld.com article on
Copyright Office considers exemptions to DMCA.

Seth Finkelstein, a freelance computer programmer from Cambridge, Massachusetts, wrote one of the successful proposals. He shares his experience in two reports on how to win copyright exemptions. Finkelstein fears the Copyright Office will punt on the more controversial issues.

"I think there are extremely sound policy arguments against the DMCA. The question is whether the copyright office is going to want the responsibility of making those decisions," Finkelstein says. "Nobody wants to face the wrath of copyright protection companies."

Posted by Seth Finkelstein at 11:10 PM | Followups
March 03, 2003

The Censorware Companies Strike Back

I'm undecided whether or not I should write blog entries ripping apart the DMCA reply of censorware companies opposing the censorware DMCA exemption. The argument for, is that it would be good practice and useful writing. The argument against, is that it would show my hand - after all, David Burt (who wrote it) sure didn't send me a pre-release review copy to analyze!

But to give a sense of how honest is that reply comment, note Matthew Skala, one of the programmers who got sued for publishing reverse-engineering of Cyberpatrol, has the following reaction in his blog:

N2H2 has its say
http://ansuz.sooke.bc.ca/lw/?id=2003022802

This is one of the DMCA exemption reply comments, from David Burt of N2H2, which makes the Bess censorware package. He appears to be speaking on behalf of several other censorware vendors too. It turns out that xpdf will read the file even though my konqueror Web browser won't. The comment argues that it's not necessary to reverse engineer censorware to test it, and has an entire section about what an evil person I am, calling Eddy Jansson and myself "two teen age hackers". Conveniently neglecting to mention that at the time of the Cyber Patrol break three years ago, we were both in our twenties, and I was already a university graduate; also denying, in the face of many counterexamples, that anyone who was anyone thought our work was valuable to the debate. Well, I (unfortunately) have much worse things to worry about at the moment than that kind of insult.

Posted by Seth Finkelstein at 08:56 PM | Followups
March 02, 2003

A DMCA chant

With apologies to 60's anti-war protests, I offer this little bit of doggerel for possible use:

Hey, hey, D-M-C-A
How many rights did you take away?

(older folks or students of 60's history will get the reference)

Posted by Seth Finkelstein at 11:44 PM | Followups
February 27, 2003

DMCA exemption reply comments now available

The Copyright Office has now posted all the reply comments concerning DMCA exemptions. The comments are available at:

http://www.copyright.gov/1201/2003/reply/reply1.html

This page contains reply comments submitted as a part of a rulemaking on exemptions from prohibition on circumvention of technological measures that control access to copyrighted works ...

Posted by Seth Finkelstein at 04:05 PM | Followups
February 20, 2003

Son of DMCA censorware exemption comment

Now my follow-up DMCA exemption comment (for censorware blacklists) has been submitted:

http://sethf.com/anticensorware/legal/dmcacom2.php

I didn't put in what I was thinking about the process. I've been pretty tired and that's a bad time to write. Maybe if there's another reply-round.

I can't wait to see what the censorware companies write about me :-(.

I may have a bet with Bennett Haselton of Peacefire over it ...

Posted by Seth Finkelstein at 05:11 PM | Followups
February 19, 2003

Deadline extended to 2/20 for DMCA reply comment

One extra day available for DMCA reply comments

http://www.copyright.gov/1201/comment_forms/index.html

"Note: This date has been extended from Feb. 19 to Feb. 20 in light of the heavy snowfall in the Northeast and the resulting closure of federal government and many private-sector offices."

Posted by Seth Finkelstein at 02:17 PM | Followups
February 18, 2003

DMCA exemptions, down to the wire

So I'm busy doing DMCA exemptions material today. I'm debating how much I can let loose and say:
"This process is not designed for normal people. It's just not. It may work for Washington wonks. But non-politicos simply don't have the time or the expertise in order to sit down and read through pages of requirements, and make lawyer-like arguments."

It's probably not a good idea for me to formally write that. But it's what I'm thinking right now.

Posted by Seth Finkelstein at 11:48 PM | Followups
February 17, 2003

DMCA exemptions reply comments, only two days left

Two more DMCA reply-comment days left. The deadline is 5:00 P.M. EST on February 19, 2003. Operators are standing by now (or at least there are handy forms and guides below)

"EFF is helping individuals fight for DMCA exemptions."
http://www.eff\.org/IP/DMCA/2003-DMCA-1201-comments.php

"How To Win (DMCA) Exemptions And Influence Policy"
http://www.eff.or\g/IP/DMCA/finkelstein_on_dmca.html

"Winning (DMCA) Exemptions, The Next Round"
http://www.eff.or\g/IP/DMCA/finkelstein_on_dmca2.php

Posted by Seth Finkelstein at 11:52 AM | Followups
February 13, 2003

"Operation Decrypt", DMCA-related satellite TV case (DirecTV, Dish Network, etc.)

I've been digging around to try to find the original material on the satellite TV DMCA-related case (DirecTV, Dish Network, etc.) The case involved others laws besides the DMCA, conspiracy and "manufacturing a device for the purpose of stealing satellite signals, 47 U.S.C. S 605(e)(4);"

I wish so many reporters didn't have such an aversion to referencing primary sources (probably because it would show how little work they did in, rewriting or excerpting a press release). Here's what I've found:

U.S. Department of Justice press release on "Operation Decrypt":
http://www.usdoj.gov:80/criminal/cybercrime/OPdecrypt_walterPlea.htm

"Operation Decrypt" defendants and charges:
http://www.usdoj.gov:80/criminal/cybercrime/OPdecrypt.htm

Computer Crime and Intellectual Property Section
http://www.usdoj.gov:80/criminal/cybercrime/ipcases.htm

Posted by Seth Finkelstein at 11:56 PM | Followups
February 12, 2003

DMCA exemptions reply comments, one week left

Seven more reply-comment days for DMCA ...

Useful general references:

"EFF is helping individuals fight for DMCA exemptions."
http://www.eff.org/IP/DMCA/2003-DMCA-1201-comments.php

"How To Win (DMCA) Exemptions And Influence Policy"
http://www.eff.org/IP/DMCA/finkelstein_on_dmca.html

"Winning (DMCA) Exemptions, The Next Round"
http://www.eff.org/IP/DMCA/finkelstein_on_dmca2.php

Article below:
http://www.infosecuritymag.com/2003/feb/news.shtml#4

LAW & ORDER
DMCA Opponents Target Change
by ANNE SAITA

Programmer Seth Finkelstein has some advice when venting about shortcomings of the Digital Millennium Copyright Act: Watch your language.

Finkelstein won one of two exemptions from the U.S. Copyright Office the last time it sought input on the controversial law in 2000. And he did it, he says, by carefully crafting an argument based on practical effects of a DMCA prohibition that prevented decrypting "censorware blacklists" used by content filtering software.

"The most surprising thing about the process was that they listened,"Finkelstein says.

Every three years, the Copyright Office must make a public inquiry into adverse effects caused by specific DMCA restrictions that protect copyrighted works. The first deadline for written comment is over, but it's still possible to chime in by filing comments on one of the 50 arguments now on the record-including 10 related to information security (www.copyright.gov/1201/2003/comments/index.html). The deadline is Feb. 19.

Even the Copyright Office admits its 2000 recommendation ratio of 2 to 235 is "modest," mainly because most comments, though eloquently presented, failed to show how the law inhibited research. Admittedly, examples were hard to come by in the last round, since the law was still relatively new and untested in the courts.

This round is different. Though there are fewer written arguments (mainly because of stricter submission guidelines), there also are more specific instances to cite, such as Princeton University professor Edward Felten's legal tussle with the recording industry over publishing an academic exercise in breaking the watermarks on musical digital files.

"It's going to be harder for them to say there's not enough evidence in certain cases," he says. But, he adds, "though the chance is greater, it's definitely not a sure thing."

Posted by Seth Finkelstein at 05:48 PM | Followups
February 09, 2003

EFFector 16.04 - Winning (DMCA) Exemptions, The Next Round

http://www.eff.org/effector/HTML/effect16.04.html#III

Winning (DMCA) Exemptions, The Next Round

EFF Hosts Seth Finkelstein's New Primer

EFF is pleased to announce the release of "Winning (DMCA) Exemptions, The Next Round," a wonderfully succinct guide to the comment-making process written by Seth Finkelstein, who proposed one of the only two exemptions granted in the last Library of Congress Rule-making.

Seth's guide explains the process in clear and simple English. The guide tells you how you can submit effective comments and participate in shaping copyright law policy. If you are having difficulties making lawful use of particular digital media because of a technological protection access control, we encourage you to submit comments to the Librarian of Congress.

Links:

"Winning (DMCA) Exemptions, The Next Round"
http://www.eff.org/IP/DMCA/finkelstein_on_dmca2.php

EFF is helping individuals fight for DMCA exemptions.
http://www.eff.org/IP/DMCA/2003-DMCA-1201-comments.php

Posted by Seth Finkelstein at 04:44 PM | Followups
January 28, 2003

Winning (DMCA) Exemptions, The Next Round

I've now written a sequel to my guide
How To Win (DMCA) Exemptions And Influence Policy
http://www.eff.org/IP/DMCA/finkelstein_on_dmca.html

The latest guide, discussing submitting of DMCA reply comments, is

Winning (DMCA) Exemptions, The Next Round
http://www.eff.org/IP/DMCA/finkelstein_on_dmca2.php

Posted by Seth Finkelstein at 06:42 PM
January 08, 2003

Jon Johansen / DeCSS pessimism from Mikael Pawlo

This message from the dvd-discuss list, by Mikael Pawlo, deserves to be better-known:

To: dvd-discuss(at)eon.law.harvard.edu
Subject: Re: [dvd-discuss] Jon Johansen acquitted!!
From: Mikael Pawlo <mikael(at)pawlo.com>
Date: Tue, 7 Jan 2003 22:01:46 +0100

...

Anyway - I am just here to rain on your parade.

The law is about to be changed. Norway will follow the European Union and the European Copyright Directive and will as a member of EEC implement a version of the WIPO Copyright Treaty, that also served as inspiration for the U.S. Digital Millennium Copyright Act. Draft Norweigan legislation is expected in February 2003. This will make the Jon-DVD case void as a precedent, since the legislation most likely will adopt the protection for anti-circumvention devices in the WIPO Copyright Treaty.

I really do not want to be a Lessig kind of pessimist, but he is starting to convince me of the color of the future. The color has a dark shade - that is if you do not consider strengthened copyright protection a good thing.

Regards,

Mikael Pawlo

Posted by Seth Finkelstein at 09:50 AM | Followups
December 27, 2002

Another appearance of my DMCA guide

My guide on How To Win (DMCA) Exemptions And Influence Policy has now been mentioned on the Lawrence Lessig news blog!

That's impressive, for me

Posted by Seth Finkelstein at 11:58 PM | Followups
December 22, 2002

Elcomsoft verdict as jury nullification?

I've been pondering some of the recent techie muttering about the Elcomsoft verdict as jury nullification

Wins are good. We needed a victory. But I'm uncertain it was the sort of People Power victory some would like to see.

Hmm ... Seth Schoen has just commented:

Don argues that the jury's decision to acquit -- after Judge Whyte rejected jurisdictional and constitutional arguments -- shows that ordinary Americans think the DMCA has gone too far. It's hard for me to know what the jury was thinking, but that interpretation seems especially plausible since the jury foreman said jurors were troubled at the lack of rights afforded to readers under the law.

Could it be that they believed that "reading is a right, not a feature"?

What bothers me is that these comments seems to proceed as if the jury had affirmative views, and then acted to enforce them over the law. That story just doesn't sound likely to me. The DMCA is not an easy law to understand. I find most people go through a phase where they don't grasp how draconian it is. I wonder if the jury's reaction might be better rendered that they couldn't understand it, and since Elcomsoft didn't seem to be doing anything wrong ("fair use"), then Elcomsoft certainly couldn't have been willfully violating the law. That's good. But it's not the Nerd Militia either.

Posted by Seth Finkelstein at 11:58 PM
December 21, 2002

Dmitry Sklyarov on chilling effect of DMCA

Chilling quote from Sklyarov reflects on DMCA travails :

Anxiety over the DMCA

Sklyarov said many information security developers have been skittish since learning of his case, fearful that they, too, could face jail time for their work. "Nobody knows. Probably you'll do your work, and after that somebody comes for you to arrest you or something like that because the DMCA is very (broadly) written and many things can be linked with DMCA," he said.

Posted by Seth Finkelstein at 11:58 PM
December 20, 2002

DMCA exemption comments available

The Copyright Office has now put on their website, the complete text of ALL DMCA exemption comments

Posted by Seth Finkelstein at 06:11 PM | Followups

DMCA exemption comments - a second bite at the apple

The first round of DMCA comments is done. But if people want to submit DMCA exemptions material to the Copyright Office, there's a second chance.

The 2002 notice of inquiry says (my emphasis):

In the reply comments, persons who oppose or support any exemptions proposed in the initial comments will have the opportunity to respond to the proposals made in the initial comments and to provide factual information and legal argument addressing whether a proposed exemption should be adopted. Since the reply comments are intended to be responsive to the initial comments, reply commenters must identify what proposed class they are responding to, whether in opposition, support, amplification or correction. As with initial comments, reply comments should first identify the proposed class, provide a summary of the argument, and then provide the factual and/ or legal support for their argument. This format of class/ summary/ facts and/ or legal argument should be repeated for each reply to a particular class of work proposed.

...

Reply comments will be accepted from January 21, 2003, until February 19, 2003, at 5:00 P. M. Eastern Standard Time.

So there's another opportunity very soon.

Update: Note this is an even better opportunity then the first round. The 2002 rulemaking page says (my emphasis):

The initial round of comments (due December 18, 2002) is restricted to comments proposing exemptions for specific classes of works. Reply comments (due February 19) may be submitted in opposition to or in further support of exemptions proposed in the initial comments.

So you can file support comments for other comments. In fact, people can even make a reply comment in further support of their own initial comment!

Posted by Seth Finkelstein at 10:07 AM | Followups
December 18, 2002

DMCA Exemption comment - it's done!

It's done! My DMCA Exemption comment (for censorware blacklists) has been submitted. A version is available at:

http://sethf.com/anticensorware/legal/dmcacom.php

Posted by Seth Finkelstein at 04:45 PM
December 17, 2002

Elcomsoft win!

Elcomsoft case victory!. The jury found the company innocent of charges (criminal charges)

Frankly, I was very pessimistic.

This quote is fascinating.

"Under the eBook formats, you have no rights at all, and the jury had trouble with that concept," said Strader.

Judges tend not to have trouble with that concept of no rights at all.

Posted by Seth Finkelstein at 05:24 PM | Followups
December 16, 2002

Deadline nears for DMCA exemptions

The Register has a nice article article on my DMCA guide and related work:

Deadline nears for DMCA exemptions

Posted by Seth Finkelstein at 11:57 PM | Followups
December 15, 2002

Copyright Office exasperation on DMCA exemption comments

I hadn't realized how exasperated the Copyright Office sounds now, on their comment submission form :

Most of the comments we have received appear to address only technological measures that prohibit or limit "copying" rather than measures that prevent unauthorized access or limit access to copyrighted works. The adverse effect of "copy" protection measures is beyond the scope of this rulemaking. Similarly, the prohibitions against "trafficking" in any technology, product, service, device, component, or part thereof that circumvents access or copy protection measures contained in section 1201(a)(2) and 1201(b) are also beyond the scope and statutory authority of this rulemaking. 17 U.S.C. sec.1201(a)(1)(B) and (C). The scope of this rulemaking is limited, by statute, to the examination of evidence of the adverse effects of the prohibition on circumvention of measures that protect "access" to copyrighted works.

Translation (I think :-)): Stop bugging us about the DeCSS and Elcomsoft/Sklyarov cases! It's not our problem! We can't do anything about it!

Posted by Seth Finkelstein at 11:57 PM | Followups
December 10, 2002

Jon Johansen, DeCSS, more history

More good reading besides Jon Johansen's trial testimony:

http://www.free-dvd.org.lu/css-chain-of-events.txt - "CSS chain of events"

And a great interview in LinuxWorld.com
http://www.linuxworld.com/linuxworld/lw-2000-01/lw-01-dvd-interview.html

Jon Johansen: I'm 16 now, I was 15 when it happened ... and the encryption code wasn't in fact written by me, but written by the German member. There seems to be a bit of confusion about that part.

LinuxWorld: The other two people that you had worked with to make the player are remaining anonymous -- is that right?

Jon Johansen: Yes, that is correct.

...

LinuxWorld: Do you know why they want to remain anonymous?

Jon Johansen: They are both a lot older than me, and they are employed. So I guess they just didn't want the publicity, and they were perhaps afraid of getting fired.

Posted by Seth Finkelstein at 03:23 AM | Followups
December 09, 2002

Copyright Office - DMCA comments need to FOLLOW THE SPEC

The Copyright Office is reminding people who want to submit comments on the DMCA 2002 rulemaking, that comment have to follow their format. (see my guide - How To Win (DMCA) Exemptions And Influence Policy) If the comments don't follow the required format, the comments don't get considered.

The Copyright Office comment submission form now says (their emphasis):

Important Note: Most of the comments received thus far do not comply with the requirements for submission. Comments that do not meet all of the requirements will not be considered.

Before submitting your comment attachment, verify that your comment attachment:

Posted by Seth Finkelstein at 03:07 PM
December 08, 2002

Jon Johansen and DeCSS

I've just mentioned the criminal (pun intended) Jon Johansen's trial is next week (December 9 - 13). For people interested in background on DeCSS, the best account of the origin of DeCSS is his trial testimony

(I feel for that anonymous German programmer)

Q. Who wrote DeCSS?
A. I and two other people wrote DeCSS.
...
Q. Mr. Johansen, what did you do next towards making DeCSS?
A. We agreed that the person who I met would reverse engineer a DVD player in order to obtain the CSS algorithm and keys.
Q. Who was this person that you met on the Internet?
A. A person from Germany. I don't know his identity.
Q. Okay. What happened next?
A. About three days later when I was on line again, he messaged me and told me that he had found the CSS algorithm. He also sent the algorithm to me with the CSS authentication source which are written by Eric [ed: this is a mishearing of Derek] Fawcus earlier. He also sent me information on where inside the player he had found the algorithm, and he also sent me a single player key.
Q. Thank you very much. Now, you testified on direct that a German person, I think, had reverse-engineered the Xing DVD player, is that correct?
A. Yes, that is correct.
Q. And that person goes by the nick Ham?
A. Yes, that's correct.
Q. And it's Ham who wrote the source code that performed the authentication function in DeCSS, is that correct?
A. No, that is not correct. He did not write the authentication code. He wrote the decryption code.
Q. He wrote the encryption code?
A. Decryption code.
Q. Decryption.
A. Yes.
Q. Ham is a member of Masters of Reverse Engineering or MORE?
A. That's correct.
Q. And are you also a member of MORE?
A. Yes.
Q. There are other members in Germany and Holland, is that correct?
A. Well, the third member is in the Netherlands.
Q. And it was Ham's reverse engineering of the Xing DVD player that revealed the CSS encryption algorithm, am I right?
A. Yes, that's correct.
Q. Reverse engineering by Ham took place in or about September 1999?
A. Yes, I believe it was late in September of 1999.
Q. And you testified that it was this revelation of the CSS encryption algorithm and not any weakness in the CSS cipher that allowed MORE to create DeCSS, is that correct?
A. Yes, that's correct.
Q. You obtained the decryption portions of the DeCSS source code from Ham, correct?
A. Yes, that's correct.
Q. You then compiled the source code and created the executable?
A. Well, in the form I received it, it was not compatible.

Posted by Seth Finkelstein at 01:28 AM
December 06, 2002

Elcomsoft trial, another chilling statement

I was again reading over the last eBooks ruling, from the Elcomsoft trial (the Adobe/Ebooks case that arose out of the arrest of Dmitry Sklyarov). It's full of chilling statements. Here's another. (emphasis added):

But, pirates and other infringers require tools in order to bypass the technological measures that protect against unlawful copying. Thus, targeting the tool sellers is a reasoned, and reasonably tailored, approach to "remedying the evil" targeted by Congress. In addition, because tools that circumvent copyright protection measures for the purpose of allowing fair use can also be used to enable infringement, it is reasonably necessary to ban the sale of all circumvention tools in order to achieve the objectives of preventing widespread copyright infringement and electronic piracy in digital media. Banning the sale of all circumvention tools thus does not substantially burden more speech than is necessary.

Posted by Seth Finkelstein at 11:05 AM | Followups
December 04, 2002

Elcomsoft trial

People following the Elcomsoft trial (the Adobe/Ebooks case that arose out of the arrest of Dmitry Sklyarov) might want to review what happened the last time around. The very same judge, Ronald Whyte, who is hearing the case now, is the judge who earlier ruled (emphasis added):

The inescapable conclusion from the statutory language adopted by Congress and the legislative history discussed above is that Congress sought to ban all circumvention tools because most of the time those tools would be used to infringe a copyright. Thus, while it is not unlawful to circumvent [ed note - ONLY "rights" restrictions, not "access" restrictions] for the purpose of engaging in fair use, it is unlawful to traffic in tools that allow fair use circumvention. That is part of the sacrifice Congress was willing to make in order to protect against unlawful piracy and promote the development of electronic commerce and the availability of copyrighted material on the Internet.

Accordingly, there is no ambiguity in what tools are allowed and what tools are prohibited because the statute bans trafficking in or the marketing of all circumvention devices. Moreover, because all circumvention tools are banned, it was not necessary for Congress to expressly tie the use of the tool to an unlawful purpose in order to distinguish lawful tools from unlawful ones. Thus, the multi-use device authorities cited by defendant, such as the statutes and case law addressing burglary tools and drug paraphernalia, offer defendant no refuge. The law, as written, allows a person to conform his or her conduct to a comprehensible standard and is thus not unconstitutionally vague.

Posted by Seth Finkelstein at 08:46 AM
December 01, 2002

Press-reach of my DMCA exemptions guide

My guide on How To Win (DMCA) Exemptions And Influence Policy seems to be getting around. An item about it ran in EFF's newsletter EFFector:

Seth's guide explains the process in clear and simple English. The guide tells you how you can submit effective comments and participate in shaping copyright law policy. This is your opportunity to let the Librarian of Congress know how the DMCA is impacting you. If you are having difficulties making lawful use of particular digital media because of a technological protection access control, we encourage you to submit comments to the Librarian of Congress.

It's showing up in places from Dave Farber's IP list and comp.dcom.telecom to applelinks and even a blues-music listserv.

Impressive (well, by my poor coverage standards). It makes such a difference, to be supported. The risk/reward ratio of punditry and policy is so attractive sometimes, as opposed to programming.

Posted by Seth Finkelstein at 10:14 AM | Followups
November 28, 2002

Alice's DMCA?

I started to write one of the parodies of Alice's Restaurant, but I didn't feel inspired to do pages and pages of it. This was the initial paragraph:

And I, I walked over to the, to the bench there, and there is, Group W's where they put you if you may not be moral enough to join the Total Information Agency after committing your special computer crime, and there was all kinds of mean nasty ugly looking people on the bench there. Viagra spammers. Credit-card crackers. Relay-rapers! Relay-rapers sitting right there on the bench next to me! And they was mean and nasty and ugly and horrible cracker-type guys sitting on the bench next to me. And the meanest, ugliest, nastiest one, the meanest relay-raper of them all, was coming over to me and he was mean 'n' ugly 'n' nasty 'n' horrible and all kind of things and he sat down next to me and said, "Kid, whad'ya get?" I said, "I didn't get nothing, I had to pay $500,000 and take down the hyperlink." He said, "What were you arrested for, kid?" And I said, "Circumvention." And they all moved away from me on the bench there, and the hairy eyeball and all kinds of mean nasty things, till I said, "And violating a shrinkwrap license". And they all came back, shook my hand, and we had a great time on the bench, talkin about spamming, credit-card cracking, relay-raping, all kinds of groovy things that we was talking about on the bench. ...

... And friends, they may think it's a movement. ...

Posted by Seth Finkelstein at 04:37 PM | Followups
November 27, 2002

DMCA, more on substantial non-infringing use

Further on the frequently-seen DMCA and substantial non-infringing use argument, this passage from the eBooks ruling should be studied (emphasis added);

The inescapable conclusion from the statutory language adopted by Congress and the legislative history discussed above is that Congress sought to ban all circumvention tools because most of the time those tools would be used to infringe a copyright. Thus, while it is not unlawful to circumvent [ed note - ONLY "rights" restrictions] for the purpose of engaging in fair use, it is unlawful to traffic in tools that allow fair use circumvention. That is part of the sacrifice Congress was willing to make in order to protect against unlawful piracy and promote the development of electronic commerce and the availability of copyrighted material on the Internet.

Accordingly, there is no ambiguity in what tools are allowed and what tools are prohibited because the statute bans trafficking in or the marketing of all circumvention devices. Moreover, because all circumvention tools are banned, it was not necessary for Congress to expressly tie the use of the tool to an unlawful purpose in order to distinguish lawful tools from unlawful ones. Thus, the multi-use device authorities cited by defendant, such as the statutes and case law addressing burglary tools and drug paraphernalia, offer defendant no refuge. The law, as written, allows a person to conform his or her conduct to a comprehensible standard and is thus not unconstitutionally vague.

Posted by Seth Finkelstein at 08:49 AM | Followups
November 26, 2002

DMCA and substantial non-infringing use

I've noticed in some of the DMCA-exemption discussions, that one of the very first things people tend to do is basically re-invent the "capable of substantial non-infringing use" argument - that is, if something has any use at all which is non-infringing, that should dominate. This has been thought-of before, and addressed. The principles are worthy, but arguing it as just as theory isn't so simple. It's very important to read what has gone before, in the 2000 DMCA rulemaking results (emphasis added) :

Proponents of such an exemption make two related arguments. First, some commenters argue that using Section 1201(a)(1) to prohibit circumvention of access controls on works that are primarily factual, or in the public domain, bootstraps protection for material that otherwise would be outside the scope of protection. It would, in effect, create legal protection for even the uncopyrightable elements of the database, and go beyond the scope of what Section 1201(a)(1) was meant to cover. An exemption for these kinds of works, proponents argue, is necessary to preserve an essential element of the copyright balance `` that copyright does not protect facts, U.S. government works, or other works in the public domain. Without such an exemption, users will be legally prevented from circumventing access controls to, and subsequently making noninfringing uses of, material unprotected by copyright.

...

On the record developed in this proceeding, the need for such an exemption has not been demonstrated. First, although proponents argue that 1201(a)(1)(A) bootstraps protection for uncopyrightable elements in copyrightable databases, the copyrightable elements in databases and compilations usually create significant added value. Indeed, in most cases the uncopyrightable material is available elsewhere in ``raw'' form, but it is the inclusion of that material in a copyrightable database that renders it easier to use. Search engines, headnotes, selection, and arrangement, far from being a thin addition to the database, are often precisely the elements that database users utilize, and which make the database the preferred means to access and use the uncopyrightable material it contains. Because it is the utility of those added features that most users wish to access, it is appropriate to protect them under Section 1201(a)(1)(A). Moreover, all copyrightable works are likely to contain some uncopyrightable elements, factual or otherwise. This does not undermine their protection under copyright or under 1201(a)(1)(A). [footnote] \8\

[footnote] \8\ One commenter suggested an exemption for ``compilations and other works that incorporate works in the public domain, unless the compilation or work was marked in such a way as to allow identification of public domain elements and separate circumvention of the technological measures that controlled access to those elements.'' PH4 (Ginsburg). While this approach could address some of the concerns raised by proponents, it is unclear whether it would be technologically feasible for copyright owners to implement. Furthermore, as discussed below, the Register has not yet been presented with evidence that there have been or are likely to be adverse impacts in this area.

Posted by Seth Finkelstein at 09:05 AM | Followups
November 25, 2002

How To Win (DMCA) Exemptions And Influence Policy

Date: Mon, 25 Nov 2002 08:07:11 -0800
From: Lee Tien
Subject: guide to DMCA "exemption" process -- 3 weeks left
To: Law & Policy of Computer Communications

EFF is pleased to present a guide to the DMCA "exemption" process.

http://www.eff.org/IP/DMCA/finkelstein_on_dmca.html

Under this process, the Copyright Office of the Library of Congress must make a triennial inquiry regarding adverse effects of the DMCA's prohibition on circumvention on "certain classes of works."

If adverse effects are shown, the office can "exempt certain classes of works from the prohibition against circumvention of technological measures that control access to copyrighted works." The exemptions only last 3 years.

The author, Seth Finkelstein, is one of the very few people who succeeded in arguing for an exemption (for the act of circumventing access/copy controls on censorware blacklists) in the last round (2000). [The Copyright Office received many comments and rejected the overwhelming majority of them; I think in the end only 2 or 3 exemptions were created.]

The upcoming round is the next one, for 2003. "Written comments are due by December 18, 2002."

This is about the only part of the DMCA that can mitigate its fell sway, so if you have any interest in the topic at all, it's well worth reading.

Lee
--
**********************************
Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation

Posted by Seth Finkelstein at 11:41 AM | Comments (0) | Followups
November 24, 2002

DMCA and criminal penalties

I've been looking into the criminal penalties section of the DMCA. This is scary stuff. You do NOT have to be a big-time infringement business to trigger criminal liability in modern copyright law (as most famously demonstrated by Dmitry Sklyarov) . In fact, it's surprisingly easy.

From the Department of Justice Criminal Resource Manual:

Copyright Infringement -- Fourth Element -- Commercial Advantage or Private Financial Gain (emphasis added)

It is a common misconception that if infringers fail to charge subscribers a monetary fee for infringing copies, they cannot be held to have engaged in criminal copyright infringement. It is the position of the Department that the term "for purposes of commercial advantage or private financial gain" does not require the payment in money for the infringing works, but includes payment by trading anything of value for them. Thus, when "bartering" (i.e., the practice of exchanging infringing works for other infringing works) results in the unauthorized dissemination of substantial amounts of infringing product without recompense to the copyright holders, prosecution appears to be fully consistent with the purposes of the criminal copyright statute.

Posted by Seth Finkelstein at 11:51 PM | Followups
November 23, 2002

Lawrence Lessig quote on DMCA

This says it all:

"But we're in a world where disobedience is treated with felony convictions. The idea that you are going to get lots of civil disobedience against the Digital Millennium Copyright Act is just crazy. You're going to get lots of prosecutions and people going away to jail."

-- Lawrence Lessig, Reason interview

Posted by Seth Finkelstein at 05:25 PM | Followups
November 21, 2002

DMCA and leveraged Denial-Of-Service attacks

There's been much news about the DMCA being used to take-down leaked advertisements, by claiming the prices are copyrighted/trade secrets. Recently, I've been working on DMCA exemptions, so the following passage from the 2000 rulemaking results is fresh in my mind:

A related worry of commenters is that, in practice, section 1201(a)(1) will be used to ``lock up'' works unprotected by copyright. They predict that compilers of factual databases will have an incentive to impose a thin veneer of copyright on a database, by adding, for example, some graphics or an introduction, and thus take unfair advantage of the protection afforded by Section 1201. In addition, they fear that access to works such as databases, encyclopedias, and statistical reports, which are a mainstay of the educational and library communities, will become increasingly and prohibitively expensive. On the record developed in this proceeding, the need for such an exemption has not been demonstrated.

[later]

... the fear that 1201(a)(1)(A) will disadvantage users by ``locking up'' uncopyrightable material, while understandable, does not seem to be borne out in the record of this proceeding. Commenters have not provided evidence that uncopyrightable material is becoming more expensive or difficult to access since the enactment of Section 1201, nor have they shown that works of minimal copyright authorship are being attached to otherwise unprotectible material to take advantage of the 1201 prohibitions.

Now, the FatWallet.com take-downs are not the same DMCA section. But I was struck by the fact that it is roughly the same problem. There are gradations in copyright, which matter in fair-use. But by, err, "circumventing" fair-use, the DMCA does away with all the balancing. All one needs now is the thinnest of copyright, e.g. pricing data or annotations - and the full fury of the DMCA can then be brought to bear.

Posted by Seth Finkelstein at 11:51 PM | Followups
November 20, 2002

YesterDMCA, a DMCA song

Many people have heard Jonathan Watterson's DMCA song, based on the Village People "YMCA" hit. Today, suffering from DMCA immersion, I was inspired to compose my own doggerel, based on the song "Yesterday"

With apologies to Yesterday by John Lennon and Paul McCartney:

YesterDMCA
a parody by Seth Finkelstein

Yesterday,
Algorithms programmed in any way
Now it looks as though there's liabilit-ay
And, it's 'cause of the D-M-C-A

Suddenly,
I'm not allowed to speak in C
There's a shadow hanging over me
Oh how D-M-C-A makes silence be

How some bits do flow, you can't know,
We couldn't say
I said something wrong
now I'm among, law D-M-C-A-ay-ay-ay

Yesterday,
"code" was such an easy game to play
Now I need a place to hide away
And, it's 'cause of the D-M-C-A

Posted by Seth Finkelstein at 07:23 AM | Followups
November 19, 2002

DMCA Rulemaking - GroundHog Day

Today is the DMCA Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures that Control Access to Copyrighted Works day, which is the day we can start to apply for DMCA exemptions.

This is akin to a cross between Groundhog Day (the movie), and a leap year. That is, this day comes around every three years, but we have to go through everything we went through three years ago in terms of DMCA exemptions. I mean this part of the procedure (emphasis added):

There is a presumption that the prohibition will apply to any and all classes of works, including those as to which an exemption of applicability was previously in effect, unless a new showing is made that an exemption is warranted. ... Exemptions are reviewed de novo and prior exemptions will expire unless the case is made in the rulemaking proceeding that the prohibition has or will more likely than not have an adverse effect on noninfringing uses. A prior argument that resulted in an exemption may be less persuasive within the context of the marketplace in the next 3-year period.

But here if the Library of Congress doesn't see a shadow ("cannot be based on speculation alone"), we get more winter (as in chilling effects).

More on this topic in the future.

Posted by Seth Finkelstein at 11:52 PM