MESSAGE
| DATE | 2016-11-14 |
| FROM | Ruben Safir
|
| SUBJECT | Subject: [Hangout-NYLXS] DRM on trial
|
America's broken digital copyright law is about to be challenged in court
America's broken digital copyright law is about to be challenged in court
The Electronic Frontier Foundation is suing the US government over
‘unconstitutional’ use of the Digital Millennium Copyright Act

EFF is suing the US government over section 1201 of the DMCA – the
group says the law is unconstitutional, and that the Library of Congress
and the copyright office have failed to perform their duties in the
three-year DMCA 1201 exemption hearings. Photograph: J Scott Applewhite/AP
Cory Doctorow in Los Angeles
Thursday 21 July 2016 09.49 EDT Last modified on Friday 11 November 2016
06.42 EST
Share on LinkedIn Share on Google+ This article is 4 months old
Shares
1,918
Comments
58
Save for later
The Electronic Frontier Foundation (EFF) filed a lawsuit on Thursday
that American copyright wonks, technologists and security researchers
have been hotly awaiting for nearly 20 years.
If they succeed, one of America’s most controversial technology laws
will be struck down, and countries all over the world who have been
pressured by the US trade representative to adopt this American rule
will have to figure out whether they’ll still enforce it, even after the
US has given up on it.
The rule is section 1201 of the Digital Millennium Copyright Act (DMCA)
of 1998, the “anti-circumvention” rule that makes it illegal to break an
“access control” for copyrighted works. These “access controls” often
manifest as “digital rights management” (DRM), and the DMCA gives them
unique standing in law.
EFF is suing the US government, arguing that section 1201 of the DMCA is
unconstitutional, and also that the Library of Congress and the
copyright office have failed to perform their duties in the three-year
DMCA 1201 exemption hearings.
What is digital rights management?
If you buy something, it’s yours, and – you can modify, configure, or
use it any way you’d like, even if the manufacturer would prefer that
you didn’t. But the law forbids you from doing otherwise legal things if
you have to tamper with the DRM to do them.
Originally, this was used exclusively by the entertainment industries:
by adding DRM to DVDs, they could prevent companies from making DVD
players that accepted DVDs bought abroad. It’s not illegal to bring a
DVD home from an overseas holiday and watch it, but if your DVD player
recognises the disc as out-of-region, it is supposed to refuse to play
it back, and the act of altering the DVD player to run out-of-region
discs is unlawful under the DMCA’s section 1201. It could even be a
crime carrying a five-year prison sentence and a $500,000 fine for a
first offense (the act of offering a region-free DVD player for sale, or
even the neighbour’s kid helping you to deregionalise your DVD player,
can be criminal acts).

Facebook Twitter Pinterest
Nike can’t invoke section 1201 of the DMCA to prevent a rival company
from offering replacement shoelaces for its trainers, because shoelaces
and trainers aren’t copyrighted (or copyrightable). Photograph: Alamy
Companies can only use the DMCA if they can argue that their DRM
protected a copyrighted work. Nike can’t invoke section 1201 of the DMCA
to prevent a rival company from offering replacement shoelaces for its
trainers, because shoelaces and trainers aren’t copyrighted (or
copyrightable). But once there’s software involved, copyright enters the
picture because software itself can be copyrighted.
The proliferation of “smart” devices has put software – and potentially,
the DMCA – into every part of our lives. Your car is a computer that
surrounds your body. Auto manufacturers use DRM to prevent independent
mechanics from reading out information from broken cars and to prevent
diagnostic tool-makers from making smarter diagnostic equipment.
Mechanics and tool-makers who want to know what’s wrong with your car
have to either break the DRM (risking fines or even prison) or get the
official manufacturer’s permission to compete, which drives up repair
costs. In other words, now that there’s software in your car, the DMCA
can be invoked to give manufacturers a monopoly over parts, service and
features for them.
And it’s not just cars. Every three years, the US copyright office
entertains proposals for limited exemptions to section 1201 of the DMCA.
In 2015, they heard from people who have been frustrated by
anti-circumvention rules as applied to voting machines (a computer we
put a democracy inside of); hospital equipment (a computer we put sick
people inside of); medical implants (computers we put inside our
bodies); as well as critical infrastructure, financial technology and more.

Facebook Twitter Pinterest
Auto manufacturers use DRM to prevent independent mechanics from
reading information from broken cars, so mechanics either have to pay
for access and increase costs, break the DRM risking fines or even
prison Photograph: Alamy
Tellingly, many of these petitioners were security experts. DRM
advocates say that when a security expert discloses a defect in their
products – a flaw, say, that would allow strangers to watch your family
through your baby monitor, or kill you by dumping all your insulin
pump’s medicine into your blood at once, or take control of your car
over the internet and drive it, operating the brakes, steering and
acceleration (all examples of things people have done or shown could be
done by exploiting vulnerabilities in devices with DRM) – they are
violating laws that protect DRM.
These manufacturers say that the law gives them to power to determine
when, if ever, the people who entrust their lives, privacy, security,
votes and finances to computer-based products get to know about the
defects in those products.
How is it still around?
It’s been 18 years since the DMCA passed into law under then President
Bill Clinton, co-sponsored by congressman Barney Frank, voted in
unanimously by the Senate. The law has obvious, gross constitutional
defects, so how is it still in force?
Why the future of web browsers belongs to the biggest tech firms
Cory Doctorow in Los Angeles
Read more
Here’s the civics-class version of the relationship between the US
constitution and Congress: America’s constitution limits the laws
Congress can make. Congress isn’t supposed to make unconstitutional
laws, and when a judge finds such a law, he or she can rule that the law
is invalid.
But nothing as high-stakes as law is ever as simple as that. People can
disagree about whether a law is constitutional – the constitution has a
lot of high-flown language whose specifics have been hammered out over
centuries by judges and lawyers and scholars who have fiercely debated
them (and even gone to war over them). So a lawmaker might create a
statute he believes to be constitutional, while a judge might rule that
it’s not and strike it down.
Then there’s the question of how these sorts of questions wind up in
front of a court.

Facebook Twitter Pinterest
Bill Clinton passed the DMCA 18 years ago. Photograph: Orlando
Sentinel/TNS via Getty Images
In the years since the DMCA’s passage, there have been relatively few
court challenges. In one case, Universal v Corley, a movie studio
successfully sued the hacker magazine 2600 for publishing computer code
that could descramble a DVD.
In 2002, a technologically unsophisticated judge in the case ruled that
a hacker magazine could be censored under the DMCA and was not shielded
by the first amendment’s guarantee of free speech because the code was a
form of “stealing”.
In the years since, the entertainment industry has been canny about its
threats.
When Ed Felten – a prominent computer scientist, then at Princeton
University, now deputy CTO of the White House – and a group of peers
published a paper on defects in DRM for music called Secure Digital
Music Initiative, the record companies threatened to sue him and the
technical conference where the paper was to be delivered. The Electronic
Frontier Foundation stepped forward to defend Felten, and the labels
beat all speed records withdrawing their threats because they understood
that judges would be reluctant to give record executives a veto over the
kinds of technical presentations that computer scientists could give.
Why Google’s fair use victory over Oracle matters
Pamela Samuelson in Berkeley, California
Read more
At this point, you may be asking why, if the law hasn’t come up in court
decisions very often, does it even matter. But it does, because the few
successful prosecutions under the law have been sufficient to chill all
kinds of technological development and security disclosures.
The reason your computer automatically rips your old CDs and offers to
move them to your mobile device and the cloud, but prompts you to buy
your DVDs anew to watch them on a mobile screen, is that the DMCA has
successfully intimidated every operating system company in the world
into not including DVD-ripping software out of the box (those
DVD-ripping programs you may have tried? Also radioactively illegal to
distribute).
Don’t forget all those security researchers who told the copyright
office that their lawyers wouldn’t let them warn us about the
potentially lethal defects in all those internet of things devices we’re
coming to rely on – there’s no question that section 1201 of the DMCA
scares the heck out of businesses and security professionals.
The case in question
Advertisement

Which brings us to today’s lawsuit. EFF is representing two clients:
Andrew “bunnie” Huang, a legendary engineer with a PhD from the
Massachusetts Institute of Technology who made his reputation when he
figured out how to install the free operating system GNU/Linux on
Microsoft’s Xbox and published a book about it; and Matthew Green, an
assistant professor at Johns Hopkins and considered a heavyweight in
security circles, whose research includes audits of OpenSSL and Truecrypt.
One of Huang’s projects is a gadget called NeTV, which allows users to
overlay images over HD videos. Huang figured out a clever way to work
with High-bandwidth Digital Content Protection (HDCP) – a widely used
DRM for HD videos – without violating the DMCA. But he wants to expand
NeTV’s features in a new device called NetVCR, which will allow you to
record and manipulate digital video the same way you can with analogue
videos and a video recorder: record them for later, turn them into clips
that you reuse in legal ways, and so on.
Green, meanwhile, wants to do security research of the sort that could
raise section 1201 threats. Though the copyright office has granted some
limited exemptions to the DMCA that allow security research on consumer
equipment and some medical devices, Green’s research includes
investigating the security of industrial-grade encryption devices used
to secure cryptographic keys for purposes such as processing credit card
or ATM transactions.

Facebook Twitter Pinterest
Green’s research includes investigating the security of
industrial-grade encryption devices used to secure cryptographic keys
for purposes such as processing credit card or ATM transactions.
Photograph: Kostis Ntantamis/AFP/Getty Images
He has a grant from the National Science Foundation to investigate the
security of medical record systems. He wants to investigate the security
of medical devices; toll collection systems; industrial firewalls and
virtual private network devices; and wireless communications systems
that connect vehicles to one another and to the surrounding
infrastructure. Lurking flaws in these devices pose a serious threat to
the economy and hundreds of millions of people who rely on them every
day, so we really want people like Green to be able to independently
validate their quality (the bad guys who want to abuse those devices
don’t ask for permission to investigate their flaws, after all).
Why EFF is suing
Suing on behalf of Huang and Green, EFF’s complaint argues that the
wording of the statute requires the Library of Congress to grant
exemptions for all conduct that is legal under copyright, including
actions that rely on fair use, when that conduct is hindered by the ban
on circumvention.
Critically, the supreme court has given guidance on this question in two
rulings, Eldred and Golan, explaining how copyright law itself is
constitutional even though it places limits on free speech; copyright
is, after all, a law that specifies who may utter certain combinations
of words and other expressive material.
The supreme court held that through copyright’s limits, such as fair
use, it accommodates the first amendment. The fair-use safety valve is
joined by the “idea/expression dichotomy”, a legal principle that says
that copyright only applies to expressions of ideas, not the ideas itself.
Analysis Firefox’s adoption of closed-source DRM breaks my heart
I understand the pressure to support commercial video – but the browser
makers can do more to defend free and open software. By Cory Doctorow
Read more
In the 2015 DMCA 1201 ruling, the Library of Congress withheld or
limited permission for many uses that the DMCA blocks, but which
copyright itself allows – activities that the supreme court has
identified as the basis for copyright’s very constitutionality.
If these uses had been approved, people such as Huang and Green would
not face criminal jeopardy. Because they weren’t approved, Huang and
Green could face legal trouble for doing these legitimate things.
Advertisement

It’s a complicated story, existing at the intersection of law,
technology and information security, realms that are hard enough to get
your arms around on their own, let alone in combination. But that very
complexity – honestly, that very boringness – has allowed this
anti-circumvention rule from the DMCA to fester and metastasize into
devices that are taking over the physical world.
EFF’s lawsuit could take years to be finally decided.
Along the way, companies, entrepreneurs, members of the public and US
trading partners are all going to have to decide which side they’re on,
and whether it’s worth the risk of tolerating DMCA 1201 and its
international cousins, or if it’s better to unlock value, to thwart
rent-seeking monopolists, to bring transparency and accountability to
the design of crucial products and categories of products.
Today, EFF took the first step toward a future where we are allowed to
know whether our devices are fit for purpose, where we are allowed to
reconfigure them to suit our needs, to help one another get more use out
of our property.
Now, it’s up to all of us.
--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
_______________________________________________
hangout mailing list
hangout-at-nylxs.com
http://www.nylxs.com/
|
|
