[free-sklyarov] Andy Oram: What Do "Intellectual Property" "Owners" Want?
Seth Johnson
seth.johnson at RealMeasures.dyndns.org
Fri Dec 20 15:43:48 PST 2002
(Forwarded from Interesting People list. Article text
pasted below. -- Seth)
-------- Original Message --------
Date: Fri, 20 Dec 2002 11:41:54 -0500
From: Dave Farber <dave at farber.net>
To: ip <ip at v2.listbox.com>
------ Forwarded Message
From: Andy Oram <andyo at oreilly.com>
Date: Fri, 20 Dec 2002 10:14:29 -0500 (EST)
To: dave at farber.net
Subject: What Do Intellectual Property Owners Want?
(I don't usually bug you with two pieces in one day, but
this happened to be prepared for publication, and it's
relevant to current events.)
> http://www.praxagora.com/andyo/ar/ip_owners.html
...
Why copyright? Why did this obscure branch of "intellectual
property," this private concern of entertainment and
software firms, become the most pressing public policy area
of the computer field?
[The Sklyarov and Jonansen cases] make us suspect that the
multiple tentacles of the "intellectual property" leviathan
bears barbed hooks on each end--and that some of the
critical issues in modern democracy and discourse may be
snagged by them.
...
(This article is also currently in print at The American
Reporter, http://american-reporter.com/)
----------------------------------------------------------------------
Andy Oram O'Reilly & Associates, Inc. email:
andyo at oreilly.com
Editor 90 Sherman Street voice:
617-499-7479
Cambridge, MA 02140-3233 fax:
617-661-1116
USA
http://www.praxagora.com/andyo/
Stories at Web site:
The Bug in the Seven Modules Code the Obscure The
Disconnected
----------------------------------------------------------------------
------ End of Forwarded Message
-------------------------------------
You are subscribed as seth.johnson at RealMeasures.dyndns.org
To unsubscribe or update your address, click
http://v2.listbox.com/member/?listname=ip
Archives at:
http://www.interesting-people.org/archives/interesting-people/
----
> http://www.praxagora.com/andyo/ar/ip_owners.html
WHAT DO INTELLECTUAL PROPERTY OWNERS WANT?
by Andy Oram
American Reporter Correspondent
CAMBRIDGE, MASS.—Researchers around the world were
stunned. A promising young graduate student, Dmitri
Sklyarov, came to the United States to deliver his insights
about weaknesses in a commercial product to a well-known
computing conference. A few hours after his presentation, he
was in jail.
I don’t want to belabor this case because it has already
been aired in the press a great deal, particularly since
last Tuesday’s startling ruling in favor of the Sklyarov’s
employer, ElcomSoft, by a jury that was clearly repulsed by
the idea of punishing people who make software with
legitimate uses.
But Sklyarov and ElcomSoft start off this article because
his arrest marked a milestone in modern life—a fulfillment
of the old prediction that computer hackers used to utter as
a joke: "Write a program, go to jail." It’s still scandalous
that Sklyarov spent time in jail for his non-crime.
Sklyarov suffered all this for working on a software
product that was perfectly legal in his own country, Russia,
but was called a violation of the Digital Millennium
Copyright Act in the United States. This software allowed
people using the popular Adobe eBook software—so long as
they had a legitimate license to the software—to make copies
of documents. The Russian software had many legitimate
applications under the "fair use" doctrine, but could also
be used to make unauthorized copies—and that brought down
the vindictive hand of the U.S. Justice Department, which
insisted on bringing the case to trial even after Adobe
dropped their charges.
Nor was Sklyarov alone. A fifteen-year-old Norwegian, Jon
Johansen, was briefly arrested on flimsy charges related to
his supposed role in creating DeCSS software, a program that
retrieves movies from their encrypted format on DVD.
Johansen’s case was in court last week, but I have not heard
any news of the outcome. Many others have been sued for
similar causes, although they have not faced criminal
proceedings.
Civil libertarians and analysts in the computer field have
long expected legal tensions about computer and Internet use
to come to a head, but they expected it to happen over
something overtly political: transmission of censored
content, or software that could compromise computer
security, or something related to cryptography. (Computer
cryptography expert Phil Zimmermann was under investigation
by the FBI for a while, but he was never indicted.)
Why copyright? Why did this obscure branch of
"intellectual property," this private concern of
entertainment and software firms, become the most pressing
public policy area of the computer field?
These incidents make us suspect that the multiple
tentacles of the "intellectual property" leviathan bears
barbed hooks on each end—and that some of the critical
issues in modern democracy and discourse may be snagged by
them.
Consider an expose of some powerful institution such as
the Church of Scientology. Try to cite their religious
training materials—and they’ll get you for copyright
infringement.
Reveal hidden flaws in a product’s design? You’ve
illegally circulated trade secrets. Put up a web site to
criticize a company? Trademark violation.
The past few years have seen uses of all these stratagems
to suppress debate and dissent, as well as other cases
stretching intellectual property laws to protect the
powerful. Indeed, any meaningful self-expression can be
construed as trespassing on some right of an intellectual
property owner.
And that is the new censorship. The ruling class doesn’t
care what scummy secrets you want to write about your sex
life. But the moment you touch on anything concerning their
power, they’ll find a way to put a stop to it.
The first imperative of the new censorship is place limits
on information; to let out just enough to serve the
interests of its disseminators and no further. This is the
premise of the computer field called Digital Rights
Management (DRM).
But the hardest thing in computing (hard enough to be
considered formally insoluble) is to display something for
the limited edification or entertainment of one person
without allowing him to do more. If you want to digitally
give a person a movie for just a day, or keep him from
transferring it to a different playback device, or keep him
friends from watching it after she does—you have one hell of
a tough technical challenge.
This pursuit has led large copyright holders, their hired
hands in technology industries, and their minions in
government on a wild goose chase. Here is the logical chain
that DRM twists tighter and tighter:
- Because you might copy content for some unauthorized
purpose, the content must be cryptographically scrambled.
And because cryptographic systems eventually get cracked,
laws must be passed to prevent the sale and dissemination of
software that can do the cracking. (This was the germ of the
Sklyarov case, and the motivation behind the Johansen case
even though the actual crime he was charge with was barely
related).
- Because the scrambled content is to be unscrambled only
by those given authorization, each user must be given a
digital identity—and thus comes to an end one’s right to
read, listen, or watch in privacy.
- Because you might disguise your identity to obtain
unauthorized access, identity must be built right into the
computer hardware—every piece of computer hardware ever
sold.
By this point, it should be obvious to any reasonable
reader that the search for perfect copyright control will
flounder. But powerful forces are still at it! A fine saga
of their quest can be found in an article titled
"Hollywood’s Legislative Agenda" by technology commentator
Cory Doctorow. (You can find a number of other fascinating
articles on related topics in the same online journal.)
Is the goal of perfect control so sinister? Aren’t the
copyright owners fighting for their very existence against
the scourge of rampant commercial piracy, particularly in
underdeveloped nations?
No, the goal of DRM is precisely to hamper the individual
user. One can no longer doubt that after a Disney
representative says, "There is no right to fair use."
(Quoted in Wired News.) And when the industry underlines the
statement by using DRM to remove that right, along with the
right of first sale and other hitherto unregulated uses.
This means:
- You will not make a back-up copy of a work, to preserve
it in case the distributor will eventually go out of
business and your current copy will wear out or be damaged.
- You will not excerpt a bit of the work for review or
educational purposes.
- You will not play a work that pleases or disturbs you
for your friends in order to get their reaction.
For the social implications of this new regime, see my
article "Never again to validate one’s experience"
(http://www.oreillynet.com/cs/weblog/view/wlg/1022).
Unlicensed copying on a commercial scale has been taking
place since the spread of the printing press, and can be
tracked down through conventional means. The people that the
big copyright holders have in their sites now are you and
me.
But in this I am an optimist. First, the goal of perfect
control cannot be achieved. People are used to their rights
and will continue to find ways to do the everyday,
reasonable things they’ve done. Large-scale outfits will
break DRM systems and will provide alternative sources.
There’s something funny about encryption and access
control systems. Beneficent ones tend to work and malicious
ones tend to fail.
You see, these systems are so complex, so subtle, so
fragilly based on multiple levels of mathematics understood
by only a handful of people, that they must be developed
through open review processes. All successful encryption
systems—the ones we use to encrypt files, to order goods
over the Web, to tunnel into corporate offices—have been
developed that way.
Open development does not guarantee correctness, of
course. Some real clunkers have emerged from open processes;
a recent well-known example is the system used to protect
wireless LANs. But without exception, all closed systems are
clunkers.
The cracking effort at the basis of DeCSS, which allows
every DVD in the world to be cracked, was almost trivial to
figure out. The developers of the CSS, which was supposed to
protect the DVDs, didn’t even try hard. Their design was
amateurish and sloppy. The job of cracking CSS was even
easier because one of the movie companies left its secret
key on a DVD in plain text—the kind of bone-headed user
error that is often the bane of access control systems.
Why don’t DRM developers use open review to create their
systems? One reason is that the process takes a long time;
another is probably the urge to seek a competitive advantage
through trade secrets. But the main reason, in my opinion,
is that the security community wouldn’t cooperate. The
people who best understand security and access control have
an inborn aversion to the use of those systems to impede
people’s rights.
So perfect control will fail. That’s the first grounds for
optimism.
The second is that people will get bored of controlled
content and will turn to open systems that are intrinsically
more exciting and engrossing; see my article "Stop the
Copying and Start a Media Revolution"
(http://www.openp2p.com/pub/a/p2p/2002/03/08/media.html)
The third is that the public fights back. The ElcomSoft
case shows that the public can understand the issues and
stand up for its rights when given a voice. Among the first
cracks were a modest bill introduced by Representatives Rick
Boucher and John Doolittle last October to force companies
to label CDs encumbered with DRM controls.
Civil liberties have always come up against the standard
practices of entrenched forces as well as against the
current law. The attempt of these forces to paint the battle
as one of simple revenue streams and author’s rights must be
rejected. The fight is a moral one, and the moral imperative
lies with those who wish to examine, discuss, and criticize
freely.
Member, Computer Professionals for Social Responsibility
Editor, O’Reilly & Associates
More information about the Free-sklyarov
mailing list