[free-sklyarov] Proposal to Free Dmitry, Freedom to Speech and make SW Innovations...

Seth David Schoen schoen at loyalty.org
Sat Jul 21 09:19:58 PDT 2001 

Arto Laitinen writes:

> Hi all, I have thougth this very situation is dividing waters in that manner, what is the right to inspect and invent in SW field and on the other side, what is legal/illegal 
> to do if you have capabilities to crack (commercial) IT systems, maybe violating Copyright and stealing Intellectual Property, and how to protect future innovations.
> 
> Although I personally don´t like the way Dmitry were arrested, we also should notice the other sides of the story.
> 
> They at Adobe, as the inventors of the eBook system, want to protect their intellectual property and thus their business opportunities, no doubt in that...

No doubt, indeed.

> And then we should consider about the copyright of the originator/owner of the contents, too. Who would publish or invent anything if the payment could be 
> circumvented?

Copyright is not the only reason anyone publishes anything.  Before
the 1700s, there were no copyrights anywhere in the world, and yet
many of the greatest works of civilization were produced before that.
There was also a publishing industry before copyright, although there
is little doubt that copyright has helped that industry tremendously.

Copyright provides an increased chance of payments that spurs creation
of many creative works, but it isn't the only reason those works are
created.

There is a big difference between traditional U.S. copyright law
(which was re-codified through the U.S. Copyright Act) and the new
Digital Millennium Copyright Act.

The traditional law gives copyright holders a list of enumerated
powers, with a long list of exceptions to those powers.  One example I
have been mentioning here is adaptation of works for use by the
disabled -- in 17 USC 121 is an exception to copyright holders'
powers, so that copyright holders can't (use copyright law to) prevent
this sort of adaptation.  There are many other limitations on the
exclusive rights of copyright holders.

The DMCA is only three years old.  It attempts to protect publishers'
use of technology to attain _absolute_ control over the use of works,
which was never the guarantee of traditional copyright law.  Although
many publishers (understandably, I suppose) were enthusiastic about
this prospect, it goes far beyond ordinary copyright.  Once a
"technological protection measure" is in place, a publisher can, in
practice, prevent any use of which it disapproves.  This is true even
though the law does not give publishers the _legal_ right to (use
copyright law to) control every use, only certain uses.
(Traditionally, they could only control commercial distribution and
certain related uses; this was eventually expanded to include
noncommercial distribution and certain related uses.  Again, they are
still not -- on the terms of the original Copyright Act -- allowed to
control uses such as personal adaptation and adaptation for the
benefit of disabled people, certain duplication and presentation for
educational purposes, and a variety of others.  But the technology
allows them to exert control here.)

There are a lot of essays about why the DMCA is bad.  Many of them are
written by people who think that traditional copyright law is _very
good_.  (Brad Templeton -- I'm not sure whether he's on this list --
is a person who believes strongly in copyright but disagrees with the
DMCA.  It isn't difficult to find such people among copyright law
professors, either.)

I only know of one essay about why copy protection technology itself
is bad, which is different from the argument that the law (the DMCA)
which protects copy protection technology is bad.  That is "What's
Wrong With Copy Protection", by John Gilmore:

http://www.toad.com/gnu/whatswrong.html

I'm sure that Gilmore's essay could be expanded.

There is also "The Right to Read" by Richard M. Stallman.

http://www.fsf.org/philosophy/right-to-read.html

The important thing about that story is that it was written before the
DMCA was passed.  I think it was written before the DMCA was even
proposed.  Many people read it then and laughed; I don't think they're
laughing right now.

The point is that copy protection technology, at least in some cases,
is harming uses which would have been completely legal before the
DMCA.  Under the DMCA, those uses might be illegal for the sole reason
that you have to break through copy protection in order to make them --
not because they are infringements of copyright.

> Stuck the original rabbit hole, whilst there are some other ones digging holes somewhere else, or doing co-operation with such a intelligent guy/institution to make the 
> system better against further intrusions...? Hey, that's the question!! 
> 
> So, I make a proposal, how to solve this, other ongoing and future situations; someone found a way to decrypt or something like that, should first go to the 
> inventor/owner of that system, tell them how fragile it is and then also tell them, how to improve the system. There should be a substantial financial price to the 'rabbit 
> hole finder', not shoot or jail him. And thinking to protest against Adobe or thing like DMCA or makes me feel sick... No one should make the situation worse than it is, 
> so no striking, please.

There is an ethical principle that some people endorse concerning
security holes that allow people to break into a system: they say that
the vendor of the software should be notified first, and then, after
the vendor has had some time to respond, the vulnerability should be
published.

Not everyone agrees that it is bad to publish details before notifying
the vendor, but many people prefer to do it that way, to give the
vendor a chance to improve security.  Of course, the details must be
published eventually (otherwise the vendor might never fix the problem,
and try to keep it secret).

But I don't agree that this situation is parallel to situations where
people find security flaws that allow you to break into someone else's
computer.

In this situation, someone found a security flaw which allows you to
"break into" documents that you purchased or wrote!  And it's not even
"breaking in" so much as converting (against the publishers' wishes)
into a more open format, in order to be free of many arbitrary
restrictions.  There are many legal reasons to wish to do this, and
many legal uses of AEBPR that have been made in countries which have
copyright law but no DMCA.  If I bought an eBook, I would want to use
AEBPR so I could read the book on my Linux system (there is no Adobe
eBook reader for Linux, but there are many PDF readers).  Do we need
to make a list of straightforwardly legal applications of AEBPR?
They seem obvious to me!

This is not a case where I personally wish for "better security": yes,
there are security flaws, and they are the responsibility of Adobe,
and ElcomSoft has "just demonstrated them".  However, if they are
"fixed" by taking control away from the consumer, after ElcomSoft has
helped return some of that control, I don't feel that's a good
solution.  I know that some people disagree with this.

I think it was Declan's article that pointed out that, since 1883,
cryptographers have known that a cryptosystem, to be secure, must keep
a key secret from its adversary.  DRM and copy protection schemes
that work on regular desktop computers don't do that, because they
publish the key inside the reader software they give you.  The key is
not "secret" just because it is inside a computer program; many people
can read computer programs, in object code form, straightforwardly.

> This may sound day dreaming, but it clearly shows how everyone, both IP/copyrigh owner and the 'rabbit hole finder', and in long run, the consumer, could benefit...

I don't think consumers benefit from the loss of open standard media
formats that _anyone_ can implement, without prior arrangement.

Clearly many publishers do think so: they often say that works will
"only" be made legally available in electronic form if they have
restrictive DRM systems, and legal protection for those DRM systems.
Since possibly consumers benefit from having works available in
electronic form, these publishers think that consumers must want DRM,
even if they don't know it yet!

-- 
Seth David Schoen <schoen at loyalty.org>  | And do not say, I will study when I
Temp.  http://www.loyalty.org/~schoen/  | have leisure; for perhaps you will
down:  http://www.loyalty.org/   (CAF)  | not have leisure.  -- Pirke Avot 2:5

More information about the Free-sklyarov mailing list