[free-sklyarov] DMCA discussion, possible flyer material, etc

Andrea andrea at gravitt.org
Sun Jul 22 11:05:44 PDT 2001


Partly in reply to a media inquiry (which I'm sure all the other listed
organizers got as well) I wrote this. It probably needs more basics on
copyright and a few less big words to be used for a general handout, but
feel free to use any or all of it as you see fit. I don't even care if you
credit me or not. If you would like to, my complete name is Andrea Longo
and I live in Decatur, Georgia (US). I am the contact person for Atlanta.




The Digital Millennium Copyright Act (DMCA) added several provisions to
existing copyright law that were intended to balance the need for content
providers and copyright holders to protect their works and the public to
have reasonable access to them under the existing provisions for Fair Use.
In the context of digital media, Fair Use also includes such things as
allowing an individual to convert a work into another form for personal
use, in the same way that one might copy a CD to a cassette to be able to
listen to it on a portable device, but not to distribute those copies.
There have been legal challenges to this "format shifting" but so far it
has been held as permissible. So I have the legal right to take a CD that I
purchase and convert it to an MP3 file for use on my portable player. 

The tool that Mr. Sklyarov and his company produced allowed the legitimate
eBook user to do much the same, convert the encrypted eBook format into the
more widely used PDF format. This allows the user to print a copy for later
reading, use a "screen reader" device to speak it aloud for the visually
impaired, or view it on a computer system or a device that does not have an
eBook reader, like a Palm PDA or Linux computer. 

None of these things involve distributing unauthorized copies to other
people, but the technology required to allow these legitimate uses must
necessarily also make it possible to distribute unauthorized copies if the
user chooses to do so. They would not work at all if they did not also have
that possibility. Adobe's assertion that Elcomsoft's software is a "Digital
Burglar Tool" ignores the fact that any tool may be used for improper
purposes and it is the user, not the tool, who decides. I may use a crowbar
for breaking into someone's home, or as a legitimate demolition tool. I
might even choose to use it to break into my own home, and doing so is not
illegal.

At the time, organizations like EFF noted that the "Circumvention Device"
provisions concerned not behavior, but technology, and could be used to
prohibit non-infringing uses or legitimate security research. The DMCA does
contain exceptions, but still legitimate users face the threat of (or in
several cases, actual) legal action against them for merely discussing the
weaknesses of a secure system based on the interpretation of how the
exceptions apply.

Although there are legitimate Fair Use reasons that someone may wish to
copy a copy protected work, the DMCA prohibits building any tools that
might actually allow it to be done. The corporate interests lobbying for
these provisions brushed aside the concerns that they would be used to
restrict legitimate use, and the bill was made law with little fanfare. But
there soon were several examples of just that.

Earlier this year, a group of professors was bullied with threats of a
civil suit into withdrawing a paper from a technical conference because it
was embarrassing for certain digital music organizations. The company that
created the security system, and the industry group that was attempting to
make it a standard, claimed that by publishing the paper detailing it's
weaknesses, the authors would provide the means by which a third party
could create a tool to make unauthorized copies of protected material, and
that the researchers would then be liable for any resulting infringement.
In another case, an on-line publisher was prohibited from publishing, or
even linking to, the source code for a DVD decryption tool on their web
site as a part of a discussion on DVD content security. 

The significance of the Sklyarov case is that not only have there been
civil lawsuits, now there has been an actual arrest under the criminal
provisions, of a foreign national, for work done for his employer, in a
country where it is legal to do so. 

Computer security researchers, as a part of their work, poke and prod and
test the capabilities of computer systems. They talk about it, they write
papers about it, and they create software tools to do it. This is how the
field advances, and how they are able to produce more and better security
systems. 

Already, a respected international engineer and conference organizer has
called for computer professionals to not come to the US for conferences
because some may be threatened with arrest for their research if it
reflects negatively on a software manufacturer or digital content provider.
He, himself, has resigned his position with the California-based Usenix
Association, which hosts many conferences every year including those
focusing on computer security, because he cannot in good conscience ask
international scientists and engineers to take that risk. 

Ever since the DMCA became law, there have been complaints that it has the
power to deny fair use and punish anyone who would engage in security
research. Every time there is another case, there is another round of
letter-writing and online activism. But this, an actual arrest of a
programmer for creating a software tool, has been enough to move large
numbers of people into action to not only return Dmitry Sklyarov to his
home and family in Russia, but overturn the US law that permitted him to be
arrested in the first place, not for copyright infringement, but for merely
providing a tool that someone else might use to do so. 







More information about the Free-sklyarov mailing list