[free-sklyarov] Security warning draws DMCA threat

[Seth Finkelstein]

> On Sun, 4 Aug 2002, Seth Finkelstein wrote:
>> First programmer jailed from DMCA charges - Dmitry Sklyarov
>> First American programmer jailed from DMCA charges - [to be determined]
>> First (insert-type-here) research threatened by DMCA - Felten, SnoSoft, etc.

On Sun, Aug 04, 2002 at 08:36:46AM -0400, Xcott Craver wrote:
> While I personally am a bit of a cynic regarding the ultimate
> usefulness of watermarking, I generally regard steganography
> research (along with cryptography research) as falling under the
> general topic of computer/information security.

	Well, be careful there ... consider "National Security". 
That is, it's possible to have a too-inclusive definition.

> The HP threat is actually a very important first:  it's the
> first time the DMCA was used to censor research that had nothing
> whatsoever to do with copyright protection.

	Good point. Though I haven't reviewed all past applications,
someone will have to be first.

> This is important because we always worried that it would happen.
> Due to the broad nature of the DMCA, and the confusing nature of
> computer science concepts to the courts and legislature, companies
> are able to make any act of reverse-engineering, alteration, or
> unintended use of their product a DMCA violation.

	Something bothers me here. I'm arguing against my own 
interests, but this phenomena isn't exactly DMCA-specific. For
example, in the CyberPatrol censorware case, some of the charges
used against the programmers were quite "creative", e.g.:

http://www.eff.org/IP/DRM/Microsystems_v_Scandinavia_Online/20000316_verif_complaint.html

     COUNT V
(Conversion against Jansson and Skala)

33. Defendants Jansson and Skala tortiously and unjustifiably
converted Cyber Patrol for their own use.

	Charging "conversion" for reverse-engineering is almost
exactly making "unintended use of their product" a violation.

	So it's really not something new with the DMCA. Rather, the
DMCA is now yet another "kitchen-sink" charge. 

	Hmm. So we have at least:

First time DMCA used in threat against (insert-type-here) research
First time DMCA used in court against (insert-type-here) research
First time DMCA upheld in court against (insert-type-here) research

> MicroSoft could sue software vendors whose product reads and writes
> Word files or WMF files, arguing that the file formats protect
> copyrighted materials.

	For pure formats, I think that would fail because of the following
constraint:

        (B) a technological measure ''effectively controls access to a
          work'' if the measure, in the ordinary course of its operation,
          requires the application of information, or a process or a
          treatment, with the authority of the copyright owner, to gain
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
          access to the work.

	Microsoft isn't the copyright owner of the files.

> Of course, any cracked cipher could have been used as
> part of a DRM system.  I guess here, HP was going to argue that
> their operating system was a copy protection mechanism???

	Frankly, I don't think anyone thought that far ahead. This
reads to me like someone was trying to intimidate as much as possible.

> When we fear that a law is too broad, there are critics who argue
> that we are presenting woulda-coulda scenarios that will not
> occur in real life.  HP's threat may be the first real example of
> the extreme vagueness of the law.

	Let's call it "example of popularity as an intimidation tool".
Otherwise, I suspect a skeptic will answer "You can threaten to sue
anyone for anything, so this proves nothing". 

-- 
Seth Finkelstein  Consulting Programmer  sethf at sethf.com  http://sethf.com
Anticensorware Investigations - http://sethf.com/anticensorware/
Seth Finkelstein's Infothought list - http://sethf.com/infothought/
http://www.nytimes.com/2001/07/19/technology/circuits/19HACK.html