[free-sklyarov] Security warning draws DMCA threat

Wed Aug 7 20:21:31 PDT 2002

 >> On Mon, Aug 05, 2002 at 07:32:37PM -0700, Jeme A Brelin wrote:
 >> Tortious conversion?  That's a new one by me.

 >	There was also

 >    COUNT IV
 > (Interference with Advantageous Business Relations against Jansson and 
Skala)
 > 30.  Defendants Jansson and Skala intentionally or recklessly 
interfered
 > with Microsystems' relationships with third party users of Cyber 
Patrol.
 >	That is, making it less likely for people to buy the product
 > was an offense :-).

Tortious conversion is the civil version of theft.  The "interference" 
tort is usually, IIRC (and IANAL) applied to cases where a third party 
interferes with a contract; that is, if A has a contract with B, and I 
know it and entice A to break that contract, I might have committed 
tortious interference.  CyberPatrol's use of it seems a stretch.

 > You have to establish that a general document format is an
 > "access control" in the first place - that's where the constraint
 > applies regarding "with the authority of the copyright owner".

Unfortunately, the line here is very thin.  On the one side (I hope), we 
have formats like Word DOC, which is not encrypted, simply unknown.  On 
the other side are formats like the Adobe eBook format and the DVD 
format, which are encrypted with the key provided separately.  Somewhere 
in the untested middle are formats which are encrypted but with the key 
provided within the format.  This is a non-empty set.  Some PDF files 
fall into this category, for example.

Suppose Microsoft were to make the next DOC format encrypted, but 
provide the encryption key within the document (perhaps obfuscated in 
some manner).  Would writing a program which could read such DOCs fall 
under the DMCA?  Would anyone dare to do so if Microsoft asserted it 
did, given the state of the courts today and given the potential 
penalties (5 years in prison for creating it, 5 years for marketing it, 
5 years for trafficking in it -- for each sale).

The courts, unfortunately, have given no indication that they'll 
interpret the DMCA narrowly.  While I think HPs DMCA claim was way out 
in right field, there is certainly a tenuous DMCA argument to be made -- 
access controls on computer systems are (among other things) designed to 
keep one user from accessing another user's content.  All original works 
are copyrighted upon fixation in a tangible medium, including a hard 
disk.  So bypassing those measures by illicitly obtaining root could be 
seen as circumventing a technological protection controlling access to a 
copyrighted work.  So, given the stakes -- that is, the end of your life 
as a free citizen if you lose -- who wants to be the test case?

I understand your point -- that there are real DMCA abuses and there are 
those that are just invocations of the name "DMCA" to scare.  But the 
problem is that the DMCA is so broadly written that most invocations of 
the name are likely to have a plausible argument behind them.  And there 
isn't enough case law to determine which of those plausible arguments 
will be accepted -- and what case law there is, isn't good.  About the 
only totally unjustified invocation was Blizzard's against bnetd, where 
they slammed directly into one of the explicit exceptions in DMCA 1201.  
But they then used the DMCA 512 automatic gag order provisions to shut 
down bnetd while they drag out a totally unjustified copyright lawsuit 
indefinitely, so it turned out to be DMCA abuse after all.

(off-topic, the courts seem willing to accept all sorts of tenuous 
arguments to get "bad guys" nowadays -- witness the guy who drove a 
drunk driver to his car being charged, not with "accessory to drunk 
driving" or some other offense which might actually apply (probably 
because no such offense exists), but for manslaughter.  Never should 
have made it to the jury, yet it did.  Hackers are "bad guys" -- it's 
easy to connect the dots)