August 23, 2017

Archives for August 2003

Trade Secrets and Free Speech

Yesterday the California Supreme Court issued its ruling in DVDCCA v. Bunner, a case pitting trade secrets against freedom of speech. The court ruled that an injunction against disclosure of a trade secret is valid, even though it restricts some speech.

The case relates to CSS, the encryption scheme used to scramble the data on DVDs. CSS was developed in secret, and an outfit called the DVD Copy Control Association (DVDCCA) claims that the details of CSS are its trade secret. Andrew Bunner posted DeCSS, a program that unscrambles CSS-encrypted content, on his web site. DVDCCA sued Bunner for misappropriating its trade secret. A lower court issued an injunction, ordering Bunner not to publish DeCSS. Bunner appealed, arguing that the injunction violated his free speech right.

The lower court ruled that Bunner knew (or should have known) that CSS was a trade secret, and that Bunner knew (or should have known) that the original source of DeCSS had gotten the trade secret improperly. I think these factual findings were highly questionable, but the Court accepted them for the purposes of its decision. So the issue before the state Supreme Court was merely whether an injunction against publishing a trade secret violates freedom of speech. The Court ruled that it does not, at least not when the speech is software code.

Why does it matter that the speech is software code? As Seth Finkelstein points out, the Court seemed to say that software code cannot be of public concern, because only experts can read it:

DVD CCA’s trade secrets in the CSS technology are not publicly available and convey only technical information about the method used by specific private entities to protect their intellectual property. Bunner posted these secrets in the form of DeCSS on the Internet so Linux users could enjoy and use DVD’s and so others could improve the functional capabilities of DeCSS. He did not post them to comment on any public issue or to participate in any public debate. Indeed, only computer encryption enthusiasts are likely to have an interest in the expressive content– rather than the uses–of DVD CCA’s trade secrets. (See Tien, Publishing Software as a Speech Act, supra, 15 Berkeley Tech. L.J. at pp. 662-663 [“Programming languages provide the best means for communicating highly technical ideas–such as mathematical concepts–within the community of computer scientists and programmers”].) Thus, these trade secrets, as disclosed by Bunner, address matters of purely private concern and not matters of public importance. …

This seems like a pretty odd position to take. Information about Enron’s finances is of public concern, even though only accountants can interpret it in its raw form. Information about the Space Shuttle wing structure is of public concern, even though only a few engineers understand it fully. CSS is a controversial technology, and information about how it works is directly relevant to the debate about it. True, many people who are interested in the debate will have to rely on experts to explain the relevant parts of DeCSS to them; but the same is true of Enron’s accounting or the Shuttle’s engineering.

Odder still, in my view, is the notion that because DeCSS is directly useful to members of the public, it is somehow of less public concern than a purely theoretical discussion would be. It seems to me that the First Amendment protects speech precisely because the speech may have an effect on what people think and how they act. To suppress speech because of its impact seems to defeat the very purpose of the free speech guarantee.

It's Ten O'Clock. Do You Know What Your Computer is Doing?

Last week saw a scary story about a British man who was acquitted of the charge of possessing child pr0n. [Deliberate misspelling to keep dumb censorware tools from blocking this site. But some censorware programs will block this anyway. Heavy Sigh.] The illegal material was on the man’s computer, but he argued that an intruder had put it there, and he presented evidence to support that defense.

Although I have no special knowledge of his particular case, I know the kind of scenario he described does really happen. At least two innocent people I know have had their computers turned by intruders into pr0n distributors.

The lesson of these incidents is that we have less control over our computers than we have over our physical territory. Nobody would turn a file drawer in your office into a distribution center for contraband; but they might do that to your computer. Inevitably, innocent people will be accused of crimes, and they will suffer, even if they are eventually acquitted. And of course, some real bad guys will get away with crimes by blaming them on nonexistent intruders.

The best way to address this kind of problem is to make sure that people retain control – in practice as well as in theory – over their own computers. When we erode that control, whether we do so by technical or legal means, we are making the bad guys’ jobs easier.

Bizarro Compliments

To a technologist, law and policy debates sometimes seem to be held in a kind of bizarro world, where words and concepts lose their ordinary meanings. Some technologists never get used to the bizarro rules, but some us of do catch on eventually.

One of the bizarro rules is that you should be happy when the other side accuses you of lying or acting in bad faith. In the normal world, such accusations will make you angry; but in bizarro world they indicate that the other side has lost confidence in its ability to win the argument on the merits. And so you learn to swallow your outrage and smile when people call you a scoundrel.

Which brings us to Brigid Schulte’s electronic voting article in this morning’s Washington Post. The article reports that the computer scientists’ campaign for more secure (and less secret) electronic voting technology is getting some real traction, especially in light of the recent Johns Hopkins report detailing severe flaws in a Diebold e-voting product. The computer scientists’ progress is certified, bizarro style, by none other than the head of the Federal Election Commission’s Office of Electrion Adminstration:

“The computer scientists are saying, ‘The machinery you vote on is inaccurate and could be threatened; therefore, don’t go. Your vote doesn’t mean anything,’ ” said Penelope Bonsall, director of the Office of Election Administration at the Federal Election Commission. “That negative perception takes years to turn around.”

You can’t buy that kind of bizarro endorsement!