July 19, 2024

RIAA Says Future DRM Might "Threaten Critical Infrastructure and Potentially Endanger Lives"

We’re in the middle of the U.S. Copyright Office’s triennial DMCA exemption rulemaking. As you might expect, most of the filings are dry as dust, but buried in the latest submission by a coalition of big copyright owners (publishers, Authors’ Guild, BSA, MPAA, RIAA, etc.) is an utterly astonishing argument.

Some background: In light of the Sony-BMG CD incident, Alex and I asked the Copyright Office for an exemption allowing users to remove from their computers certain DRM software that causes security and privacy harm. The CCIA and Open Source and Industry Association made an even simpler request for an exemption for DRM systems that “employ access control measures which threaten critical infrastructure and potentially endanger lives.” Who could oppose that?

The BSA, RIAA, MPAA, and friends – that’s who. Their objections to these two requests (and others) consist mostly of lawyerly parsing, but at the end of their argument about our request comes this (from pp. 22-23 of the document, if you’re reading along at home):

Furthermore, the claimed beneficial impact of recognition of the exemption – that it would “provide an incentive for the creation of protection measures that respect the security of consumers’ computers while protecting the interests of the record labels” ([citation to our request]) – would be fundamentally undermined if copyright owners – and everyone else – were left in such serious doubt about which measures were or were not subject to circumvention under the exemption.

Hanging from the end of the above-quoted excerpt is a footnote:

This uncertainty would be even more severe under the formulations proposed in submissions 2 (in which the terms “privacy or security” are left completely undefined) or 8 [i.e., the CCIA request] (in which the boundaries of the proposed exemption would turn on whether access controls “threaten critical infrastructure and potentially endanger lives”).

You read that right. They’re worried that there might be “serious doubt” about whether their future DRM access control systems are covered by these exemptions, and they think the doubt “would be even more severe” if the “exemption would turn on whether access controls ‘threaten critical infrastructure and potentially endanger lives’.”


One would have thought they’d make awfully sure that a DRM measure didn’t threaten critical infrastructure or endanger lives, before they deployed that measure. But apparently they want to keep open the option of deploying DRM even when there are severe doubts about whether it threatens critical infrastructure and potentially endangers lives.

And here’s the really amazing part. In order to protect their ability to deploy this dangerous DRM, they want the Copyright Office to withhold from users permission to uninstall DRM software that actually does threaten critical infrastructure and endanger lives.

If past rulemakings are a good predictor, it’s more likely than not that the Copyright Office will rule in their favor.


  1. White Patriotic American says

    Consumer rights simply doesn’t make sense. If you want to listen the songs in portable device, then you are morally obliged to buy the same songs again in MP3/WMA format. Ripping your legally-purchased CD equals thievery, because by doing so, you infringes record labels’ profit by not buying the same songs again in different format.

    What is more ridiculous is the right to backup your legally-purchased Audio CD. Making backups equals thievery, because it denies record labels potential profit from selling the same CD again. As Hilary Rosen has said, “Even if CDs do become damaged, replacements are readily available at affordable prices.” You hear that? “Affordable prices”. If record labels are kind enough to provide affordable prices, then it is our moral obligation to NOT backing up the CD and buy the same CD again in case the CD gets damaged.

    As you understand, We The People have moral obligations to protect the interests of the Atlas. As a consumer, it is our duty to maximize the profit of big corporations. Monopoly is good for America. Unecessary spending is good for America. High prices is good for America. Internet advertising is good for America. Making backups is communist. Saving is communist. AMERICAAAAAAAAA!!!!

  2. people are actually leaving like proper comments like they care!!!!!!

  3. hey this a good way to talk

  4. i could not care less!!!

  5. Well frankly i dont care

  6. Tittle: Hotels in Vietnam

    Description: Plenty of information on hotels and resort all over in Vietnam, Hanoi, Saigon (Ho Chi Minh City), Hoi An, Phu Quoc, Phan Thiet, Mui Ne, Cat Ba, etc, apartment, airlines, visas, border-crossings, discount, new destinations, beautiful photos in Vietnam, Vietnam weather, etc.

    URL: http://www.vietnamhotelz.com

    Keyword: no visa for Vietkieu, Viet Kieu, no-visa policy for Vietnamese oversea, vietnam travel, travel vietnam, vietnam hotels, hotel vietnam, hotels vietnam, vietnam hotel, hotel hanoi, hotel in vietnam, hotels in vietnam, hotels hanoi, hotel in hanoi, hotels in hanoi, hanoi hotels, travel to vietnam, moderate hotel, mini hotel, Intercontinental hotel, Hanoi, free Vietnamese overseas, Old Quarter, discount hotel, saigon, suite, lodging, accommodations, hostel, themed tours, inn, travel, cheap, discount, budget, room, stay, reservation, guesthouse, tourism, viet nam, resort, ho chi minh, viet, hue, nhatrang, dalat, hoi an, sapa, halong, mui ne, phu quoc, phan thiet, hanoi, online booking, travel tour, guide, information, travel guide, tour guide, hotel hanoi, boutique hotels, hoteld in Hanoi, Vietnam hotels, Hanoi hotels, Saigon hotel, Ho Chi Minh hotels, Phu Quoc hotels, Mui Ne hotels, vietnam women, Phan Thiet hotels, Nha Trang hotels, Halong hotels, Sapa hotels, Hoi An beach hotels, Danang hotels, Quang Ngai hotel, Con Dao hotel, Tay Ninh, Cu Chi, Mekong Delta, Vietnam Train, Vietnam transportation, Vietnam visa, Pacific Airlines, Vietnam Airlines, air ticket booking, Vietnam hotel booking online, luxury hotels in Vietnam, 5 star hotels in Vietnam, Moderate hotels in Vietnam, First class hotels in Hanoi, First class hotels in Ho Chi Minh (Saigon), Deluxe hotels in Vietnam, Deluxe hotels in Hanoi, Deluxe hotels in Saigon, tour operator in Vietnam, trip to Halong, Cat Ba hotels, hotels in Cat Ba, Vietnam Hotels, Hotels Vietnam, reservation, booking, promotion,

  7. ours, Travel packages to Vietnam, Laos & Cambodia – Transindochina Travel

    Url: http://www.indochina-packagetours.com

    Description: Tours package tailor-made customized travel agent advice Vietnam Laos Cambodia Indochina Saigon Hanoi Phnompenh Luang Prabang Angkor Hoian – Transindochina Travel.


    travel Vietnam Laos Cambodia Indochina vacations saigon hanoi angkor luang prabang B&B search adventure trekking tours biking bird coach watching trips tailor-made kayaking climbing Halong bay visa exemption embassies consulate travel agents city tours Lao customized destination guide by train flight budget excursion package beach shopping travelling world heritages bookings brochures holidays

    Vietnam vacations, travel agents, tour operators, citytour, city tours, Nhatrang, Hanoi, Saigon, Ho Chi Minh city, customized tours, themed tours, adventure tours, tailor made travel, diving tour, biking tours, bird watching tour, Hue, excursion, tours to Vietnam, package tours to Vietnam, sightseeing, Hanoi travel, Vietnam beaches, shopping, city, trips, traveling, cultural, experience, customer satisfaction, clients, modern, bookings, guides, tour brochures, holidays, tailor-made, kayaking, mountain, biking, climbing, Fansipan, Mai Chau, Ha Long bay, options transfers, transportation, air tickets, accommodation, visas, sightseeing, four wheel drive, small groups, One Pillar Pagoda, Sapa, Hoi An, Nha Trang, Dalat, Pleiku, Saigon, Tay Ninh, Holy See, Cu Chi Tunnels, Mekong Delta, Vitnam, Vetnam, Hano, Ho chi min, Ho Chi mihn, Annam, Vietnan, Halog, Halon, Hlong, Han, Hoan, Spa, Nhatranh, Nhatran, Mison, veteran tour

  8. A few months ago, after I recieved a decent paying job, and I’d had a good think on the matter, I decided to research into buying music. Like most of you, I’d been downloading it for free, for years (since ’98) – I feel that artists do deserve to be compensated for their hard work, and I’d like to help.

    Little did I know what kind of warzone I was getting into; what sort of hostile climate digital media has spawned among the corporate conglomerates.

    I want nothing to do with it. Until a viable alternative comes out; one that doesn’t try to condescend me with marketing, or restrict my use, I’ll stick with those last bastions of filesharing that are still standing.

  9. Okay, so your poor little macs and windows systems are getting screwed up by these little toys, I say good, most of the security issues today come from eveything being so alike with everyone’s computers. You know what happens when I put one of these cds into my computer? I get an error message saying it’s not allowed to execute the autorun, I cancel that error and open the CD in XMMS and the only thing on my computer that mentions drm around here is the Direct Rendering Manager in my kernel. Really people, if you’re using windows you’re asking for it.

  10. Regarding above calls for a boycott of all media products – the content industries will use lower sales as evidence of increased piracy, and attempt to use this to increase support for their DRM with government and public.

    It is interesting to note that, in the event of increased sales, content industries will use this to illustrate this as DRM as a wonder solution with public support, and attempt to use this to increase support for their DRM with government and public.

    Agreed that boycotting DRM whilst purchasing unencumbered products is a sensible way forward – I myself subscribe to this option with music, where it is currently relatively easy to achieve sensibly. However with films, there isn’t a real alternative to buying DVDs. The fact is, where there is no non-DRM’d product available, a mass boycott isn’t feasible. We can only hope that we can act in sufficient numbers to make our voices heard to the music industry before the lack of alternative is universal.

  11. The very best thing about all this is…

    ENTERTAINMENT from the RIAA and the MPAA is completely optional. It’s becoming FAR too great of a pain to keep all this straight.

    Here’s what I want: To simply enjoy a movie – and since the technology exists, I want to burn copies of my movies, put the original on the shelf and watch the copy. Thus; my original copy is in good space almost indefinately.

    Here’s what I get: BS, More BS, Even more BS, A huge deep stinking pile of BS… All this BS to watch a movie? Or I guess I can do what the entertainment industry wants – buy a CD, and then buy it again if it gets scratched. Buy a DVD, then buy it again if it gets scratched. The day a new format comes out that the industry ‘blesses’ I must run out and buy all this stuff I want to see – yet again.

    If it was digital data, I could write it to whatever new media is out there (face it – CD’s and DVD’s don’t last much longer than a record – even the CD/DVD player will wear it over time).

    So in order to just stay sane – I watch OnDemand TV or just play video games, or better even – get outside and do something.

    Far as I’m concerned anymore – Hollywood and the RIAA can keep their ‘entertainment’. 95% of all this new stuff sucks anyway. I don’t even bother to take the time to download it for free!!!! lol

    I was actually suprised at how little I miss new music and the TV. I’m finding more time to do things around the house.

    To the entertainment industry: Lowe’s is taking all your profits and the value of my house is increasing – ALL THANKS TO DRM!!!!!!!!!!!!!!!!!!!!

    woooo hoooo

  12. Jesse Weinstein says

    Just so people are aware, this post has been linked from the EFF’s April 1st, 666th edition of the Effector, right between “Text Is So Passe” and “House Bill Threatens Bloggers”, but no, this post is *Not An April Fool’s Joke*. Horribly, it’s real.

  13. Ned Ulbricht says

    What’s the scenario where DRM kills someone?

    Brian K,

    According to FCC Chairman Kevin Martin:

    Anyone who dials 911 has a reasonable expectation that he or she will be connected to an emergency operator; this expectation exists whether that person is dialing 911 from a traditional wireline phone, a wireless phone, or a VoIP phone. […]

    The FCC rulemaking on E911 for “interconnected VoIP” has been supported with tragic and terrifying anecdotes. So, it might be a good idea to ask the FCC for a scenario where DRM interference with a computer’s audio path leads to a failure of some critical infrastructure, indirectly resulting in loss of life.

  14. the zapkitty says

    Steve Says:

    “There is some good discussion going on here, but the only one TRUE way to fight …”

    Too defeatist.

    The way is to stop the media companies is in the due process before they get a law passed that’s so overreaching that it incidentally gives them permission to damage critical infrastructure and kill people.

    Boycotts alone won’t do it, though they can only help.

    Public interaction with the rule-making process is needed… even if that interaction only shows that the rulemaking process is fucked up beyond all recognition… as it is with the Copyright Office DMCA “reviews.”

    But this might answer the question as to why the Senslessmeyers-Conyou snake oil bill tries to drag the Patent Office into DRM… are these older government agencies institutionally clueless as to what they’re are actually being used for by the media industries?

  15. There is some good discussion going on here, but the only one TRUE way to fight (…and I’ll say it again) is a boycott. Some of you, including myself, have refused to purchase Sony-BMG ever since the DRM day (d-day)… I will continue that practice not just for Sony-BMG, but for ALL major labels using ANY major distributor. It’s not that hard of a thing to do, I know some of you are addicted to your pop-culture (well, probably not if you’re reading this), but it’s time to give up the habit. We can fight this, forget your little trip to best buy, or circuit city, or tower records or the mall. You don’t need ANY of the garbage that ANY company produces and swindles you into buying. You DON’T NEED IT. Say it with me now, “I don’t need it.”

    Damn, I hope this makes it to some kind of mainstream media… Hopefully one NOT under the influence of the DMCA… Yea, good luck with that, right?

  16. People die all the time. Money is forever.

  17. the zapkitty says

    Brian K Says:

    “What’s the scenario where DRM kills someone?”

    The scenario where a PC is screwed up by DRM and in turn causes loss of life.

    Sure, critical services that involve safety should never be run under Windows (the home of DRM malware)… but Gates keeps trying to stuff his crap everywhere it doesn’t belong and occasionally someone buys it who shouldn’t.

    The point is this: even if you regard the chance of such a thing happening as as remote at best… (optimistic, aren’t you?) … the media companies want to reserve the right to shove their crap down customers throat even if it was actually proven that it could kill someone..

    That’s a problem.

  18. Frankly, I’ve stopped buying “commercial” cds. Thankfully I re-purchased my vinyl oldies “pre 85” on cd before the fun started.

    Now I only buy Indie music the RIAA has no control over. Even better, now that my music choice contains actual musicians I buy more music than ever.

    They have not quite figured out that dropping sales is as much about the fact that we dont ALL want an endless sludge of rap, hip hop, and the Diva of the week.

    And for you noobs out there running windows, download powertoys and disable autostart on all drives. You will be amazed what some things try to install just by putting the disk in the drive.

  19. I haven’t read all the posts so this may be stated elsewhere, but I believe that a better alternative to boycott is to create an alternative to the RIAA. There are plenty of musicians who are as competant or more competant than those whose recordings are produced by RIAA members. Those musicians would be glad to accept alternative licensing models in exchange for publicity. Many of them “pay-to-play” as it is and would be delighted to release DRM-free material in exchange for better access to an audience. An independent artist could make more money at $.20 a tune than an RIAA artist could at $.99 if the organization was not excessively greedy.

    The fundimental problem with the RIAA is that they are obsolete and are trying to use legal tools to prop up and extend their monopolies. In a fundimental way normal businesses are essentially charging interest on the money required to produce a product. This includes all the overhead, material costs and such. Everything comes down to return on investment. Well the RIAA’s big problem is that costs have plumetted. The cost of producing a record has fallen to the point that most bands can afford to do the recording themselves, the cost of distribution has dropped to almost nothing. The only significant remaining cost is promotion. When your costs go away, if you maintain the same ROI percentage, the total amount of money drops dramatically. The RIAA is addicted to high margins and a pricing structure that in no way reflects costs and so is extremely vulnerable to a competitor who is willing to price based on their costs.

    The question is how to accellerate the creation of the alternative distribution structure. You don’t have to give up music in a boycott, you need to support music that is unencumbered with DRM and whose costs and restrictions are more in line with the free-market realities.

  20. Anonymous says

    Curious about how the record companies get to use the cd disc logo on their product when, I suppose, the DRM would not make it conform to redbook standards. I would think it could constitute false advertising.

  21. reading the posts i just understand, RIAA and others are linux fans, this is the only reason explaining such a dumb behaviour, i’m just thinking about switching to the pinguin …

  22. Anonymous says

    quote:What’s the scenario where DRM kills someone?

    Good question, ask a lawyer – that bastard will think of something.

  23. If DRM is coming permanently, it’s the end of my music purchases forever, even if it means I listen to music only on the radio. I haven’t purchased music, software, DVDs, hardware or entertainment equipment stamped SONY since the rootkit debacle, and I’m not the only one. As more and more people become aware of the implications of the methods proposed to implement DRM, it stands to reason that in the end the entertainment industry may loose more than it gains through the use of DRM in the long run.

  24. What’s the scenario where DRM kills someone?

  25. Yknow why people dont buy music anymore? Because they are punished by DRM for buying the legitimate product, but people who pirate the music get the file in 100% integrity with no defects or strings attached, honestly, the only thing thats gonna get people to buy this stuff legally is for the companies to LOWER THEIR PRICE

  26. Sorry folks – that horse left the barn when your bought-and-paid-for congressional reps passed the DMCA in the first place. Each and every one of us has only the ability to just not buy the offensive stuff; if we can’t be bothered to take that trivial step to make our cause known, I will sadly have just a trifling more respect for us sheep than I already have for the wolves.

  27. Just had another thought:
    Listen to music in your car?
    Does Microsoft want WindowsCE in cars?
    Does anyone miss the life-threatening potential here? OK, CE won’t drive the car, but that’s only a matter of time. Self-driving cars have been around for ages (eg. following the magnetic field of a cable in the road), but it’s the unwillingness to let someone/thing else drive your car that has stopped this technology. For example, most cars can go well over 100mph. Why? It’s just a matter of time before legislation makes this illegal, then if decent car-driving software is developed it will save many lives and will then become compulsory. It is then that some bright spark will try to combine the music playing computer with the driving computer.

  28. Vagueness in law is a GOOD thing. As long as there are sound judges and juries it adds the “common sense” factor. If every law was explicit and clear-cut then Mr A could be guilty while Mr Very-Slightly-Different-From-A could get off. If there were extremely specific laws there would have to be LOADS and that makes any real legal battle impossible, it just becomes a matter of the best lawyer finding the right law, and who has the better lawyers?
    Even if there are not good judges then that means any vagueness will go in favour of the record companies, so what is their problem? Does letting this provision remain show “weakness”?

  29. Pissed about the RIAAss., MPAAss., BSE/A? DRM, rootkits etc. not to your liking? Wait until you see Microsoft Windows Vista with all that shit built-in.

  30. Seems to me that if they’re advancing the argument that copyright can be tied to the endangerment of lives, and is superior to that possibility, that a case could be made that the 5th and 14th amendments to the US constitution have effectively curtailed the prior constitutional permission for copyright in the first place.

  31. These jokers (RIAA et al) make these laws up (they must have some political clout) and then expect us taxpayers to pay for the policing of these laws, even though we disagree with them. In this case, it would be easier for the public to just ignore DRM en masse, because you simply cannot imprison everyone. I, for one, will be flouting these laws with all my faculties. Oh, and if you want some good mp3s to download, then sign up at http://www.mp3search.ru – that’s if you can reach the site – I cannot from my office PC but can from my home PC.

  32. Whether stupid or not, these associations seem to be greedy enough to offer products with DRM measures in spite of the customer´s (alleged) wishes… Which would probably be something like stability, reliability and total obedience.

    What would you think if your i.e. powerpoint-presentation worked fine on your desktop system but refused to run on your office computer because of dubious digital rights for let´s say the background sounds or the video-feeds that you sophisticatedly used in the presentation?

    They´re just making software and digital contents difficult to handle, restricting freedom and criminalizing virtually every PC-user. And by the way they´re sticking their nose up everybody´s using habits.

    Should I ever feel the urge to be supervised and advised on how to handle my media contents by the R.A.P.E or the G.R.E.E.D or whatever these organizations are called, i promise that I´ll buy a PSX or an XBOX…

  33. Why not call the new DRM sceme what it is, Malicious Code.

    Yes and not just Sony’s. A lot of different DRM software tears huge holes in Windows. We recently found some on our test machines that parts of the DRM software had full core OS access. None of these holes were secured by the DRM itself. This leaves multiple machnes on multiple networks fully open and some of these problems are incredibly hard to spot. This makes the possiblity of specific virus types or zombie attacks, that target the holes left by DRM, that much more probable. I work for the military and you can’t expect every Joe to adhere to policy.
    That aside, this whole thing is just pandering to entrenched corporations who are losing money to the “free-market” that they all so adhere to. Most independent labels don’t seem to be having major issues selling good content.

  34. hey guys, I do not really get what all this fuss is about.

    Let me light a fag first.
    (*me* inhales deeply)
    aaaah, that´s better…
    (more coughing)
    (throws up some phlegm)
    (gulping sound)
    OK, where was I? – Ah, yes, right: What´s the fuss? Listen:

    “May threaten critical infrastructure and potentially endanger lives”
    Sounds to me like some of those dumb stickers found on fag packets lately. The Recording Industry, and all those other DRM outfits have plenty experience with “parental advisory” stickers. Shouldn´t cost them a lot fitting a “May threaten critical infrastructure and potentially endanger lives”-sticker somewhere on that DVD / CD / BluRay / HiFi / TV / iPod / Jukebox / Origami whatever thingy, right?

    Now the customer can decide if he wants to risk it. As with cigarettes, there´ll plenty idiots who´ll buy said object only because of the sticker: “Wow, this crap can kill me, that´s something for a real man like me!”

    Problem solved.

    © Matt, fees apply

  35. Down InAHole says

    Since when did vague language in the law become important? Most of the laws in our land have some form a vagueness, that is why we have a supreme court and justices. They know this. They just don’t want the legal battling it will be if this passes.

    Also, it will mean that someone can write an anti-DRM program and use the “just in case of safety concerns” for the reson of selling it. But, anyone could buy it and this would defeat their original intent of the DRM. There needs to be a proper way to manage this, however until we all become robots, this whole DRM thing will go on forever.

    BTW – If everyone in this group really feels stongly against this, why doesn’t somone/everyone here file a class-action suit against DRM. Any suit can end up in the supremes, which would allow the whole DRM thing to be challenged.

  36. Brightstar says

    Ok, there’s only one way to defeat DRM if indeed this gets passed.

    Someone will need to write a virus that will kill people and say its protected by DRM so that it can’t be removed legally by the virus writer, thus forcing DRM to be illegal under US Law.

    Is anyone else getting the sense that Pluto’s Kiss is on the way? (.hack for those who don’t get the reference)

  37. Nobody comes to my house, builds a fence and tells me to live with it… this is my house and they must respect that absolutely. If I were illegally downloading or trading then there are laws to deal with that, but still innocent until proven guilty.

  38. here is the thing though–I pay 11.00 for a cd. it will most likely have one song that I like–or if lucky two from any particular artist.

    riaa et al will pay that artist pennies per cd, it costs them about 1.00 to make the cd, maybe another few cents to ship that cd to a store. now where is the big money???

    living in the south, it gets pretty damn hot and you don’t leave an 11.00 cd in a car. so you make a copy to put in the car and keep the original to play at home and if the other wears out, warps from heat–you make another. now riaa comes along and says that you can’t do that. you are in their estimation supposed to buy another for the car and another if something happens to that one.

    the big kicker comes when a normal person with limited finances etc. and doesn’t have special equipment to burn off a cd puts it into their computer to do that job. suddenly you have to download their player to play it, which opens you to any of several virus’s floating around out there, you can’t make a copy because of their programming and they are not responsible for any damage done to your 1,000.00 computer or loss of life because their stuff caused a blackout to local authorities and causes that loss of life.

    their greed has had me to the point for quite a while that I will get copies of stuff from friends, free stuff off the puter that is not certified. they have been screwing the artists for decades, but scream loudly if a couple people make a copy of something they bought. who gives a flip about eula’s?? I don’t and it was my money that paid for their product–so it is mine to do with as I wish just as if I had paid the artist myself to sing and allow me to record it.

  39. ahmed hasuef says

    The entire world will become buried in DRM schemes at this pace. It has become critical to thwart these infidels whereever and whenever opportunity presents itself.

    I will continue to use only Linux,Unix or Solaris to ensure that my property remains free of the vile machinations of these dispicable organizations.

    “Remember Remember the 5th of November”!

  40. Did the Sony DRM rootkit “threaten critical infrastructure”?

    yes, it did. Working for a large company, that a Sony rootkit might have gotten installed to, would mean that viruses or open connections to other companies could be made, leaving us open to confidential theft, like bank cards or more.

    is that safe? is that what you want?

    What if a 911 call center was to get this rootkit? is it not plausible that a virus set to exploit it (and walks right past Norton as most virii do) could cause harm as in death! just to protect a 17.00 CD? No, i am off the elitist thoughts that all music in any form should be prohibited from any workstation in the company, to include movies, software etc.. that may contain DRM. get it? we are talking about business, not whether the average worker wants to here [insert band here] while they work.

    so what will do when someone hooks there Microsoft play4sure device to a system? well, simple, remove the offending device, re-ghost the system and reprimand the user. are you getting this yet? at home i could careless .. but at work, this is making life difficult.

  41. I say we Threaten the BSA, RIAA, and MPAA’s Critical Infrastructure by Potentially Endanging their Lives.

  42. BSA, RIAA, MPAA don't care if their DRM might cause you harm….

    Yet another reason to oppose DRM: Ed Felton of the blog Freedom To Tinker tells us about the U.S. Copyright Office’s triennial DMCA exemption rulemaking that's currently ongoing and how a coalition of big copyright owners put forth an amazin…

  43. Are you kidding?

    The next logical step is to make sure such DRM software is exempt from any such liability.


  44. I wonder if this means that the MPAA/RIAA will accept legal liability if someone is injured or if critical infrastructure is damaged?

  45. Actually, xalorous , you didn’t buy the OS or the media software, so you have no ownership rights. You agreed to lease it, warts and all.

    In my opinion, the lease model is the fundamental (and least discussed) barrier to reasonable legal usage rights of your computer. Everything would change if you owned the hardware and software, but you do not.

  46. Boycott is the only solution. Dont wait for the announcement, just stop buying their junk. This is obviously a war. There are two sides and you must choose one. The artists have dug their own grave by the voluntary erosion of their rights as creators and authors and deserve no more mercy than the industry they serve. Find some new heros, find new artists, expand your horizons, pay for a local show. Refuse to use their distribution system. Take what they assure is theirs because they have taken what is undeniably yours – your security and rights. Fight fire with fire. It is absolutely pointless to discuss any other action. We are the masses, disorganized and seperated and we cannot beat them at their game. The theatre for this conflict is not a courtroom but the battlefield of the free market. Refuse to pay – its working. Dont even pay 99 cents. Buy a guitar. This is the greatest thing to ever happen to music. We dont need spineless artists that give up their rights to be stars for the public at large. We should except nothing less than real talent – not overmarketed and radio hyped pop garbage – a homogenous ooze that pollutes our souls. Tell you friends. Steal that song, steal that movie. The only slipperly slope I see is thinking that this will ever be resolved in a manner that would be accepted as fair on either side. Its obvious this isn’t about digital rights, this is about control and freedom from control.

  47. Doug Taylor says

    All of you have made some good comments put forth some excellent arguments. However, you are missing an important point. One that SpiritualMadMan hit on. We who buy the products that the BSA, MPAA and RIAA et al sell are being hurt, inconvenienced and our property violated by their over zealous lust to prevent theft.

    As SpiritualMadMan said, we need to boycott and we need to do it in a very big way. We need to let them know that by hurting those that made them rich they are harming themselves more then any pirate ever could. Instead of discussing the evils of their DRM stop buying, renting their product. Do not buy or rent any movie or music in any form do not go to the theater. Do this for one month and if they do not give in do it for another.

    I realize that not having the latest song or watching that new movie will disappoint you, but consider your future and the impact that DRM will have on it. Stop discussing it do something about it (legally.) Boycott! (It is really all we have.)

    Take care,


  48. DMCA- “Personal privacy (section 1201(i)). This exception permits circumvention when the technological measure, or the work it protects, is capable of collecting or disseminating personally identifying information about
    the online activities of a natural person.”

    when did sony/riaa/mpaa/etc decide that people cannot break the DMCA yet they can?…oh yeah, right before they handed the check to the judge.

  49. Some one referenced a slippery slope above, and that’s exactly what this is. But the top of the slope doesn’t start with DRM, it’s copy rights in general. Copy rights are a contrivance.

    The only things of actual worth are physical objects and services rendered. The orientation, characterization, or dimensions of an object are human conceptions and cannot be owned by a third party, with respect to the primary owner of the object, without that third party having at least partial domain of ownership over the primary ownership party’s mind. Until we sign over our minds, the copy right law will be an incoherent facet of the legal system.

    If the Earth people sell an encryption box to the Mars people, the Earth people cannot expect to the Mars people to not reverse engineer the encryption box. All we can ask for from the Mars people is reciprocation goods and services. If that happens to be information, we can only ask for a one-time, up-front fee for that information. If we didn’t want our goods and services to be used in certain ways, we shouldn’t have traded them for goods and services that we wanted with other parties.

  50. Let me get this right.

    I bought the computer.
    I bought the OS.
    I bought the media software to play media.
    I bought the rights to play a given track/clip.
    They install software without my permission.
    I remove said software.
    I get hit with a lawsuit?

    All of my actions were not only legal, but also (except the last two), generate cashflow (and profit if they are decent businesspeople) for someone.

    This is just stupid. Better to only download public domain music and freely available open source software.

    What I want to know is, how is it legal that a music CD installs software on my computer, without my knowledge or consent? I want to know how many victims of this farce actually incurred damages. I know if I had my computer hacked, my personal info stolen, and my identity threatened or stolen, and I could track that to the infamous rootkit on a music cd, I’d sue them for every penny I could get.

    We’ve all heard the arguments.

    1. P2P is hurting the artists…
    MPAA, RIAA, etc. are lobbying organizations looking out for the interests of megacorporate entities. You think the artists get rich off records? Or the actors off DVD sales? Not very often. Music artists get rich from touring, the records help with publicity, but the record companies get the bulk of those profits. Only from concerts do the artists get a decent percentage. Actors get paid before the movies air, for the most part. I’m sure some get a small slice of royalties, but it is SMALL.

    2. On the other hand, P2P actually acts as free advertising. For every leech who never buys anything, there are more than one who buy the music they like, or who focus on bands which allow taping and free distribution of their concerts.

    The reason we see all this is that the lobbies have an almost infinite supply of money to fight this battle, and the end users are too diffused and too apathetic (when you look at the average). Even if the consumers were to execute their sole powers (by choosing to boycott the companies represented by the lobbyists or by voting those being lobbied out of office), together and in force, it would take too long for the industries pockets to run dry.

    It’s a conundrum

  51. due to riaa’s bull alone I will no longer buy music from any source. in light of sony/bmg doing what they did with their programming I don’t feel that it is safe to buy anything more that is on the open market since spyware etc. is NOT desireable and is part of the problem that now faces people who try to play their stuff on their computers.

    I have spent too much money that I can ill afford on this computer and I will not for any reason put it at risk because someone refuses to pay artists their net worth but screams that the company is being jipped while over charging for a product.

  52. Do I recall that the Sony rootkit did open the PC up to various malware? And weren’t there instances where the rootkit made an otherwise stable PC unstable? I would suppose that in every state, if such a PC were being used in a life safety fucntion, that would constitute the crime of at least, reckless endangerment; even if no actual ijuries or damage resulted.

    Elliot Spitzer, where are you?

  53. Boots [usemasper] says

    if this passes couldn’t someone just sue immedatly because it violates consistutional rights to life.

  54. If it’s going to be illegal to remove malicious software that was installed without my express consent, you might as well lock me up now. Legal mumbo-jumbo buried 12 pages deep in the EULA does NOT constitute express consent, as these documents are intentionally written in such a way as to cause migranes in anyone who tries to decipher them without the aid of an advanced law degree. How about a law requiring that EULAs and TOSs be written in such a way that anyone with ab IQ of 100 or more can easily understand them? (my IQ is much higher than that, but those things give me a splitter every time I try to decipher one.)

  55. Copyright noob here:

    I understand that it violated the DMCA to play a Sony CD without installing the Sony rootkit software. Did it also violate the DMCA to remove the Sony rootkit before they released a tool to do so — just remove it, not remove it and play a protected cd. Did it violate the DMCA to talk about how to remove the rootkit, even after it was discovered that the DRM was a rootkit?

  56. Just have some have said: The RIAA et al. should be should be held accountable for death that results from their DRM. Placing cause on the DRM might be difficult however.

  57. Incredible. I can’t *wait* for the first lawsuit against the maker of DRM whose software ends up killing someone, such as in a defibrillator, heart monitor, oxygen regulator, etc.

    What they’re saying is that their “right” to profits trumps your right to live if DRM is involved. I’m telling you, you just can’t make this stuff up!

    http://www.thepregnancytester.com (coded without any DRM)

  58. If the purchasing public stopped buying all entertainment media completey for a full week after each such filing I wonder if, then, they’d ge the message…

    Boycotting all CD’s, Theatre Movies, DVD’s and Videos of proposing companies comes to mind as well…

    I don’t trust Sony – BMG at all… I will not buy any product with their Logo. Even DVD’s or supposedly safe CD’s…

    And, law or no law NO: Hidden DRM or Root Kits will be allowed to stay on my system…

    It’s not an issue of circumvention… Or, of theft… It’s an issue of my being responsible for my own Computer Safety and Security…

    But, we are already nothing more than the serfs of not so jolly old England…

    And, the music industry wants to be yet another ‘master’…

    It’s time for a “Boston Tea Party!!!

    The $0.99 downloads have made sharing songs much more easy for those who want to be legal. **When** the songs are available as singles… If there were a facility to pay a reasonable license when we cut tracks to share… I’d use it…

    The Psalmist (David) said that he would not give a gift that cost him nothing… (2 Samauel 24:24 )

    Do we *really* value our friends when we give them gifts that cost us nothing?

    Also some cd’s are cut for a one time listen… Is it really fair to expect $20 for a one time listen to a single track?

    Make it easy for the “end user” to license use of material and most of us will pay the fees! Even in Midi’s

  59. I think that as regards audio CD’s, there will emerge hardware capable of ripping the CDDA content to mp3, where the device doing it is not a PC.

    Take a look at


  60. Since when does the RIAA have anything to do with music, Glyn? Last I checked, the only five letter ‘M’ word in their vocabulary rhymes with “honey”. 😛

    Edward Kuns wrote:
    “2) Get the OS manufacturers to bundle the DRM as an integral part of the OS.

    I can easily imagine both Microsoft and Apple being willing to follow #2, especially if the DRM chosen is theirs.”

    Been there, done that, already resolved never to ever use Vista or OSx86. Ever.

  61. Ned Ulbricht says

    […] integrating SCADA with MIS […]

    Sorry about following up on my own post, but one reference for this would be:

    U.S. General Accounting Office, Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems, GAO-04-354 Washington, D.C., 2004.

    In particular, see Figure 3 “Typical Components of a Control System” on p.10. And on p.13, see “Control Systems Are
    Connected to Other Networks”:

    Enterprises often integrate their control systems with their enterprise networks. This increased connectivity has significant advantages, including providing decision makers with access to real-time information and allowing engineers to monitor and control the process control system from different points on the enterprise network. In addition, the enterprise networks are often connected to the networks of strategic partners and to the Internet. Furthermore, control systems are increasingly using wide area networks and the Internet to transmit data to their remote or local stations and individual devices. […]

  62. “My intestine is enjoying a tapeworm enhancement.”

  63. slj: You may watch your language here. DRM doe not “infest” computers, but “enhances” them. 🙁

  64. Edward Kuns says

    As long as they feel they can guarantee reinstallaion of the DRM, I don’t think they’ll have a problem with someone reformatting their harddrive and reinstalling the OS. If they think that someone will do that and then be able to avoid DRM installation, they may try to find a legealese way to discourage people from reinstalling. (Although, probably not. Realistically.)

    However, if they feel people can somehow escape installation of DRM they will go to one or both of two solutions:

    1) Make it so that the media is impossible to play without the DRM installed

    2) Get the OS manufacturers to bundle the DRM as an integral part of the OS.

    I can easily imagine both Microsoft and Apple being willing to follow #2, especially if the DRM chosen is theirs.

  65. You can buy a new one, coz you pay MONEY for that and this is exactly what they want you to do!

  66. Will you be permitted to buy a new (identical, but not yet infected) system and throw away the infected one?

  67. Once the DRM measure is on your system it is illegal to remove it.

    Consequence: it is then illegal to reformat the harddisk and reinstall.

    One may even argue about the legality of workstations being centrally reloaded
    with a fresh system ever so often (to reduce employee tinkering with employer equipment)
    once such a workstation can be proved to have been infected with DRM.

  68. Walter Dnes says

    Spyware distributors would love this. It would be illegal to remove spyware. Here are the steps down the slippery slope…

    1) The BSA wants government to outlaw circumvention/removal of their DRM, which they use to protect their software.

    2) So along comes some spyware that uses DRM to “protect” itself.

    3) If set up properly, the DRM would have to be removed before the actual malware payload is removed.

    4) For a few seconds, you’d have the malware payload present, without its associated DRM being present. This would be equivalant to a “cracked copy” of Windows.

    In such a situation, the only legal way to remove the malware would be to re-format/re-partition your hard drive. The next step would be for some creative lawyer to come up with a way to outlaw the act of you re-formatting your harddrive. I don’t know how it’s possible, but I’m sure someone will try.

  69. E. Burke: Neither am I going to place money on absence of stupidity anywhere. I meant it in a purely technical “micro” way. In the same way that there is “macro” wisdom and “micro” smarts, there are their respective opposites. A related concept is “penny-wise, pound-foolish”.

    Somebody who is unwise enough to pursue the wrong/ineffective ends, and that in an ineffective way, can still be smart enough to reason about obstacles in said ineffective way and how to deal with them.

  70. Ned Ulbricht says

    Our National Security is only as good as the next Rootkit implementation?

    See Computer Science and Telecommunications Board, Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, The National Academies Press, Washington, D.C., 2003.

    BOX 2.2 Security Vulnerabilities and Problems of SCADA Systems

    [F]or economic reasons, the Internet itself is increasingly used as a primary command pathway. In general, there is minimal protection against the forgery of control messages or of data and status messages. Such control paths present obvious vulnerabilities.

    In addition, today’s SCADA systems are built from commercial off-the-shelf components and are based on operating systems that are known to be insecure. […]

    (And before you dismiss this as semi-hysterical scare-mongering, please just contemplate that two of the editors, John L. Hennessy and David A. Patterson, also wrote one of my textbooks: Computer Organization & Design.)

  71. Little Brother says

    So let me get this straight. Our National Security is only as good as the next Rootkit implementation? If I was working for al-Qaeda, I’d try and get placed with Sony’s DRM tech group and exploit the CIA music-sneakernet…

  72. If only this could make its way to mainstream media. Lawyers will be lawyers, but no company should believe it has the ability to make such hostile statements without consequence.

    Let’s say Sony-BMG’s software winds up on the CIA network because some high clearance figure likes to listen to music while he works. Bush likes to tell us that security breaches mean death, and whether you buy is NSL/NSA arguments are not is irrellevant: security holes in intelligence computers are a bad idea. So in this situation, DRM threatens a critical infrastructure, security, and, questionably, lives.

    So let me get this straight. The RIAA just said that this guy doesn’t have the right to remove it?

    I’m not sure what’s worse, that these people are making the argument, or that the committee recieving requests hasn’t condemned them for it.

  73. Ned Ulbricht says

    Did the Sony DRM rootkit “threaten critical infrastructure”?


    Last January, in a SecurityFocus article, reporter Robert Lemos quoted security expert Dan Kaminsky:

    “It is unquestionable that Sony’s code has gotten into military and government networks, and not necessarily just U.S. military and government networks.”

    Certainly not all military and governmental networks qualify as “critical infrastructure”—just as some civilian networks should be considered “critical.” But the infection of military and governmental networks does help to indicate the severity of the problem.

    As a circumstantial consideration: Over the past decade or so, there seems to have been a worrying trend towards integrating SCADA with MIS in a fashion that seems somewhat less than prudent.

  74. I don’t think it should have to rise to the level of “life or death” before removal.

    If I will be exposed to large dollar costs to clean up somebody else’s mess, I want the right to mitigate those damages. In fact, do I not have the legal obligation to do so?

  75. Perhaps I’m a brainwashed stooge of the RIAA, but aren’t they just saying that the phrases “causes security and privacy harm” and “threaten critical infrastructure and potentially endanger lives” are vague? It is fairly uncontroversial to believe that vague legal rules can have negative consequences. Did the Sony DRM rootkit “threaten critical infrastructure”? It’s in everyone’s interest to have these concepts clearly defined so the copyright owners know what not to do. I, for one, don’t trust them to behave well unless they are given clear instructions.

  76. E. Burke says

    “These guys are most certainly misguided, but they are not stupid.”

    You think so, huh? I’d hate to bet on it. They are greedy and power-hungry, and that creates a mindset so close to stupidity as to be practically indistinguishable from it.

  77. May I say that in the eyes of the “Copyright Cartel Lawyer” fighting illegal copying is so important that innocent bystanders can be killed in the process. “Copyright owners need absolute rulership over (all) computers.”

    If you ask me, I’ld rather abolish copyrights instead.

  78. On a more general note, anything that provides users with a way to seek recourse can be expected to be objectionable to the DRM pushers. Circumventing DRM must be illegal under any circumstance, period. Rulership is not absolute unless it is unquestionable.

  79. I think it’s less spectacular than that. These guys are most certainly misguided, but they are not stupid. They simply see that invoking a “life or death” exception is difficult to dispute.

    It would be in a way analogous to pushing “content filtering” and censorship under the pretexts of let’s say the threat of porn to the moral fiber or “homeland security”. The reason that’s being done is that hardly anybody would want to be caught arguing it.

  80. Does the copyright cartel realise what liability they have when something seriously goes wrong due to a bad implementation of DRM. There must be people that remember the black-out that hit NE USA and Canada. Would Sony-BMI be able to pay the damages for such an event?