April 23, 2014

avatar

Forecast for Infotech Policy in the New Congress

Cameron Wilson, Director of the ACM Public Policy Office in Washington, looks at changes (made already or widely reported) in the new Congress and what they tell us about likely legislative action. (He co-writes the ACM U.S. Public Policy Blog, which is quite good.)

He mentions four hot areas. The first is regulation of peer-to-peer technologies. Once the Supreme Court’s decision in Grokster comes down, expect Congress to spring into action, to protect whichever side claims to be endangered by the decision. A likely focal point for this is the new Intellectual Property subcommittee of the Senate Judiciary Committee. (The subcommittee will be chaired by Sen. Orrin Hatch, who has not been shy about regulating infotech in the name of copyright. He championed of the Induce Act.) This issue will start out being about P2P but could easily expand to regulate a wider class of technologies.

The second area is telecom. Sen. Ted Stevens is the new chair of the Senate Commerce Committee, and he seems eager to work on a big revision of the Telecom Act of 1996. This will be a battle royal involving many interest groups, and telecom policy wonks will be fully absorbed. Regulation of non-telecom infotech products seems likely to creep into the bill, given the technological convergence of telecom with the Internet.

The third area is privacy. The Real ID bill, which standardizes state driver’s licenses to create what is nearly a de facto national ID card, is controversial but seems likely to become law. The recent ChoicePoint privacy scandal may drive further privacy legislation. Congress is likely to do something about spyware as well.

The fourth area is security and reliability of systems. Many people on the Hill will want to weigh in on this issue, but it’s not clear what action will be taken. There are also questions over which committees have jurisdiction. Many of us hope that PITAC’s report on the sad state of cybersecurity research funding will trigger some action.

As someone famous said, it’s hard to make predictions, especially about the future. There will surely be surprises. About the only thing we can be sure of is that infotech policy will get even more attention in this Congress than in the last one.

avatar

More on Ad-Blocking

I’m on the road today, so I don’t have a long post for you. (Good news: I’m in Rome. Bad news: It’s Rome, New York.)

Instead, let me point you to an interesting exchange about copyright and ad-blocking software on my course blog, in which “Archer” opens with a discussion of copyright and advertising revenue, and Harlan Yu responds by asking whether distributing Firefox AdBlock is a contributory infringement.

There’s plenty of interesting writing on the course blog. Check it out!

UPDATE (Feb. 28): Another student, “Unsuspecting Innocent,” has more on this topic.

avatar

Can P2P Nets Be Poisoned?

Christin, Weigend, and Chuang have an interesting new paper on corruption of files in P2P networks. Some files are corrupted accidentally (they call this “pollution”), and some might be corrupted deliberately (“poisoning”) by copyright owners or their agents. The paper measures the availability of popular, infringing files on the eDonkey, Overnet, Gnutella, and FastTrack networks, and simulates the effect of different pollution strategies that might be used.

The paper studied a few popular files for which corruption efforts were not occurring (or at least not succeeding). Polluted versions of these files are found, especially on FastTrack, but these aren’t a barrier to user access because non-corrupted files tend to have more replicas available than polluted files do, and the systems return files with more replicas first.

They move on to simulate the effect of various pollution strategies. They conclude that a sufficiently sophisticated pollution strategy, which injects different decoy versions of a file at different times, and injects many replicas of the same decoy at the same time, would significantly reduce user access to targeted files.

Some P2P programs use simple reputation systems to try to distinguish corrupted files from non-corrupted ones; the paper argues that these will be ineffective against their best pollution strategy. But they also note that better reputation systems could can detect their sophisticated poisoning strategy.

They don’t say anything more about the arms race between reputation technologies and pollution technologies. My guess is that in the long run reputation systems will win, and poisoning strategies will lose their viability. In the meantime, though, it looks like copyright owners have much to gain from poisoning.

[UPDATE (6:45 PM): I changed the second paragraph to eliminate an error that was caused by my misreading of the paper. Originally I said, incorrectly, that the study found little if any evidence of pollution for the files they studied. In fact, they chose those files because they were not subject to pollution. Thanks to Cypherpunk, Joe Hall, and Nicolas Christin for pointing out my error.]

avatar

Google AutoLink: Doesn't Cross the Line, Yet

Google’s new Toolbar includes a feature called AutoLink that adds hyperlinks to certain content in Web pages. For example, if it spots a street address in the page, it hyperlinks the address to Google Maps; if it spots the ISBN number for a book, it hyperlinks it to that book’s page on Amazon.

Some people are unhappy about this, seeing it as a violation of Google’s famous “don’t be evil” rule. I don’t see the problem – at least not yet. (Others think it is a strategic mistake by Google, which it may be. I’m not considering that question here.)

Thus far, AutoLink is applied to a page only when the user installs certain versions of the Google Toolbar. The user also has an explicit switch to turn AutoLink on and off. Nothing is going to happen unless the user asks for it, so it’s hard to see how the interests of sophisticated users are harmed. (The story might be different for novice users, if the feature is presented in a way that tends to confuse them about which hyperlinks came from the original site author. I haven’t looked at that issue.)

What about the interests of website authors? If Google is rewriting my site without my permission, that may affect my copyright interests in my page. In the same way that ad-blocking software may harm a site author’s business, an overly aggressive page-rewriting tool could potentially erode the site author’s ability to generate revenue via hyperlinks on the page. For example, if I mention a product and hyperlink to it via an online store’s affiliates program, I can get revenue if one of my readers clicks through the link and buys the product. If Google adds hyperlinks to other stores (or, worse yet, replaces my hyperlink with one of theirs), this will cost me money.

A site author could argue that the rewritten page is a derivative work, created without permission, and thus infringes copyright. Can the user be held responsible for this? Can Google?

I don’t know the legally correct answer to that question, but it’s interesting to think about whether it’s fair to allow the kind of rewriting that Google is doing. (I’m using “fair” in the ordinary sense here, not in the legalistic sense of “fair use”.) I think that what Google is doing now is fair. Links are added only at the user’s request and only in limited circumstances (street addresses, package tracking numbers, ISBNs, and vehicle ID numbers), and the original site author’s links are apparently left intact. If the system expands too far, it could cross the line, but it hasn’t done that yet.

(Andrew Grossman at Tech Liberation Front has an interesting post about this, if you can ignore the gratuitous ad hominem attacks. He’s right that this shouldn’t been seen as an antitrust issue.)

avatar

Broadcast Flag in Court

Tomorrow the DC Circuit will hear arguments in the case challenging the FCC’s authority to impose the Broadcast Flag regulation. The case will determine whether the FCC can control the design of computers, in the name of copyright. It will also determine whether the ill-conceived Broadcast Flag rule will be imposed.

Today’s New York Times has a disappointing story, by Tom Zeller Jr., rehashing the arguments about the Broadcast Flag. I say it’s disappointing because it reiterates without comment the MPAA’s logically disconnected hash of arguments about the Broadcast Flag. I think the press has a responsibility, at the very least, not to let logically fallacious arguments pass without comment.

The article starts by describing Mike Godwin downloading an episode of the Showtime series “Huff.” After some scene-setting, we read this:

The M.P.A.A. has argued that without the broadcast flag rule, content creators would have no incentive to provide digital content over the airwaves, because people could simply pluck video streams out of the air and redistribute them to millions of viewers over the Internet.

“It’s very simple,” said Fritz Attaway, a vice president and Washington general counsel for the M.P.A.A. “Without the broadcast flag, high-value content would migrate to where it could be protected.”

In practical terms, such “protected” places would be cable and satellite systems where digital content can be more easily scrambled, encrypted or otherwise controlled, leaving broadcast networks at a distinct disadvantage in the new digital marketplace.

The fallacy here should be pretty obvious. “Huff” is already distributed only in a “protected” place – a premium cable channel – and it’s available for infringing downloaders. (Other cable and satellite offerings are similarly available on P2P.) This is not evidence that cable-like protection is needed for broadcast. To the contrary, it’s evidence that the “protection” of cable-like DRM is illusory.

Similarly, the article repeats without comment the MPAA argument that they will be forced to withhold high-resolution broadcast service unless the Broadcast Flag is imposed. This argument couldn’t be more wrong in its view of broadcasters’ incentives.

In fact, P2P infringement gives broadcasters a powerful incentive to offer higher-quality, higher-resolution content.
High-res content makes legitimate broadcast service more attractive to viewers. P2P versions can’t match these increases in resolution because doing so would make P2P files much bigger, clogging P2P systems with enormous files and making downloads much slower. If broadcasters have to “compete against free” their best hope is to actually compete, by improving their product – especially when the competitor can’t match the improvement.

If the Broadcast Flag actually did reduce infringement, then imposing it would only reduce broadcasters’ incentive to switch to high-res broadcast. Looking at the evidence, though, it could hardly be more clear that the Broadcast Flag won’t reduce the availability of P2P content at all. Even ignoring the Flag’s many technical loopholes, the best it could possibly offer is the same level of protection that cable content gets today. The evidence is overwhelming that that level is insufficient to keep programs off the P2P networks. Remember Huff?

The real story here, for an enterprising reporter, lies in how the MPAA convinced the FCC to mandate the Broadcast Flag despite offering only these weak arguments in the public proceeding.

avatar

More on the Cato DRM Paper

I wrote yesterday about the new Cato Institute paper on the economics of peer-to-peer and anti-copying technology, which argues that everything will be okay in the online-music market because competition will force vendors to offer consumer-friendly products. I agree that a competitive market would have this effect. But how competitive is the market?

One of the more interesting sections of the Cato paper is about interoperability (pp. 8-9), or the ability of different DRM systems to work together. If a buy a file in one system, can I move it to another system? If two devices implement different DRM systems, can I transfer a file from one device to the other? If my DRM vendor goes out of business, do I lose access to my files?

The Cato paper says that DRM interoperability is good, and that progress is being made. I agree with the first part but I’m not so sure about the second. It’s not clear that we can rely on the DRM vendors to make their products interoperable – they have little incentive to help their customers switch to competitors’ products. Are there alternatives? Here’s the Cato paper:

Unilateral solutions may exist. In its present Harmony service, RealNetworks enables the compatibility of its RealPalyer Music Store tracks with both Apple’s iPod players and players compatible with Windows Media Audio (WMA). RealNetworks acomplished that by producing WMA files and integrating Windows Media Player on the user’s PC (both of which are permitted by Microsoft) and by reverse engineering Apple’s FairPlay DRM file format (which Apple may yet legally contest). In another potential solution, RapidSolution Software of Germany now offers software (called Tunebite) that allows users to re-record any file played on a PC by simple loopback through the PC’s audio card; songs are stored in an open format for later use. Parties differ as to whether the technology legally breaches access protection.

In other words, these products provide public benefits, but they might be illegal. One would expect, at this point, a policy discussion about why it might be wise to ensure that such products are legal. But that is not forthcoming. The authors just change the subject and talk about something else.

This flaw – extolling the virtues of competition, but failing to follow up by recommending pro-competition policies – seems to run throughout the otherwise excellent Cato paper. It makes sense to rely on market competition to blunt the potential downside of DRM. That strategy will only work if we adopt pro-competition policies, or at least reverse the anti-competition aspects of our current policy. Talking about competition is good; but having competition is much better.

avatar

How Competitive is the Record Industry? A Natural Experiment

Derek Slater, responding to the recent Cato paper on DRM technologies, raises an important question: How competitive is the record industry?

The Cato paper argues that market competition will blunt the possible negative effects of DRM on consumers. The theory is that a variety of competing DRM systems will emerge for online music. These systems will offer differing levels of flexibility to consumers. They will face market pressure to meet consumers’ needs, because consumers can choose which one to buy. Record companies will face competitive pressure to license their music via the DRM systems that consumers want to buy. If the DRM market is competitive, and the music market is competitive, then market forces will foster a reasonable DRM technology.

This theory has much to recommend it. But the theory works, of course, only if the music business really is competitive. If the record companies act as a cartel, they can use the resulting monopoly power to dictate the design of DRM systems, regardless of consumer preferences. Tellingly, the Cato paper does not bother to argue that the major record companies behave competitively in this respect. Instead, the section on record company competition (p. 6) talks almost exclusively about indie labels, which account for only a small piece of the overall market.

How can we tell whether the record industry is responding competitively to DRM? An interesting natural experiment is about to start. MP3Tunes, a new startup headed by serial entrepreneur Michael Robertson, is launching a new music service that sells songs in MP3 format. Will the major record companies license their catalogs for sale on MP3Tunes?

In a competitive market, they would license to MP3Tunes. There are surely some customers who are willing to pay for music but don’t want to accept the hassles of other online music services. MP3Tunes will extract revenue from these customers.

You may object that the record companies won’t sell their content in an unprotected format. But of course they already do so, and in fact most of their revenue comes from sales in the unprotected CD format. And they can’t rationally be worried that their existing catalogs will leak to the P2P networks – that already happened, long ago. It’s hard to see how licensing their existing catalogs to MP3Tunes would make the P2P infringement problem any worse.

The record companies may feel that other music services meet their needs better, for example by increasing the likelihood that consumers will have to repurchase the same song later. These factors might affect the price they offer MP3Tunes, but they shouldn’t preclude negotiations altogether. In a competitive market, producers have to offer the products that consumers want, not the products the producers like.

It’s hard to see any economically rational reason for a major record company to refuse, categorically, to deal with MP3Tunes – unless we assume that the major record companies act as a cartel. That’s why the record industry’s response to MP3Tunes will tell us how competitive that industry really is.

(Let me preempt some rebuttals by pointing out that if you want to argue about what would happen in a competitive market, your argument cannot be based on assertions about what the record industry, as a whole, wants or needs. Assuming that “the record industry” is an actor whose needs, desires, or plans matter is tantamount to assuming that the industry is in fact a cartel. Nor can you assume that any individual company in a competitive market cares about the fortunes of the industry as a whole, as opposed to its own selfish interests. Much of the discourse about the record industry assumes, implicitly, that it is a cartel. If you want to rebut my argument about how a competitive industry would behave, be very careful to avoid adopting that assumption.)

avatar

Macrovision Tries Passive Anti-Copying Technology for DVDs

Macrovision is introducing a new DRM technology for DVDs, apparently based on passive changes to the data encoded on the disc, according to a news.com article by John Borland. (The article is entitled “New Copy-Proof DVDs on the way?” The answer to that question is “no.”)

The new technology, called RipGuard, tries to code the DVD data on the disc in a way that triggers bugs in popular DVD ripping programs, while remaining readable on ordinary DVD players:

Macrovision’s new product takes a different approach to antipiracy than it has taken for analog or audio CDs. Gervin said Macrovision engineers have spent several years looking at how various DVD-copying software packages work and have devised ways to tweak the encoding of a DVD to block most of them.

That means the audio and video content itself requires no new hardware and isn’t scrambled anew, as is the case with most rights-management techniques. Someone using one of the ripping tools on a protected DVD might simply find their software crashing, or be presented with error messages instead of a copy.

As when used on CDs, this passive approach will only work against some ripping programs, and in any case will become useless as the bugs in ripping programs are fixed. If the goal is to keep protected DVD content off the P2P nets, then this product will fail.

The article argues that RipGuard can be updated over time, which is true, but not very helpful for copyright owners, for two reasons. First, there is a limited supply of disc-reading bugs in ripping programs, and each version of RipGuard will cause some of them to be fixed, making it harder to find bugs to exploit in the next RipGuard version. Second, although users can update their ripping software, there is no way to update RipGuard on DVDs that have already been sold. Once a version of RipGuard becomes useless, all of the discs produced with that version will be copyable forever after.

This is yet another anti-copying technology that will have no effect on P2P availability of content. It will make ripping somewhat more difficult for people who don’t use P2P; but how does that help the studios?

avatar

Student Writing Blog: "Information Technology and the Law"

This semester, I’m teaching “Information Technology and the Law”. We’re reading a series of articles and court decisions on important techno-legal issues.

I’ve created a student writing blog, on which students will post weekly essays on topics related to the course. Essays are 400-500 words in length, with due dates staggered through the week so that we get some new essays every day. (Some students writing under pseudonyms for privacy.)

The site is open to the public, for reading and comment. Please do drop in and join us.

avatar

Lawrence Lessig, Unmasked

We’re watching this week’s episode of West Wing. On the TV screen, Professor Lawrence Lessig starts talking. “I know that voice,” exclaims my wife. “It’s The Hacker!”

On West Wing, Lessig was played not by Himself but by the actor Christopher Lloyd. One of Lloyd’s other roles is on Cyberchase, an animated PBS Kids show, as the voice of an arch-villain known only as The Hacker. Here’s a picture and description of The Hacker, from the Cyberchase website:

The cosmology of Cyberchase cries out for cultural analysis. The Hacker is locked in an endless struggle for supremacy against Motherboard, the benign Mother-Goddess of cyberspace, who appears to ordinary humans only by teleconference. In each episode, The Hacker, with help from his henchrobots, unleashes a dastardly plot (e.g., releasing a virus, letting bugs invade the database library, or draining Motherboard’s life-giving liquid coolant) to overthrow Motherboard and unleash chaos on all of cyberspace. A group of multicultural kids must solve some kind of mathematical puzzle to foil the Hacker’s otherwise-foolproof plan.

Come to think of it, there are those who see Lessig in much the same way, as the evil genius who will destroy cyberspace with his Free Culture plot, replacing the benign content-rich cyberworld of Mother MPAA with a content-free dystopia of uncontrolled filesharing. It’s up to those feisty kids at the DRM companies to figure out some fancy cryptographic math that will foil his evil plan.

Look carefully at the picture above – the Hacker appears to be wearing Lessig’s trademark black jeans. Coincidence? I think not.

I guess that makes most of us henchrobots.