April 23, 2014

avatar

Duck Amuck and the Takedown Gun

I wrote last week (1, 2) about the CopyBot tool in Second Life, which can make an exact lookalike copy of any object, and the efforts of users to contain CopyBot’s social and economic effects. Attempts to stop CopyBot by technology will ultimately fail – in a virtual world, anything visible is copyable – so attention will turn, inevitably, to legal tactics.

One such tactic is the DMCA takedown notice. Second Life lets users keep the copyright in virtual objects they create, so the creator of a virtual object has a legal right to stop others from copying it (with standard exceptions such as fair use). The Digital Millennium Copyright Act (DMCA), among its other provisions, exempts service providers such as Second Life from liability for copyrighted stuff posted by users, provided that Second Life implements the DMCA’s notice and takedown procedure. Under this procedure, if you see an infringing copy of your material on Second Life, you can send a notice containing certain information to Second Life, and they have to respond by taking down the accused material. (For further details consult your neighborhood copyright lawyer.)

Let’s apply this to a specific example. Alice designs a spiffy new hot air balloon that everyone covets. Bob uses CopyBot to make his own replica of the balloon, which he starts riding around the skies. Alice discovers this and sends a takedown notice to Second Life. Bob’s balloon is then “taken down” – it disappears from the world, as in the classic cartoon Duck Amuck, where the animator’s eraser plays havoc with Daffy Duck’s world.

But surely Bob isn’t the only one riding in a copied balloon. Others may have CopyBotted their own balloons or bought a balloon copy from Bob. It’s tedious for Alice to write and send a takedown notice every time she sees a copied balloon.

What Alice needs is a takedown gun. When she sees an infringing balloon, she just points the takedown gun at it and pulls the trigger. The takedown gun does the rest, gathering the necessary information and sending a takedown notice, dooming the targeted balloon to eventual destruction. It’s perfectly feasible to create a takedown gun, thanks to Second Life’s rich tools for object creation. It’s a gun that shoots law rather than bullets.

For extra style points, Alice can program the gun so that it refuses to shoot at balloons that she herself built. To do this, she programs the gun, before it fires, to issue a cryptographic challenge to the balloon. Authorized balloons will know a secret key that allows them to respond correctly to the challenge. But unauthorized copies of the balloon won’t know the key, because the key is built into the object’s scripted behavior, which CopyBot can’t duplicate. (Exercise for computer security students: how exactly would this protocol work?)

But of course there is a small problem with abuse of takedown guns. To send a takedown notice, the law says you must be (or represent) the copyright owner and you must have a good faith belief that the targeted object is infringing. Alice might be careful to shoot the gun only at objects that appear to infringe her copyright; but others might not be so careful. Indiscriminate use of a takedown gun will get you in legal trouble for sending bogus takedown notices.

Initially, the management at Second Life pointed to takedown notices as a response to CopyBot-based infringement. More recently, they have shifted their position a bit, saying that infringement violates their Terms of Use and threatening to expel violators from Second Life. They still face the same problem, though. Presumably their enforcement actions will be driven by user complaints, which motivates Alice to make a complaint gun.

As the music industry has learned, when copying is easy, laws against copying are very hard to enforce.

Comments

  1. Crosbie Fitch says:

    I suspect you’ve mentioned this challenge/response idea before, in a different context. I think I responded – I can’t remember how.

    Anyway, let’s get a grip on reality here.

    2nd life is a collaboratively constructed work of digital art telegraphically viewable via Internet terminal.

    It is a single work.

    Thousands of ad hoc derivative images of it are already distributed for the purposes of permitting thousands of users’ interactive access.

    The work may well exhibit self-similarity in that visual elements may be repeated in the interactive displays.

    However, the work remains a single, uncopied work, no matter that elements may recur.

    Unless 2nd life was replicated in whole or part elsewhere, no copying of the work has occurred. Moreover, the work is wholly within the possession of Linden Labs.

    Does the law have jurisdiction within the virtual world or just its representation in the real world?

    Linden Labs are teasing everyone in a publicity stunt. If the law steps one foot into its virtual territory it would be like god unwittingly proving his existence. Luckily, only mankind is this fallible – and gullible.

  2. Jeff says:

    I do not know much about second life; however, if Alice creates a hot air balloon does she now have a monopoly on all hot air balloons in second life? Or can I create my own balloon independently. If so then the Takedown Gun model would create additional problems. Suddenly, I as an independent creator have the hassle of dealing with Alice’s complaints and I would have incentives to harass Alice (unless the true owner of the hot air balloon concept were identified).

  3. Arachnid says:

    So how long until you have ‘takedown bots’ that are capable of recognising exact duplicates of the creator’s work (using the same technique copybot itself uses), and, when they don’t respond to the cryptographic challenge, issues a takedown notice?

    As far as the challenge-response protocol goes, the easiest way to do that is to have the challenger send a string, and the object send back the HMAC of that string, with a shared key as the secret for the HMAC.

  4. Ned Ulbricht says:

    (Exercise for computer security students: how exactly would this protocol work?)

    Please discuss two army problem.

  5. Ned Ulbricht says:

    As far as the challenge-response protocol goes, the easiest way to do that is to have the challenger send a string, and the object send back the HMAC of that string, with a shared key as the secret for the HMAC.

    Arachnid,

    Suppose that Bob’s unauthorized balloon is scripted to find one of Alice’s authorized balloons, and forward the challenge to it. (Classic MITM attack).

  6. Arachnid says:

    Good point. A refinement, then (presuming this is possible in Second Life – I don’t play it, so have no idea) – include some attribute (object identifier, whatever) of the querier in the value to be hashed for the response. That way, the response is unique to the querier and the query, and forwarding the query will result in the wrong response.

  7. Taran Rampersad says:

    Yeesh! Haven’t you read the comments I’ve been leaving? Copybot couldn’t copy EVERYTHING. It was very limited, Ed, come on. Understanding Copybot’s capabilities as well as understanding the copyright protection mecnanisms is key to all of this within SecondLife, and I think you’ve tossed the baby with the bathwater on this one.

    Seriously – I read your stuff, you’re in my aggregator… but this one is stretched because you don’t appear to know the inherent mechanisms within SecondLife which protect copyright, what the copybot could do, and how it could do it. My posts on it are over a week old, but a good start would be just going to libsecondlife.org and looking at what the copybot could or could not do. Then read this:
    http://www.knowprose.com/node/16654

  8. Ed Felten says:

    Taran,

    Yes, I’ve been reading your comments. To be honest, I’m more interested in what is possible to copy than in what the current version of CopyBot does copy — because if more effective copying technologies are possible, they’ll soon be built. And it’s clear that the entire appearance of an object is inherently copyable, while its behavior (script code) is not.

  9. Crosbie Fitch says:

    Copying behaviour…

    1) Computer assisted reverse engineering (AI). Add a megaton of neural networks to extrapolate highly similar behaviour by exhaustive analysis of a bonafide object in an extensive variety of environments and situations.

    2) Theft. Steal the credentials of the legitimate owner in order to access the script.

    3) Phishing. Put a fake object in the owner’s territory with a plausible error that persuades the owner to ‘re-associate’ the script – this then exposes the script to the phisher.

    4) Reverse engineering.

    5) Trojan. Produce neat little gizmos likely to be attractive to the owner of the bonafide object that when incorporated leak script details.

    Probably other methods too, e.g. client-side spyware, back-handers to server-side staff, etc.

    The only legitimate methods would appear to be informed consent or reverse engineering.

  10. Ned Ulbricht says:

    Arachnid,

    Even without delving into the details of Second Life (of which I know as little as you), your protocol still neglects the general problem of noise in the communications channel. Before you say that noise can be neglected, consider:

    Friendly Fred’s authorized balloon floats into Alice’s air defense identification zone (ADIZ). Alice “paints” the “bogey”. Fred’s “parrot” (IFF transponder) should “squawk”. But little do they know (evil laugh)….

    Dastardly Dan is jamming the channel!

    Dan is continuously interrogating Fred’s IFF transponder, hoping to cause it to miss Alice’s query (DoS attack). Oh, no! Will this cause a “blue-on-blue” balloon “splash”?

  11. Cameron Wilson says:

    What if someone used a copying program on the ballon, but then altered the basket so it wasn’t an exact copy? Would that fall under tranformative and therefore fair use? Who is making the judgement calls in this case? In the real world the courts would make these decisions. In this case it is hard to see Liden Labs making these calls, which would mean unless there is there is some real world enforcement mechanism, this is interesting but rather hypothetical.

  12. Hal says:

    In principle there is indeed a real world enforcement mechanism. The DMCA procedure described at http://secondlife.com/corporate/dmca.php is meant to be a prelude to a court battle if the claimed infringement is contested. (Note that it actually requires postal mail notification, email will not be sufficient, so Ed Felten’s “takedown gun” needs the ability to print, fold, stamp and mail complaints.) Linden Labs appears to have neither the ability nor the desire to arbitrate these kinds of disputes. It will be interesting to see how things go if and when any claimed infringement actually makes it into court.

  13. Neo says:

    There is, of course, the possibility that the societies inside Second Life could develop their own internal justice system and community standards. That would certainly be truer to its name…

  14. cm says:

    Neo: You beat me to it. I was about to suggest virtual-world patents, courts, and prisons. With prison guards, lawyers, bailiffs, and all other bells & whistles. Tongue in cheek of course.

  15. cm says:

    Crosbie Fitch: Good point. How about we apply your reasoning outside 2nd life, and say that this here is a “single world”? Seriously. I guess it is some kind of logical converse to point out that 2nd life is a mirror image of sorts of this here world, and users’ creations carry status similar to this-here-world “intellectual” or physical property. Certainly the suggested takedown methods targeting unwanted competition remind one eerily of this-here-world standard operating procedure.

  16. Crosbie Fitch says:

    2nd Life is a simulacrum only to its players. It is not an extension of reality.

    It is a bunch of data spinning around at a few thousand RPM in LL’s back room.

    This bunch of data is the collective work (to which contributors only have remote access). LL is the proxy for each player.

    A player may be given a model file that appears to correspond to its appearance when interacting remotely, but all participants can only rely on LL to inform them that it has indeed, as per appearances, been copied with/without their permission.

    If you’re going to prosecute anyone for copyright infringement (or DMCA violation), let’s first establish that copies have indeed been manufactured.

    Sequester LL’s disk farm and bring it to court to demonstrate this. Until that point, this is all a charade.

  17. Paul says:

    Crosbie Fitch makes a good point – it’s not totally clear that what looks like making a copy in the virtual world corresponds legally to copying in the real world, and thus comes under real world legislation like the DMCA, Copyright laws, and the Berne Convention.

    Presumably that might depend on the terms and conditions of Second Life (on which I’m no expert), on any decisions that their arbitration process might render, and on whether any decisions or contract terms that restricted users’ “rights” were held to be unfair or unenforcable by the courts in any given jurisdiction.