The Ninth Circuit has ruled on the MDY v. Blizzard case, which involves contract, copyright, and DMCA claims. As with the district court ruling, I’ll withhold comment due to my involvement as an expert in the case, but the decision may be of interest to FTT readers.
Today, an Arizona District Court issued its ruling in the MDY v. Blizzard case, which involves contract, copyright, and DMCA claims. The claims addressed at trial were fairly limited because the Court entered summary judgment on several claims last summer. In-court comments by lawyers suggest that the case is headed toward appeal in the Ninth Circuit. Since I served as an expert witness in the case, I’ll withhold comment in this forum at this time, but readers are free to discuss it.
As I’m writing this, the eye of Hurricane Ike is roughly ten hours from landfall. The weather here, maybe 60 miles inland, is overcast with mild wind. Meanwhile, the storm surge has already knocked out power for ten thousand homes along the coast, claims the TV news, humming along in the background as I write this, which brings me to a thought.
Next year, analog TV gets turned off, and it’s digital or nothing. Well, what happens in bad weather? Analog TV degrades somewhat, but is still watchable. Digital TV works great until it starts getting uncorrectable errors. There’s a brief period where you see block reconstruction errors and, with even a mild additional amount of error, it’s just unwatchable garbage. According to AntennaWeb, most of the terrestrial broadcast towers are maybe ten miles from my house, but that’s ten miles closer to the coast. However, I get TV from Comcast, my local cable TV provider. As I’ve watched the HD feed today, it’s been spotty. Good for a while, unwatchable for a while. The analog feed, which we also get on a different channel, has been spot on the whole time.
From this, it would appear that Comcast is getting its feed out of the air, and thus has all the same sorts of weather effects that I would have if I bothered to put my own antenna on the roof. Next year, when the next hurricane is bearing down on the coast, and digital TV is the only TV around, it’s an interesting question whether I’ll get something useful on my TV during a disaster. Dear Comcast, Engineering Department: please get a hard line between you and each of the local major TV stations. Better yet, get two of them, each, and make sure they don’t share any telephone poles.
[Sidebar: In my old house, I used DirecTV plus a terrestrial antenna for HD locals, run through a DirecTV-branded HD TiVo. Now, I’m getting everything from Comcast, over telephone poles, into a (series 3) TiVo-HD. In any meaningful disaster, the telephone poles are likely to go down, taking out my TV source material. I get power and telephone from the same poles, so to some extent, they make a single point of failure, and thus no meaningful benefit from putting up my own antenna.
Once the storm gets closer, I’ll be moving the UPS from my computer to our, umm, shelter-in-place location. I don’t expect I’d want to waste precious UPS battery power running my power-hungry television set. Instead, I’ve got an AM/FM portable radio that runs on two AA’s. Hopefully, the amount of useful information on the radio will be better than the man-on-the-street TV newscasters, interviewing fools standing along the ocean, watching the pretty waves breaking. Hint: you can’t “ride through” a storm when the water is ten feet over your head.]
Linden Lab, the company that runs the popular virtual world Second Life, announced Tuesday that all in-world “banks” must now be registered with real-world banking regulators:
As of January 22, 2008, it will be prohibited to offer interest or any direct return on an investment (whether in L$ or other currency) from any object, such as an ATM, located in Second Life, without proof of an applicable government registration statement or financial institution charter. We’re implementing this policy after reviewing Resident complaints, banking activities, and the law, and we’re doing it to protect our Residents and the integrity of our economy.
This is a significant step. Thus far Second Life, like other virtual worlds, has tried to avoid entanglement with heavyweight real-world regulatory agencies. Now they are welcoming banking regulation. The reason is simple: unregulated “banks” were out of control.
Since the collapse of Ginko Financial in August 2007, Linden Lab has received complaints about several in-world â€œbanksâ€ defaulting on their promises. These banks often promise unusually high rates of L$ return, reaching 20, 40, or even 60 percent annualized.
Usually, we don’t step in the middle of Resident-to-Resident conduct – letting Residents decide how to act, live, or play in Second Life.
But these â€œbanksâ€ have brought unique and substantial risks to Second Life, and we feel it’s our duty to step in. Offering unsustainably high interest rates, they are in most cases doomed to collapse – leaving upset â€œdepositorsâ€ with nothing to show for their investments. As these activities grow, they become more likely to lead to destabilization of the virtual economy. At least as important, the legal and regulatory framework of these non-chartered, unregistered banks is unclear, i.e., what their duties are when they offer â€œinterestâ€ or â€œinvestments.â€
This was inevitable, given the ever-growing connections between the virtual economy of Second Life and the real-world economy. In-world Linden Dollars are exchangeable for real-world dollars, so financial crime in Second Life can make you rich in the real world. Linden doesn’t have the processes in place to license “banks” or investigate problems. Nor does it have the enforcement muscle to put bad guys in jail.
Expect this trend to continue. As virtual world “games” are played for higher and higher stakes, the regulatory power of national governments will look more and more necessary.
I’m excited to announce that Princeton’s Center for InfoTech Policy is putting on a workshop on the policy and social implications of “Computing in the Cloud” – the trend where companies, rather than users, store and manage an increasing range of personal data.
Examples include Hotmail and Gmail replacing desktop email, YouTube taking over as a personal video platform, and Flickr competing with desktop photo storage solutions. Facebook, Myspace and other social networks have pioneered new kinds of tools that couldn’t exist on the desktop, and more new models are sure to emerge.
I’m confident that this trend will reshape tech policy, and will change how people relate to technology. But I don’t know what the changes are. By drawing together experts from computer science, industry, government and law, I hope the Center can help those of us at Princeton, and workshop participants from around the country, get a better sense of where things might be headed.
The workshop will be held on the Princeton campus on January 14 and 15, 2008. It will be free and open to the public. We will have a series of panel discussions, interspersed with opportunities for informal exchanges of ideas. We’re still putting together the list of panels and panelists, so we haven’t yet published a schedule. If you’re interested in attending or want to get email updates about the workshop, please email David Robinson (dgr at princeton dot edu).
Here are some of the possible themes for panels we are exploring:
- Possession and ownership of data: In cloud computing, a provider’s data center holds information that would more traditionally have been stored on the end user’s computer. How does this impact user privacy? To what extent do users “own” this data, and what obligations do the service providers have? What obligations should they have? Does moving the data to the provider’s data center improve security or endanger it?
- Collaboration and globalization: Cloud computing systems offer new sharing and collaboration features beyond what was possible before. They make shared creation among far-flung users easier, allow or require data to be stored in many different jurisdictions, and give users access to offerings that may be illegal in the users’ home countries. How will local laws, when applied to data centers whose user base is global, affect users practice? Do these services drive forward economic growth — and if so, what effect should that fact have on the policy debate?
- New roles for new intermediaries: Cloud services often involve new
intermediaries such as Facebook, MySpace, eBay, and Second Life, standing between people who might have interacted more directly before these services emerged. To what extent are these services “communities”, as their providers claim? How much control do users feel over these communities? How much control do and should users actually have? How does the centralized nature of these intermediaries affect the efficiency and diversity of online experiences? Can the market protect consumers and competition, or is government oversight needed?
- What’s next: What new services might develop, and how will today’s services evolve? How well will cloud computing be likely to serve users, companies, investors, government, and the public over the longer run? Which social and policy problems will get worse due to cloud computing, and which will get better?
Julian Dibbell had an interesting article in yesterday’s NYT, profiling several Chinese gold farmers, who make their living playing the massive multiplayer game World of Warcraft (WoW) and accumulating virtual loot that is ultimately sold for real money. If you’re not familiar with gold farming, or virtual-world economies in general, it’s a nice introduction.
Even if you’ve heard it all before, the article is still worthwhile as a meditation on the porous boundary between work and fun online. These guys make their living playing a game, in seven twelve-hour shifts a week. It’s highly repetitive work – they follow the loot-maximizing strategy which involves hanging around the same little area and whacking the same monsters over and over. WoW players even call this kind of play “the grind”.
Yet somehow the guys enjoy it, not all the time but often enough to find a work rewarding in an odd way. One guy, Wang Huachen, has a law degree but chooses to play/work WoW instead, at least for a while.
“I will miss this job,” [Wang] said. “It can be boring, but I still have sometimes a playful attitude. So I think I will miss this feeling.”
I turned to Wang Huachen, who remained intent on manipulating an arsenal of combat spells, and asked again how it was possible that in these circumstances anybody could, as he put it, “have sometimes a playful attitude”?
He didn’t even look up from his screen. “I cannot explain,” he said. “It just feels that way.”
Amazingly, after finishing a twelve-hour shift, some of these guys spend their long-awaited free time … playing WoW.
But all that changed when the boss of one gold farm got a new business idea: rather than grinding out more loot, his employees would instead build up a 40-man team of uber-characters who would serve as mercenaries, for hire by players who wanted reliable, non-greedy companions in attacking the toughest areas of WoW. Suddenly these gold farmers could really use their skills, and have more fun – for a while.
The end arrived without warning. One day word came down from the bosses that the 40-man raids were suspended indefinitely for lack of customers. In the meantime, team members would go back to gold farming, gathering loot in five-man dungeons that once might have thrilled Min but now presented no challenge whatsoever. “We no longer went to fight the big boss monsters,” Min said. “We were ordered to stay in one place doing the same thing again and again. Everyday I was looking at the same thing. I could not stand it.”
What’s most interesting about this, to me at least, is the relationship between the gold farmers and the players they serve. It’s not a personal relationship, only an economic one, in which the gold farmers play the boring part of the game in exchange for a cash payment from a richer customers.
This relationship is an amazing tangle of play and work. The gold farmer works playing a game, so he can earn money which he spends playing the same game. The customer finds part of the game too much like work, so he works at another job to earn money to pay a gold farmer to play for him, so the customer can have more fun when he plays. Got it?
I wrote last week (1, 2) about the CopyBot tool in Second Life, which can make an exact lookalike copy of any object, and the efforts of users to contain CopyBot’s social and economic effects. Attempts to stop CopyBot by technology will ultimately fail – in a virtual world, anything visible is copyable – so attention will turn, inevitably, to legal tactics.
One such tactic is the DMCA takedown notice. Second Life lets users keep the copyright in virtual objects they create, so the creator of a virtual object has a legal right to stop others from copying it (with standard exceptions such as fair use). The Digital Millennium Copyright Act (DMCA), among its other provisions, exempts service providers such as Second Life from liability for copyrighted stuff posted by users, provided that Second Life implements the DMCA’s notice and takedown procedure. Under this procedure, if you see an infringing copy of your material on Second Life, you can send a notice containing certain information to Second Life, and they have to respond by taking down the accused material. (For further details consult your neighborhood copyright lawyer.)
Let’s apply this to a specific example. Alice designs a spiffy new hot air balloon that everyone covets. Bob uses CopyBot to make his own replica of the balloon, which he starts riding around the skies. Alice discovers this and sends a takedown notice to Second Life. Bob’s balloon is then “taken down” – it disappears from the world, as in the classic cartoon Duck Amuck, where the animator’s eraser plays havoc with Daffy Duck’s world.
But surely Bob isn’t the only one riding in a copied balloon. Others may have CopyBotted their own balloons or bought a balloon copy from Bob. It’s tedious for Alice to write and send a takedown notice every time she sees a copied balloon.
What Alice needs is a takedown gun. When she sees an infringing balloon, she just points the takedown gun at it and pulls the trigger. The takedown gun does the rest, gathering the necessary information and sending a takedown notice, dooming the targeted balloon to eventual destruction. It’s perfectly feasible to create a takedown gun, thanks to Second Life’s rich tools for object creation. It’s a gun that shoots law rather than bullets.
For extra style points, Alice can program the gun so that it refuses to shoot at balloons that she herself built. To do this, she programs the gun, before it fires, to issue a cryptographic challenge to the balloon. Authorized balloons will know a secret key that allows them to respond correctly to the challenge. But unauthorized copies of the balloon won’t know the key, because the key is built into the object’s scripted behavior, which CopyBot can’t duplicate. (Exercise for computer security students: how exactly would this protocol work?)
But of course there is a small problem with abuse of takedown guns. To send a takedown notice, the law says you must be (or represent) the copyright owner and you must have a good faith belief that the targeted object is infringing. Alice might be careful to shoot the gun only at objects that appear to infringe her copyright; but others might not be so careful. Indiscriminate use of a takedown gun will get you in legal trouble for sending bogus takedown notices.
As the music industry has learned, when copying is easy, laws against copying are very hard to enforce.
In the spirit of the cult “Will It Blend?” videos, today’s question on Freedom to Tinker is “Will It Copy?” As we saw with the CopyBot in Second Life, when something becomes easily copyable, the economics of its production change: users benefit more from already-existing objects, but the incentive to make new objects decreases.
This is exactly what happened to the music industry when computers and the Internet suddenly made small files, including digitized music, easily copyable. In the case of music, we know that the business is changing, but we don’t know yet what will be the net effect on the availability of good music.
Like the music business, the software business is challenged by cheap copying. If you make software that runs on users’ computers, your software will be copied by at least some users. By contrast, if you provide an interactive service, delivered across the net but implemented on your own servers – a search engine, perhaps – then your product can’t be trivially copied. You have an inherent advantage over the sellers of packaged software.
A similar story holds for the Second Life CopyBot. Objects in Second Life can be described by shape, coloration, and behavior. Shape and coloration are duplicated perfectly by the CopyBot, but behavior (the script code describing what the object does) is not. So if your business makes beautiful but passive objects – clothing, perhaps– your objects can be copied perfectly and you have a problem. But if you make functional objects – a magic wand that does tricks in response to voice commands, perhaps – then the CopyBot won’t affect you much.
Second Life users are reportedly fighting back by building anti-CopyBot technologies, but this is ultimately futile. As long as shape and coloration are visible, it will be possible to observe and copy them. It will be easier to build a three-dimensional scanner-copier in Second Life than in real life. Copying of beautiful, nonfunctional objects will remain possible.
Eventually, this will happen in real life too. Tools for analyzing and replicating real objects will get better and better; knockoffs will get closer and closer to the real thing; and the time window when only the original is available will get shorter and shorter. Today, fashion flourishes despite relatively free copying. Indeed, some argue that the high-fashion world is so dynamic because of copying – always moving, to stay ahead of the masses. So it’s not a given that the fashion world will dry up, in real life or Second Life, if copying gets faster and more accurate.
Part of the fun of “Will It Blend?” is that the answer is almost always “yes”. Increasingly, the answer to “Will It Copy?” will be the same.
Here’s one from the It-Was-Only-a-Matter-of-Time file. Somebody in SecondLife, a popular multiplayer virtual world, created a gadget called the CopyBot, which can make a perfect copy of any object in the SecondLife world. (Here’s a Reuters story.) This raises some interesting technical issues, but I want to focus today on how it effects SecondLife’s economy.
If you’re not familiar with virtual worlds, you might think the word “economy” is a stretch. But really it’s not. SecondLife has about 1.5 million residents. Residents are given a sophisticated toolset they can use to design complex objects, specifying the objects’ shape, appearance, and behavior. Objects can be sold for a currency called Linden Dollars. Linden Dollars are real money – they can be traded for U.S. dollars on currency exchange markets. Quite a few people make their living in SecondLife, running businesses that make Linden-Dollar profits, which are then cashed in for U.S. dollars. Most days, the SecondLife economy sees transactions worth a total of between $500,000 and $1,000,000 (real U.S. dollars). This is clearly a real economy.
To understand the possible impact of CopyBot, imagine such a thing existed in real life. Point this CopyGadget at any real-world object, push a button, and you get a perfect copy of that object. Want a new Lambourghini sportscar? Just find one in a parking lot and copy it. Like the lime sorbet at the local ice cream parlor? Buy a cup, take it home, and fill your freezer with copies. When you get down to the last cup in the freezer, just copy it again. You get the idea.
Needless to say, this would cause Big Trouble in the real-world economy. Lambourghini would have trouble selling cars. There would be no waiting at the ice cream parlor, even on the hottest summer night. Could these businesses survive? Could any business that provided goods survive?
A SecondLife business that designs and sells virtual objects faces the same challenge. If you design an object in SecondLife, the system lets you make copies of the object, but if you mark the object as uncopyable, the system won’t let other users copy it. So if you design a cool virtual widget, you can “manufacture” copies to sell to people, but your customers can’t re-copy the widgets they buy. Only you can make widgets, so people have to come to you to buy them. Like Lambourghinis and sorbet, manufactured virtual objects couldn’t easily be copied – until the CopyBot came along.
It’s too early to predict all of the impacts this will have. All we can say for sure is that it will be fascinating to watch. Already the story has several interesting facets, which I’ll write more about next week.
[Despite our recent focus on the SonyBMG CD flap, our mandate here at Freedom to Tinker covers infotech and policy generally. So I hope any Sonymaniacs in the audience will forgive me for posting about something else today. (If you need a Sony fix, Bruce Hayden can help.) Regularly scheduled Sony-related programming will resume next week.]
There’s a fascinating story going around about the intersection between virtual worlds and real-life law enforcement. (I have written twice before about this topic.) It started in a virtual world called Second Life, which has 70,000 or so members. There’s a group of in-world characters calling themselves the W-Hats. Stories in the Second Life Herald – a foulmouthed but apparently somewhat trusted virtual newspaper about Second Life – depict the W-Hats as a gang of racist thugs. (The rest of the story I tell here is based on the Herald’s reporting.)
One of the cool things about Second Life is that players can create new kinds of objects, by writing small programs in a special scripting language to describe how the objects should behave, and then launching objects into the world.
Things got really out of hand when the W-Hats created a doomsday device. It looked like a harmless little orb, but it was programmed to make copies of itself, repeatedly. The single object split into two. Then each of those split, and there were four. Then eight, and sixteen, and so on to infinity.
Okay, not exactly to infinity but to billions of copies (after thirty-some generations of splitting), at which point the servers running Second Life crashed, and the whole virtual world was knocked off-line. The W-Hats had created a Weapon of Mass Virtual Destruction (WMVD).
The WMVD was detonated more than once, and on at least one occasion Linden Lab, the company that runs Second Life, contained the damage by taking parts of the world offline as a kind of virtual firebreak.
Last week at an in-world holiday party, Philip Linden, the character played by Linden Lab CEO Philip Rosedale, mentioned that the company had called the FBI about the attacks and had turned over the names of some players. Others at the party reportedly praised the action. But was this justified? Should the FBI get involved in this mess?
It seems to me that they should. A WMVD of this sort is just a fancy denial of service attack, and a deliberate denial of service attack against a large network service looks to me like a crime. It’s possible that the first attack wasn’t meant to crash Second Life – though even if not deliberate it was certainly reckless – but subsequent attacks could only have been intended to cause a crash.
There is some indication that Linden Lab may have banned at least one player temporarily because of the attacks, but there is a limit to the effectiveness of in-world punishment. As James Grimmelmann has argued, the worst punishment available in-world is exile from the world – try to impose a stronger penalty on someone and he will simply exile himself by leaving the virtual world permanently. Real-world punishments can be worse than exile and so stronger deterrence is available in the real world. When stronger deterrence is needed, real-world punishment may be the only option.
Some have argued that players shouldn’t be punished for doing things that the world’s coding allows them to do. But that seems to me to be the wrong rule. For one thing, that’s not how things work in the real world, where you can commit all manner of crimes without violating the laws of physics. And it’s just wrong to think that the virtual world can be coded in a way that allows everything good but prevents everything bad. Any virtual world (if I may be forgiven for that phrase) that is complicated enough to be interesting will probably enable some undesired behavior.
It will sometimes be necessary, then, to appeal to real-world law enforcement to handle bad acts in virtual worlds. In general, there are lots of caveats here – for example, in some worlds, in-world fraud or murder is considered just part of the game; and world-builders shouldn’t run to the FBI over minor problems. But the particular case before us seems like an easy one: the FBI should investigate and, at the very least, use its power to intimidate the perpetrators into behaving better.