November 27, 2024

DRM and Black Boxes

Lisa Rein has posted (with permission) a video of my short presentation at the Berkeley DRM conference. I talked about the push to turn technologies into “black boxes” that the public is not allowed to study, understand, or discuss, and how that paralyzes public debate on important issues such as electronic voting.

RIAA/Student Suits Back in the News

Jesse Jordan, one of the students sued by the RIAA, is back in the news. It’s not that anything new has happened; it’s just that Jordan and his father are complaining about the unfairness of the suit and of the $12,000 settlement.

It’s true, as Seth Finkelstein observes, that continuing to fight the suit was a lose-lose proposition for Jordan. Even if he won, his legal bills would have far exceeded the $12,000 for which he settled (and the odds are poor that the court would order the plaintiffs to cover his legal bills).

The plaintiffs’ contributory infringement claim against Jordan, based on the assertion that he ran a “Napster-like network” (which was really just an ordinary search engine) was indeed questionable. If that were the only claim against him, then I would agree that the suit looked a bit like a shakedown.

But let’s not forget the plaintiffs’ other claim, that Jordan was a direct infringer, based on his alleged redistribution of hundreds of copyrighted works from his own computer. If proven, this claim would have cost Jordan much more than $12,000 in damages. And it seems reasonable to assume that the direct infringement claim was not baseless, especially given that Jordan has not denied it.

If so, then the only unfair aspect of Jordan’s story is that he was singled out, from among all of the direct infringers out there, as the target of a lawsuit. In other words, the problem is that a great many direct infringers are out there, any of whom could be sued at the industry’s whim.

A huge gulf has developed, between the ubiquity of casual file sharing and the law’s treatment of it as a Very Serious Offense; and this cannot go on forever. Something has to give. Either the law will change, or the industry will sue file sharers into submission, or both. So far we have an uneasy truce that nobody likes.

UPDATE (3:50 PM): I originally wrote that Jordan would have had to pay the plaintiffs’ legal bills if he lost, but they wouldn’t have to pay his if he won. Louis Trager pointed out that that was incorrect, so I have corrected the text. The Copyright Act allows a court to order the losing party to pay the winning party’s legal costs, regardless of which party wins. In other words, Jordan might have had his legal bills covered, if he won his case. But of course that would be unlikely absent a total victory; and total victory would have been a long shot given the direct infringement claim.

"If It's Not Snake Oil, It's Pretty Awesome"

In today’s Los Angeles Times, Jon Healey writes about a new DRM proposal from a company called Music Public Broadcasting. The company’s claims, which are not substantiated in the story, give off a distinct aroma of snake oil.

The warning signs are all there. First, there is the flamboyant, self-promoting entrepreneur, newly arrived from another field. In this case, it’s a guy named Hank Risan, who was previously a dealer in high-end musical instruments.

“He is a very flamboyant guy, and he does things with a level of style that I don’t think is duplicated in the fretted-instrument industry,” said Stanley Jay, president of Mandolin Bros. Ltd., another elite dealer of stringed instruments. “In this industry, to make yourself stand apart, you need to be self-promotional. And he does that extremely well.”

Second, there’s the vaguely articulated theoretical breakthrough, described in mystical terms unintelligible to experts in the field:

Risan drew on his mathematical skills to come up with a different approach to the problem of unauthorized recording. Drawing on a branch of topology known as network theory, Risan said he could look at the networks a computer uses to move data internally and “visualize how to protect the copyrighted material as it transfers through those networks.”

The firm claims that its technology controls those pathways, letting copyright owners dictate what can and can’t be copied. “We control pathways that don’t even exist yet,” Risan said.

Third, there is the evidence that the product hasn’t been demonstrated or explained to its customers. But if it actually turns out to work, they are of course eager to buy it.

Zach Zalon of Radio Free Virgin, the online radio arm of Virgin Group, said he would love to license technology that prevented his stations’ Webcasts from being recorded by “stream ripping” programs. Stream rippers break through every anti-piracy program on the market, Zalon said, “so if you could somehow defeat that, it’s fantastic.”

An executive at a major record company who’s seen the technology for protecting streams and CDs said he was impressed, although he’s not sure the demonstration can be duplicated in the real world. “If it’s not snake oil, it’s pretty awesome,” he said.

And finally, the new product claims to invalidate an accepted, fundamental principle in the field – but without really explaining how it does so.

But as piracy experts are fond of saying, anything that can be played on a computer can be recorded, regardless of how it’s protected. Encrypted streams and downloads must be unscrambled to be heard on a computer’s speakers or shown on its screen. And there are several programs that can intercept music or video on its way to the speakers or screen after it’s been unscrambled.

As always, the burden of proof should be on those who are making the extravagant technical claims. If Risan and his company ever substantiate their claims, by explaining at a detailed technical level why their products prevent capture of audio streams, then those claims will deserve respect. Until they do that, skepticism is, as always, the best course.

Lessons from the SCO/IBM Dispute

Conventional wisdom about the SCO/IBM dustup is that it demonstrates a serious flaw in the open-source model – an asserted lack of “quality control” on open-source code that leaves end users open to potential copyright and patent infringement suits. If any pimply-faced teenager can contribute code to open-source projects, how can you be sure that that code isn’t copyrighted or patented by somebody?

SCO charges that IBM took code from a SCO-owned version of Unix and copied it into the open-source Linux operating system, in violation of a contract between IBM and SCO. There is also some ambiguous evidence that SCO may own copyrights on some of the allegedly-copied code, in which case IBM might be liable for copyright infringement.

It may well turn out that SCO’s claims are hooey, in which case the only lesson to be learned is that we shouldn’t take the claims of desperate companies too seriously. But let’s assume, just for the sake of argument, that SCO is right, and that IBM, in violation of contracts and copyrights, did copy code without permission into Linux. What lesson do these (hypothetical) facts have to teach?

Assuming that SCO’s charges are correct, the moral of the story is not, as the conventional wisdom would have it, to avoid software that comes from pimply-faced teenagers. Quite the contrary. The moral is to be wary of software from big, established companies like IBM. In SCO’s story, the pimply-faced teenagers are bystanders – the gray-haired guys in expensive suits are the crooks.

More likely, though, the fact that SCO’s story involves their code ending up in an open-source IBM product, rather than a closed-source one, is just a red herring. IBM would have had just as large an incentive to copy code into a closed-source product, and doing so would have reduced the chance of getting caught. Nobody has offered a plausible reason why the open-source nature of the end product matters.

Now let’s turn to SCO’s argument that ordinary Linux users might be liable for infringing SCO’s copyrights, even if they didn’t know that Linux contained SCO’s code. It’s hard to see how the merits of this argument depend on the fact that Linux is open-source. SCO’s arguments would seem to apply just as well to customers who made copies of closed-source IBM products (presumably, with IBM’s permission but without SCO’s). Once again, the open-source issue seems to be irrelevant.

Now it may well be that open-source products are more prone to copyright infringement or patent infringement than closed-source products. That’s an important question; but I don’t see how the SCO/IBM dispute will help us answer it.

How To Annoy Your Mother-in-Law

Look up her age here. Then send her an email informing her that anyone on the Net can do the same.

UPDATE (9:00 PM): How to run up your mother-in-law’s AOL bill: tell her she can look up her friends’ ages.