January 16, 2025

Posts Comments

A Perfectly Compatible Form of Incompatibility

April 15, 2004 by

Scientific American has published an interview with Leonardo Chiariglione, the creator of the MP3 music format and formerly head of the disastrous Secure Digital Music Initiative. (SDMI tried to devise a standard for audio content protection. The group suffered from serious internal disagreements, and it finally dissolved after a failed attempt to use DMCA lawsuit threats to suppress publication of a research paper, by my colleagues and me, on the weaknesses of the group’s technology.)

Now Chiariglione is leading another group to devise the ultimate DRM (i.e., anti-copying) music format: “a system that guarantees the protection of copyrights but at the same time is completely transparent and universal.” He doesn’t seem to see that this goal is self-contradictory. After all, we already have a format that is completely transparent and universal: MP3.

The whole point of DRM technology is to prevent people from moving music usefully from point A to point B, at least sometimes. To make DRM work, you have to ensure that not just anybody can build a music player – otherwise people will build players that don’t obey the DRM restrictions you want to connect to the content. DRM, in other words, strives to create incompatibility between the approved devices and uses, and the unapproved ones. Incompatibility isn’t an unfortunate side-effect of deficient DRM systems – it’s the goal of DRM.

A perfectly compatible, perfectly transparent DRM system is a logical impossibility.

The idea of universally compatible DRM is so odd that it’s worth stopping for a minute to try to understand the mindset that led to it. And here Chiariglione’s comments on MP3 are revealing:

[Scientific American interviewer]: Wasn’t it clear from the beginning that MP3 would be used to distribute music illegally?

[Chiariglione]: When we approved the standard in 1992 no one thought about piracy. PCs were not powerful enough to decode MP3, and internet connections were few and slow. The scenario that most had in mind was that companies would use MP3 to store music in big, powerful servers and broadcast it. It wasn’t until the late ’90s that PCs, the Web and then peer-to-peer created a completely different context. We were probably naive, but we didn’t expect that it would happen so fast.

The attitude of MP3’s designers, in other words, was that music technology is the exclusive domain of the music industry. They didn’t seem to realize that customers would get their own technology, and that customers would decide for themselves what technology to build and how to use it. The compatible-DRM agenda is predicated on the same logical mistake, of thinking that technology is the province of a small group that can gather in a room somewhere to decide what the future will be like. That attitude is as naive now as it was in the early days of MP3.

Filed Under: Uncategorized Tagged With:

Thoughts on the Gmail Privacy Flap

April 14, 2004 by

I have to admit I’m surprised at the magnitude of the recent controversy about Gmail, Google’s new webmail service. Gmail is a free webmail service, giving you up to one gigabyte of storage for email. The service shows you text ads alongside your messages, and provides various search features for your mail. The service has been surprisingly controversial, triggering angry blog-entries, letters from privacy groups, and even an anti-Gmail bill in the California state senate.

It’s important to separate complaints about what Gmail is doing now, from complaints about what the Gmail user agreement allows them to do later.

The main complaint about Gmail’s present design has to do with the text-based ads that Gmail is said to display alongside your email. To decide which ads to place, Gmail looks at the content of your email. Presumably this is a straightforward application of Google’s AdWords system (which used to appear on this site).

I’m not entirely sure why people are offended by the running of a (presumably memoryless) word-matching algorithm over their email, or the displaying of word-triggered ads. The scanner, by itself, wouldn’t bother me at all, since advertisers don’t find out who saw their ads. Users who click on the ads will be taken to the advertisers’ sites, which might try to identify them, but that’s not a new risk, and it’s controllable by the user. Other kinds of scanners, for instance onces that made summaries of my email for sale to third parties, would bother me a lot; but that’s not what Gmail is doing.

The other complaint about Gmail has been about the terms of its user agreement. There’s no doubt that the terms are egregious; but they don’t seem much worse than the terms imposed by other companies. (Seth Finkelstein makes this point well.) Hotmail’s terms of use are pretty distasteful too. So why the big flap over this particular agreement?

Don’t get me wrong. I’m glad to see people screaming about outrageous user agreements. It’s just that I would like to see some of that same anger directed elsewhere, to bring more balance into user agreements for all kinds of products. I hope the Gmail flap will cause people to look at other agreements in the same light.

I was never a likely customer for Gmail. But I can say for sure that the terms of service are enough to eliminate any remaining chance that I would switch to Gmail as my main email provider.

Filed Under: Uncategorized Tagged With:

Grimmelmann on the Digital Cops Conference

April 13, 2004 by

James Grimmelmann reports on the recent Digital Cops conference at Yale. It’s a typically Grimmel-rific effort, both entertaining and insightful.

Filed Under: Uncategorized Tagged With:

Voting Machine Inspection

April 13, 2004 by

Yesterday, I had a chance, with some colleagues, to look over the new e-voting machines that will be used in the future here in Mercer County, New Jersey. They’re AVC Advantage machines, made by Sequoia. The machines were available for public inspection at Princeton Borough Hall. (They’re available today too, at the Suzanne Patterson Center, right behind Borough Hall.)

The machines have a low-tech user interface, a big board covered with a paper printout of the ballot, with switches underneath the paper. The paper is covered by a thin sheet of clear, flexible plastic. You press on the little box printed next to your candidate’s name, and a switch under the paper is triggered. A computer inside the machine detects the switch-press and lights a little green X next to the candidate’s name. When you’re done, you press a bright red “Cast Vote” button, which is supposed to cause the computer to record your vote.

The machine’s minders were careful not to let us look at the mechanism inside. When we got there the access panel was ajar; but when I asked whether I could look inside one of the minders quickly closed and locked it.

The physical security of the machine looked pretty lousy. The guts of the machine are behind a large plastic door on the back side of the machine. The door bent unexpectedly when I tugged gently on its corner. It seemed to be made out of an ordinary plastic, not the thick, tough kind used in kids’ toys these days. My guess is that I could probably rip off the door with my bare hands. It could certainly be removed with a screwdriver or crowbar. The lock looked wimpy too, like the kind of lock you might put on a toolshed or a locker at the gym; not as good as a standard house or office key. I doubt anyone could get the panel open during an election without being noticed, but that owes more to the number of people around than to the inherent strength of the door and lock. The machine will be physically vulnerable beforehand when it’s not as well attended.

They had a copy of the instruction manual that is normally given to poll workers, but they seemed nervous when we looked at it. It seemed to me that they were trying to decide whether to take the manual away from us. The manual had a small black-and-white photo of the machine’s innards, showing a circuit-board of some sort, and a printer.

The vendor offers little if any technical information about the machine. They do publish a brochure, which helpfully observes that use of these machines offers “[n]othing less than the complete elimination of human error.”

Filed Under: Uncategorized Tagged With:

A Grand Unified Theory of Filesharing

April 12, 2004 by

Recently we’ve seen several studies of the impact of filesharing on CD sales. We have enough data now to draw some (very) preliminary conclusions, assuming the studies are correct. Despite the apparent contradictions between the various studies, I think there is a plausible theory that can explain them all – a Grand Unified Theory of Filesharing.

First, let’s review the three main results that have to be explained.

  • Survey-based studies, which ask people whether they use the Internet, whether (and how much) they use filesharing, and how many CDs they buy, find that people who fileshare buy fewer CDs.
  • The recent econometric study by Oberholzer and Strumpf, based on per-album time-series data on filesharing activity, CD sales, and other factors, found that filesharing has little or no effect on CD sales.
  • Eric Boorstin’s study found, controlling for differences in personal income, that there is a strong positive correlation between Internet usage and CD purchasing. This held true for all age groups, except the 15-24 group, for whom Internet usage correlates negatively with CD purchasing.

(It’s undisputed that CD sales have dropped sharply in recent years, but there are several plausible causes for that drop. That’s a topic for another day. Here, I’ll assume only that filesharing is not the only cause of the sales drop, so that we don’t need filesharing to explain the drop.)

The Grand Unified Theory explains the study results by breaking down the users of filesharing into two subpopulations, which I will call Free-riders and Samplers.

Free-riders are generally young. They have few if any moral qualms about filesharing, and they tend to assume that others feel the same way. They use filesharing to accumulate libraries of music, as an alternative to buying CDs.

Samplers are generally older and more risk-averse. They are highly engaged with cultural products of all sorts. They are morally conflicted about filesharing, and use it mostly to download songs that either aren’t for sale, or that they don’t value enough to pay for. They buy music that they really like, and filesharing causes them to find more music they like, so it tends to increase their CD purchases.

Now let’s look at how the theory explains the studies’ results.

In survey-based studies, Free-riders admit to filesharing and to buying fewer CDs because of their filesharing. But Samplers are reluctant to confess their filesharing to a stranger, being more risk-averse and more attuned to the dubious moral status of filesharing (not to mention its illegality). The result is that Free-riders are overcounted in survey-based studies, and Samplers are undercounted, so survey-based studies find that filesharing depresses CD sales.

The Oberholzer and Strumpf study measured the actual impact of both Free-riders and Samplers, and found that the lost sales caused by Free-riders are balanced by the increased sales due to Samplers.

The Boorstin study had different results for different age groups. His 15-24 age group was mostly Free-riders, who buy fewer CDs when they have Internet access, because their filesharing substitutes for purchases. His older age groups were mostly Samplers, who buy more CDs because of filesharing, and who are also, because of their high level of cultural engagement, predisposed to both Internet usage and CD purchasing. Therefore he found that young Internet users buy fewer CDs, while older Internet users buy a lot more.

So there you have it: a theory that explains the study results, and that seems plausible (to me, at least). Of course, there are lots of caveats here. One or more of the studies might be wrong; or the studies might be right but the theory wrong. But bear with me for a bit longer as I explore the possible consequences of the theory.

The theory says that the net effect of filesharing on CD sales is roughly zero, because of a balance between the negative impact of the Free-riders and the positive impact of the Samplers. But what happens in the future? It all depends on what happens to today’s Free-riders.

Perhaps today’s Free-riders will mature into Samplers, to be replaced by a new generation of Free-riders, so that the effects of the two groups continue in a rough balance. Or perhaps today’s Free-riders, never having known anything else, will keep Free-riding as they get older, and the balance will tip toward Free-riders.

It’s also worth noting that the theory does not predict whether (illegal, free) filesharing will reduce online sales of music. Probably the answer depends on what the online alternatives look like, and how convenient they are to use.

So the theory can explain the present situation, but it doesn’t make strong predictions about the future; or, if you prefer, the theory comes in several flavors, which differ in their future predictions. If we had a better handle on what makes one person a Free-rider and another a Sampler, we could make better predictions.

[Thanks to Eric Boorstin and Andrew Appel for helping me develop and refine these ideas.]

Filed Under: Uncategorized Tagged With: