October 30, 2024

Don't Regulate the Internet. No, Wait. Regulate the Internet.

When Congress considered net neutrality legislation in the form of the Internet Freedom Preservation Act of 2008 (H.R. 5353), representatives of corporate copyright owners weighed in to oppose government regulation of the Internet. They feared that such regulation might inhibit their private efforts to convince ISPs to help them enforce copyrights online through various forms of broadband traffic management (e.g., filtering and bandwidth shaping). “Our view,” the RIAA’s Mitch Bainwol testified at a Congressional hearing, “is that the marketplace is generally a better mechanism than regulation for addressing such complex issues as how to address online piracy, and we believe the marketplace should be given the chance to succeed.” And the marketplace presumably did succeed, at least from the RIAA’s point of view, when ISPs and corporate rights owners entered into a Memorandum of Understanding last summer to implement a standardized, six-strikes graduated response protocol for curbing domestic illegal P2P file sharing. Chalk one up for the market.

What, then, should we make of the RIAA’s full-throated support for the Senate’s pending PROTECT IP Act (S. 968) and its companion bill in the House, SOPA (H.R. 3261)? PROTECT IP and SOPA are bills that would regulate the technical workings of the Internet by requiring operators of domain name servers to block user access to “rogue websites”—defined in PROTECT IP as sites “dedicated to infringing activities”—by preventing the domain names for those sites from resolving to their corresponding IP addresses. In a recent RIAA press release on PROTECT IP, the RIAA’s Bainwol praised the draft legislation, asserting the need for—you guessed it—new government regulation of the Internet: “[C]urrent laws have not kept pace with criminal enterprises that set up rogue websites overseas to escape accountability.” So much, I guess, for giving the marketplace the chance to succeed.

As the Social Science Research Council’s groundbreaking 2011 report on global piracy concluded, the marketplace could succeed in addressing the problem of piracy beyond U.S. borders if corporate copyright owners were willing to address global disparities in the accessibility of legal digital goods. As the authors explain, “[t]he flood of legal media goods available in high-income countries over the past two decades has been a trickle in most parts of the world.” Looking at the statistics on piracy in the developing world from the consumption side rather than the production side, the SSRC authors assert that what developing markets want and need are “price and service innovations” that have already been rolled out in the developed world. Who is in a better position to deliver such innovations, through the global marketplace, than the owners of copyrights in digital entertainment and information goods? Why not give the marketplace another chance to succeed, particularly when the alternative presented is a radical policy intrusion into the fundamental operation of the Internet?

The RIAA’s political strategy in the war on piracy has been alternately to oppose and support government regulation of the Internet, depending on what’s expedient. I wonder if rights owners and the trade groups that represent them experience any sense of cognitive dissonance when they advocate against something at one moment and for it a little while later—to the same audience, on the same issue.

The Digital Death of Copyright's First Sale Doctrine

The legal media’s attention has been focused this past week on Supreme Court oral arguments in Golan v. Holder, an important copyright case involving the power of Congress to “restore” private rights in creative works that are already in the public domain. In this post, I’d like to focus on an important copyright case that won’t be argued in the Supreme Court. On October 3, the Supreme Court declined to review Vernor v. Autodesk, a Ninth Circuit Court of Appeals decision involving the applicability of copyright’s first sale doctrine to transactions involving software and other digital information goods.

The first sale doctrine is the provision in copyright law that gives the purchaser of a copy of a copyrighted work the right to sell or otherwise dispose of that copy without the permission of the copyright owner. If there were no first sale doctrine, there would be no free market for used books, CDs, or DVDs, because the copyright owner’s right of distribution would reach beyond the first sale, all the way down the stream of commerce. Without the first sale doctrine, movie rental services like Netflix and Redbox wouldn’t be able to lend DVDs without authorization from studios, and you wouldn’t be able to lend the bestseller you just finished to a friend without authorization from the book’s author or publisher. Along with fair use, the first sale doctrine promotes public access to culture and information by functioning as a crucial limit on the right of a copyright owner to control the disposition of a copyrighted work. A world without the first sale doctrine in it is a world I wouldn’t want to live in, but it’s one that’s quickly taking shape, thanks in part to legal decisions like the one in Vernor.

The Ninth Circuit’s decision in Vernor significantly erodes the first sale doctrine with respect to software and other mass-licensed digital goods. The plaintiff in the case, Timothy Vernor, bought several copies of an AutoCad software package from a direct customer of the software publisher. Vernor then resold the copies on eBay, only to be accused of having infringed the software publisher’s copyrights. He sued, seeking a declaration from the court that his sale of the software on eBay was protected by the first sale doctrine because the software publisher’s distribution right was exhausted by its “first sale” of the copies to its direct customer. By Vernor’s logic, software should be able to be purchased and resold in the same way that a book can be purchased and resold. Why should the two be treated any differently under copyright law, after all? The buyer of a book owns her copy of the book as personal property, and her ownership of that individual copy does not at all interfere with the author’s ownership of the copyright in the work. Once the author places a particular copy of the work into the stream of commerce, the author loses the right to control the fate of that copy; the author retains, however, all of the rights the statute gives her in the copyrighted work itself, including the exclusive right to make and sell new copies of it.

The Copyright Act makes an explicit distinction between ownership of a copy of a copyrighted work–whether that copy is printed on paper or burned onto an optical disk or stored in a computer’s memory–and ownership of the copyright in the work. The copy is tangible property owned by the purchaser; the copyrighted work embodied in the copy is intangible property owned by the author. A copy is a copy, the work is the work, and never the twain shall meet. In Timothy Vernor’s case, however, the publisher of the AutoCad software argued that it never actually sold the copies Vernor bought, so there was no “first sale” for copyright purposes. Under the software publisher’s logic, which the Ninth Circuit adopted in the case, both the copy and the intellectual property embodied in the copy were only licensed, and quite restrictively so, pursuant to the terms of a mass end user license agreement (EULA); nothing was ever sold, despite the retail transaction that put copies of the software into the hands of the initial purchaser, and despite the downstream transaction that put those copies into Timothy Vernor’s hands.

Existing copyright case law makes it clear that digital copies of works, even those stored only ephemerally in RAM, are “copies” within the meaning of the Copyright Act. Moreover, the the Copyright Act is clear on its face that there is a difference between ownership of a copy of a work and ownership of the work embodied in the copy. Decisions like the Ninth Circuit’s in Vernor v. Autodesk, however, permit copyright owners to conflate the copy and the work to the detriment of consumers in cases involving digital goods. Under Vernor, software copyright owners not only own the work embodied in every copy of a program they sell, they own every copy, too. Consumers are left with both empty pockets and empty hands.

As the transition from physical to streaming or cloud-based digital distribution continues, further divorcing copyrighted works from their traditional tangible embodiments, it will increasingly be the case that consumers do not own the information goods they buy (or, rather, think they’ve bought). Under the court’s decision in Vernor, all a copyright owner has to do to effectively repeal the statutory first sale doctrine is draft a EULA that (1) specifies that the user is granted a license; (2) significantly restricts the user’s ability to transfer the software; and (3) imposes notable use restrictions. Sad to say, it’s about as easy as falling off a log.

Open Access to Scholarly Publications at Princeton

In its September 2011 meeting, the Faculty of Princeton University voted unanimously for a policy of open access to scholarly publications:

“The members of the Faculty of Princeton University strive to make their publications openly accessible to the public. To that end, each Faculty member hereby grants to The Trustees of Princeton University a nonexclusive, irrevocable, worldwide license to exercise any and all copyrights in his or her scholarly articles published in any medium, whether now known or later invented, provided the articles are not sold by the University for a profit, and to authorize others to do the same. This grant applies to all scholarly articles that any person authors or co-authors while appointed as a member of the Faculty, except for any such articles authored or co-authored before the adoption of this policy or subject to a conflicting agreement formed before the adoption of this policy. Upon the express direction of a Faculty member, the Provost or the Provost’s designate will waive or suspend application of this license for a particular article authored or co-authored by that Faculty member.

“The University hereby authorizes each member of the faculty to exercise any and all copyrights in his or her scholarly articles that are subject to the terms and conditions of the grant set forth above. This authorization is irrevocable, non-assignable, and may be amended by written agreement in the interest of further protecting and promoting the spirit of open access.”

Basically, this means that when professors publish their academic work in the form of articles in journals or conferences, they should not sign a publication contract that prevents the authors from also putting a copy of their paper on their own web page or in their university’s public-access repository.

Most publishers in Computer Science (ACM, IEEE, Springer, Cambridge, Usenix, etc.) already have standard contracts that are compatible with open access. Open access doesn’t prevent these publishers from having a pay wall, it allows other means of finding the same information. Many publishers in the natural sciences and the social sciences also have policies compatible with open access.

But some publishers in the sciences, in engineering, and in the humanities have more restrictive policies. Action like this by Princeton’s faculty (and by the faculties at more than a dozen other universities in 2009-10) will help push those publishers into the 21st century.

The complete report of the Committee on Open Access is available here.

Tinkering with the IEEE and ACM copyright policies

It’s historically been the case that papers published in an IEEE or ACM conference or journal must have their copyrights assigned to the IEEE or ACM, respectively. Most of us were happy with this sort of arrangement, but the new IEEE policy seems to apply more restrictions on this process. Matt Blaze blogged about this issue in particular detail.

The IEEE policy and the comparable ACM policy appear to be focused on creating revenue opportunities for these professional societies. Hypothetically, that income should result in cost savings elsewhere (e.g., lower conference registration fees) or in higher quality member services (e.g., paying the expenses of conference program committee members to attend meetings). In practice, neither of these are true. Regardless, our professional societies work hard to keep a paywall between our papers and their readership. Is this sort of behavior in our best interests? Not really.

What benefits the author of an academic paper? In a word, impact. Papers that are more widely read are more widely influential. Furthermore, widely read papers are more widely cited; citation counts are explicitly considered in hiring, promotion, and tenure cases. Anything that gets in the way of a paper’s impact is something that damages our careers and it’s something we need to fix.

There are three common solutions. First, we ignore the rules and post copies of our work on our personal, laboratory, and/or departmental web pages. Virtually any paper written in the past ten years can be found online, without cost, and conveniently cataloged by sites like Google Scholar. Second, some authors I’ve spoken to will significantly edit the copyright assignment forms before submitting them. Nobody apparently ever notices this. Third, some professional societies, notably the USENIX Association, have changed their rules. The USENIX policy completely inverts the relationship between author and publisher. Authors grant USENIX certain limited and reasonable rights, while the authors retain copyright over their work. USENIX then posts all the papers on its web site, free of charge; authors are free to do the same on their own web sites.

(USENIX ensures that every conference proceedings has a proper ISBN number. Every USENIX paper is just as “published” as a paper in any other conference, even though printed proceedings are long gone.)

Somehow, the sky hasn’t fallen. So far as I know, the USENIX Association’s finances still work just fine. Perhaps it’s marginally more expensive to attend a USENIX conference, but then the service level is also much higher. The USENIX professional staff do things that are normally handled by volunteer labor at other conferences.

This brings me to the vote we had last week at the IEEE Symposium on Security and Privacy (the “Oakland” conference) during the business meeting. We had an unusually high attendance (perhaps 150 out of 400 attendees) as there were a variety of important topics under discussion. We spent maybe 15 minutes talking about the IEEE’s copyright policy and the resolution before the room was should we reject the IEEE copyright policy and adopt the USENIX policy? Ultimately, there were two “no” votes and everybody else voted “yes.” That’s an overwhelming statement.

The question is what happens next. I’m planning to attend ACM CCS this October in Chicago and I expect we can have a similar vote there. I hope similar votes can happen at other IEEE and ACM conferences. Get it on the agenda of your business meetings. Vote early and vote often! I certainly hope the IEEE and ACM agree to follow the will of their membership. If the leadership don’t follow the membership, then we’ve got some more interesting problems that we’ll need to solve.

Sidebar: ACM and IEEE make money by reselling our work, particularly with institutional subscriptions to university libraries and large companies. As an ACM or IEEE member, you also get access to some, but not all, of the online library contents. If you make everything free (as in free beer), removing that revenue source, then you’ve got a budget hole to fill. While I’m no budget wizard, it would make sense for our conference registration fees to support the archival online storage of our papers. Add in some online advertising (example: startup companies, hungry to hire engineers with specialized talents, would pay serious fees for advertisements adjacent to research papers in the relevant areas), and I’ll bet everything would work out just fine.

In DHS Takedown Frenzy, Mozilla Refuses to Delete MafiaaFire Add-On

Not satisfied with seizing domain names, the Department of Homeland Security asked Mozilla to take down the MafiaaFire add-on for Firefox. Mozilla, through its legal counsel Harvey Anderson, refused. Mozilla deserves thanks and credit for a principled stand for its users’ rights.

MafiaaFire is a quick plugin, as its author describes, providing redirection service for a list of domains: “We plan to maintain a list of URLs, and their duplicate sites (for example Demoniod.com and Demoniod.de) and painlessly redirect you to the correct site.” The service provides redundancy, so that domain resolution — especially at a registry in the United States — isn’t a single point of failure between a website and its would-be visitors. After several rounds of ICE seizure of domain names on allegations of copyright infringement — many of which have been questioned as to both procedural validity and effectiveness — redundancy is a sensible precaution for site-owners who are well within the law as well as those pushing its limits.

DHS seemed poised to repeat those procedural errors here. As Mozilla’s Anderson blogged: “Our approach is to comply with valid court orders, warrants, and legal mandates, but in this case there was no such court order.” DHS simply “requested” the takedown with no such procedural back-up. Instead of pulling the add-on, Anderson responded with a set of questions, including:

  1. Have any courts determined that MAFIAAfire.com is unlawful or illegal inany way? If so, on what basis? (Please provide any relevant rulings)
  2. Have any courts determined that the seized domains related to MAFIAAfire.com are unlawful, illegal or liable for infringement in any way? (please provide relevant rulings)
  3. Is Mozilla legally obligated to disable the add-on or is this request based on other reasons? If other reasons, can you please specify.

Unless and until the government can explain its authority for takedown of code, Mozilla is right to resist DHS demands. Mozilla’s hosting of add-ons, and the Firefox browser itself, facilitate speech. They, like they domain name system registries ICE targeted earlier, are sometimes intermediaries necessary to users’ communication. While these private actors do not have First Amendment obligations toward us, their users, we rely on them to assert our rights (and we suffer when some, like Facebook are less vigilant guardians of speech).

As Congress continues to discuss the ill-considered COICA, it should take note of the problems domain takedowns are already causing. Kudos to Mozilla for bringing these latest errors to public attention — and, as Tom Lowenthal suggests in the do-not-track context, standing up for its users.

cross-posted at Legal Tags