An important ruling was issued yesterday in the Chamberlain v. Skylink lawsuit. (See this previous post for a summary of the case.)

The court denied Chamberlain’s motion for summary judgment. Although this is only a ruling on a preliminary motion, the judge used it to offer her analysis of how the DMCA applies to the apparent facts in the case. In short, she ruled that it is not a violation of the DMCA for Skylink to make a replacement remote control that can open Chamberlain-brand garage door openers.

Chamberlain uses a simple cryptographic protocol to authenticate the remote (the small push-button device you keep in your car) to the opener (the big unit attached to the garage ceiling). The purported purpose of this is to prevent bad guys from recording the signals sent by the remote, and replaying them later to open the door when the homeowner is gone. The protocol includes a resynchronization mode that is used when the remote and the opener somehow get out of sync. Skylink’s replacement remote uses the resynchronization mode every time. Chamberlain argued that by doing this Skylink was circumventing Chamberlain’s authentication protocol, and that the protocol controls access to the copyrighted software running in the opener. Chamberlain concluded that Skylink’s actions ran afoul of the DMCA’s ban on devices that circumvent (without permission) measures that control access to copyrighted works.

The judge ruled that Skylink was not violating the DMCA, essentially because consumers have permission to open their own garages. You might think this sensible conclusion was easy to reach, but it was not. The judge’s problem was that in a previous DMCA case (Universal v. Remeirdes) a court had ruled that consumers do not have permission to view their own DVDs, except on devices “authorized” by the copyright owner. (To be more precise, the Remeirdes court ruled that whatever permission consumers had did not create an exception to the DMCA.)

The toughest part of the Chamberlain judge’s opinion is the part that tries to reconcile her ruling with the previous Remeirdes ruling. (This is on pages 25 and 26 of the ruling, if you’re reading along at home.) I have to admit I don’t fully understand this part of the judge’s ruling. Ernest Miller at LawMeme is scornful, saying that the judge used tortured reasoning, based on artificial distinctions between the cases. Derek Slater says that the judge should have simply admitted that her ruling is inconsistent with Remeirdes. (She is allowed to be inconsistent, because Remeirdes was decided in a different circuit and so is not binding precedent for her.)

I’m not sure what to think about this. I hope the issue will become clearer after more discussion.

Seth Finkelstein points to a rather sloppy analysis by Peter Davies of the Felten v. Recording Industry lawsuit. There is enough of this sort of thing going around that I feel compelled to rebut it.

[Background on the lawsuit: In 2001, recording industry organizations threatened to sue me and seven of my colleagues if we published a paper we had written that discussed certain technology. They argued that publishing the paper would violate the Digital Millennium Copyright Act. We filed a lawsuit, asking the court to rule on the question of whether our publication of the paper would be legal.]

For starters, Davies gets basic facts wrong. He says that the International Information Hiding Workshop, at which we wanted to publish our paper, was organized by the recording industry. In fact, it was an independent, refereed scientific conference.

Amazingly, Davies also misstates the final resolution of our case, saying that “[t]he case was settled in the end without a result.” In fact, no settlement was agreed to by the parties. After we filed our lawsuit, the recording industry parties conceded our right to publish our paper, which was the main result we sought. Once we had the right to publish the paper, our constitutional challenge to the DMCA was dismissed as moot.

Davies appears to think that we should just have gone ahead with publishing our paper, daring the recording industry to sue us. Seth Finkelstein rightly criticizes him for this.

To people like Davies, the Felten case is just an abstract topic for speculation. Let me assure you cases like this look much different if you are Felten (or any of the other would-be defendants: Bede Liu, Scott Craver, Min Wu, Dan Wallach, Ben Swartzlander, Adam Stubblefield, and Drew Dean).

I am happy to admit that if we had gone ahead and published the paper without any lawsuit, the odds were only 50/50 that we would have been sued, and we probably would have won the lawsuit.

Probably, I would have kept my house.

Probably, I would have kept my job.

When it’s not your house on the line, when it’s not your job, then probably may be enough. To people like Davies, who had nothing personally at risk, a lawsuit would have been no more than a scholarly conversation piece.

For me and my colleagues, probably wasn’t enough. Even a 99% chance of getting to keep our houses and savings wasn’t enough. Nor should it be. I am still outraged when people like Davies suggest that it’s not a problem if researchers have to put so much at risk just to write or speak on certain topics of public interest.

A news.com story by David Becker reports that a Federal judge has granted a preliminary injunction against Static Control in the DMCA lawsuit brought by Lexmark.

To review, Lexmark makes printers, and Static Control makes replacement toner cartridges for Lexmark printers. Lexmark’s printers do a cryptographic handshake with Lexmark-brand toner cartridges, and Static Control cartridges do the same crypto handshake so that they will work in Lexmark printers. Lexmark filed a lawsuit, clai ming that the Static Control products violate the DMCA’s anti-circumvention rules.

The preliminary injunction prohibits Static Control from selling the challenged product. I haven’t seen any written opinion from the Court yet; I’ll add a pointer to the opinion if/when I get it.