Today’s NYT discusses software that horns in on referral commissions (like those from Amazon’s affiliates program) meant for others.

Based on the article’s description, it looks like the software lurks quietly, waiting until the user’s browser is going to place an order that could generate a commission. Then the software inserts its distributor’s ID into the request, so as to capture the commission. Apparently the software even puts its own ID in place of another party’s ID, meaning that it captures commissions “meant” for others.

This software comes bundled into programs that a user downloads for free. The user “consents” to the commission-grabbing software’s behavior via vague language inserted into the enclosing product’s click-through agreement.

This seems like a pretty slimy thing to do. Maybe the lawyers out there can tell us whether it’s legal.

Mike Godwin has a new article at law.com on “the right to tinker.” He mentions my upcoming book on the topic. (Thanks, Mike.)

A House subcommittee held hearings this morning about the Berman-Coble peer-to-peer (p2p) hacking bill. I heard the first two hours, but then I had to go give a lecture.

The bill would give copyright owners new powers to employ self-help “hacking” measures aimed to prevent infringing file-trading on p2p networks. Everybody agreed that the self-help measures now being used are legal. One such measure is spoofing – providing dummy files that look like infringing material, to make it hard for people to find real infringing copies.

The big surprise for me was that the content-industry people seemed to have little idea what they would do with their new powers. When asked what they wanted to do that would be legalized by the bill, RIAA CEO Hilary Rosen said she didn’t know. She referred the question to Randy Saaf of MediaDefender.

Saaf could only come up with one desired measure that the bill would legalize. He called the measure “interdiction” and he described it as connecting to the offending user’s computer and downloading the offending file, in a way that prevented others from downloading. That sounds to me like a classic denial of service attack.

Everybody seemed to understand that the bill’s passage would escalate the technical arms race of measures and countermeasures between p2p designers and copyright owners. Nobody seemed to have any idea where that arms race would lead, or what its implications might be for the bill.

Congressman Boucher summed it up well when he said that Congress would be wise to wait until the copyright owners at least know what they want.

Tomorrow (Thu 26 Sept) at 9:00 AM (Eastern time), the House Subcommittee on Courts, the Internet, and Intellectual Property, will hold a hearing on “Piracy Of Intellectual Property On Peer-to-Peer Networks.” A live feed will be available during the hearing.

[link credit: Ray Ozzie]