Brad Templeton summarizes the impacts of the DMCA focusing primarily on Dmitry Skylarov's case from the point of view of an eBook publisher. Dmitry Sklyarov is a Russian graduate student who made some discoveries about inadequacies of Adobe Digital Rights Management for eBooks and published a paper on it. The paper caught the eye of two groups, one a Russian software company ElcomSoft, and the other, the DEF CON electronic security conference. ElcomSoft paid Dmitry to demonstrate these weaknesses by creating a program which ElcomSoft then marketed around the world (including the United States). DEF CON honored Dmitry's work by inviting him to speak at their conference. While he was speaking at the conference, Adobe filed a complaint with the federal government about the software ElcomSoft and politely pointed out where one of the developers might be found. Mr. Skylarov was then incarcerated for weeks, and kept in the country for months before charges were dropped. Mr. Skylarov broke no law in the country in which he wrote the software but because the company whom he sold it to engaged in potentially questionable business in the United States, he was detained. Computer scientists and researchers who do work relating to Digital Rights Management and cryptography will be less likely to come to American under fear of similar treatment and prosecution, significantly hurting the research community.
Templeton's role as an eBook publisher is important as he has experience with eBooks and is financially hurt by eBook piracy, yet he still supports an open format. He's even apart of the Electronic Frontier Foundation, which is strongly against DRM. He discusses the failure of DRM and the benefits of open formats. Open formats are at a greater risk than closed but also see greater sales because of their increased utility. He also points out that as long as the DMCA prevents people from cracking poorly designed locks, there is less of an incentive to design better, more secure locks, stifling developments in security research. Templeton concludes that scapegoating weak DRM on a foreign visiting scholar only hurts the interests of the consumer, the research community, and the copyright holders whom the lock is designed to protect.
In interpreting this case, the court claimed that BNETD was in violation of several provisions and was not protected by the reverse engineering for interoperability exemption. BNETD did not check to see if the user had a valid CD Key before allowing them to connect to the server. The court interpreted this as circumvention, as BNETD allowed users to experience online multiplayer games with illegal copies of Blizzard software.
This case determines that plug-ins could be held responsible for their functionality when applied to pirated software. Had the plug-in been designed to bypass CD Key checks and then connect to Battle.net, the decision would make more sense. However, BNETD wrote the program to connect to their own servers, and just didn't happen to check to for a valid software copy. Holding plug-in writers accountable for license checking is a dangerous precedent. Open source developers won't want to write a plug-in if they can be sued for the misuse of their product in combination with pirated software. The right to author extensions to software and market them has been around for years before the DMCA and now has been compromised by the misuse of its provisions.
This comes as a direct result of the Dmitry Sklyarov case. He fears that foreign researchers can be jailed for research in security and cryptology they performed in their own countries if it is viewed to be a DMCA violation in the United States. The DMCA prevents security experts from pointing out bad protection algorithms and only increases the profitability of the “businesses of the incompetent.” Without the ability of experts to point out and discuss bad algorithms, copyrighted material protected by these algorithms are exposed to hacking.
He further notes that the DMCA will not prevent people from discussing ways to break algorithms for illegal uses. His experience is that the “bad guys share their knowledge and act without regards to laws.” It's only the people aiming to increase the strength of computer security that will be silenced. The DMCA only helps pirates win in the end. Cox also claims that what the DMCA would prevent him from saying regarding inspecting computer security systems in the United States would be considered negligent in the United Kingdom.
From Cox's statement, the DMCA hurts the United States software development community in two main ways. It prevents international researchers from speaking, for fear of prosecution of their research or activities in other countries. It also means that the block of the DMCA will hinder US researchers from discussing decryption methods and our own security will be weakened when compared to the advances made by other countries who are able to have these discussions.
DVD-CCA vs. Bunner brings up the issue of posting DeCSS several years after its original posting. The DVD-CCA at the time of the original ruling in 1999 sent out cease and decist letters forcing web sites to remove any mention or discussion of the algorithm and codes from their web sites. The courts granted injunctions against any sites that posted the algorithm as they were revealing the DVD-CCA's trade secret as well as violating the trafficking provision of the DMCA. However, the court determined that even before the original injunction, the majority of the people who wanted to obtain access to the code got it. So many have access to the code that the court brings into question the protected status of the DeCSS algorithm, and the court determined that the DVD-CCA did not make a strong case to warrant an injunction against Bunner's web site.
The most important result of this case is that the DVD-CCA was unable to demonstrate any harm caused or potentially caused by DeCSS being posted by Bunner. The movie industry still profits massively from DVD sales in spite of the algorithm's release. If the courts determined that it being released out into the open will have little impact on the businesses protected by DeCSS, the original publishing was not as damaging as the DVD-CCA and the industry originally claimed.
Also, at this point any protection granted by using the DMCA to enforce trafficking restrictions on the encryption algorithm has been lost. Open source encryption algorithms have the benefit of being examined by experts to make them the most effective. All the DVD-CCA accomplishes by continuing to close the algorithm off to the community is losing the benefits of the scrutiny that open techniques get. This case is a strong example of what papers such as “DMCA Against the Darknet” propose: that DMCA is not an effective tool for countering piracy and that anti-piracy methods that depend solely on DRM are bound to fail.
Howver, the opinion of the court written by Justice Brown finds that Pavlovich cannot be forced to stand trial in California for the publishing of DeCSS on his web site. Pavlovich is not a California resident, performs no business in California, and was not actively encouraging California residents to use his algorithm to harm Californinan businesses. Brown determined that he cannot be held responsible for any negative economic impacts on California businesses that his posting caused.
The outcome of this case is important when considering the Dmitry Skylarov situation. Skylarov was detained for months for breaking a law of a country which he was not a citizen of, nor was he present in at the time he allegedly violated the DMCA. Not too long after, the courts are ruling that the liability can be restricted by state lines.
Another interesting aspect to this case is the dissenting opinion by Justice Baxter, particularly his wording. He critizies Pavlovich's "network of 'open source' associates'" in their efforts "to undermine and defeat the very purposes of hte licensed CSS encryption." Baxter tries to connect open source and piracy, a misconception that many people have. This association hurts legitimate developers and their efforts.
Baxter's opinions also details the inherent incompatabilities with the open source movement and closed DRM. An open source project could never be licensed by the DVD-CCA because the stipulations would never allow certain parts of the code to be revealed. He also compilcates the decision by discussing the fact that the whole point of the the DMCA to restrict playback ability. Whatever their motivations were, they were making use of a technology that the DVD-CCA should have full control of and was developed through illegal means under US law. Baxter determines that, jurisdiction issues asside, the LiViD developers should be held responsible for their development with an illegal technology.
The most important thing to come out of the exemption request is the context in which research is given. In describing the valuable research he participated it in before the DMCA was enacted, Felten notes that the SDMI sponsored his acclaimed research paper on breaking access control methods. The SDMI is a group of music distributors, and had something to gain from their studies, and now sought to prevent others from sharing in this knowledge. Clearly, by inhibiting research into access control, the technology of copyright protection and the lessons learned from the research falls solely in the hands of the gatekeepers, the record companies. Without the added input of the academic community, research in the field has been hindered and copyright holders have not been provided the best digital protection methods.
The best example of his hindered research is the Sony Rootkit debacle. He and an associate discovered the vulnerability but had to delay publication and hire a lawyer to make sure that they weren't exposing themselves to DMCA violation. Threats of DMCA violations prevent important studies and important information from reaching the consumer.
The court determined that both posting and linking were not protected by the first amendment. They determined that while there is a part of code which is speech, there is also a non-speech component which can be banned under the anti-circumvention clause. Exemptions are provided for reverse engineering and cryptography. However, these exemptions only extend to the cryptographers and the reverse engineers directly. Publishing their results is not considered an exemption. The consequence of this decision is that to prevent lawsuits, technical journals will likely avoid discussion of Digital Rights Management. For example, discovery of important security flaws would not be published because it might hint as to how to break the encryption. Understanding the flaws of the current generation however is essential to enhancing security for in the future. Development of future security methods have continued to be crippled by the DMCA, due to the limited scope of the exemptions.
Current proprietary systems attempt “security through obscurity.” The algorithms are often weak and prone to cracking, and simply hopes that no one will figure out the keys. Opening the format has the benefits of criticism. Everyone will be allowed to debate the merits and the strengths of the systems, as well as offer suggested improvements, ensuring that the open DRM will be the strongest.
It also suggests that an open standard can expand the market for DRM. While the market was generated by media content providers, Sun envisions that the needs of businesses and health care will far outweigh the media companies. Securely protecting business documents and health records is a need that DRM will logically be extended too.
The modularity of the architecture allows for adaptability with future technologies and compatability across multiple formats. While this system has its skeptics in groups like the Electronic Frontier Foundation, it has received some backhanded complements from scholars like Lawrence Lessig, stating that if you have to DRM, you want Sun's version.
Sun's DReaM architecture is a strong example of how opinion source development can be used to help copyright holders and consumers by encouraging technological development.
The exemption for modifying firmware to legally join cell phone networks and carry out legal activity is one of the few cases where the decision was not in favor of the large business. One of Mr. Pinkerton's main complaints was that as he traveled often internationally due to business, it was difficult for him to find a carrier that met all his needs. He found a carrier he liked internationally and a carrier he liked locally, and wanted to modify his phone so he could connect to a different carrier while in a foreign country. The obvious extension is that DVDs with region codes would prevent someone traveling from playing a DVD in a foreign country's regioned player, and an exemption should be provided for DVDs legally purchased in a foreign country. However, the real heart of the case is not Mr. Pinkerton's travel, but needing two different services depending on the context of his work. Licensed applications for Windows and Mac OSX are common and are often embedded into the operating system directly. However, the Open Source nature of Linux distributions makes players for DRM protected media scarce and built-in functionality often impossible. If someone's business practices makes Linux a necessity, they should be permitted to modify their operating system to properly play protected media. The courts and the copyright office previously found that not being able to play content is a mere inconvenience to a consumer. This case demonstrates that the government has more sympathy for business practices hindered by the DMCA. Approaching future exemptions and cases from this angle might be the best way to counter the DMCA.
Where copy protection goes wrong is that it takes away rights from the new digital author and monopolizes the protections of them for only a select few. Competing open DRM formats have begun to emerge to fill this gap. However, a young filmmaker needs to ensure that his video is as compatible as possible. He now has the choice between protecting his work but preventing it from being played on DVD players that don't support the new open formats (most of them), or exposing his work to piracy.
Gilmore's arguments shows a strong legitimate need for an open source developers to develop applications that might be in violation of the DMCA. An open source application might expose certain algorithms and codes, and even development of a closed source application would likely require breaking encryption at some point in the product's development. The courts and the copyright office generally use the phrase “mere inconvenience” and wave their hands at demonstrated harm to consumers not being able to access their digital content. However, requiring young authors to get picked up by a major licensed company in order to receive protection can hardly be so easily ignored. The best solution to lowering the barrier of entry for copyright protection is through an open source DRM standard that either is adopted by major players or at least cocurrently supported with their proprietary technologies.