p2pnet.net News View:- How can liberal thinkers trust
transnational corporations more than their own neighbors?

One of the most interesting areas to be politically involved in at
the moment is technology law. This is an arena where, “To err
is human, to really fowl things up requires misunderstanding a
computer”.

When you take political positions offered by various groups and
filter them through an understanding of how computers work, you end
up with conflicting situations. And I say that as someone who’s been
building, repairing and programming various types since 1981.

The most heated debate in digital copyright today centers on
Digital Rights Management (DRM). Most people commenting on DRM do so
from the interpretation offered by those selling it: that it gives
copyright holders digital control over whether someone can copy their
work. They claim that with DRM in place, only those who are
authorized to copy will be able to.

The problem is, the technology needed to directly accomplish this
goal can’t exist.

At the point where a copy might be made, only two entities have
control: the owner of the device, and the DRM vendor. Copyright
holders can never be given direct control and must always chose
between which of those two groups they trust most. These DRM vendors
are transnational corporations headquartered predominantly in the
United States.

Ironically, in Canada, it’s parliament’s Heritage Committee, and
the various creator organizations, such as the writers’ union, that
have been rushing to ratify the 1996 WIPO treaties, which would give
additional legal protections for DRM. These treaties are based on
the same laundered policy proposals (1995
Lehman report) that were implemented in the highly controversial
Digital Millennium Copyright Act (DMCA) in the USA.

Heritage has traditionally been a cultural sovereigntist and
opponent of the negative effects of media concentration. Thus far,
it’s had the opposite opinion on this area of policy. We need to
realize as creators and as liberals that we don’t want legal
protection for DRM, but that we do need strong legal protection FROM
DRM.

If you don’t understand DRM and TPMs,
you are not alone as this technology is misunderstood by both
proponents and opponents . When the Canadian Internet Policy and
Public Interest Clinic (CIPPIC) documents
their opposition to DRM, they do so based on the intended effects
of DRM as stated by the proponents of DRM, not based on the actual
effects based on an understanding of the technology.

One of the strongest proponents of DRM has been the recording industry. Past RIAA ceo Hilary Rosen recently sent a letter to
Apple complaining about the fact that she could not copy her
music to competing media players, even though this the intended
purpose of the DRM which her industry demanded that Apple adopt with
their iTunes service.

When you properly interpret her
complaint what she is really saying is that Apple should have signed
up to the Microsoft controlled DRM which the recording industry has
been promoting, rather than use competing DRM which Apple would have
independent control over. The suggestion that Apple become dependent
on Microsoft would have been market suicide. It turns out that Ms.
Rosen is now an on-air business and political commentator for
Microsoft’s MSNBC, and thus is simply promoting the special interests
of her new employer.

To understand the limits of technology, and how misunderstandings
are being abused, it’s important to examine what it’s useful for, as
well as what it’s not so useful for, and one of the best ways
to discuss this is to take a look at cryptography.

In its simplest form, cryptography can be seen as mathematics
which take a message (called “plaintext”, even though it
can be music or any other message) and encrypt it. This is called
“cypertext" and it, which can’t be decrypted without the
right math to return it to plaintext, which usually calls for an
encryption key. We can think of this process as putting a message
into a locked box and then unlocking it with specific keys so we can
read it.

Cryptography has two categories of keys: symmetric and public.

With symmetric, the key that locks the box is the same one that
unlocks it. If you want to send me a message, you lock it with a
specific key and send it to anyone who has a copy of that same key.
This is the type of key most people are familiar with in the physical
world – ie, the key that unlocks your door is the same one that locks
it, and anyone with access to it can make a copy.

Public key cryptography is a bit different in that there are a
pair of keys. If you lock the box with one of the keys you must
unlock it with the other. You can’t lock and unlock the box with the
same key.

This type of system is extremely powerful because it allows us to
keep one key secret, never making copies. The other key is made
public. If you want to send me a message that you want to be certain
only I can open, you encrypt it with my public key, and I
decrypt it with my private key. If I want to know for certain that it
came from you, I can ask you to encrypt it in your private
key. Then, when I decrypt it with your public key, I know it really

did come from you.

When you mix these types of keys together, you end up with a
technology that can protect privacy and authenticity.

Privacy is protected because an unauthorized person wouldn’t be
able to decrypt the message without having the right keys.

Public key cryptography protects authenticity in that you know the
message decoded with a specific public key was encoded by a
specific private key. And you know who the person is who has access
to that private key.

Copyright, however, is a type of legal protection that seeks to
limit what can be done by authorized recipients of a message. For an
audience member to open the message and view it, they need access to
the appropriate key. Once they’ve opened the message, they have
access to the plaintext,and can technologically do anything they wish
with that message.

DRM keys are embedded
The way DRM deals with this is by
embedded the keys within multimedia devices instead of handing them
out.

As an example, every DVD player has a key that’s specific to a
manufacturer and which can decrypt the encrypted movies. A DVD movie
is encrypted with a symmetric key and key information is encrypted in
each of the public keys where the DVD player manufacturer is trusted
to obey a legal agreement it has with those who encode the movies.

The theory is: this will stop people from making copies. But if
you understand computers, you know you can easily open any DVD player
and extract its key. These keys aren’t a secret because they’re
publicly distributed inside consumer electronics. While it may be
illegal to extract them, in reality, this has little meaning.

In other words, this technology has an absolutely minimal effect
on criminal behavior.

It does, however, have an effect on law abiding citizens.

You’ll notice that a DVD player can only play a movie if that
movie was encoded to the key embedded in the DVD player. We’ve
effectively created a system that ties the watching of a movie in
with a DVD player authorized by those who encoded the movie.

This legally protected tie between
encoded content and devices authorized to access the content is what
past RIAA CEO Hilary Rosen was complaining about with regards to
online music services such as iTunes. This type of tied selling is
something that should be regulated
by the Government under competition laws.

And as I’ve already pointed out, the people who encode the movies
have agreements with those who have the decoding keys. Moreover,
they’ll only encode the movie if they have an agreement.

This agreement could be innocent in that it requires that the
device obey copyright restrictions. But it could also contain clauses
meant to control markets in other ways.

One of the known controls relates to regional encoding meant to
ensure a movie released in North America will only be viewable on a
North American DVD player. So if you’re traveling and buy a movie
outside of North America, you won’t be able to watch it on your North
American player. And there can easily be many other controls that
give further power to those who hold them.

It turns out the people who control these keys strongly influence
exactly what content will be distributed, with an effect that
could be far worse for creators than those understood from media
concentration.

While the stated purpose was to protect the interests of creators,
we find we’ve instead created a situation where creators are forced
into positions where their ability to reach an audience depends
solely on powerful media intermediaries.

As a creator, I long ago decided that no matter how many private
citizens infringe my copyright, I trust citizens a whole more than I
do any media intermediary.

My audiences are people with whom I can build healthy
relationships, but copyright law still exists as a tool to stop
people who continue to infringe my rights.

I strongly oppose DRM because it effectively takes control away
from me and my audiences, and transfers that control to powerful
media intermediaries.

And I see these as a far greater threat to my rights than any
amount of copyright infringement.

Russell McOrmond – p2pnet
contributing editor

[McOrmond is an independent author (software and non-software)
who uses modern business models and licensing (Free/Libre and Open
Source Software, Creative Commons).]

======================

Something you think we should know? tips[at]p2pnet.net

This entry was posted on Tuesday, May 10th, 2005 at 7:01 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 8310 times