30 Days of DRM: 26 to 30
p2pnet.net News Feature:- Michael Geist has been presenting 30 Days of DRM, an interlocked series of briefs highlighting some of the exceptions and limitations that the government should include if a Canadian DMCA is ever introduced.
People could also also contribute to the discussion through the 30 Days of DRM Wiki.
Today, the series wraps up and to bring it to its conclusion, below are items 26 to 30.
Go here for items 21 through 26, here for 20 through 17, here for 13 through 16, here for 7 through 12, here for 6 and 5, here for 4 and 3, and here for 2 and 1.
30 Days of DRM – Day 30: Prohibition on Contractual Circumvention of Rights (Foundational Issue)
Yesterday’s post identified the availability of circumvention devices as a one foundational issue. The second foundational issue is protection against contracts that seek to trump the law by contracting out of the copyright balance or, in the event that anti-circumvention legislation is introduced, statutory circumvention rights. The use of contractual terms to effectively void privacy protection or basic user rights has become all too common with cases such as the Sony rootkit providing a classic example of how contractual terms that quash important legal rights are buried beneath the “I agree” button.
Governments are understandably loath to intervene in privately negotiated contracts. However, not every contract or contractual term is enforceable – there are certain terms (and certain contracts) which run counter to important public policy goals that will often be rendered unenforceable by a sympathetic court. On this particular issue, we should not wait for the courts to intervene. Rather, Canada should identify the core protections and policies that underlie the copyright balance and establish rules that prohibit attempts to “contract out” of such terms.
The copyright lobby will obviously object, arguing that this constitutes an inappropriate intervention into the market. Yet anti-circumvention legislation is also an intervention into the market. I remain steadfast against such legislation (even more so having completed 30 days of discussion), however, if anti-circumvention legislation is to become part of the Canadian legal landscape, then this tradeoff must be part of the bargain. If the copyright lobby wants its anti-circumvention rules, it must also accept statutory limits on the contractual terms associated with their use.
30 Days of DRM – Day 29: No Ban on Circumvention Devices (Foundational Issue)
Over the past 28 days, this series has addressed circumvention issues both big and small. I have saved the two most important issues for the end since I believe that without addressing these two issues, many of the other recommendations are rendered ineffective.
The first issue is that Canada must not establish a ban or prohibition on devices that can be used to circumvent DRM. Bill C-60 did not contain a provision prohibiting circumvention devices and that approach should be retained in any future legislation.
The DMCA features just such a ban. Section 1201(a)(2) provides that:
No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that -
(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or
(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.
The DeCSS case demonstrated the breadth of this approach when merely linking to a devices (devices really refers to software that is able to crack a DRM system) was ruled sufficient to violate the statute.
The past 28 days have illustrated that there are numerous legitimate uses for all circumvention devices.
The DMCA provisions seek to ban devices that are primarily designed to circumvent a TPM with only limited purposes other than circumvention. Yet this is precisely what is needed to allow security companies to do their work, for researchers to conduct their research, for individuals to protect their privacy, for the perceptually disabled to access content, for consumers to legitimately make backup copies, for libraries and the education community to take advantage of their exceptions, and for users to exercise their user rights. All of these activities – activities that are protected by law – depend on the ability to circumvent and therefore rely on the availability of tools that will allow for legitimate circumvention of DRM systems.
To create a basket of circumvention rights while simultaneously banning the availability of the tools necessary to circumvent is to neuter the right. There are no shortage of items that can be used for good or harmful purposes – drugs can save lives but result in an overdose or a hammer can be used to build a house but also be wielded as a weapon. There are both good and bad uses, yet we do not ban these items. We occasionaly regulate (either their distribution or the conduct associated with their use), but we do not ban. Canada similarly must not ban or prohibit circumvention devices that invariably serve numerous legitimate purposes.
30 Days of DRM – Day 28: Review of New Circumvention Rights (Circumvention Rights)
The U.S. DMCA experience leaves little doubt that the introduction of anti-circumvention legislation will create some unintended consequences. No matter how long the list of circumvention rights and other precautionary measures, it is impossible to identify all future concerns associated with anti-circumvention legislation. The U.S. DMCA addresses this by establishing a flawed tri-annual review process. The system has not worked well, creating a formidable barrier to new exceptions and long delays to address emerging concerns.
If Canada establishes anti-circumvention legislation, it must also establish an impartial process that will enable concerned parties to raise potential new circumvention rights without excessive delay. The process must be fast, cheap, and easily accessible to all Canadians. It will require clear criteria for the introduction of new circumvention rights along with an administrative structure to conduct the reviews.
The recent Australian review assessed each proposal on the basis of four criteria derived from the U.S. – Australia Free Trade Agreement:
* The use of a work, performance, or phonogram must be non infringing;
* A work, performance, or phonogram that is used must be in a particular class of works, performances, or phonograms;
* An actual or likely adverse impact on the non-infringing use of a work, performance, or phonogram must be credibly demonstrated in a legislative review or proceeding; and
* The exception must not impair the adequacy of legal protection or the effectiveness of legal remedies against the circumvention of ETMs.
While there may be some concern that the Australian criteria itself is overbroad, the committee was able to apply it to numerous cases where it found a likely adverse impact, a non-infringing use, and where it was not persuaded that an exception would impair the adequacy of the DRM protection.
The appropriate administrative structure is more difficult to identify. The Copyright Board of Canada is an obvious candidate, yet the lengthy hearing periods and the growing disenchantment with its processes suggest that it may not be the best choice. Given the marketplace concerns associated with TPMs, the Competition Bureau is another possibility, however, it also suffers from delays and insufficient administrative resources to address these issues. Perhaps the best approach would be the creation of a new collaborative body that brings together the expertise of the Copyright Board, Competition Bureau, Privacy Commissioner of Canada, as well as a handful of advisors from private sector groups with expertise in cultural matters, security, education, libraries, and consumer protection. This is not ideal, though neither is anti-circumvention legislation. Nevertheless, an on-demand review process for new circumvention rights is needed to counter the likely negative impacts that come with legal protection for DRM.
30 Days of DRM – Day 27: Government Works (DRM Policy)
Government use of DRM represents a particularly difficult issue. Some argue that government should never use DRM systems (thereby eliminating the need for a circumvention right), maintaining that it runs counter other government priorities such as openness and accountability. Even governments themselves have acknowledged the problems associated with DRM. Last week, New Zealand issued guidelines on government use of DRM and trusted computing systems featuring a lengthy list of precautions and safeguards. They included requirements of minimal restrictions on content, assurances of future accessibility, full respect for privacy rights, retention of government control over a DRM-free version, and full access for all parties entitled to obtain the public information.
The Canadian government response to the DRM must address several issues.
First, it must determine whether the use of DRM is ever appropriate. Particularly given the policy decision to encourage DRM use through the establishment of anti-circumvention legislation, a government rejection of DRM would represent an important balance to that policy.
Second, if the government identifies specific instances where DRM can be used, it must undertake a similar policy making exercise as the one just concluded in New Zealand to establish the necessary safety measures. The NZ policy document provides a useful starting point since it identifies a broad range of issues that must be addressed.
Third, the government should consider linking this issue with the ongoing debate over the future of crown copyright. As I have written in the past, the government should be moving toward the elimination of crown copyright by removing any restrictions or requirements for prior permission for the use of government or government funded work. Crown copyright represents an important and unnecessary restriction on the access and use of public information. Eliminating those restrictions while treading carefully with respect to government use of DRM would mark an crucial development in public accountability, transparency, and the “modernization” of copyright law.
30 Days of DRM – Day 26: Investigation of Concealed Code (Circumvention Rights)
Consultations on anti-circumvention exceptions in the U.S. and Australia have raised at least two circumvention rights that involve the right to circumvent to access concealed information contained in software code. In the U.S., there is a specific exception for circumvention to access the list of websites contained on “block lists” maintained by filtering companies, sometimes referred to as “censorware.” Blocked access to these lists has been viewed as a free speech concern.
In Australia, Linux Australia recently requested a right to circumvent to investigate suspected copyright infringement. The group noted that open source developers would be unable to investigate suspected cases involving violations of open source software licensing agreements (which require users to make modifications available to the public) if the software vendor used a DRM system that blocked access to the underlying code. Without a circumvention right, attempts to circumvent the DRM to access the underlying code would constitute an infringement.
The commonality in these two cases is that there may be a public interest in gaining access to code that is concealed by DRM. Bill C-60 would have addressed this concern by only making it an infringement to circumvent for the purposes of copyright infringement. If that approach is abandoned, a general right of circumvention to access concealed information where there is a broader public interest concern at stake is needed.
Michael Geist
[Geist is the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa. He can be reached by email at mgeist[at]uottawa.ca and is on-line at www.michaelgeist.ca.]
p2pnet newsfeeds for your site.
rss feed: http://p2pnet.net/p2p.rss
Mobile – http://p2pnet.net/index-wml.php
