Site Meter

Category: DRM

More on Verizon/Google

Having written a long post on the topic, I just wanted to recommend a few pithier takes on the issue:

Bill McGeveran, “the Google defection:”

Google’s defection from the supporters of an open internet changes the political dynamics for the worse, opens the door to creation of a second-class internet for non-corporate content, and tries to disable the FCC’s ability to do anything about it.

Marvin Ammori, “makes BP look good:”

Last week I wrote up a guide of the FCC negotiations on net neutrality, setting out all the loopholes, and noting that the carriers needed only one loophole to kill an open Internet. Verizon and Google announced their pact two days ago. Rather than including one loophole, they went down the checklist and included just about every loophole they could.

Read More


To Rent or Own? SpiralFrog Closes; Customers Lose Access to Music

CNET reports that SpiralFrog, a company that was, yes was, in the online music game is closing its doors. If one was a customer, music covered by SprialFrog’s DRM software will be unusable 60 days from the closing date which seems to have been on March 20, 2009. This problem looks a little like Zittrain’s concern about tethered devices and perfect enforcement. For me Spiral Frog’s shut down and resulting denial of access is part of the problem with cloud computing and what I call technological mediation in my paper Property, Persona, and Preservation. As more and more material is mediated or put at a distance, the more one must navigate second and third party software, hardware, and contracts just to access and use information and material that one ought to be able to reach directly.

SpiralFrog highlights the problems of the DMCA and DRM approaches to protecting information. The access to knowledge movement and commentary on the DMCA specifically examine these questions. I suggest that online storage poses additional issues. Material that was once on one’s computer is now stored elsewhere. So even if one had the key for the software, one cannot get to it. In SpiralFrog’s case, the material seems to be on one’s computer but inaccessible unless some new company buys SpiralFrog’s assets and unlocks the RM once more.

In addition, as this article points out, the company’s demise does not necessarily show that ad-supported music is a dead business model. Spiral Frog had management, funding, and deal problems. Now, it may also be that it was pursuing DRM solutions when others were moving away from that model for music. Nonetheless, as the FTC notes DRM “is expected to become increasingly prevalent in the U.S. marketplace in the coming years” and it must address “the need to improve disclosures to consumers about DRM limitations.”

Ah understatement, the lifeblood of press releases.


Late Recap of the Southwestern Conference About Copyright Reform, Panel 1

A few weeks back, I wrote a post about my views on a big issue in copyright reform and my paper, Copyright’s Hidden Assumption: A Critical Analysis of the Foundations of Descendible Copyright, which addresses what I think will yet again be a major theme in copyright reform: term extension justified as way to provide for heirs. My paper argues that the idea lacks both a historical and theoretical grounding.

As I noted in that post, copyright refrom is on many folks’ minds. Southwestern Law School put on a full day conference, Reforming Copyright: Process, Policy and Politics, on the topic.

Here is a recap of the first panel. I do not have Rebecca Tushnet’s skill at live blogging (waiting a few weeks to post this material is evidence of that). The following is what I heard people to say.

The first panel at the Southwestern conference on Copyright Reform framed their topic as: What’s Wrong? The Need to Reform the 1976 Copyright Act: “This panel will consider whether the 1976 Act needs to be reformed and, if so, what form the revision should take. In particular, it will focus on whether reform should take place via gradual increments, as it currently has, or whether it would be superior to scrap the current version of the Copyright Act altogether and begin from a blank slate.”

David Nimmer began the session. He surveyed the history of reform and offered some interesting points. For one thing, the Copyright Office used to studies authorized by Congress to understand how to update the copyright. Nimmer argued that film studios, authors, publishers, music publishers, record labels all influenced the draft bill but broadcasters, juke box owners, and cable television had other interests that stopped a full revision from being passed. Today Consumer electronics, tech companies telcos, amateur authors, bloggers, EFF, ACLU, other NGOs, broadcasters, ISPs, privacy, consumers pull away from the film, professional authors, record labels, music publishers, who move towards a new copyright act.

I understood Nimmer to say that some forces converged on a central point that could agree on reform but there is a “high ratio of centrifugal forces pulling away” from that center. He further suggested that small reforms, what I might call tinkering, allow for a small, defined group of players willing to compromise and in those cases, Congress tends to act and reform/amend the Act. But when diverse, divergent interests are in play, (Markets and social norms at odds), Congress is less likely to act.

He offered that Congress may still be the conduit to achieve informed and balanced copyright legislation, favored new national commissions to evaluate how to proceed, and wondered whether one central person (e.g., the IP Tsar under the Pro IP act) would be able to handle the task of reform.

Read More


Doctorow’s Discontent with Content

content cover-small.jpgReaders of this blog know that I am a fan of Cory Doctorow’s work. In addition to his fiction, Cory writes nonfiction. His main topics are technology, creativity, copyright, and the future of the future. I know this because I read his work and his latest book, ©ontent, gathers his thoughts on these topics and says so right on the cover. Ah it is so easy. Maybe too easy. Deceptively easy. And that is also Cory’s gift.

©ontent sings. From the opening where Cory tells Microsoft’s Research Group why DRM is foolish to his thoughts on protecting artists to his views on the information economy to his idea that giving away his work is the best thing he can do, Cory offers detailed yet accessible arguments about the way technology, creativity, copyright will affect the future of the future. The essays span several years of writing. Cory makes bold claims about DRM and the market. He presents a rallying call for the United States to keep pace with the changes in information economy lest the rest of the world surpass us. Reading the essays provides insight about his ideas and how they evolved. Remember Cory writes for Boing, Boing, writes science fiction, lectures, and more. His livelihood is at stake here.

Now I can’t say I agree with everything Cory says, but I think what he says merits consideration. Sure, he is in a rarefied world. Maybe he can give away work and still make money. Maybe he is just an evangelist and should be distrusted on those grounds. Then again, read the book. Cory identifies real changes in how our creative system operates and the way in which adherence to the old one could harm us. The last essays grapple with the problems of security and control. They present the possibilities that await us. And that is the point. Cory is speaking of possibility. As he says “We choose the future we want to live in.” ©ontent helps us understand what that future could be and how to have a say in it.


Public Service — Cool Job Opening at Creative Commons

ccl-title-d.JPG Looking to work at a place with smart people who encourage you to use your legal skills to support and really grow a long-term project? Well, if you love education and have a law degree, your time may be now. Creative Commons, one of the coolest non-profits out there, has project called ccLearn. ccLearn has a mission:

ccLearn is a division of Creative Commons which is dedicated to realizing the full potential of the Internet to support open learning and open educational resources (OER). Our mission is to minimize barriers to sharing and reuse of educational materials — legal barriers, technical barriers, and social barriers.

They are looking for someone to be ccLearn Counsel and Assistant Director.

NOW there have been several posts about how to think about a law job. So before you flood the contact below, I urge you to read the job description, write a targeted letter, and polish that resume to show how you fit. As with many of these jobs, the candidate may not have all the desired experience. But often you can show that you excel in a couple core areas and have aptitude in others with some chance of getting the job. Also make sure you know as much as you cna about CC–its history, mission, and how you think ccLearn fits CC in general. Someone who says this job looks cool but has no idea about the work and overall nature of the place will not be likely to get the job.

Here is how to apply:

“If interested, please submit:

Cover Letter explaining your relevant interest in ccLearn and in the position.


Three References; please include email and phone number.

Applications and questions can be sent to:

Jennifer Yip

Operations Manager

jennifer [at]

fax: 415.278.9419″

NOTE; I am not the contact in any way, shape, or form. This post is truly a public service announcement.

Hat tip: Mike Carroll (If you like law, technology, music, and copyright, read Mike’s blog. It is excellent, and Mike has always been someone worth listening to and engaging with.)


E-Books and Their Potential Impact on Book Law

sonyreader.jpgThe New York Times reports that Amazon’s Kindle may be the sign of a tipping point for e-books. My previous posts about Kindle have expressed some praise but a fair amount of skepticism too. The device allows for too much control. Zittrain explores this issue as one of perfect enforcement. As my other post noted, the ability to manipulate text at any time poses wild possibilities about what text is and who should control or manipulate it. The Times’ piece points to a perhaps simpler problem: what will happen to the book industry?

E-book device sales are growing at wild rates (doubling and so on) but that is expected in a young industry and distorts the current raw numbers of for example $1 million in e-books compared to $1 billion (see what a difference one letter makes?) for Simon & Schuster. The most interesting thing is that with the advent of Sony eReader and Kindle the upswing in e-books being used may signal a shift in reading habits in general. A few professors I know use only electronic versions of articles, and Sony offers 100 classics preloaded onto its device (A so-called “$199 value” for many public domain titles). Maybe more folks will stop using print. Devices such as iRex’s iLiad (which I saw someone using at Law & Society) seem great: it is a reader with a big screen, AND one can take notes which can be transferred back to one’s computer, AND it has access to Web content. I would love to play with one of these and look forward to finding a store model (It is $600 to $700 so I will not be buying one just yet). So e-book devices have grown and there are threats to publishers because of this shift. But before turning to that question (which will be a separate post), the implications for book sellers is important too.

Read More


DRMbarassment for Us Law Professors?

In my first post about DeCSS, I gave the conventional law professor’s description of how it works, and then pointed out an obvious-in-hindsight problem with that description. In my second post, I delved (a little) deeper into the specifics of how DVDs work and showed how the explanatory hole can be plugged with some facts not normally in evidence. Along the way, we saw that the effectiveness of DVD anti-copying protections depends just as much on patent-enforced standards as it does on copyright and the DMCA.

Here are the results of some searches I ran on Lexis’s “US Law Reviews and Journals” database:

  • DVD and “title key”: 2 results, neither relevant
  • DVD and “disc key”: 0 results
  • DVD and “disk key”: 1 result, a student note (Peter Moore, Notes & Comments: Steal This Disk: Copy Protection, Consumers’ Rights, and the Digital Millennium Copyright Act, 97 Nw. U.L. Rev. 1437 (2003)), containing the following text in a footnote: “One might wonder why a DVD burner capable of copying the disk key table could not be produced. It is likely that the owners of patents on DVDs are very careful to ensure, with licenses, that such devices are not made.”
  • DVD and CSS and pressing: 34 results, only one of which distinguishes “pressing” from “burning.” That one, also by a student (Nika Aldrich, An Exploration of Rights Management Technologies Used in the Music Industry, 2007 B.C. Intell. Prop. & Tech. F. 624), points out, again in a footnote: “‘Burning’ compact discs actually requires a different technology than ‘pressing’ (replicating) discs, which is used in commercial manufacturing plants. ‘Burning’ involves putting the pits and lands on the disc by burning holes in a layer of substrate with a laser. In a ‘pressed’ disc the pits and lands are molded into the disc.’”
  • DVD and CSS and (press! w/p burn!): 18 results, the only one of which using the words in this sense is the same article from the previous search.
  • DVD and CSS and lead-in: 20 results, only one of which uses is talking about the location of CSS disc keys. That article—yet another student piece (Eric W. Young, Note: Universal City Studios Inc. v. Remeirdes: Promoting the Progress of Science and the Useful Arts by Demoting the Progress of Science and the Useful Arts?, 28 N. Ky. L. Rev. 847 (2001))—proceeds to assert: “These types of pirates do bitwise copies, which means that their pirate copies are precise duplicates of the originals, including the CSS encryption. The DVD player will notice no difference between such a copy and the original version. CSS cannot stop this kind of piracy.”
  • DVD and leadin: 0 results

But compare:

  • DVD and DMCA: 731 results
  • DeCSS: 390 results

This disproportion is not healthy. We’ve collectively spilled a lot of ink over DeCSS. One might think it worthwhile to make sure that CSS actually matters, first. It does, but that fact is not at all obvious from the conventional stories. Even the exercise I’ve gone through here is itself a fairly half-assed effort. Bruce caught an important fact I didn’t get quite right. Just in doing the research for this series of posts I’ve learned all sorts of things that seem awfully relevant to any careful analysis of the role of law in controlling the distribution of media on shiny discs, and I’ve barely even scratched the surface, so to speak.

We law professors who regularly opine on high technology are often dangerously blasé about the details of the technology we’re opining on. We get caught up in the minutiae of 1201(a)(1) versus 1201(a)(2) versus 1201(b), and we don’t pay anywhere near as much attention to the surrounding web of other kinds of IP, business arrangements, and especially technical specifications as we ought to. Consider these posts another plea for better interdisciplinarity. Our students are doing a better job of it than we are.


The De-Pressing Truth About DVDs

Yesterday, I told a simplistic story about DeCSS—indeed, the self-same simplistic story about DeCSS that I told my classes this year, and that I suspect a lot of other professors tell their classes—and asked what was wrong with it. The way I put it, if DeCSS really is about preventing only decryption of DVDs, what’s to stop pirates from simply making copies of discs in their encrypted forms? The story simply doesn’t make sense without some additional fact.

Sarah L. (“[T]he CSS disk’s descrambling keys are in sectors that aren’t copied when you make a copy of the disk using a noncompliant player.”) and Bruce Boyden (“[T]he whole scheme depends on licensed drives, which must play by the licensing rules.”) both had important parts of the answer, but what I was looking for is that it is physically impossible to produce CSS-encoded DVDs using home equipment. Sarah’s and Bruce’s points are both true, but even taken together, they wouldn’t explain why DVD Jon or someone else similarly disinclined to care about licensing doesn’t just write a program that writes the descrambling keys to the special sectors. They don’t because they can’t.

To decrypt a CSS-encrypted DVD, you actually need two kinds of keys. One is universal but nominally secret; it’s baked into every DVD player. This is the one that DVD Jon found. The other is different for every disc. But this second key isn’t really secret; it’s written out on the disc, plain as day for anyone to see, in a special “lead-in” sector. Ordinarily, your DVD player reads the public disc key, combines it with its own secret player key, and uses the two together to decrypt the disc contents.

Here’s the twist. There are two ways to make readable DVDs, and they use completely different technology. The large-scale industrial method is to “press” the DVD: that involves encoding the data as a series of tiny three-dimensional bumps on a mold used to stamp a corresponding pattern of pits into metal blanks, which are then encased in a layer of lacquer to make DVDs. This process, as you might imagine, has high fixed costs; the equipment alone will run you upwards of a million dollars. In contrast, the home method is to “burn” the DVD. Here, the blank disc comes from the factory prelacquered and containing an optically sensitive dye on the surface of the metal. Focus the right kind of laser on the dye and its transparency changes. From the perspective of the DVD player that will later read the disc’s patterns of opaque and transparent regions, the results are much the same as if the disc had pits and non-pits. Some areas reflect; others don’t. Ones and zeroes, more or less.

The trick that makes CSS “work” is that you can’t burn lead-in sectors. DVD-Rs (and DVD+Rs) come from the factory with the lead-in sectors zeroed out. Thus, a would-be pirate can easily read an entire encrypted disc, disc key and all, but can only burn back the data portion of the disc, without the disc key. The resulting disc is useless in a standard DVD player; there’s no disc key to be read, which means the player is at a loss in trying to decrypt it. While one could manufacture and distribute home-copied DVDs without having to bust CSS, those DVDs are only going to work on specially-coded software DVD players, not on the mass-produced home players most people have.

That’s why everything does in fact depend on CSS, and why DeCSS really is a big deal. It goes back to the control that the DVD cartel has over their hardware platform, specifically over the manufacturing format of blank media. And that control, in turn, is backed up by patent pools. Yes, you could in theory press (not burn) exact-copies of encrypted discs, or mass-produce your own non-standard blank DVD-Rs with writable lead-in areas, but to do either, you’d need some significant (and hard-to-move) capital, which makes you vulnerable if the cartel comes after you. It’s an ingenious technologico-legal trap.

Tomorrow: Some thoughts on the implications (including responses to comments).


The DRMperor’s New Clothes?

Like a good many law professors, I teach and write about digial rights management: the technological “locks” copyright owners use to keep people from getting at digital media without authorization. Exhibit A in any discussion of DRM is the DeCSS saga. CSS, the “Content Scramble System,” is the encryption system that keeps you, the home user, from watching DVDs without permission. The way it works is that some DVDs (the ones Hollywood cares about) come encrypted. The decryption key is stored in each and every DVD player, but manufacturers can’t get a license to make DVD players (and thereby get authorized access to the key) unless they sign an extensive license agreement with the DVD Copy Control Association. By obvious linguistic principles, DeCSS is the thing that makes CSS not do its thing. In particular, a Norwegian teen (fun fact: seven of the first ten Google hits for “Norwegian teen” are about him), frustrated at the lack of software DVD players that run on the open-source operating system Linux, wrote a program that decrypts CSS-protected DVDs. The idea is that one could then take the unencrypted version from your computer, burn it to a blank DVD, and then view the DVD on a Linux computer.

As normally told, this story illustrates all sorts of useful points. It shows how a classic DRM-based business model works: sell individual copies with DRM that keeps them from turning into lots of copies. It shows how painfully insecure such business models can be: DVD Jon was easily able to find the super-seekrit CSS decryption key in the code of a Windows DVD player (every DVD player in existence, after all, must contain a copy of the key). And it shows the might of the law descending with fury and malice in response: lawsuits under the Digital Millenium Copyright Act soon followed.

But there’s a gaping technological hole in this story. You see, CSS as I’ve described it above, tries to block one specific attack vector: copying an encrypted DVD onto a computer and decrypting it, then using the computer’s DVD burner to make a new, unencrypted DVD version. DeCSS opens up this attack again. But why would anyone bother with this slow, clumsy way of making copies? Why not just read the encrypted contents of the DVD onto the computer, keep the bits encrypted, and burn them back onto a new DVD in exactly the same form? You wind up with a new DVD, exactly identical to the old. And, of course, thanks to the convenient fact that every DVD player in existence has a copy of the decryption key, that new DVD is playable on any DVD player in existence.

In other words, CSS sounds like a gigantic dust-up over nothing. Would-be pirates already have a perfectly good way of making any number of perfect copies. Worrying about DeCSS, it would seem, is like worrying about the barn’s windows when the wide-open door is just gaping at you. Hasn’t the legal system—and by extension, the legal academy—just spent who knows how many hours on a massive intellectual boondoggle?

Thus, a question for the readership. What crucial fact is missing from the story above? I’ll post the answer tomorrow, along with some pointed observations about the implications.

Computers, Freedom, and Privacy Conference

As a member of the Program Committee, I just wanted to post this announcement for CFP. This has been a great conference and I’m sure this year’s will be a terrific event. Note that the deadline for Panel, Tutorial, and Speaker proposals is March 21, 2008.


18th Annual CFP conference

May 20-23, 2008

Omni Hotel

New Haven, CT


This election year will be the first to address US technology policy in the information age as part of our national debate. Candidates have put forth positions about technology policy and have recognized that it has its own set of economic, political, and social concerns. In the areas of privacy, intellectual property, cybersecurity, telecommunications, and freedom of speech, an increasing number of issues once confined to experts now penetrate public conversation. Our decisions about technology policy are being made at a time when the architectures of our information and communication technologies are still being built. Debate about these issues needs to be better-informed in order for us to make policy choices in the public interest.

Open participation is invited for proposals on panels, tutorials, speaker suggestions, and birds of a feather sessions through the CFP: Technology Policy ’08 submission page. More details below.

Read More