Legal and social issues in
the growing Peer-to-Peer computing model
Vincent Matossian
December 2001
Overview of presentation:
Copyright Law & First Amendment
Legal issues in P2P applications
Digital Rights Management
XrML
1
Stating the legal problem
• Certain peer-to-peer applications allow filesharing across connected peers
• Sharing of files as copyrighted work is an
act of infringement of the copyright law
• How different from Xeroxing or
Audio/Video recording ?
– Fair use section 107 of US Code 17
2
Copyright law & Fair use
•
•
•
Copyright law protects owner of a work captured in a tangible format, from
copying, performing and distributing it.
US First Amendment states freedom of speech.
Fair use can be seen as derived from copyright law and first amendment
•
In determining whether the use made of a work in any particular case is a fair
use the factors to be considered shall include :
1.
the purpose and character of the use, including whether such use is of a
commercial nature or is for nonprofit educational purposes;
the nature of the copyrighted work;
the amount and substantiality of the portion used in relation to the
copyrighted work as a whole
the effect of the use upon the potential market for or value of the copyrighted
work.
2.
3.
4.
3
Key events in p2p legal cases
Napster was recognized of liability of contributory and vicarious infringement
It since affiliated with Bertelsmann AG and Edel Music to provide paid service. Case closed
•
Professor’s Felten (Princeton University) case:
– SDMI (Secure Digital Music Initiative) publicly invited hackers to crack
protection systems DMCA: It is an offence to engage in an act of circumvention of a
technicalthe
protection
– Prof. Felten’s team cracked
system [section 1201(a)(1)], to develop and provide tools
which
would
allow
them to access
a technologically
– Rejected cash prize to
butothers
wanted
to share
with
the scientific
community
at USENIX
protected work [1201(a)(2)] and to manufacture, import, provide or
– A lawsuit was opened by RIAA claiming Digital Millennium Copyright Act breach
traffic in tools that would enable another to circumvent protection to
– Recent News: Recording
withdrew
its attack
copy aIndustry
protected
work [1201(b)(1)(A)].
• Eric Corley editor of magazine 2600
–Posted links and code of the DeCSS (Decrypting Content Scrambling System)
–Accused of infringing DMCA
–Recent news: Court has given right to the movie industry
•
Dmitri Sklyarov Advanced e-Book Processing
–Allowed Adobe’s ebook format to be saved as PDF for use with other
software
–Arrested in Las Vegas, where he was invited to give a talk on security
–Recent news: Since August, still in the US, his family is in Russia,
case not solved
4
P2P apps: Contributory and Vicarious Infringements
In a Contributory inf. Case, the copyright owner must establish the following
elements
1.
Some act of direct infringement (by end-user for example)
2.
Defendant knew or should have known of the direct infringement
3.
That the defendant materially contributed to the direct infringement
In a Vicarious inf. Case, the copyright owner must establish the following
elements:
1.
Some act of direct infringement
2.
That the defendant had the right or ability to control the direct infringer
3.
That the defendant derived a direct financial benefit from the direct
infringement
Possible Defenses:
•
No Direct Infringer
•
Sony Betamax case (fair use)
•
DMCA section 512 “safe harbors” (such as search engines, ISPs)
5
Guideline for P2P Developers
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Two options: Total control or total anarchy
Better to sell stand-alone software products than on-going services
Can you plausibly deny knowing what your end-users are up to ?
What are your substantial noninfringing uses ?
Disaggregate functions
Don’t make your money from the infringing activities of your users
Be open source
Do not be a direct infringer: make and store no copies
Do not build any “circumvention devices” into your product
Don’t use someone else’s trademark in your name
What is the future of network applications
and copyrighted work distribution ?
6
Digital Rights Management
Definitions:
DRM ranges from simple copy-prevention
technologies to comprehensive secure
distribution systems
In DRM systems content providers protect
their interests by the combination of:
•Technology
•Contracts
•Anti-circumvention regulations
•Technology license agreements
•Copyright law
There are still many questions to be answered
Why not just copyright law ?
Control is shifted into the hands of private parties possibly not leading to the best interest of society.
Law has to react to this “overprivatization” and limit the different means of protection in a DRM
7
system
Digital Rights Languages
• MPEG (Moving Picture Experts Group) has identified the need for a
Rights Expression Language (REL) and a Rights Data Dictionary
(RDD)
• A Rights Expression Language is seen as a machine-readable language
that can express rights and permissions using the terms as defined in
the Rights Data Dictionary.
• The RDD-REL shall support all operations throughout the entire life
cycle of Digital Items including creation, publishing, distribution,
consumption, and invalidation/disposal.
• The proposed languages are:
– XrML : from ContentGuard, spinoff of Xerox research lab
– ODRL : from IPR systems, provides the semantics for a Digital Rights
Management expression language and data dictionary pertaining to all forms of
digital content
– <indecs>2RDD : to support interoperability of different metadata models,
descriptive, legal and rights expression languages
• There has been no announcement made as of today regarding the
Rights Language selected by the MPEG meeting held between Dec 7th
and 12th 2001
8
XrML
–What does XrML do?
specifying usage rights to content
provides a set of structural and semantic tags suitable for specifying metadata of
XrML-enabled content, validating the integrity of XrML and digital contents,
encrypting and decrypting digital contents and authoring XrML documents, such as
vouchers and licenses.
XrML also adds support for the specification of conditions for usage terms and
tracking of content movement.
–What are the goals of XrML?
Enable content owners and distributors to assign the rights, fees and conditions
appropriate to the commerce models they select;
9
XrML License
Each grant within an XrML license
contains the information necessary to
grant to an identified principal a specific
right to use a specific resource under
specified conditions.
10
XrML example
1 The user requests a specific activity involving a specific resource.
For example, Mary wants to play an audio file called music.wav.
2 Your XrML-aware application constructs a query to submit to the license interpreter.
In this example, an XrML-aware audio player constructs query that identifies Mary
as the principal, music.wav as the resource, and play as the right.
3 The XrML-aware application then calls the license interpreter, passing in the constructed query.
4 The license interpreter checks the license to see if a grant exists that contains the specified principal,
resource, and right.
11
XrML example continued
5 If the principal, resource, and right exist in one of the grants, the license interpreter returns the
associated condition.
For example, Mary may have the right to play music.wav up to five times. In this
case, the principal, resource, and right exist in the license. The license interpreter
returns a condition that specifies Mary’s exercise limit for the play right.
6 The XrML-aware application calls a condition validator, supplying the condition
returned by the license interpreter, to verify that the condition has been met.
In this example, the condition validator must check that Mary has not already played
music.wav five times.
7 If the licensing condition has been met, the XrML-aware application allows the user
to perform the requested activity.
12
Conclusions
• Shift from traditional copyright law to digital
rights management systems
• Fair use will not protect p2p file-sharing
applications
• DRM systems will need to be merged with legal
rules to avoid overprivatization
• A Right Language (probably XrML) will be part
of the infrastructure of Web-services
As Professor Felten said :
"Not only in computer science, but also across all scientific fields, skeptical analysis of technical
claims made by others, and the presentation of detailed evidence to support such analysis, is the
13
heart of the scientific method. To outlaw such analysis is to outlaw the scientific method itself."
Links
–From Copyright to Information Law-Implications of Digital Rights Management
http://www.star-lab.com/sander/papers/bechtold.pdf
–EFF's legal case efforts
http://www.eff.org/Legal/active_legal.html
–IAAL: Peer-to-Peer file sharing and Copyright Law after Napster
http://www.eff.org/IP/P2P/Napster/20010227_p2p_copyright_white_paper.html
–Rights Management Languages XrML, ODRL
http://www.oasis-open.org/cover/dprl.html
–Code+Law
http://www.oreillynet.com/lpt/a/577
–The End of Innovation ?
http://www.openp2p.com/a/p2p/2001/08/07/lessig.html
–XrML : The eXtensible rights Markup Lanaguage
http://www.xrml.org
More links on Peer-to-Peer computing is available at:
http://www.caip.rutgers.edu/~vincentm/p2p.html
14
U.S. Constitution: First Amendment
First Amendment - Religion and Expression
Amendment Text | Annotations
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the
freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a
redress of grievances.
15