A sceptical look at copyright and DRM
Dr. Ian Brown, UCL
Overview
•
•
•
•
•
Where did copyright go wrong?
“Trusted” computing
The technical problems with DRM
Legislative “fixes”
Goodbye to fair use
What exactly is copyright?
• Member States shall provide for the exclusive right to authorise or
prohibit direct or indirect, temporary or permanent reproduction by any
means and in any form, in whole or in part:
(a) for authors, of their works;
(b) for performers, of fixations of their performances;
(c) for phonogram producers, of their phonograms;
(d) for the producers of the first fixations of films, in respect of the
original and copies of their films;
(e) for broadcasting organisations, of fixations of their broadcasts,
whether those broadcasts are transmitted by wire or over the air,
including by cable or satellite.
Origins
• Statute of Anne, 1710: “for the encouragement of
learned men to compose and write useful books ”
• US Constitution, 1789: “To promote the progress of
science and useful arts”
• Droit d’auteur: “a work of creation is intimately linked with
its creator. The work cannot be separated from its
author, like a child from his father.”
• Stationer’s Guild, 1557: no “seditious and heretical
books, rhymes and treatises”
Problem #1: copyright terms
140
120
Years
100
80
60
40
20
0
1790
1831
1909
1976
1998
…EU life + 70 since 1993
The drivers behind copyright
•Mickey debuted in 1928, and
copyright would have expired
2003-2005
•US Congress passed
Copyright Term Extension Act
in 1998 postponing until 2023:
http://www.eagleforum.org/column/1998/nov98/98-11-25.html
•Peter Pan has perpetual
rights in UK
Problem #2: Internet hysteria
• “the VCR is to the American film producer and the American public as
the Boston strangler is to the woman home alone.” –Jack Valenti
• Mid-90s reaction of copyright industries: technical and legal
• “The piracy of software is responsible for annual global revenue losses
of more than $4 billion. The piracy of computer games cheats the
gaming industry out of more than a billion dollars a year. And the
piracy of songs has left the music industry fighting for its digital life,
thanks to a pillaging that reached levels of more than a billion songs a
month.” –Peter Chernin
Digital Rights Management
• Wide range of technologies that allow publishers
to control the use of digital media
• Restricts reproduction, but also viewing, printing,
clipboard functions etc
• Present in Windows Media Player, Adobe ebooks, RealPlayer, iTunes etc
DRM basic technology
• Media data is encrypted and only accessible by
licensed players that control usage
• Licensed users given keys to decrypt tied to
player
• Media can be watermarked with usage
instructions and/or user information
DRM a hard problem
• Media data has to be decrypted at some point to be useful
• Watermarks can be removed, especially with many original
files to compare and players to test with
• Bits are bits, and PCs are general purpose computers
• Legacy equipment won’t disappear for many years
Previous DRM “solutions”
• Secure Digital Music Initiative
• CD protection
• CSS
New “trusted” architectures
• Intel/IBM/HP/etc in TCPA/TCG: machine state
auth to 3rd parties; encrypted data only accessible
in identical state; encrypted device links
• Microsoft Palladium/NGSCB: “curtained” apps,
secure drivers, DRM everywhere
• Migrating to PDAs/mobiles/watches
Fundamental technical problems
• The analogue “hole” – watermarking
• Break Once Play Anywhere
• File-sharing won’t stop
Legislative “fixes”
•
•
•
•
WIPO 1996 treaties
Digital Millennium Copyright Act 1998
European Union Copyright Directive 2001
WTO TRIPS 1994 can lead to trade sanctions
EUCD Article 6
• 6.1: “Member States shall provide adequate legal protection against
the circumvention of any effective technological measures”
• 6.2: bans “manufacture, import, distribution, sale, rental,
advertisement for sale or rental, or possession for commercial
purposes of devices, products or components or the provision of
services”
• Purpose is irrelevant
• Finland, France, UK 2 years prison; Portugal 3 years; France
150,000€ fine
• Only Germany, Denmark, Finland and UK have research exemptions
EUCD Article 7
• 7.1: “Member States shall provide for adequate
legal protection against any person knowingly
performing without authority… the removal or
alteration of any electronic rights-management
information”
Existing problems
• “I think a lot of people didn't realize that it would
have this potential chilling effect on vulnerability
research.” –Richard Clarke
• Use to enforce accessory controls (Lexmark, Aibo,
Playstation)
• Rewriting the copyright bargain
Potential problems
• Electronic book burning
• Reduced software diversity – security and
competition risks
• Personal and national sovereignty
• Privacy
Problem #3: disappearing fair use
•
•
•
•
Private copy
Teaching/research
Parody
Disabled persons
EUCD Article 5
• Long list of permissible exceptions (unlike US)
• 5.1 “Temporary acts of reproduction referred to in Article 2,
which are transient or incidental [and] an integral and
essential part of a technological process…”
• 5.2: exceptions to Art. 2
• 5.3: exceptions to Art. 3
• 5.4: any of the above may apply to Art. 4
Fair use and DRM
• DMCA and EUCD both ban DRM circumvention,
even for fair use
• EUCD requests “voluntary measures” from
rightsholders
• If not forthcoming, most member states allow
appeal to national tribunal (except Netherlands)
Abolishing digital fair use
• “On-demand services” (“members of the public
may access them from a place and at a time
individually chosen by them”) exempt from fair use
• Could include anything accessed over Internet
• Contractual access – also see UCITA
Problems for free software
• Accessing a protected file may be circumvention
(e.g. DeCSS) if not authorised by rightsholder
(despite Software Directive)
• Therefore free software could be classed as a
circumvention device, with severe penalties
Even worse law coming
• EU Directive on IPR Enforcement: abolishes right
to silence in IP cases; allows injunctions against
ISPs; civil litigants can freeze bank accounts and
search premises
• See fipr.org for analysis
Final thoughts
• “Be very glad that your PC is insecure – it means that
after you buy it, you can break into it and install whatever
software you want. What YOU want, not what Sony or
Warner or AOL wants.” –John Gilmore
• “"If we can find some way to [stop filesharing] without
destroying their machines, we'd be interested in hearing
about that. If that's the only way, then I'm all for
destroying their machines.” –Senator Orrin Hatch (writer
of Our Gracious Lord, Climb Inside His Loving Arms, and
How His Glory Shines)