Donna Wentworth
( Archive | Home | Technorati Profile)

Ernest Miller
( Archive | Home )

Elizabeth Rader
( Archive | Home )

Jason Schultz
( Archive | Home )

Wendy Seltzer
( Archive | Home | Technorati Profile )

Aaron Swartz
( Archive | Home )

Alan Wexelblat
( Archive | Home )

About this weblog
Here we'll explore the nexus of legal rulings, Capitol Hill policy-making, technical standards development, and technological innovation that creates -- and will recreate -- the networked world as we know it. Among the topics we'll touch on: intellectual property conflicts, technical architecture and innovation, the evolution of copyright, private vs. public interests in Net policy-making, lobbying and the law, and more.

Disclaimer: the opinions expressed in this weblog are those of the authors and not of their respective institutions.

What Does "Copyfight" Mean?

Copyfight, the Solo Years: April 2002-March 2004

a Typical Joe
Academic Copyright
Jack Balkin
John Perry Barlow
Blogbook IP
David Bollier
James Boyle
Robert Boynton
Brad Ideas
Ren Bucholz
Cabalamat: Digital Rights
Cinema Minima
Consensus @ Lawyerpoint
Copyfighter's Musings
Copyright Readings
CopyrightWatch Canada
Susan Crawford
Walt Crawford
Creative Commons
Cruelty to Analog
Culture Cat
Deep Links
Derivative Work
Julian Dibbell
Digital Copyright Canada
Displacement of Concepts
Downhill Battle
Exploded Library
Bret Fausett
Edward Felten - Freedom to Tinker
Edward Felten - Dashlog
Frank Field
Seth Finkelstein
Brian Flemming
Frankston, Reed
Free Culture
Free Range Librarian
Michael Froomkin
Michael Geist
Michael Geist's BNA News
Dan Gillmor
Mike Godwin
Joe Gratz
James Grimmelmann
Groklaw News
Matt Haughey
Erik J. Heels
Induce Act blog
Inter Alia
IP & Social Justice
IPac blog
Joi Ito
Jon Johansen
JD Lasica
Legal Theory Blog
Lenz Blog
Larry Lessig
Jessica Litman
James Love
Alex Macgillivray
Madisonian Theory
Maison Bisson
Kevin Marks
Tim Marman
Matt Rolls a Hoover
Mary Minow
Declan McCullagh
Eben Moglen
Dan Moniz
Danny O'Brien
Open Access
Open Codex
John Palfrey
Chris Palmer
Promote the Progress
PK News
PVR Blog
Eric Raymond
Joseph Reagle
Recording Industry vs. the People
Lisa Rein
Thomas Roessler
Seth Schoen
Doc Searls
Seb's Open Research
Shifted Librarian
Doug Simpson
Stay Free! Daily
Sarah Stirland
Swarthmore Coalition
Tech Law Advisor
Technology Liberation Front
Siva Vaidhyanathan
Vertical Hold
Kim Weatherall
David Weinberger
Matthew Yglesias

Timothy Armstrong
Bag and Baggage
Charles Bailey
Beltway Blogroll
Between Lawyers
Blawg Channel
Chief Blogging Officer
Drew Clark
Chris Cohen
Crooked Timber
Daily Whirl
Dead Parrots Society
Delaware Law Office
J. Bradford DeLong
Betsy Devine
Ben Edelman
Ernie the Attorney
How Appealing
Industry Standard
IP Democracy
IP Watch
Dennis Kennedy
Rick Klau
Wendy Koslow
Elizabeth L. Lawley
Jerry Lawson
Legal Reader
Likelihood of Confusion
Chris Locke
Derek Lowe
MIT Tech Review
Paper Chase
Frank Paynter
Scott Rosenberg
Scrivener's Error
Jeneane Sessum
Silent Lucidity
Smart Mobs
Trademark Blog
Eugene Volokh
Kevin Werbach

Berkman @ Harvard
Chilling Effects
CIS @ Stanford
Copyright Reform
Creative Commons
Global Internet Proj.
Info Commons
IP Justice
ISP @ Yale
NY for Fair Use
Open Content
Public Knowledge
Shidler Center @ UW
Tech Center @ GMU
U. Maine Tech Law Center
US Copyright Office
US Dept. of Justice
US Patent Office


Monthly Archives

November 28, 2005

Pardon Me

Email This Entry

Posted by

Blogging will be light over the next few weeks as my life trumps blogging. Be back as soon as I can.

Comments (1) + TrackBacks (0) | Category: Announcements

November 23, 2005

Don't Confuse the Company and the Protocol

Email This Entry

Posted by Alan Wexelblat

On Tuesday, the MPAA and the executives of BitTorrent (the company) shook hands and agreed to play nice. T shirts were handed out. Meanwhile, on BitTorrent (the network, the protocol) sharing of movies, music, and other media went on undisturbed.

On the surface, what's at stake here is the future of the BitTorrent search engine, which was previewed back in May of this year. The agreement by BitTorrent (the company) is to obey the existing law (DMCA) with regard to takedown notices for content deemed illegal that shows up on their search engine. For the most part, this is a no-op. The company more or less had to do this to stay a legal enterprise, and is putting a good face on the inevitable. Presumably, few people trading, say, first-run movies are going to be stupid enough to put their torrent sites into the index of the search engine anyway. So in the end, unless Hollywood somehow figures out a way to put the protocol genie back into the bottle this is going to have just about zero impact on the trading of content via BitTorrent (the protocol).

Looking a layer deeper, this story is about whether or not the Cartel will allow companies that kowtow sufficiently to go legit, especially after showing they can smash Grokster (the company - no effect on music trading of course). As with any protocol, BitTorrent software can be used for any number of purposes. If the Cartel ever want to have a distribution protocol and network for their content they'll have to buy or build something. if BitTorrent (the company) wants to be part of that buy/build answer - and I bet it does - then this kind of agreement is absolutely necessary table stakes.

Comments (0) + TrackBacks (0) | Category: IP Markets and Monopolies

November 22, 2005

USC/Berkeley Report: over 30% of DMCA take-down notices are improper

Email This Entry

Posted by Jason Schultz

Jennifer Urban of USC's Intellectual Property Legal Clinic and Laura Quilter of UC Berkeley's Boalt Hall have released a summary report examining over 900 DMCA take-down notices collected from the Chilling Effects project.  The report finds that nearly 1/3rd of all notices are improper and potentially illegal. The full report will be out in March 2006.

Link to summary report.
Link to USC press release.

Comments (8) + TrackBacks (3) | Category: IP Abuse

November 21, 2005

BBC Catalogs Sony's Woes

Email This Entry

Posted by Alan Wexelblat

An anonymous copyfighter pointed me to this story on the BBC detailing the Sony debacle. The story by Canadian law professor Michael Geist paints a picture of a bad situation spiraling totally out of control. I particularly like the unnamed Cartel exec doing his best Michael Brown "how wrong can you get in one sentence or less" impression. Trust me, bozo, consumers may not be able to describe what a 'rootkit' is, but they've heard the word enough to know it's Something Bad and when your product gets linked to public scare words like 'rootkit' and 'spyware' you are in a heap of trouble.

Plus, do you really want to be the one getting called out on the carpet by the US Department of Homeland Security's assistant secretary of policy? His words ought to be tattooed inside the eyelids of every Cartel exec: "it's very important to remember that it's your intellectual property - it's not your computer." Amen.

Geist points out that other publicity debacles (e.g. the poisoned Tylenol scare) led to long-term changes in marketing and business models by the affacted industries and calls on the music industry to take this to heart.

Comments (0) + TrackBacks (0) | Category: IP Markets and Monopolies

Texas AG vs Sony Spyware

Email This Entry

Posted by Alan Wexelblat

Texas' Attorney General has filed suit against Sony for violations of that state's anti-spyware laws, as well as consumer protection charges. The suit is civil in nature, rather than criminal, asking for up to USD 100,000 per violation.

I've been writing for some time about the way in which the Cartel has gone about controlling the language used in the Copyright Wars - and why I use terms like "cartel" in response. This suit has the potential to seroiusly shift the language-scape. If the consumer zeitgeist begins to see "DRM" and "spyware" as synonymous terms, there could be trouble that far exceeds the tar pit Sony seems to be sinking into.

Comments (0) + TrackBacks (0) | Category: Laws and Regulations

Don't Use Sony's SunnComm DRM De-Installer Either

Email This Entry

Posted by Alan Wexelblat

Once again, the diligent Ed Felten brings us bad news on the DRM front. His Freedom To Tinker blog last week ran the news that the de-installer SunnComm provides (if you pester them enough) opens up an even bigger security hole.

Copy-limited audio disks? Just Say No!

Comments (0) + TrackBacks (0) | Category: IP Abuse

November 19, 2005

Canada lets Mega Bloks build on expired Lego patents

Email This Entry

Posted by Wendy Seltzer

Michael Geist points to a new decision from Canada's Supreme Court ruling that Lego couldn't use a claimed trademark on the interlocking shape of its blocks to insulate them from competition after its patent expired. The ruling echoes a recent U.S. Supreme Court decision, TrafFix Devices Inc. v. Marketing Displays Inc. (2001), that an expired patent couldn't be extended by a claim that the design had acquired trade dress distinctiveness.

Lego (Kirkbi) had patented the Lego system of interlocking blocks and now claimed that even after the patent expired, the "distinctive orthogonal pattern of raised studs distributed on the top of each toy-building brick" had become "LEGO indicia" due protection as an unregistered trademark. Without this protection, Kirkbi protested, Mega Blok would be able to free-ride on the popularity established by Lego's hard work and reputation for quality.

One must start from the problem the appellant faced when its patents expired. ...[T]he very cleverness and flexibility of LEGO technology, of the combination of studs on top of the brick and tubes under it, had almost turned "LEGO" into a household word. Source and product became identified. LEGO bricks, for many, came to designate these small colourful building blocks, with their clever locking system. But when the patents expired, the LEGO technology fell into the public domain. The LEGO name, whether on the product, on its packaging or in its advertising, remained protected, but the monopoly on the wares themselves was over. The monopoly had been the key to the building up and preservation of LEGO’s market share, and so Kirkbi employed a number of different means to protect it, one of which was the assertion of a trade-mark.

The court properly recognized that the patent confers a limited monopoly. In Canada, as in the United States, patent protection is temporary: "Patent protection rests on a concept of a bargain between the inventor and the public. In return for disclosure of the invention to the public, the inventor acquires for a limited time the exclusive right to exploit it." Entry into the public domain after the patent's expiration is a core part of the public-private bargain -- a bargain that can't be abrogated by trademark claims.

True, Kirkbi had built a Lego empire, but as an empire founded on the functional properties of Lego's interlocking bricks, its moats came with an expiration date. "Free riding" after that date benefits society by giving more companies the chance to build interlocking bricks, giving more kids (and non-kids) access to reasonably priced building kits.

The fact is, though, that the monopoly on the bricks is over, and MEGA BLOKS and LEGO bricks may be interchangeable in the bins of the playrooms of the nation – dragons, castles and knights may be designed with them, without any distinction. The marketing operations of Ritvik are legitimate and may not be challenged under s. 7(b) [of the Trade-marks Act].

This reasoning, like the similar U.S. TrafFix decision, reflects a general feature of Anglo-American intellectual property law: Intellectual creations generate value that is shared between the creator and the public. We do not say, "if value then right to exclude," but rather that creators accept the bargain of limited-scope rights when they create.

Let us not forget these principles in the copyfight. Though the term of copyright may never expire in our lifetimes, its scope is cabined by fair use, first sale, and limits on the activities copyright reaches. The copyright bargain authors accept when they write and publish does not include the right to charge for every search index or to break your computer in the name of "securing" music.

Comments (0) + TrackBacks (0) | Category: IP Markets and Monopolies

November 18, 2005

November 17, 2005

Boiling Frogs with Sony's Rootkit

Email This Entry

Posted by Wendy Seltzer

For years, the entertainment industry's DRM strategy has seemed to follow the old story about how to boil a frog: Start it going in a pan of cold water and gradually turn up the heat.

So it is with digital rights management: Start consumers off with restrictions only the techiest edge-cases among them will notice, then quietly increase control. Apple's iTunes, for example, has downgraded the behavior of already-purchased music files. One day you could burn a playlist 10 times, the next day only seven.

Once you've accepted that "your" music comes with only a set of pre-defined uses -- and not any personal use you can invent -- you might not notice as you lose the ability to do your own format-shifting. Just as fans once re-purchased music as it moved from 45 to LP to CD, perhaps they could be conditioned not to complain if they were made to re-license when they replaced computers and stereo components. Instead of selling CDs, then, marketers will then be able to slice up the "music experience" and license pieces back to the fans whose rights they've taken, ideally for more than the one-time profit on a CD.

Until Sony BMG turned up the heat too fast with its rootkit. As eHomeUpgrade puts it, this "DRM Nightmare" has been good for consumer rights.

Given that Sony has taken to installing spyware to protect their music, you may be wondering why this episode in the DRM struggle has been good for the consumer. Simple: consumer awareness. For the past several years, much has been made of viruses and spyware and their adverse effects on our computers. The industry designed to stop these threats brings in tens of millions of dollars every year to stop these vicious pieces of software. The average consumer understands what a virus or spyware is. However, stop most consumers and ask them to explain DRM and you'll probably get a blank stare. Up until now, the consumer has been uneducated on what DRM is and how it will affect their daily lives. The major music and movie studios have been fine with this; and now that awareness is changing.

The average fan, who may never have been blocked from playing music from the (new) Napster music store on an iPod; who may never have tried to create her own version of the Daily Show from a TiVo-to-Go'd evening news program but been stymied by copy controls; suddenly has a vivid example of how DRM takes your music -- and your computer -- away from you. CERT, the US Computer Emergency Response Team, is advising users, "Do not install software from sources that you do not expect to contain software, such as an audio CD."

I think the frog may be ready to jump out.

Comments (4) + TrackBacks (1) | Category: IP Abuse | IP Markets and Monopolies | Tech

Security Experts Develop Sony-BMG DRM Vaccine

Email This Entry

Posted by

In the wake of an explicit warning from the United States Computer Emergency Readiness Team (US-CERT) never to install "software from sources that you do not expect to contain software, such as an audio CD," Princeton's Alex Halderman and Jeff Dwoskin have developed a vaccine for those of us already infected by Sony-BMG rootkit DRM:

To install the tool, download this file to a temporary location, then double click on the file's icon in Windows. (Windows may ask you to confirm that you wish to add the information in the file to the system registry -- choose "Yes.") After the tool has been applied, you may delete the file. The tool will take effect as soon as you close and restart Internet Explorer.

Sony is developing its own vaccine. But since past behavior predicts future behavior...

Bonus: Bruce Schneier asks where the big security companies were while Sony was busy infecting our computers: "Microsoft I can understand. The company is a fan of invasive copy protection -- it's being built into the next version of Windows. Microsoft is trying to work with media companies like Sony, hoping Windows becomes the media-distribution channel of choice. And Microsoft is known for watching out for its business interests at the expense of those of its customers.

What happens when the creators of malware collude with the very companies we hire to protect us from that malware?"

Comments (3) + TrackBacks (0) | Category: Tech

Cultural Environmentalism and the Digital Commons -- 10 Up

Email This Entry

Posted by

Stanford's Center for Internet and Society has just announced Cultural Environmentalism at 10, a conference to gauge the progress of the "cultural environmentalist movement," as defined ten years ago by uber-copyfighter Professor James Boyle. It brings together a remarkable brain trust of leading thinkers on the digital commons to consider whether, as Boyle proposed, using lessons from the environmentalist movement has helped us to valorize the public domain and expose the social, cultural, and economic harms caused by its increasing enclosure. Given what's happening right now on Capitol Hill -- that is, IP maximalists arguing before Congress that fair use has outlived its usefulness -- the conference could not possibly be more timely.

On March 11-12, 2006, Stanford Law School's Center for Internet and Society will host a symposium to explore the development and expansion of the metaphor of "cultural environmentalism" over the course of ten busy years for intellectual property law. We've invited four scholars to present original papers on the topic, and a dozen intellectual property experts to comment and expand on their works.

Molly Van Houweling explores voluntary manipulation of intellectual property rights as a tool for cultural environmentalism. Susan Crawford extends Boyle's analysis to the age of networks. Rebecca Tushnet looks at the ways in which the law's impulse to generalize complicates the project of cultural environmentalism, and Madhavi Sunder looks at how the metaphor affects traditional knowledge. Professor Boyle will also offer some remarks, as will Stanford Law School's Professor Lawrence Lessig.

Comments on the papers by: Terry Fisher, Harvard Law School, Jack Balkin, Yale Law School, Arti Rai, Duke Law School, Pam Samuelson, UC Berkeley School of Law: Boalt Hall, Neil Netanel, UCLA Law School, Julie Cohen, Georgetown University Law Center, Jessica Litman, Wayne University, Mark Lemley, Stanford Law School, Peggy Radin, Stanford Law School, Yochai Benkler, Yale Law School, Siva Vaidhyanathan, NYU School of Law. [Hyperlinks are mine.]

Extraordinary. And remarkable, as well, for avoiding the "male information society" disease. I think it's safe to say this one will go to 11.

Bonus: Courtesy of Peter Suber @ Open Access News, the webcast of the recent MIT Communications Forum presentation, The Future of the Digital Commons, featuring Nancy Kranich, Ann Wolpert, and Steven Pinker. For those of you to whom the concept of the digital commons is brand new, it's a lucid, engaging introduction.

Comments (0) + TrackBacks (2) | Category: Events

November 16, 2005

Saving the Net: How to Keep the Carriers from Flushing the Net Down the Tubes

Email This Entry

Posted by

Linux Journal Senior Editor Doc Searls, in a lengthy essay that's more than worth the time it takes to digest: "We're hearing tales of two scenarios -- one pessimistic, one optimistic -- for the future of the Net. If the paranoids are right, the Net's toast. If they're not, it will be because we fought to save it, perhaps in a new way we haven't talked about before. Davids, meet your Goliaths."

Update: Tim Lee, offering a nearly as lengthy rebuttal: "I think the author of the article is wrong. Indeed, with all due respect to the people pushing so-called 'network neutrality' regulations (whose arguments I find persuasive on a lot of other issues), I think it’s rather silly. The Internet is a massive, chaotic, fiercely competitive ecosystem. No one carrier owns more than a tiny fraction of its capacity. No one company controls more than a tiny fraction of its content. In short, no one company is ever going to control the Internet."

Update #2: I haven't read it all the way through yet, but it appears that Jonathan Zittrain's latest paper takes a bird's eye view of the conflict, arguing that in order to salvage what's positive about the Net (its "generativity"), we may have to think through the unthinkable -- an unprecedented, but not fatal, level of technological "lockdown."

Comments (0) + TrackBacks (0) | Category: Big Thoughts

Bloggers: You Have a Right to Remain Vocal

Email This Entry

Posted by

EFF today launched a fund-raising campaign to support its multi-front battle to protect and defend bloggers' rights -- your freedom to tell your fellow citizens about things they need to know, regardless of whether politicians [PDF], companies, or anyone else would rather you remain silent.

There is no system of public defenders in place to protect people like Edward Felten, the Princeton University professor who was threatened by the RIAA because he planned to publish his research on SDMI. There is no system to protect people like Nelson Pavlosky and Luke Smith, the Swarthmore students who were threatened by Diebold Election Systems, Inc., because they dared to post internal memos indicating potential flaws in Diebold e-voting machines.

There is EFF. But only so long as people like you join as members.

As part of the bloggers' rights campaign, EFF has posted what could be described as a Miranda Rights for Bloggers. It tells you what your rights are and how EFF is fighting to protect them. Here, a snippet to give you a taste:

You Have the Right to Blog Anonymously. EFF has fought for your right to speak anonymously on the Internet, establishing legal protections in several states and federal jurisdictions, and developing technologies to help you protect you identity. With your support, EFF can continue to defend this right, conducting impact litigation to establish strict standards to unmask an anonymous critic in more jurisdictions.

You Have the Right to Keep Sources Confidential. In Apple v. Does, EFF is fighting to establish the reporters' privilege for online journalists before the California courts. With your support, EFF can defend news bloggers from subpoenas seeking the identity of confidential sources in more jurisdictions.

You Have the Right to Make Fair Use of Intellectual Property. In OPG v. Diebold, Diebold, Inc., a manufacturer of electronic voting machines, had sent out copyright cease-and-desist letters to ISPs after internal documents indicating flaws in their systems were published on the Internet. EFF established the publication was a fair use. With your support, EFF can help fight to protect bloggers from frivolous or abusive threats and lawsuits.

Check it out. And if you believe that we need an organization dedicated to keeping free speech alive in the digital era, join EFF in the bloggers' rights campaign today.

Comments (0) + TrackBacks (2) | Category: Speech

November 15, 2005

Don't Use Sony's Web-based XCP Uninstaller

Email This Entry

Posted by

According to Edward Felten and Alex Halderman, it's dangerous:

Under at least some circumstances, running Sony’s Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit.

We are working furiously to nail down the details and will report our results here as soon as we can.

Update: According to USA Today, Sony, which now says it "deeply regrets any inconvenience" people may have suffered, has decided to recall the infected CDs and will offer exchanges. Ed and Alex hope the plan includes doing what Sony ought to have done long ago: providing people with an easy-to-get clean-up tool that doesn't further damage their computers.

Update #2: EFF's open letter to Sony-BMG, which lists eight ways the company ought to make amends to its customers by Friday morning at 9:00 a.m. -- after which, presumably, the suggestions will become more than that.

Update #3: Security Fix: Researcher: Sony DRM on Half a Million Networks: "'It's funny, because the last time we saw these kinds of infection rates, they were because of bugs in [Microsoft] Windows that were later patched,' [security researcher Dan Kaminsky] said. 'But Sony's patch actually deploys new flaws.'"

Update #4: Wired: Sony Numbers Add Up to Trouble: "The results have surprised Kaminsky himself: 568,200 DNS servers knew about the Sony addresses. With no other reason for people to visit them, that points to one or more computers behind those DNS servers that are Sony-compromised. That's one in six DNS servers, across a statistical sampling of one third of the 9 million DNS servers Kaminsky estimates are on the net.

The damage spans 165 countries, with the top five countries being Spain, the Netherlands, Great Britain, the United States and Japan, which, with over 217,000 DNS servers reporting knowledge of Sony-related addresses, takes the top spot."

Update #5: Sony-BMG: "We currently are working on a new tool to uninstall First4Internet XCP software. In the meantime, we have temporarily suspended distribution of the existing uninstall tool for this software. We encourage you to return to this site over the next few days. Thank you for your patience and understanding."

Comments (2) + TrackBacks (0) | Category: Announcements

November 14, 2005

See Sony. See Sony Backpedal. See Sony Backpedal Fast.

Email This Entry

Posted by Alan Wexelblat

When USA Today has pictures of cute coeds out protesting your product, you KNOW you're in trouble. Sony has issued a terse denial of evil intent along with a tool to remove the cloak.

As Jefferson Graham's story makes clear, consumers aren't happy. Artists aren't happy. Electronics companies aren't happy. But don't expect the Cartel to back down. They'll just batten down the hatches, stonewall, and wait for this to blow over. They're holding on to the fantasy that DRM will save their sinking business models and along the way they'll twist the courts, Congress, and device manufacturers to their wills. The rest of us should, presumably, shut up and suffer in silence.

Update: a friend pointed me to Mark Russinovich's continued flensing of First 4 Internet, the ultimate authors of the DRM package that Sony used. (The content of the page is short; extensive commentary below the posting makes it appear long.)

Comments (2) + TrackBacks (0) | Category: IP Markets and Monopolies

On the (Neglected) User in Copyright Law

Email This Entry

Posted by

As if on cue in preparation for today's Picker MobBlog on the place of "the user" in copyright law (yes, folks -- that's you and me), Cindy Cohn on Friday offered a few bon mots on the Google Print Library Project:

I think that if the debate gets framed as a binary choice between authors and publishers on the one hand and Google on the other, it would be a shame. There is another interest here -- those of "us" who are trying to find the right thing to read. I submit that we "book searchers," more colloquially known as "readers," are an important part of this debate and that Google isn't really the same as us.

Whatever else one thinks about Google Print, it is unequivocally good for readers. I submit that allowing authors and publishers to control who or how easily we can find their works by controlling the search tools available to readers is unfair to "us."

Georgetown University law professor Julie Cohen, whose paper forms the basis for the MobBlog discussion, argues for a definition of the user in copyright law that better captures her role in copyright's "larger project" -- promoting the progress of knowledge.

It's a much-needed reminder: conflicts over copyright don't involve only the plaintiff and the defendant. If copyright is about promoting "the progress of science and the useful arts," it's also about us.

Comments (12) + TrackBacks (0) | Category: IP Use

November 12, 2005

Well THAT Didn't Take Long

Email This Entry

Posted by Alan Wexelblat

Pretty much precisely as predicted, there's a new Trojan out that exploits Sony DRM copy protection vulnerability. Details are sketchy at this point - it appears to have been spammed out from a hijacked machine as an email. The best info I've found so far has been Sophos' press release. They have a tool to detect and disable Sony's cloak.

Update: According to Brian Krebs' Security Fix column, a lawsuit has already been filed in California charging Sony with violation of three state-level statutes, and another state-oriented suit will be filed in New York this week.

Update 2: A press release from Electronic Frontiers Italy (which I take to be an Italian EFF-alike) describes a formal request made by that organization to the Italian "Commander in Chief of the Fraud Contrast Group of the Financial Police" in an effort to identify for legal purposes the authors of the malware, whether anyone else is doing similar things, and have them prosecuted under Italian laws that forbid "damaging" personal computer systems. The particular law(s) that apply to this situation aren't spelled out in the ALCEI release, but perhaps that's something the police are expected to determine.

Comments (2) + TrackBacks (0) | Category: IP Abuse

November 11, 2005

DHS to Music Industry: It's Your Intellectual Property, *Not* Your Computer

Email This Entry

Posted by

A sharp rebuke for the largely unrepentent, though emptily gesturing, Sony-BMG, from an unexpected source: the Department of Homeland Security. Writes Brian Krebs of the Washington Post:

"Stewart Baker, recently appointed by President Bush as the Department of Homeland Security's assistant secretary for policy, made a comment that suggested that some anti-piracy efforts introduced by the industry could have profound and unexpected effects on the security of the nation's critical infrastructures. ...

'I wanted to raise one point of caution as we go forward, because we are also responsible for maintaining the security of the information infrastructure of the United States and making sure peoples' [and] businesses' computers are secure. ...There's been a lot of publicity recently about tactics used in pursuing protection for music and DVD CDs in which questions have been raised about whether the protection measures install hidden files on peoples' computers that even the system administrators can’t find.'...

'It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.'"

Via Dave Farber's IP list.

Previous relevant Copyfight coverage: How You Can Help Stop Sony's DRM Abuse and Felten's Four-Step Program for DRM Abusers. And don't miss the latest @ Freedom to Tinker: SonyBMG DRM Customer Survival Kit.

Comments (0) + TrackBacks (1) | Category: Tech

November 10, 2005

Apple Trying to Patent "Tamper-Resistant" Software

Email This Entry

Posted by Alan Wexelblat

Ina Fried has a story on about the just-published Apple patent application. The idea seems to be that code would be limited to specific hardware and in theory could get around various simulators and virtualization technologies. I find this hard to believe, but perhaps that's why it's "resistant" rather than "proof." According to Fried's story, the OS itself would be obfuscated in such a way as to make it difficult to detect what MAC or ROM code was being read to validate the hardware platform. I haven't looked at the patent application yet, so I've no idea what prior art is cited. My guess is that there's a ton and the patent has little or none of it. Geeks who attack this technology as breakable (which it most certainly will be) are missing the point. This is further evidence that whatever Jobs says in public, Apple is kissing ass hard with the Cartel. Apple want to convince the Cartel that digital content will be locked up tight, using a combination of Intel's hardware and Apple's OS use of it.

Comments (1) + TrackBacks (0) | Category: IP Markets and Monopolies

How You Can Help Stop Sony's DRM Abuse

Email This Entry

Posted by

Edward Felten has decided that in the battle to save innocent victims from Sony's reckless, self-destructive DRM bender, the time has come to start calling a spyware a spyware: "In all the discussion of the SonyBMG software, I’ve been avoiding the S-word. But now it’s clear that this software crosses the line. It's spyware."

He also suggests that Sony now recognizes how badly it has stumbled, but continues to publicly defend itself for strategic reasons. In other words, it's gathering the tatters of respectablity tightly around its shoulders as the winds of public disgust grow stronger, hoping that someone, somewhere, still believes it's doing the right thing. Because sometime soon, it's got to shave the beard, tuck in the shirt, and appear before a court of law.

Meanwhile, Fred von Lohmann and Cindy Cohn are tag-teaming to help victims remove the rootkit and disinfect the premises:

Are You Infected by Sony-BMG's Rootkit? helps you find the XCP bug. It includes a handy list of CDs that EFF has confirmed are infected, plus photos to help you identify signs of infection in other CDs.

Now the Legalese Rootkit: Sony-BMG's EULA helps you understand what Sony-BMG will no doubt claim you "agreed" to when you bought, opened, and inserted the CD into your computer. Example: "Sony-BMG can install and use backdoors in the copy protection software or media player to 'enforce their rights' against you, at any time, without notice. And Sony-BMG disclaims any liability if this 'self help' crashes your computer, exposes you to security risks, or any other harm."

Finally, Sony-BMG Rootkit: EFF Collecting Stories, Considering Litigation speaks for itself. If you're fed up and believe that Sony won't treat its customers right until someone in a black robe says it must, take a look and see if you can help make that happen.

Comments (2) + TrackBacks (0) | Category: Tech

November 9, 2005

EFF Stops Pharmaceutical Giant from Using Trademark to Silence Medical News Website

Email This Entry

Posted by

Trademark law is supposed to curb consumer confusion -- not stop people from learning the truth about products, especially ones that affect human health. Which is why I'm thrilled to report that EFF has stopped one of the world's largest pharmaceutical companies, Sanofi-Aventis, from using trademark claims to censor, an independent online newsletter devoted to reporting about a drug called Acomplia.

Acomplia may help people lose weight and quit smoking. It may not. But Sanofi-Aventis has no right to control the flow of information about the drug simply because it has a trademark on the word "Acomplia." Yet that's exactly what the company tried to do, demanding that AcompliaReport give up its domain name. Thankfully, EFF helped the publisher of AcompliaReport forge a settlement agreement, and Sanofi-Aventis backed off.

"The website uses the Acomplia mark solely to refer to Sanofi's product," explains EFF's Corynne McSherry in the official press release. "That use is a textbook fair use."

Oh, yeah -- fair use. That's the part of the law that allows exceptions to an intellectual property holder's exclusive monopoly rights for legitimate, critically important social and cultural reasons. Nice to know it still has a fighting chance on the Internet.

Comments (0) + TrackBacks (0) | Category: Speech

November 8, 2005

On the P2P Problem: Where Do We Go Now?

Email This Entry

Posted by

Grokster's death will likely spur several more rounds of frustratingly recursive debate over how to resolve the P2P infringement dilemma. Which is why, if you're new to the debate, you ought to skip on over to Freedom to Tinker and A Copyfighter's Musings, thereby advancing immediately to square two.

At Freedom to Tinker, Princeton professor Edward Felten writes:

Arguments about the [RIAA] lawsuits often get bogged down in confusion over exactly which argument the lawsuit opponents are making. There are three types of anti-lawsuit arguments.

A moral argument against lawsuits says that bringing the lawsuits is morally wrong.

A pragmatic argument against lawsuits says that bringing the lawsuits isn’t the most clever strategy for a self-interested RIAA to follow.

An empirical argument against lawsuits says that the lawsuits are not reducing infringement.

Why are these distinctions important? Because they carry different obligations. "If you believe a pragmatic argument, then you must believe there is something more clever the RIAA can do; and you should tell us what that is," writes Felten. "But if you’re making a moral argument or an empirical argument, then you have no obligation to describe a better plan, because you’re not asserting that there is a better plan."

Indeed, you may even legitimately believe that no better plan exists. Explains Felten:

This is a common fallacy in policy analysis: assuming that whenever there is a problem, the solution must be some kind of bold new action. Sometimes bold action is just what’s needed. But sometimes bold action doesn’t solve the problem. Sometimes it only causes new problems. Sometimes your problem has no solution and your best course is to suck it up and figure out how to live with the problem.

This is where A Copyfighter's Musings come in. You see, some people believe that while no perfect solution exists, there's a better way forward than perpetual lawsuits (or, for that matter, perpetual arguing over perpetual lawsuits). Derek Slater, who's been carving out middle ground in this debate for quite some time now, attended the recent P2P Litigation Summit and has a few thoughts to share about where we've been and where we're headed. Dr. Urs Gasser, a fellow Berkmanite, has a succinct description of what you'll hear if you tune in:

In the first piece, Derek reports about the P2P litigation summit he participated in, arguing that we have to learn more about -- and from! -- the stories of the people that got sued by the recording industry. In the second podcast, Derek provides a big-picture analysis of possible (technological, business, and policy) approaches to the file-sharing problem. In essence, he makes a strong case why policy-makers should not take drastic measures (such as, e.g., compulsory licensing systems or, as the worst-case scenario, mandatory DRM schemes) to address the current digital media crises. Rather, policy-makers may be well advised to trust in the evolutionary power of market mechanisms on the one hand (emerging business models, in fact, might address the problem) and to focus on the reform of the DMCA and certain procedural protection measures on the other hand.

"Procedural protection measures" is a cold term, but they're exactly the opposite: they're aimed at protecting the innocent people caught in the crossfire of this battle. Even if you support the litigation campaign, you can also wholeheartedly support doing it right. Fairly.* And, as Tim Lee urges, you can also give serious thought and energy to considering what happens when, "a decade and 100,000 lawsuits from now," P2P is more popular than ever.

Update: Xeni Jardin's NPR report on Grokster's (sort of) demise and the future of filesharing.

* That is, by making sure you've actually targeted the right person, and refraining from bulldozing over that person's privacy and due process rights.

Comments (0) + TrackBacks (0) | Category: Laws and Regulations

November 7, 2005

Grokster Gives Up the Ghost

Email This Entry

Posted by

Denise Howell has the scoop sans spin:

"The United States Supreme Court unanimously confirmed that using this service to trade copyrighted material is illegal." That's what the Grokster Web page says today as the result of a just-announced settlement. (Here are pertinent Google News and Technorati searches.) That's not, however, what the Supreme Court said... the language you now see on the Grokster home page was unquestionably scripted by the settling plaintiffs as PR -- without scrupulous regard to an accurate reading of the Grokster decision.

Update (Nov. 9): Denise has a follow-up post, "Unspun," that's more informative than a dozen mainstream media pieces. Check it out.

Comments (1) + TrackBacks (0) | Category: Laws and Regulations

November 5, 2005

More on the Horror...the Horror...the Horror

Email This Entry

Posted by

Wendy Seltzer @ the Berkman Center, in a lengthy interview giving her reaction to Thursday's House subcommittee hearing on the horrifying trio of RIAA/MPAA proposals to impose government technology mandates on innovators:

I've been particularly disturbed by the impact that a technology mandate would have on hobbyists and tinkerers. Right now, I can (and have) built an open-source personal video recorder -- imagine a TiVo on steroids -- to record and playback HDTV. I'm not redistributing television indiscriminately over the Internet, I just like being able to pause live TV or move recorded shows to my Treo to watch at the gym. If the broadcast flag were implemented, I wouldn't be able to buy replacement parts for that machine; even those building commercial TiVos would need to impose government-approved restrictions. [Link & emphasis added.]

Adds Wendy @ Legal Tags: "The question that left Dan Glickman cold came from Rep. Meehan, asking about the compulsory licensing of technology standards: (paraphrase) Do you think tech companies should have to surrender their intellectual property to protect yours?"

Update: Frank Field @ Furdlog: "Jesus H. Christ! This is what I get for being away from this for a couple of weeks...I am sure that proponents will point to this language as supporting innovation:

Section 101. No person shall


(b) manufacture, import, offer to the public, provide or otherwise traffic in any
technology, product, service, device, component, or part thereof, that —


(2) has only limited commercially significant purpose or use other than to modify or cause an analog video input device to no longer conform to the requirements set forth in subsection (a); or

Of course, any novel application is not going to have more than 'limited commercially significant purpose or use' until it gets disseminated and understood (c.f., TiVo). As written now, without the funds to implement VEIL, a firm looking to develop a new application (or, God forbid, an open source application!) would be formally restricted."

Comments (1) + TrackBacks (0) | Category: Laws and Regulations

November 4, 2005

The Horror...the Horror...the Horror

Email This Entry

Posted by

Yep, that's three horrors -- one for each profoundly misguided government technology mandate that the RIAA and MPAA are pushing, hard:

On Thursday, November 3rd, the heads of the MPAA and RIAA presented to the House Subcommittee on the Courts, the Internet, and Intellectual Property their plans for the future of digital technology.

For high-definition television (HDTV), the MPAA demands every receiver must have, and obey, the broadcast flag. For new radio technologies, you'll be restricted to recording radio shows for a minimum of 30 minutes, for a maximum of 50 hours. And all analog to digital video conversions will be forced to watch for, and obey, a concealed copy restriction mark.

If any one of these provisions pass, it would be a disaster for you and for innovation.

There'll be no room for open source software here. All of these devices must be "robust" -- welded shut to prevent alteration by their owners.

There'll be no room for innovation without the say-so of Hollywood. And there'll be no fair use copying without breaking the law.

Public Knowledge and EFF can't fight this one alone. Do your part to stop talk from becoming reality. Tell Congress to reject these proposals today.

Previous Copyfight coverage: A New Kind of Halloween Document.

Comments (0) + TrackBacks (0) | Category: Laws and Regulations

Just the Facts, M'am

Email This Entry

Posted by

Tim Lee wishes Ms. Schroeder would stick to the facts when she criticizes the Google Print library project:

I’m sorry if for beating a dead horse, but it seems every Google critic is making the same mistake:

The creators and owners of these copyrighted works will not be compensated, nor has Google defined what a “snippet” is: a paragraph? A page? A chapter? A whole book?

The answer is “less than a paragraph.” You can find that page by going to the Google Print home page, clicking “About Google Print,” and then clicking “view our Google Print Screenshots.” There are links to that page in several other places on Google Print’s web page as well.

Am I off base to think that this falls under the category of “basic fact-checking?”


I've linked to these posts before, but they're excellent resources for clearing up the confusion about what Google is doing, and well worth passing along for anyone who might otherwise be led astray by articles like Schroeder's:

Bonus: Peter Suber's 9-point reply to the Schroeder/Barr piece: "Why is it more important for you to disparage the arguments against you as intellectually dishonest than to restate them honestly and criticize them?"

Previous Copyfight coverage: Reining in Schroeder.

Comments (10) + TrackBacks (1) | Category: IP Use

November 3, 2005

Why We'd Kill the Web If It Was Born Today

Email This Entry

Posted by

James Boyle, contemplating the birth, 15 years ago, of the first web page: "What would a web designed by the World Intellectual Property Organisation or the Disney Corporation have looked like? It would have looked more like pay-television, or Minitel, the French computer network. Beforehand, the logic of control always makes sense. 'Allow anyone to connect to the network? Anyone to decide what content to put up? That is a recipe for piracy and pornography.' And of course it is. But it is also much, much more."

Comments (0) + TrackBacks (0) | Category: Laws and Regulations

Reining In Schroeder

Email This Entry

Posted by

Best one-sentence description of the Pat Schroeder/Bob Barr op-ed on the Google Print library project: "Pat Schroeder and Bob Barr machine-gun a collection of strawmen."

Best in-depth rebuttal (so far): Don't Fear Google, by Nick Schulz in Forbes:

Pat Schroeder, the former Congresswoman from Colorado is now the president of the Association of American Publishers (AAP) and a vigorous opponent of Google’s plan. She is also an author. I went to Amazon and searched in her book 24 Years of House Work and Still a Mess for the word “property,” and Amazon’s technology found for me on page 286 the following snippet:

"Protecting intellectual property is my main focus at AAP. Technology has made it so easy to copy anything you create ..."

She’s right about technology. However, my finding that snippet and using it for this article is not a copyright violation. I didn’t ask Schroeder or her publisher for permission to use the quote in her book. Indeed, there’s an entire industry, book reviewing, predicated on the ability of people to do something similar to what I’ve just done.

The way the current copyright law works, I can take a book out from any library, read it and write a review of it for publication on the Web site I edit or in the pages of or anywhere else. This “fair use” of material involves no copyright violation. Readers benefit from learning a bit about the book, authors and publishers benefit from increased exposure.

While the details need to be hammered out, what Google hopes to do is similar. It’s not proposing making an entire copyrighted book available for public viewing. Instead, it’s enabling anyone at any time to see the functional equivalent of a quote or passage from a newspaper or magazine book review.


We already permit such uses of snippets for the development of book reviews. Google’s proposed technology is an extension of that. It permits much wider dissemination of relevant snippets of books--in doing so it will whet the appetite of a reading audience that is now global in scale. Authors and publishers stand to benefit greatly.

Who knows, after hearing about it in this article for what I’m sure is for almost all of you the first time, you might even be inclined to buy Pat Schroeder’s book.

Here's a bit more background on Schroeder, who was making headlines four years ago in another battle against people she claims harm publishers' bottom line: librarians.

[Note: I took the liberty of changing the title of this post; the earier version, "Reading Schroeder," didn't give readers much of a clue about the content. I also corrected the spelling of the name of the author of the Forbes piece: it's Schulz, not Schultz.]

Update: Ann Bartow weighs in: "The rabid hyperbole and misrepresentations about copyright law in this piece are truly shocking. And I assert both 'fair use' and First Amendment rights to bring it to your attention in its abysmal entirety."

Comments (0) + TrackBacks (0) | Category: IP Use

Sony/BMG Still Not Coming Clean About Rootkit DRM

Email This Entry

Posted by

Ed Felten, tracking Sony/BMG's attempts to get back on the security wagon in the wake of the rootkit DRM scandal [emphasis, mine]:

Yesterday, the companies released a software update that they say “removes the cloaking technology component that has been recently discussed in a number of articles”. Reading that statement, and the press statements by company representitives, you might think that that’s all the update does. It’s not.

The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included in the initial installation of the entire DRM system, as well as creating some new files. In short, they’re not just taking away the rootkit-like function — they’re almost certainly adding things to the system as well. And once again, they’re not disclosing what they’re doing.

Speaking of disclosure, Felten also responds to law professor Eric Goldman, who argues that regardless of how people feel about DRM, Sony/BMG's EULA appears to cross all the t's and dot the i's. Writes Felten [emphasis, mine]:

While the legal question is beyond my expertise, it’s awfully hard to see how, from a common-sense viewpoint, SonyBMG could be said to have disclosed that they might be installing rootkit-like software. Surely the user’s consent to installing “a small proprietary software program … intended to protect the audio files embodied on the CD” does not give SonyBMG free rein to do absolutely anything they like to the user’s computer.

Surely not. And that's where (much of) the anger and outrage is coming from.

Comments (2) + TrackBacks (1) | Category: Tech

November 2, 2005

Felten's Four-Step Recovery Program for DRM Abusers

Email This Entry

Posted by

Princeton computer science professor Ed Felten has drafted a four-step program to help Sony/BMG recover from its serious security stumblings with rootkit-like software -- the unfortunate side effect of an ongoing addiction to consumer-hostile DRM.

The first step? Say it together, everyone:

(1) Admit that there is a problem. The companies can admit that the software uses rootkit-like methods and may expose some consumers to increased security risk.

Step two? Admit to the Higher Power, to yourself, and to other human beings the exact nature of your wrongs.

(2) Modify product packaging, company websites, and EULA language to disclose what the software actually does.

Three? Make a list of all persons you have harmed, and become willing to make amends to them all.

(3) Release a patch or uninstaller that lets any consumer easily remove or disable the rootkit-like functions of the software. Having caused security problems for their users, the least the companies can do is to help users protect themselves.

Finally, come to believe that a Power greater than yourself can restore you to sanity. Computer security experts can expose you to ridicule by the entire Internet community -- or help you climb out of the gutter and start anew in the world of respectable, trustworthy computing.

(4) Make clear that the companies support, and give permission for, research into the security implications of their products. Saying “trust us” won’t cut it anymore. Having betrayed that trust once, the companies should publicly welcome the Mark Russinoviches of the world to keep studying their software and publishing what they find. If you act like you have something to hide -- and you have had something to hide in the past -- the public will be smart enough to conclude that you’re probably still hiding something. This is especially true if you announce that you are trying to find new ways to do the thing that you were just caught doing!

Comments (2) + TrackBacks (1) | Category: Tech

November 1, 2005

A New Kind of Halloween Document

Email This Entry

Posted by

Only Danny O'Brien can make reading about the undead, relentlessly stalking broadcast flag and its terrifying Too bad the threat of multiple technology mandates is so very un-fun.

Writes Danny @ Deep Links:

Halloween is traditionally the time when the undead walk; preposterous monstrosities that no one could imagine living stumble and moan through the land.

So guess what the entertainment industry decided to dust off for an extra spooky session with the House Judiciary Committee on Thursday?

Why, yes, they are bringing the broadcast flag. And, certainly, there is talk of their henchmen at the RIAA clumsily re-animating their insane digital radio requirements.

But that's not spooky enough for the MPAA. For their party trick this year, they want to take one of the most basic and ubiquitous components in multimedia, and encase it within a pile of legally enforced, complex, and patented proprietary technology -- forever.

Ladies and gentlemen, the MPAA have chosen Halloween week to resurrect their most misconceived monster ever: the Thing from the Analog Hole.

Feel free to flick through this new Halloween document [PDF]: it's a legislative draft proposed by the MPAA for a hearing of the House Subcommittee on Courts, the Internet, and Intellectual Property, on the topic "Content Protection in the Digital Age: The Broadcast Flag, High-Definition Radio, and the Analog Hole," on November 3rd.

Cory, meanwhile, follows up with the ever-so-delicately titled, Hollywood after the Anal. Hole again.

Keep the torches handy. Cory promises that we'll soon have more information about who on Capitol hill supports this latest Very Bad Idea.

Update: Via the Pho list, a few more details on the MPAA's Halloween surprise: the spot where you can watch the live webcast of the hearing, plus the witness list:

  • Dan Glickman, Chairman and Chief Executive Officer, Motion Picture Association of America (MPAA)
  • Mitch Bainwol, Chairman and Chief Executive Officer, Recording Industry Association of America (RIAA)
  • Gigi B. Sohn, President, Public Knowledge
  • Michael D. Petricone, Vice President, Government Affairs, Consumer Electronics Association (CEA) on behalf of CEA and the Home Recording Rights Coalition

Comments (0) + TrackBacks (0) | Category: Laws and Regulations