[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Internet Society on Digital Restrictions Management



(Forwarded from CYBERIA list)

-------- Original Message --------
Date: Thu, 15 Aug 2002 22:18:29 +0100
To: "R. A. Hettinga" <rah@shipwright.com>
Subject: Statement of the Internet Society on Digital Rights
Management


FOR IMMEDIATE RELEASE

August 15, 2002

Contact: Julie Williams
703-326-9880, x111; 703-402-6715 cell

Statement of the Internet Society on Digital Rights
Management

Washington, D.C. - The Internet Society strongly opposes attempts to
impose governmental technology mandates that are designed to protect only
the economic interests of certain owners of intellectual property over the
economic interests of much larger portions of society.  The current debate
in many countries of the world regarding digital rights management (DRM)
has illustrated the inevitable conclusion of technology mandates in law: a
world where all digital media technology is either forbidden or
compulsory. The effect of these mandates is to grant veto power over new
technologies to special interest groups who have continually opposed
innovation.

There are many policy reasons that can be advanced to oppose government
intervention in technology.  Society at large has a powerful economic
interest in promoting research resulting in the creation of new products
and services as well as new jobs. Many of the legislative proposals
currently under consideration would shackle technology and the research
needed to support it, solely for the benefit of one small group. From the
standpoint of sound public policy, intellectual property rights must be
respected but must also be kept in balance with other rights and
interests. In particular, copyright law is a kind of "bargain" between
rights owners and consumers. Copyright, except in rare instances, is not
perpetual, and there are a wide range of fair use exceptions to copyright
that limit its restraints. Without these limits, copyright would soon
become an oppressive burden on creativity and freedom of expression. The
Internet Society acknowledges these policy considerations, but also
believes that there are other even more persuasive arguments, based on
sound engineering and technological principles, that show the folly of
government mandated technology.

Technology mandates are inherently anti-innovative. The entire concept of
a mandate is that it freezes a particular technology at a point in time,
and inhibits research and development on new and better technology.
Technological standards are desirable and even necessary for widespread
implementation of new technology, but all standards sooner or later must
give way to new standards. This process should not be impeded by
legislation that effectively prohibits research and development.

A classic illustration of the dangers of DRM legislation may be found in
legislation enacted by many countries as part of their treaty obligations
under the World Intellectual Property Organization (WIPO) copyright
treaties. The so-called Digital Millennium Copyright Act (DMCA), passed by
the United States Congress in 1998, is an example. Under the WIPO
treaties, the United States, like the other countries bound by the
treaties, had an obligation to "provide 'legal protection and effective
legal remedies' against circumventing technological measures, e.g.,
encryption and password protection, that are used by copyright owners to
protect their works from piracy . . ." [See S. Rep. No. 105-190, at 8,
10-11 (1998)].  The DMCA, in responding to this obligation, illustrates
the "law of unintended consequences." While purporting to help copyright
owners, it seriously threatens research in the field of encryption for
security.

The DMCA prohibits "circumvention" of existing technological measures
(such as encryption) that control access to a work and encryption; it
prohibits "trafficking" in technology designed to circumvent access
control; and it prohibits "trafficking" in technology designed to
circumvent copying. These prohibitions are subject to certain exceptions;
the DMCA acknowledges rights of fair use, so that, in certain limited
circumstances, circumvention of copying protection for purposes of fair
use of an encrypted work does not violate the act.

Another important exception is the separate provision of the DMCA that
allows circumvention of access controls for the purpose of encryption
research to identify flaws and vulnerabilities of encryption technology.
This provision is narrowly drawn with explicit conditions relating to good
faith in performing research. Most significantly, the exception is for
access only; it does not permit what the act refers to as trafficking in
such research.

The danger to research presented by statutes like the DMCA is best
illustrated by a real world example of a researcher in the field of
encryption. Just because cryptography can be or is being used for purposes
other than copyright protection, does not mean it is not also used for
copyright protection and therefore subject to the provision of the DMCA.
Although a researcher may be looking at a certain type of cryptographic
technology that is used to protect packets containing information in the
public domain, that same technology might also be used to protect other
packets that contain copyrighted data, unknown to the researcher.
Likewise, a researcher might attempt to break the protection on an item
without realizing that the protected item is a copyrighted work, which may
not be discovered, if at all, until it is too late. But the issue isn't
whether the researcher has cracked the protection - the issue is what the
researcher may do with the resulting information.

A central question for encryption researchers is whether publishing the
results of their research amounts to disseminating something whose primary
purpose is to circumvent copyright protection. Under the DMCA, the act of
circumventing access controls for good faith research, standing alone, is,
generally speaking, legitimate. This does not present great problems to
researchers. However, when the researcher then wishes to publish the
results of the research, the DMCA provides a test of the intent of the
original circumvention that depends on whether the subsequent publication
is made to "advance the state of knowledge" of encryption research, or
whether it is made "in a manner that facilitates infringement." In other
words, if the researcher acts in good faith to circumvent access control
and publishes with the intent of reaching other researchers, but the
information ends up being "disseminated in a manner that facilitates
infringement," then the original circumvention of the access controls may
have been illegal. Since there are both civil and criminal remedies
available to copyright owners, the researcher faces serious dilemmas in
deciding whether, how and when to publish.

There are already court decisions in the United States and elsewhere
involving both civil and criminal aspects of the publication of encryption
research. Many prominent figures in the field have already spoken out
against the chilling effect of legislative interference with research in
technology. The Internet Society calls on the legislatures of the world to
limit the damage caused by shortsighted legislative efforts, intended to
carry out the seemingly high-minded purposes of the copyright treaties,
that instead threaten the advancement of science and technology.

About ISOC

The Internet Society is a not-for-profit membership organization founded
in 1991 to provide leadership in the management of Internet related
standards, educational, and policy development issues.  It has offices in
Washington, DC and Geneva, Switzerland. Through its current initiatives in
support of education and training, Internet standards and protocol, and
public policy, ISOC has played a critical role in ensuring that the
Internet has developed in a stable and open manner.  It is the
organizational home of the Internet Engineering Task Force (IETF), the
Internet Architecture Board (IAB), the Internet Engineering Steering Group
(IESG) and other Internet-related bodies.

For over 10 years ISOC has run international network training programs for
developing countries which have played a vital role in setting up the
Internet connections and networks in virtually every country that has
connected to the Internet during this time, while at the same time working
to protect the Internet's stability.  ISOC is taking the next step in this
evolution with the recent announcement of its intent to bid for the .ORG
registry based on the belief that a thriving non-commercial presence is a
key element in developing a strong social and technical infrastructure in
all nations.  For additional information see http://www.ISOC.org.

--- end forwarded text