|
Telerights II - Current Digital Copyright Controve
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Computer underground Digest Sun Oct 26, 1997 Volume 9 : Issue 77
ISSN 1004-042X
Editor: Jim Thomas ([email protected])
News Editor: Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #9.77 (Sun, Oct 26, 1997)
File 1--Telerights II - Current Digital Copyright Controversy
File 2--Cu Digest Header Info (unchanged since 7 May, 1997)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Sun, 26 Oct 1997 13:46:48 -0600 (CST)
From: Wade Riddick <[email protected]>
Subject: Telerights II - Current Digital Copyright Controversy
Open Letter to Chairman Tauzin Concerning
the Current Digital Copyright Controversy
© 1997 By Wade Riddick
All rights reserved
Circulate freely without alteration
The following is an edited version of an open letter sent to
House Telecommunications Subcommittee Chairman Billy Tauzin
(R-Houma, LA) calling for legislative action (and in some
instances, inaction).
It is an overview of market forces involved in the current
digital copyright debate and an analysis of the broad evolutionary
changes occurring in technology. Because of its general nature,
more advanced readers will no doubt find some technical
inconsistencies and omissions.
I make it available to encourage you to support Chairman
Tauzin and others in Congress in their effort to forge a
compromise between the conflicting interests involved. This is
not easy work and our representatives deserve our assistance and
sympathy in this matter.
Wade Riddick
Department of Government
University of Texas-Austin
[email protected]
----------------------------------------------------------
The Honorable Billy Tauzin
2183 Rayburn House Office Building
Washington, DC 20515
(o)202-225-4031
Dear Chairman Tauzin,
10/23/97
My name is Wade Riddick. I am in graduate school studying
political science at the University of Texas, with a particular
focus on technology and economic regulation.
As a fellow Louisiana citizen, I have for some time followed
your work on HDTV, data privacy and encryptionA0issues with keen
interest, most recently with respect to H.R. 2368. You are one of
the few members of Congress witha deep understanding of the concerns
involved and the balance that must be struck between public and
private interests to make the digital economy work.
I am writing to bring to your attention the important way in
which these issues intersect with respect to digital copyrights and
the opportunity this provides you. As you know, the Internet
Service Provider (ISP) liability problem has recently flared up
again on Capitol Hill, which is disappointing. There is a fairly
simple method for creating strong digital property rights which will
benefit both authors and consumers-namely through the use of public
key encryption-and yet, for several years now, the industry has been
at loggerheads over whether and how to do this. I believe Congress
can provide the leadership to unite these diverse and often opposing
viewpoints.
A little over a year ago, I proposed just such a solution that
would favor most parties in this debate (_BYTE Magazine_, Feb.
'96). My work is by no means unique and in the following year
several companies including powerhouses like Xerox and IBM have
moved forward in marketing various components of this digital
copyright enforcement model.
However, these commercial solutions have tended to be closed,
proprietary in design and niche oriented. Their development has
also tended to exclude players outside the computer industry, where
lies much of the impetus for making harmful revisions to the
copyright law. Because no uniform standards exist, companies have
been reluctant to invest in these systems and use them to sell their
most valuable forms of property.
It is no surprise given the relative youth of the computer
industry that it lacks the political experience necessary to forge a
broad consensus and lay the foundations for the public
infrastructureA0necessary to address these digital concerns. Bold
(and incorrect) statements like 'information wants to be free'
frequently leave copyright holders ill at ease and casting about for
ways to strengthen their rights.
Congress, however, is in a position to bring these opposing
sides together, reduce the anxiety surrounding such solutions and
create a level playing field of benefit to the greater economy.
If I may, I would like to briefly outline how such a copyright
system would function, how it would benefit the currently squabbling
interest groups, what kind of opposition it might encounter and why
Congress should get involved in brokering a settlement.
My personal position on digital IP reform is quite simple; I do
not have one. I believe it is first necessary to enforce current
property rights before we can address their inadequacies. The
existing copyright code provides adequate *legal* protection for
authors and gives them the ability to seek restitution for their
work. What is lacking electronically is a *practical* means of
enforcing these rights which makes it easy for consumers to comply
with the law.
My research goal has been to discover and then advocate such
methods in the hopes that we can return to more of an open market in
intellectual property. I believe that if someone buys a book in
hardback, they ought tobe able to buy, 'own' and resell its digital
'copy' in exactly the same fashion they can with the physical
document. Decisions like 'renting' software are most efficiently
left to free enterprise and not mandated in the law. Once
intellectual property is open to rental, lease, outright purchase
and even bundling like financial options-just as any other form of
property-then its market will expand as fruitfully as other capital
markets have in the last decade. The more flexible the law is in
rewarding entrepreneurs, the more complex, developed and profitable
the marketplace will become. I do not believe this will come about
by adding further restrictions and regulations:
How will it happen? The technical alterations which must be
made to digital 'publishing' are quite simple, though they
require a great deal of forethought and coordinat ion among many
companies to implement. The changes rely on one basic
foundation of digital communication-that while information can
be easily *copied*, it cannot always be easily *used*. The best
example of this is encryption.
Without the proper key, any encrypted document is worthless. If
that key can be protected and monitored by networking utilities,
then the entire document can be tracked as well without regard to
how its encrypted form is duplicated.
This thinking is the basis of many different efforts in digital
copyright protection. Under a system which I call telerights and
others call 'cryptolopes' (or, more generally, 'digital libraries')
*each* copy of a document which is published for sale is encrypted
with a key unique to that document, thus personalizing the copy for
each purchaser. In the accompanying diagram, I have outlined four
different steps illustrate how such a system works. In the first
stage, the publisher creates several different copies of the same
document using distinct private encryption keys. The public key is
later passed out to read the document.
Because of the nature of public key encryption, only the owner of
the private key (the publishing house) can ever fix content into a
publishable form that matches the public key. This makes it
impossible for an outsider to switch content and steal property
during the transaction process. A special bank or escrow agent is
used to complete the actual sale, thereby shielding the user's
identity from the publisher in much the same way cash does in a
bookstore. The publisher collects payment and passes along the
encrypted document, together with a small signature which combines
information about the publisher, the document and the privileges
granted to a user. By using a signature to communicate about the
document, it is not necessary to reveal the nature of the content in
any transaction. The escrow agent forwards the user's identity to a
bookstore, which al so collects a copy of the signature and the
actual public key from the publisher. When the user is ready to
'view' the document-and this could include anything from running PC
software to listening to music-he sends the signature to the
bookstore which returns the public key. Because these bits of data
are very small, this process requires very little time to complete.
Even on a fairly slow modem, up to a dozen keys per second can be
transmitted compared to the minutes or hours it would take to
re-download, say, a large movie. (Pay Per View films and digital TV
broadcasts could avoid this speed problem by transmitting each frame
in a series of single smaller documents). When the user requests
the key, the bookstore notifies the publisher that his particular
key is in use, allowing them to search other bookstores for evidence
that the key has been pirated (e.g., someone else is using it
simultaneously). If it has been, then the publisher can either
block access and contact the owner or go to the extreme of
invalidate the key and starting an investigation, depending on
whatever prior arrangement was reached at the time of sale.
Notice how this puts the burden of preventing intellectual
property theft on the actual purchaser of the material and not the
publisher, which is as it should be with any form of property that
is sold. It becomes the user's du ty to keep copies of his document
out of circulation, incurring a significant risk of having his key
invalidated if he carelessly 'loans out' his material or fails to
take other precautions. It is *his* property that is stolen in any
act of piracy. The crucial part of this process-and where the need
for corporate coordination is most evident-comes in the safeguards
which must be built into the user's computer itself. When the
machine receives the key in the final part of the third stage, it is
placed in a tamper resistant area of RAM where it is used to decrypt
the document. This is essentially a portion of the computer that is
tied into the network and off limits to the user. These types of
secure memory are already widely used in many inexpensive smart
cards and, even when combined with the other alterations, should
only add a few dollars to the physical cost of a PC. When the user
finishes viewing the document in the final stage, the key and
decrypted content are erased and a message is sent back to the
bookstore (and on to the publisher) informing them the material is
secured again. The user, of course, retains the encrypted document
to store and do with as he pleases. He may make unlimited multiple
backups of his information without raising the author's fears of
illicit use. He can also move copies around between his home and
office or take them on vacations and business trips.
While this method of protection may seem quite simple, it
changes a variety of important behaviors in the marketplace, giving
digital materials the properties we have come to appreciate in most
physical goods. For example, users could band together to purchase
one copy of a book and shareit among themselves at prearranged
times, much like a household can now 'share' software. Several
public libraries could pool their meager funds and purchase a single
copy of an expensive document that would be available to patrons
from several geographic areas to check out. Users could also carry
materials cr oss country and access them from several different
computers, provided they take the proper precautions.
What is truly interesting is the way such an arrangement would
expand the publishing world. The low cost of digital distribution
would be turned from a drawback into an advantage. Individuals
could very inexpensively sell thei r own content or repackage and
distribute the content of others, adding valuein any of a dozen
ways. By collecting a fee for what was once considered piracy, such
distributors would be encouraged through market incentives to
enforce the property rights of other publishers.
A new rental market would also be opened. Users would be able
to loan out their copies or even rent them by acting, in effect, as
their own publisher. They could encrypt an item they have purchased
with their own set of keys and just follow the four steps again,
this time from the seller's point of view. Getting to the real
content would require the borrower to go through both keys. The
borrower would have to go through both keys to get to the real
content.
'Returning' such borrowed material would be quite easy. The
bookstore would be instructed to simply stop honoring the new
signature after a given period of time. Thus keeping track of
materials on loan in a public library would become automatic, not to
say inexpensive.
Material could be republished this way several times. Indeed,
multiple copyright holders could easily mix their work together and
get reimbursed according to a prearranged formula, thus simplifying,
for example, the negotiations a movie producer might have to go
through to acquire the rights of a hit song for the soundtrack.
This infrastructure could also be used as a broadcast conduit
for ostensibly free information. As I pointed out earlier, only
those individuals with the private key can publish material that
matches the public key. A television network, in order to protect
its advertisers from having their messages stripped out, could
encode their signals with a single key whose brother would then be
provided freely to the public. Rebroadcasters would not be able to
piggyback their own commercials over legitimate ones and users who
'tape' the programs would not be able to avoid the commercials
without purchasing separate, clean copies. And by tracking requests
for the public key, networks could also assemble valuable
demographic numbers. By breaking up the information needed to pay
for and use copyrighted materials and limiting the players to their
own spheres of self-interest, this process reinforces not only
royalty collections but also privacy rights.
Bookstores, for instance, would be in the business of monitoring
keys, the one duty they are contracted with both parties to perform.
A bookstore would have no interest in the type of content it was
monitoring the same way the phone company has no interest in what
two parties are saying, only in making the connection. Likewise a
publisher would not care who in particular buys their product, only
that they can collect their money and stem losses from piracy. They
might like to know demographic information about their consumers,
but this could be collected quite easily though a third party
auditor who could scan bookstore records on behalf of the entire
publishing industry, stripping away individual user identities
before matching the pertinent statistics up with the nature of the
content. In this way, user privacy can be protected while still
allowing businesses to acquire the much needed marketing information
which benefits everyone. Of course, as with any financial
transaction, allowances would have tobe made for other types of
auditing to prevent piracy and money laundering and to insure proper
bookkeeping standards-but these last two issues will have to be
faced in the broader context of digital commerce anyway and proper
benchmarks for such regulation already exist in the financial world.
The first issue, piracy, actually becomes much easier to deal with
under this system. In order to make money, a pirate will either
have to enter the market as a legitimate publisher (in essence
'publishing' stolen material) or he will have to settle for selling
the decrypted content and disguising his profits. Given the ease of
legal republishing and assuming that digital distribution will
vastly lower prices, pirates should usually opt to go legitimate as
redistributors of goods. On the user side, most consumers should
shy away from purchasing decrypted goods, particularly if the costs
of the commercial items can be lowered sufficiently.
In any event, one thing would stand in the way of exchanging
pirated goods, decrypted or not: watermarks. It is becoming quite
easy to insert permanent, indelible watermarks into audio and video
information to identify the true author and purchaser. The user's
computer could be instructed to scan for one of these marks in a
random audit of a decrypted document and then forwarding it on to
the bookstore or a third party association specifically set up to
check for stolen goods. This would provide a check on unscrupulous
publishers who dupe well-meaning consumers, vastly increasing the
risk associated with trafficking in pirated goods.
What I have just outlined is only one possible way to structure
digital copyright transactions. A user's identity and privacy, for
instance, could easily be shielded much earlier in the process. The
network provider might simply send the bank a guaranteed pseudonym
and retain all the user's personal information to themselves. One
could also add more privacy through multiple banks and escrow agents
in the transaction. As well, the bookstore does no t necessarily
need to hold the actual decryption key. It could merely act asa
conduit through which the key passes in a private channel to the
user. Should the publisher go bankrupt or cease operations, the
user could rely on a thi rd party warehouse agreed to with the
publisher for archiving keys.
I will turn now to the political questions involved in
developing sucha system. This model makes two key technical
assumptions, neither of which is far-fetched but both of which lie
at the heart of Hollywood's fears. The first assumption is that the
personal computer will become the ubiquitous device through which we
consume information. The second is that every one of these
computers will have a continuous network connection out of the home.
In terms of technical advances, neither of these are terribly
difficult obstac les to overcome. The know-how exists; it only
needs deployment in high volume consumer goods. The question is who
will pay for it and who will try to throw up regulatory hurdles.
On the hardware side, it is becoming increasingly clear that
advanced computing power will in a few years penetrate homes to the
same degree that telephones and TVs have, perhaps even replacing
both devices. It makes little difference whether the end product
will be a smart TV or a PC adapted to accept multimedia broadcasts.
Right now, the abilities of these devices to quickly and cheaply
reproduce digital information in volume has copyright holders
justifiably worried. So far, their response has been quite typical:
They have either tried to retard these advances through litigation
turned to dedicated hardware like DVD players which limit the flow
of information.
This is not a viable long term strategy. Computing history is
littered with the remains of dedicated platforms and proprietary
designs. DVDs are simply one more data storage format in a long
line. It is inevitable that consumers will acquire some kind of
mass storage technology and eventually some arrangement of two-way
accounting between publishers and consumers must be agreed to.
Whether publishers like it or not, PCs will become widespread, will
overwhelm any dedicated player and any long term solution must take
th is into account.
The mistake made in past DVD negotiations is not that encryption
was used, but that it was not taken far enough. DVD keys are tied
into the players themselves, which in turn are geared toward
distinct geographic regions. The goal, basically, is to prevent
Chinese pirates from cracking the code in their region and then
distributing movies released in China back in to the U.S. If these
keys were geared to the individual purchaser instead of an arbitrary
region, then Chinese utilities could be given a small financial
incentive to monitor and enforce the copyrights as key managers.
But Hollywood interests did not turn to encryption with this
goal in mind. They did so to protect their current distribution
system using the same logic that saved them from the analog
electronics revolution of the VCR. When you copy a movie onto
videotape, its quality degrades quickly-as does that of CDs
transferred to audiotape. Digital technology eliminates this
problem, but Hollywood has sought to use these same methods to reign
in pirates. In the case of Digital Audio Tape, individual recorders
are specifically designed to degrade the signal when copies are
made.
However, the worlds of software and movies are in for a rude
collision2E Computer data cannot tolerate any such degradation.
Mass storage devices like CDs, hard drives and tape backups must do
their jobs of reproduction perfectly. So far the entertainment
industry has been protected by the high costs of devices like CD-ROM
burners, but as prices for them drop rapidly and they become
standard components in computers the consumer electronics and PC
industries will inevitably collide.
The second assumption this new copyright system makes is that
homes will have a continuous network connection. Technically, this
is not an onerous requirement for the kind of model I have outlined.
Most homes already havea continuous cable feed, often times
bi-directional. Several companies are also working on using power
lines to transmit information continually into and out of electrical
sockets. By the time such a copyright management system could be
developed and marketed, these technologies will probably be widely
available to consumers. Even if they are not, the system I have
proposed can work with the intermittent contact of a regular phone
line. Indeed the phone, coupled with the video store, becomes more
efficient at delivering movies than cable. The data required to
transmit a key is minuscule compared to that o f constantly
rebroadcasting a movie on Pay-Per-View each time a viewer wants to
watch it.
Politically, however, the issue of network connections is a more
subtle problem that tends to be finessed differently by different
players. Here the focus of the fight is not on preventing piracy
from happening, as it is with DVD players, but in shifting around
the legal liability once it does happen:
The main target for the entertainment industry are the Internet
Service Providers (ISPs) who supply networking services to personal
computer owners2E Since ISPs lack the tools to track piracy on
every PC plugged into their network, they have little choice but to
try to claim that they are not in the content business and seek
protection under the common carrier statutes.
This is indeed an ironic trend. Most companies in the aftermath
of the 1996 Telecommunications Act have been more than happy to jump
feet first into the content business. Just the opposite is true for
ISPs. Copyright liability legislation being considered would vastly
increase their costs with little or no reward on their part for
enforcing any of these laws.
The phone companies, who are ambivalent about the internet and
have not yet fully committed to being ISPs, are happy to stand by
and watch their ISP competitors get taken to the cleaners on this
issue. Not only does it clear the ISP field for the bells to enter
(by vastly increasing the administrative costs of regulatory
compliance-something they are very good at), it also knocks out all
the companies who are competing with their phone business by using
the internet. Both ISPs and the Bells must be convinced that they
can profit from the liability 'problem' by collecting key management
fees. When ISPs object th at they are not in the business of
monitoring content, pay them to make it in their interest. Turn
that liability into an advantage by making them a rewarded part of
the 'publishing' process. Allow them to collect a toll for keeping
track of this valuable information. Convince publishers, in turn,
that such fees are be minimal compared to the money they would save
through digital distribution. In this part of the fight, phone
companies are potentially your savviest ally if they can be
convinced in the merits of altering the copyright landscape. They
already have an extensive accounting infrastructure that could
easily track these multiple individual transactions (unlike cable
companies and most ISPs). The Bells are also far more experienced
with these kinds of large industry negotiations and lobbying
efforts, particularly on the international front where much work
would have to be done. The one major objection the bells might have
lies in moving closer to a packet switched network. However,
confounding any such rapprochement among the industries is the
decision of the 1996 Telecommunications Act to further blur the
barriers between content carriers and producers. There is ample
incentive now for companies who act as both a creator and
distributor of content to use both to their advantage. Microsoft,
for instance, can propose proprietary software solutions that only
benefit *its* MSN network and *its* content partners and/or charge
others an exorbitant fee for the same service. Its recent
acquisition of Web TV and its investments in the cable industry only
multiply the possibilities.
Under a telerights-like system, users would no long be locked in
to particular channels of distribution when they buy a product. A
user on the Microsoft Network, for instance, could purchase advice
formerly supplied only through AOL. Producers would cut deals with
bookstores based on the price of monitoring their keys, not on the
type of digital content they provided. I f this blur is allowed to
persist without clear regulatory controls, one might see a market
restriction tantamount to, say, only Merrill Lynch traders being
allowed to buy and sell IBM stock.
The problem is more pernicious within movie studios themselves
where content and distribution have been wed the longest. For
decades studios have relied on the huge expense of developing
negatives of film stock and making and distributing prints as ways
of protecting their property from piracy-aided by the fact that
theaters are also a relatively public business. The new analog
technologies of VCRs and cable-TV were adapted to this mold closely
enough to suit Hollywood's expectations and they are now merely
extra stages in a film's release. And in some case, companies like
Disney have sought even better integration by combining with
broadcast and cable entities.
Under this new copyright model the increased profits due to
gains in efficiency should benefit most publishing *and*
distributing operations-provided the two can be separated-but the
movie making business continues to be a tightly knit industry and,
if not properly appeased, may prove a further obstacle to change.
The key problem will probably center around formats of distribution.
Once a film goes from theatrical release (where it can be closely
tracked) to digital consumer form, the *type* of format it is
distributed on becomes irrelevant. Bits are bits whether delivered
over a cable connection, the airwaves, the phone or purchased on a
disk platter. Indeed, consumers may choose to forgo spending the
extra dollars on, say, printed liner notes or fancy box artwork and
instead have material copied directly to their own blank disks.
Freeing the market this way will, no doubt, prove beneficial for
consumers, the industries and the country as a whole but not without
first having an impact on advertising and marketing in the film
industry (if not to say the entire video rental/retail and
cable/broadcast sectors).
As I have pointed out, most of the friction in the digital
copyright fight has centered on the two fronts of computer hardware
and networking liability. This conflict would be more profitable
for all parties concerned if it were not split in this fashion. As
it stands, ISPs cannot turn the lobbying pressure around to
encourage PC makers to build monitoring devices into their products.
It raises the traditional hackles of Big Brother intrusion even
though phone companies already keep track of this kind of
information. Computer companies, in turn, cannot rely on ISPs to
alleviate the fear film makers have about the copying abilities of
things like DVD drives. ISPs have to claim they are not in the
content monitoring business because they are not even in a position
to develop the necessary hardware tools. The result is two separate
industry battles inching forward. It must be the business of
Congress to address all of these concerns at the same time. Despite
this muddied copyright terrain, some companies have already sensed
the underlying logic of the convergence. They have tried to bridge
the gap on their own but so far their efforts have been fragmented
and far from comprehensive. IBM, for example, has proposed a system
called cryptolopes which sends purchased information across the
internet in encrypted form.
However it lacks the ability to protect and track such information
once it is downstream. Xerox's work on digital libraries-which
perhaps comes closest to the ideal-is not currently geared toward
the consumer PC market. Neither company's system shows any signs of
turning into a universal data standard for conveying books, movies,
music and other consumer goods.
One of the most interesting recent innovations comes out of the
DVD industry itself. Circuit City is developing a special rentable
DVD movie format that makes consumers dial over the telephone for
the unlocking key if they decide to purchase the material.
Unfortunately, this appears to be a one time call and, once again,
it is far from being an industry standard product.
Neither is it adapted for the most important digital appliance, the
personal computer, nor can it handle any of the vast array of other
forms of information like CDs and computer software.
These partial efforts are not enough. As you can see, the
problems the market has had to date in reaching a solution are
mostly organizational and not technological. For the public good, a
unified method of handling copyrighted information needs to be
developed to ensure that we do not havea single market based on
competing and mutually exclusive currencies of transaction.
Congress can encourage this by simplifying copyright liability
and transferring back to the buyer all the digital ownership rights
that have been stripped away (e.g. rental rights)-provided of course
that this information can be delivered in a properly monitored,
encrypted form. This will give ISPs a happy medium for accepting
responsibility for the copyrighted information passing through them.
To do this, Congress will need to prod the ignorant sectors of each
industry and educate them about one another. Experts with deep
understandings of all three parts of the economy need to be
assembled to bridge this gap and help Congress provide leadership on
this issue by creating incentives for companies to collaborate on
copyright enforcement systems. To do this it may be necessary to
sharpen the legal distinction between content and network service
providers. Without some sort of Chinese wall, these operations will
have the incentive to piggyback on one another to compete unfairly.
One might see certain bookstores refusing to honor keys with
signatures that come from other publishers-a situation equivalent to
phone companies refusing to take one another's calls. Congress also
needs to provide a stable landscape for the legal use of encryption.
The way to do so-in this particular context only-is to *entirely
ignore* the wider controversy. The type of encryption needed for
this infrastructure project is key escrow by its very nature,
something which no one should object to. By avoiding Fourth
Amendment issues altogether, you can also avoid any unnecessary
complications in the discussions.
Stress instead the financial need publishers and consumers will
have for using trusted third parties to monitor their agreements.
If a publisher goes bankrupt, buyers should be able to retain
ownership of their goods. Bookstores can ensure this by holding on
to an extra copy of the key and acting, in effect, as a third party
repository. If the key escrow issue is treated properly in this
context, everyone can win. The proper contractual model for this
type of relationship comes out to the computer programming industry.
When companies contract out specialized software, they often have
concerns about what will happen to the source code if the company
they hire goes out of business. The programmers, on the other hand,
do not want to allow their clients access to the code since that
negates the value of future service and upgrade contracts. Both
parties typically turn to a trusted third entity who is paid to hold
on to a copy of the source code as insurance against such
eventualities. By citing this example as your justification for key
escrow you can reduce the friction between civil libertarians and
national security concerns.
I would also encourage you in particular, Mr. Chairman, to
continue your dual work on both strengthening privacy rights and
reinforcing public identities on the internet. Give companies solid
guidelines for protecting individual privacy without stripping away
the crucial ability to collect important marketing information.
Also continue your work to secure public discourse on the
internet. Go beyond requiring spammers to use their real email
addresses and take steps to prevent all other forms of spoofing.
Require businesses to use their own addresses and email accounts. A
pirate can thwart this kind of copyright enforcement system if he
pretends to be a bookstore and intercepts its traffic. This
particular problem has implications well beyond the digital
copyright issue. If spoofing cannot be prevented, both through
technical and legal measures, then large chunks of the digital
economy simply will not work.
Finally, some of the things like fair use which we have come to
love about the copyright law must be adapted for the digital age.
Methods of quotation and incorporation must be worked out. My
personal suggestion is to force companies to grant automatic key
approval to any individual claiming a fair use exemption. This
could, perhaps, be done by having a public agency like the Library
of Congress act as a 'bookstore' for keys. In the event of a
dispute, the publisher could request some type of arbitration
procedure and, if unsatisfied, could challenge the fair use in
court. Since the key would always be monitored there would be a
clear auditing trail and damages wouldbe easier to determine than
they are today.
In closing, I would like to point out that time is a critical
factor here. One technical obstacle I have not covered is the cost
of writing software for this system. Since the methods of
delivering high volume digital information to consumers have yet to
be worked out, cost right now is not a critical issue. It can be
bundled into the general expense of developing the 'information
superhighway.' However, if too much time passes and individual
companies realize too late that a new copyright enforcement system
is in their interests, then the upgrade effort could be
considerable, particularly with respect to the needed PC hardware.
So while this idea for copyright enforcement is simple, speed is of
the essence. Its implementation is complex and requires agreement
among several powerful players, some of whom may be risk averse and
may feel it is opposed to their true interests. With very few
exceptions, I believe most industries will benefit and the market
for digital goods will be vastly enhanced, providing the economy
with even greater stimulus than we have seen in the '90s. By
properly adapting encryption technology to give networking
authorities the ability to track such information, we can
decentralize the distribution process, cut costs and expand the
market for digital intellectual property.
This kind of delivery can occur over the phone, the cable system
and even through HDTV broadcasts. All of these industries stand to
expand their markets and raise profits for copyright holders if they
can 1) agree on a standard form of protected digital distribution,
2) get the computer companies to implement it (perhaps with a
government mandate), 3) stop tampering with the existing copyright
and liability laws in ways that discourage this and 4) negotiate
with foreign governments to pull them into such a system.
These goals will eventually be accomplished through marketplace
experimentation already underway. However, the pain of trial and
error and non-standardization can be avoided now with a little
forward-looking leadership. The various industries involved need to
be educated about the future opportunities digital technology will
provide them with and a legal path needs to be set down which eases
the transition. For purposes of brevity I have not discussed
several important issues pertaining to this idea, so this letter may
raise more questions with you than it answers. If you or other
parties would like to pursue this, please contact me. At this point
in my career, I am not in much of a position to implement this idea
beyond using my powers of persuasion and the time is drawing close
when leadership from within industry and government must take over.
Sincerely,
Wade Riddick
Department of Government
University of Texas-Austin
[email protected]
-------------------------------------------------------------
Telerights Digital Copyright Enforcement Model
---- Step 1 ---- Publication ----------------------------
Private key A'; Public Key A
Original Document -+----->----------------------------> Copy A
!
! Private key B'; Public Key B
+-------->-------------------------> Copy B
!
! Private key C'; Public Key C
+------------>---------------------> Copy C
---- Step 2 ---- Purchasing Copy A ------------------------
Signature A + Key A
Publisher ------->-------------------------> Bookstore (ignorant of
^ ! ^ content)
! v !
$ ! ! Copy A (content) !
! ! + Signature A !
^ ! !
! v user's identity !
Escrow agent/bank --------->----------------------+
(renders the buyer
anonymous to the publisher)
^ !
! v
$ ! ! Copy A (content)
! ! + Signature A
^ !
! v
A0 user
---- Step 3 ---- Using Copy A --------------------------
Publisher
^
Key A ! The document
+------<----- Copy A <----------------------<-----+ ! w/ Signature
A
! ^ ! ^ is in use
v ! ! !
document ->-----> user ->-------------------------> Bookstore
Signature A
---- Step 4 ---- Finishing up --------------------------
Publisher
Copy A (keep) ^
^ ! finished
! finished !
trash <--------<---- user ------>-----------------> Bookstore
Key A +
document
------------------------------
Date: Thu, 7 May 1997 22:51:01 CST
From: CuD Moderators <[email protected]>
Subject: Cu Digest Header Info (unchanged since 7 May, 1997)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send post with this in the "Subject:: line:
SUBSCRIBE CU-DIGEST
Send the message to: [email protected]
DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to [email protected]
(NOTE: The address you unsub must correspond to your From: line)
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
In ITALY: ZERO! BBS: +39-11-6507540
UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
Web-accessible from: http://www.etext.org/CuD/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #9.77
************************************
|
|
