This story was originally published on Aug. 27, 2010, and is brought to you today as part of our Best of ECT News series.
The Digital Millennium Copyright Act (DMCA) — enacted in the waning days of the 20th century — contains provisions designed to make it evolve over time. The idea was that as technology fostered new ways of creating and distributing copyrighted material such as music, movies and software programs, the law could continue striking the proper balance between the consumer’s right to access that material and the producer’s right to profit from it.
However, two recent legal rulings related to the DMCA have raised questions as to whether this law can, in fact, keep pace with advances in technology. The two rulings revolve around the legality of breaking encryption or other forms of technology that prevent copyrighted material from being copied or redistributed without the creator’s consent.
Consider It Fair Use
The companies that deploy these access control methods typically say their goal is to prevent piracy, the unlawful reselling of their work by unscrupulous third parties. If that’s the case, then these companies should have no problem with the two recent rulings, which, in effect, say it’s OK for consumers to circumvent a product’s access controls as long as they’re doing it to further their own “fair use” of the product, and not as a means of earning a profit.
In lay terms, that means consumers can break the encryption on a movie purchased on a DVD if they merely want to make a backup copy for their personal files or they need to pull snippets of the movie to use in a non-commercial presentation such as a school project or a documentary film.
Breaking encryption becomes illegal when the person doing the breaking attempts to make money off the material they’re accessing.
The Library of Congress, which oversees the U.S. Copyright Office, issued these ground rules on July 26 as part of its regular review of the DMCA’s “anti-circumvention provisions.”
That same week Judge Emilio Garza of the New Orleans 5th District Court ruled that General Electric did not violate copyright law when it broke the encryption on a software program that contained instructions for repairing power supplies used in its plants. GE had been sued by the company that sold it the power supplies.
The Library of Congress review, which takes place every three years, is the mechanism that’s supposed to ensure that the DMCA keeps up with the changing technology landscape. The Library of Congress showed it takes that responsibility seriously by ruling on consumers’ right to break encryption on products that have only come into widespread use in the past couple of years — such as e-books and smartphones.
The smartphone ruling has garnered the most attention — and generated the most controversy — because it covers the practices known as “jailbreaking” and “carrier unlocking” of cellphones, which quickly became hot topics among people with technical know-how when Apple introduced the iPhone in 2007.
Setting Your Phone Free
Carrier unlocking is altering a cellphone’s software so that it can run on any compatible network. This is a way for people to have an iPhone without signing a contract with A&T, which has exclusive rights to distribute the iPhone in the U.S. Jailbreaking is reconfiguring a phone to allow it to run applications that have not been approved by the phone’s manufacturer, which in the case of the iPhone is Apple.
In addition to recognizing recent advances in technology, these rulings reflect basic common sense, according to Corynne McSherry, senior staff attorney with the Electronic Frontier Foundation (EFF), which was a leading advocate for all of the rulings issued by the Library of Congress.
“The law should not be used as a means to prevent consumers from using products in ways they normally would expect to be able to use them,” McSherry told the E-Commerce Times. “Apple, in particular, has been trying to use DMCA to restrain consumers’ full use of a product. When you buy a car, the manufacturer doesn’t preclude you from putting a different type of stereo system in it. So, we shouldn’t be living in a world in which the minute a product involves the use of software, the manufacturer has the right to dictate how you use it.”
Apple has argued, at least in the case of jailbreaking, that allowing customers to place unauthorized applications on their iPhones potentially renders the entire network vulnerable to hackers with malicious intent, exposing users who stick solely with authorized apps to unfair risk.
“They have other ways of constraining how customers use products, such as licensing and enforcement of warranties,” McSherry countered. “If they want to use those mechanisms to limit how customers use products, that’s fine; but copyright law should not be a part of that strategy.”
The EFF also has a fundamental disagreement with industry groups representing the major movie studios and software vendors. Both of those groups — the Motion Picture Association of America (MPAA) and the Software and Information Industry Association (SIIA) — have voiced their objections to the Library of Congress rulings, in addition to filing briefs supporting a new hearing in the GE software case.
The parties asked for a rehearing because they believe the judge erred in declaring that there needs to be an actual infringement — in other words, an improper use of the copyrighted material — for the breaking of encryption to be ruled a violation of the DMCA, according to Keith Kupferschmid, senior vice president, intellectual property, for the SIIA.
The Court Got It Wrong
“It’s pretty clear in the statute that mere circumvention of an access control is a violation of the DMCA,” Kupferschmid told the E-Commerce Times, adding that SIIA believes a strict interpretation of the act is in the best interests of both software users and developers.
“These recent rulings don’t necessarily put software makers’ business in jeopardy, but they do put them — and their customers — at a disadvantage,” Kupferschmid argued. He also conceded, however, that the potential disadvantages from the customer perspective extend primarily to corporations — and not to individual consumers.
He offered the example of a company purchasing a software application under a license that only allows 20 people to use the application at a given time. The company could place that application on every worker’s computer and then deploy metering software to deny access to anyone who would exceed the 20-user limit.
“The metering software would prevent this company from ever being guilty of copyright infringement,” Kupferschmid noted, “but if that metering software was not protected by the DMCA, the entire business model would have to change. Instead of being able to give the application to everybody in the company and letting technology monitor its use, they would now have to make a conscious effort — expending valuable time and resources — to make sure that only the people named on the license are using the software.”
The one thing on which people on both sides of this debate agree is that encryption alone will not stop unauthorized use of copyrighted material. “The technology used to protect copyrighted material is not meant to be a silver bullet,” Kupferschmid said. “It basically keeps honest people honest. The real hackers — people who want to circumvent or decrypt something to get to the underlying copyrighted work — they are going to do it no matter what type of technology is used to protect.”
Both the SIIA and MPAA have programs to track and sue people who attempt to sell unauthorized versions of their products. That may be all those need to do in order to protect their revenue streams, suggested Josh Martin, senior analyst with StrategyAnalytics.
“While these rulings eliminate the threat of being sued for most consumers, the fact remains that anyone jailbreaking an iPhone or removing the digital rights protection from an e-book will be in violation of the terms of service,” Martin told the E-Commerce Times.
“The thought of losing support from the content owner or hardware provider is enough to deter most people from breaking any type of encryption,” he pointed out. “So ultimately, these rulings don’t change much. Users who want to jailbreak, rip, etc. will continue to do so, and those that don’t won’t.”