IP: more on Thought crimes or better the joint plans of disk drive manufacturers and content providers to provide copy protection based on cryptographic means embedded within the drive technology

[Dave Farber <farber () cis upenn edu>]

> Date: Mon, 25 Dec 2000 15:32:17 -0800
> To: "Jonathan S. Shapiro" <shap () eros-os org>
> From: "Mark S. Miller" <markm () caplet com>
> Subject: Re: Thought crimes
> Cc: <farber () cis upenn edu>, <ip-sub-1 () majordomo pobox com>, <fsb () crynwr com>,
>    "Marc Stiegler" <marcs () skyhunter com>
>
> At 09:07 AM Monday 12/25/00, Jonathan S. Shapiro wrote:
> > Copyright has two purposes: (1) to allow an author to gain compensation for
> > a work, and (2) to ensure that after an appropriate amount of time the work
> > becomes public domain. As we think about the implications of cryptographic
> > disk drives, it is important to remember that these technologies only
> > address *half* of copyright. They allow a distributor to ensure that a
> > copyrighted work is more difficult to steal. Unfortunately, by their very
> > success, they ensure that the work will never be released as a public good.
> > Cryptographic disk drives do not preserve copyright. They enforce something
> > much much stronger.
>
>
> Because the descriptive and the normative -- "is" and "ought" -- are so
> rarely separated, I need to make it clear that, if I could wave a magic wand
> and have copyright, narrowly interpreted, continue to be enforceable in ways
> that serve both of these purposes, I would.  This note explains why I don't
> think there is such a magic wand.  I am not against copyright.  I am just
> against tilting at windmills.
>
>
> Jonathan's paragraph above assumes that copy protection is possible, and
> that it is possible for these disks (or other means) to succeed at their
> purpose.  For most of the media people are trying to protect, which we call
> "self revealing media", this is simply false.  Books, movies, music, and
> such are all self revealing media -- the only way their information content
> delivers value to the customer is by revealing this information to the
> customer.  Unless someone knows of a way from the player to distinguish an
> eyeball from a camera, then all hope is lost.  (Assume attempts to recognize
> this difference would result in cameras embedded in eyeballs.)  So if these
> disk drives and the hype surrounding them lull content owners into thinking
> that purpose #1 will be served, purpose #2 will instead be served in hours
> or days rather than years.  Of course, after enough iterations of this,
> content owners will wise up or die.
>
> See "The Street Performer Protocol and Digital Copyrights" by John Kelsey
> and Bruce Schneier http://www.firstmonday.dk/issues/issue4_6/kelsey/ for
> more on why such copy protection is impossible, as well some ideas for
> addressing issue number #1 in the face of this.
>
> By contrast, programs and processes are examples of the other important
> media category, "behavioral media".  Behavioral media delivers value to the
> customer by interacting with the customer.  Each time, the interaction's
> value derives from the value of the information which is the media's
> content, but the information revealed by the interaction is generally not
> adequate to reverse engineer the media's content.  For example, if you play
> chess or a video game, or use a symbolic algebra package, and you record all
> the information passing between you and the program with full fidelity, this
> doesn't help much in recreating the program itself.
>
> Of course, you can proxy interactions from others to the program itself --
> be a man in the middle -- but if the program charges per-use and not
> per-copy, then the program owner's revenue isn't in the least threatened.
> This model, and how to accomplish it securely is explained at
> http://www.agorics.com/agoricpapers/aos/aos.6.html .  (Although I've said
> publicly that I no longer advocate opaque boxes, my advocacy and preferences
> are besides the point of this note.  Here we need to understand only
> technological possibility and inevitability.)  For this kind of media,
> protected through these measures, there's no way to ensure purpose #2: The
> content is protected through an analog of trade-secret rather than copyright
> or patent.  There is no means to enforce the eventual revelation of this
> content to the public.
>
> The irony of the above contrast is that while the purveyors of the
> protectable kind of media, the software industry, has made enormous strides
> in learning to live post-copyright, in the exploration of open source
> business models, the industries on whose neck the axe is rapidly falling
> know of nothing to do but panic.  As they see no alternative to defending
> copyright, and as they are sitting on many many billions of dollars of
> accounting value in copyrighted works, it seems the only ethical thing they
> can do to serve the interests of their stockholders is to spend billions on
> anyone, like InterTrust or IBM's funny disks, that promise the hope of
> throwing some friction in the path of the inevitable.  They may even be
> right -- the delay bought by this friction may actually be worth the money
> spent on it.  For now.
>
> At some point, when billions of dollars only buys additional hours of
> friction, they will need to start thinking about non-copyright-based
> business models, perhaps along the lines of Street Performer, or perhaps
> along the of the open source models the software industry is pursuing.  In
> the meantime, the money being spent on the impossible has diverted and
> distracted a huge amount of computer security professionals from pursuit of
> the achievable.
>
> Fortunately, it is possible to divide up the "Digital Rights Management"
> (DRM) issue into two parts, the achievable and the impossible.  The sinking
> dinosaurs, by funding the creation of DRM systems, also effectively fund the
> parts of the technology that will be useful in other contexts.  If people
> are interested, I can explain a way to partition DRM to achieve this.
> The "dinosaur" reference isn't a value judgement -- I also feel sorry for
> those dinosaurs.  But though the dinosaurs died, during the transition their
> rotting flesh may have helped feed the early mammals.  (Actually, I have no
> idea.  But it is a vivid image.)
>
>
> > The content manufacturers and the disk drive makers are formulating a new
> > contract with the viewing public.
>
> This is indeed a Smart Contract, in the sense that Nick Szabo and the E
> project use the term -- it's a contract "written" in the behavior of an
> automated enforcement mechanism.  However, a key component of contracts is
> enforceability.  Only once we understand what terms are enforceable in this
> new medium will we understand what kinds of contract we can successfully 
> write.
>
>
> > If the content providers have concluded that
> > copyright provides inadequate protection, they are certainly free to devise
> > other means. However, they should not be simultaneously entitled to claim
> > the benefit of copyright for their works.
>
> To address this, we must first resolve a terminological ambiguity: Would you
> say that technologically enforced copy protection is really just "copyright"
> in a new medium, or is it "other means"?  If content owners only engage in
> technological means without legacy-legal backing, are they "claiming the
> benefits of copyright" or giving up on those benefits?
>
> Given the trans-jurisdictional nature of the Internet and the identity
> hiding power of crypto and mix-networks, when the law goes against the logic
> of technological enforceability, it will still be able to prohibit, but no
> longer to inhibit.
>
>
>         Cheers,
>         --MarkM



For archives see: http://www.interesting-people.org/