FC: CBDTPA bans everything from two-line BASIC programs to PCs

[InfoSec News <isn () c4i org>]

Forwarded from: Jei <jei () cc hut fi>

---------- Forwarded message ----------
Date: Mon, 25 Mar 2002 23:00:02 -0500
From: Declan McCullagh <declan () well com>
To: politech () politechbot com
Subject: FC: CBDTPA bans everything from two-line BASIC programs to PCs

Just in case folks haven't figured out how sweeping the Hollings-Feinstein 
bill, aka CBDTPA is, well, keep reading.

The CBDTPA says that if I were to write and sell this BASIC program...

10 INPUT A$
20 PRINT A$

...after the regulations take effect, I would be guilty of a federal
felony. That's up to five years in prison and up to a $500,000 fine.  
Distributing my two-line application without charging for it, either
via handing out floppies or by posting it on a website would be at
least a civil offense and, depending on the circumstances, a crime as
well.

It's no joke. CBDTPA regulates "any hardware or software that
reproduces copyrighted works in digital form." My program above does
that, especially if my BASIC interpreter permits arbitrarily long
strings.

The business end of the CBDTPA says that "a manufacturer, importer, or
seller" of such software cannot "sell, or offer for sale, in
interstate commerce, or cause to be transported in, or in a manner
affecting, interstate commerce" their code unless it "includes and
utilizes standard security technologies that adhere to the security
system standards adopted under section 3."

The FCC gets to invent those. But I can't see how my two-line program
is going to incorporate such standards. If I'm using C, must I
"#include <sys/copycheck.h>?" In Perl, will I "use Parse::DRMVerify?"
If so, who at the FCC will ensure that these modules are available for
the languages I'm using? (It is true that folks at the FCC are smarter
than the folks in Congress, though that is not saying much. FCC staff
will try to make the standards workable. But the CBDTPA gives them --
and the public -- precious little wiggle room.)

By design, programming languages are terribly flexible. The only way
to prevent software from removing do-not-copy bits from digital
content would be for Congress to ban the programmable PC. And replace
it, perhaps, with WebTV television-top boxes.

In case you're curious, the felony penalties kick in when you try to
sell your post-ban BASIC program -- not to mention any commercial
software -- and perhaps even if you're a free software developer
hoping to gain reputation capital from your code.

They say that violators "shall be fined not more than $500,000 or
imprisoned for not more than 5 years, or both, for the first offense;
and shall be fined not more than $1,000,000 or imprisoned for not more
than 10 years, or both, for any subsequent offense."  
(http://www4.law.cornell.edu/uscode/17/1204.html)

Yes, this is silly. No, it is probably (I hope) not what senators
Hollings and Feinstein and their colleagues intended. Yet it is what
the text of the bill says. And this is after the good senators had
seven months of correspodnence from computer scientists and industry
representatives worried about the scope of the legislation after it
was widely circulated in August 2001.

Don't believe me? Read it for yourself:

Text of CBDTPA:
http://www.politechbot.com/docs/cbdtpa/

Politech archive on the CBDTPA:
http://www.politechbot.com/cgi-bin/politech.cgi?name=cbdtpa

-Declan


-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Politech dinner in SF on 4/16: http://www.politechbot.com/events/cfp2002/
-------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.