Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

No trade secret status for DeCSS

From: InfoSec News <isn () c4i org>
Date: Mon, 1 Mar 2004 05:03:01 -0600 (CST)
Forwarded from: Marjorie Simmons <lawyer () carpereslegalis com>

The following is an observation -- not legal advice.  It pertains to
infosec in an evidentiary way because of logs.  Or rather, in this
case, no logs.

Court opinion at:
http://www.courtinfo.ca.gov/opinions/documents/H021153A.PDF

On Feb 27, 04, the California Court of Appeal (6th dist.)  reversed
the order granting a preliminary injunction to DVDCCA in the trade
secret case DVD Copy Control Assn.  Inc., v. Andrew Bunner, H021153 /
CV786804. The court's opinion as rendered is a straightforward trade
secret analysis. By the numbers, to colloquialize.

Note the opinion covers trade secret matters, not copyright, and is
based upon the appellate record filed in that court. It is not a final
adjudication on the merits, thus the ultimate determination of trade
secret status and misappropriation would be subject to proof to be
presented at trial. However, the court found that DVDCCA was not
likely to succeed in its trade secret claim on the merits. (That's a
big red flag for the lower courts.)

Also, the case was brought under California State law -- that state's
Trade Secrets Act and its specific provisions. The states each differ
in their similar laws.  An intelligent and well-reasoned opinion, I'd
say, overall.  On remand to the lower court, the DVDCCA's claim for
its intellectual property right remains.

<Opinion Excerpts>

"According to DVD CCA, DeCSS incorporates trade secret information
that was obtained by reverse engineering CSS in breach of a license
agreement.

. . . 

[T]he test for a trade secret is whether the matter sought to be
protected is information
  
  (1) that is valuable because it is unknown to others and 
  (2) that the owner has attempted to keep secret. 

. . .

[In] order to qualify as a trade secret, the information must be
secret, and must not be of public knowledge or of a general knowledge
in the trade or business.

. . .

Publication on the Internet does not necessarily destroy the secret if
the publication is sufficiently obscure or transient or otherwise
limited so that it does not become generally known to the relevant
people, i.e., potential competitors or other persons to whom the
information would have some economic value.

. . .

[Here], the secrecy element becomes important at two points.  First,
if the allegedly proprietary information contained in DeCSS was
already public knowledge when Bunner posted the program to his Web
site, Bunner could not be liable for misappropriation by republishing
it because he would not have been disclosing a trade secret. Second,
even if the information was not generally known when Bunner posted it,
if it had become public knowledge by the time the trial court granted
the preliminary injunction, the injunction (which only prohibits
disclosure) would have been improper because DVD CCA could not have
demonstrated interim harm.

. . .

Bunner first became aware of DeCSS on or around October 26, 1999. But
there is no evidence as to when he actually posted it.

 . . . 

[A]ssuming the information was originally acquired by improper means,
it does not necessarily follow that once the information became
publicly available that everyone else would be liable under the trade
secret laws for re- publishing it simply because they knew about its
unethical origins. In a case that receives widespread publicity, just
about anyone who becomes aware of the contested information would also
know that it was allegedly created by improper means. Under DVD CCA's
construction of the law, in such a case the general public could
theoretically be liable for misappropriation simply by disclosing it
to someone else. This is not what trade secret law is designed to do.

. . .

*** It is important *** [emphasis mine] to point out that we do not
assume that the alleged trade secrets contained in DeCSS became part
of the public domain simply by having been published on the Internet.
Rather, the evidence demonstrates that in this case, the initial
publication was quickly and widely republished to an eager audience so
that DeCSS and the trade secrets it contained rapidly became available
to anyone interested in obtaining them.  Further, the record contains
no evidence as to when in the course of the initial distribution of
the offending program Bunner posted it.  Thus, DVD CCA has not shown a
likelihood that it will prevail on the merits of its claim of
misappropriation against Bunner.

. . .

[T]he preliminary injunction prohibiting disclosure was intended to
protect the trade secret. Therefore, even if Bunner was liable for
misappropriation, if the information had since become generally known,
a preliminary injunction prohibiting disclosure would have done
nothing to protect the secret because the secret would have ceased to
exist. Further, assuming that an injunction against the use of
information could be justified, we can conceive of no possible
justification for an injunction against the disclosure of information
if the information were already public knowledge.

. . .

[The court concurs with the Religious Technology Center v. Netcom
opinion and acknowledges the dualities of the 'Net: ]

     The court is troubled by the notion that any Internet 
     user, . . . can destroy valuable intellectual property 
     rights by posting them over the Internet, especially 
     given the fact that there is little opportunity to 
     screen postings before they are made. . . . Nonetheless, 
     one of the Internet's virtues, that it gives even the 
     poorest individuals the power to publish to millions 
     of readers, can also be a detriment to the value of 
     pintellectual roperty rights. The anonymous (or judgment 
     proof) defendant can permanently destroy valuable trade 
     secrets, leaving no one to hold liable for the 
     misappropriation. 

There is little question that such behavior is unethical and that it
probably violates other laws. But that which is in the public domain
cannot be removed by action of the states under the guise of trade
secret protection."

</Opinion Excerpts>

see also:
http://arstechnica.com/news/posts/1078007042.html
Appeals court rules DeCSS is no longer a trade secret
Ars Technica Newsdesk
Posted 02/28/2004 @ 4:24 PM, by Fred "zAmboni" Locklear

~~~~~
Marjorie Simmons
http://www.carpereslegalis.com
~~~~~



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: