Today's links
The new DRM-breaking exemptions just dropped (permalink)
The DMCA was signed into law by Bill Clinton in 1998. It has a weird history. Its inception came from Bruce Lehmann, Microsoft's chief copyright enforcer, whom Clinton tapped to serve as his Copyright Czar. This was back in the "Information Superhighway" days, when Al Gore was holding hearings on the demilitarization and commercialization of the internet. Lehmann presented Gore with a proposal that was so utterly bonkers that it made subsequent net.lunacy ("series of tubes," etc) look reasonable by comparison.
https://www.eff.org/files/filenode/DMCA/ntia_dmca_white_paper.pdf
Among other things, Lehmann wanted copyright licenses for every transient copy of every work that passed through a computer or network. Like, a separate license for RAM, hard-drive cache, framebuffer, network buffer, etc etc. Gore laughed him out of the room.
So Lehmann scurried off to Geneva, where he convinced the World Intellectual Property Org to put his batshittery into a global treaty, the WIPO Copyright Treaty (one half of the "Internet Treaties", along with the Phonograms and Performers Treaty).
(Not for nothing that I call WIPO "the Mordor of stupid copyright policies" – they are the origin node for practically every destructive and evidence-free internet regulation in the world).
That was in 1996. Then Lehmann raced back across the ocean to DC, where he – along with Clinton — convinced Congress that now they had a UN treaty obligation to enact the policies he'd failed to convince them of back in 1995. By 1998, we had the DMCA.
The DMCA is a big, gnarly hairball of a law, encompassing many provisions, notably the "notice-and-takedown" system (§512), and most significantly, the "anti-circumvention" rules (§1201).
DMCA1201 is a rule that prohibits bypassing a "technological protection measure" (AKA DRM) that "controls access" to a copyrighted work. It's got teeth: trafficking in a "circumvention device" carries a $500,000 fine and a 5-year sentence…for a first offense.
Most importantly, though: DMCA1201 doesn't tie violations to acts of copyright infringement. That means that if you own a device, and you alter it to bypass a TPM, you are violating DMCA1201 – even if no act of copyright infringement ever takes place.
This wasn't an accidental omission. The entertainment industry – who paid handsomely to get DMCA1201 enacted – didn't want to ban violations of copyright law; they wanted to ban violations of their commercial plans. They had lost two important fights in the previous decades – over home taping and VCRs – and they wanted to rig the rules so they'd win their future battles.
With VCRs and home taping, the movie and record industries had argued that these fair uses should be prohibited because they wanted to sell you the TV shows you recorded off cable, and cassette tape versions of the LPs you'd bought. Even though copyright law permitted those activities, they were detrimental to the shareholders' interests. They wanted DMCA 1201 to act as a "felony contempt of business model" (to quote Jay Freeman) standard – a law that banned doing things they didn't like, rather than things Congress had passed laws against.
In the early years of the DMCA, this was used as a petty grift – say, banning region-free DVD players (it's not a copyright violation to buy a DVD in India and watch it in America!). But critics of the DMCA warned that as every device got a computer in it, manufacturers would start to add DRM to their products, just enough to trigger DMCA1201. Then they could design their products so that you had to break DRM to use them in ways their shareholders didn't like. Those uses would be legal, but breaking DRM isn't, so any activity that benefited you, the owner of a product, at the expense of the manufacturer, would become a literal crime. A felony!
As a sop to those critics, Congress added a fig-leaf: it instructed the Copyright Office to hold hearings every three years, where the public could petition for exemptions to DMCA1201. The Copyright Office could grant these exemptions, and then the public could break DRM without risking DMCA prosecution.
This is obviously a cumbersome and absurd process! Having to ask an administrative agency to modify your own property so you can use it in absolutely legal ways is a frankly bizarre idea.
But it gets worse. Congress gave the Copyright Office the power to grant use exemptions to DMCA1201, but it did not grant tool exemptions. That is, the Copyright Office might allow you to jailbreak your Iphone, but they weren't going to let anyone give you a jailbreaking tool – even publishing instructions about how to make that tool was still banned. Hell, even publishing technical information that might help make those instructions (such as the nature of a defect in a DRM system) was still banned.
This surreal rule started in America, but it was swiftly replicated around the world by the US Trade Rep, who arm-twisted virtually every country on Earth into adopting their own version of DMCA1201. It came to Europe in 2001, through the EUCD, specifically Article 6.
After the EUCD was passed, each EU member-state had to enact it. What's more, EU trading partners like Norway – not an EU member, but bound to abide by EU laws – had to turn EUCD into national law, too. I went to Norway for the debates on EUCD adoption, and debated the minister responsible for it.
He praised the reasonable public protections in Norway's EUCD rules. Specifically, he was very proud that Norway's law allowed visually impaired people to bypass ebook DRM so they could run ebooks through a text-to-speech engine.
But when I pressed him on this, he admitted that the Norwegian rule didn't include a tools provision. In other word, each blind person in Norway was expected to reverse-engineer any ebook DRM in their way. Each blind person would have to locate a defect in the DRM, write an exploit for it, and liberate their ebooks. A blind person who shared any of the discoveries that helped them make their jailbreaking tools – or the tools themselves – would still be in violation of the law.
As I drew him out on this, the absurdity hit home for the audience, who chuckled uncomfortably. An exemption to a law that is only available if you are a master reverse-engineer is meaningless.
Back to USA, circa 2021. The US Copyright Office just dropped its latest round of DMCA1201 exemptions Included in those exemptions: the right of blind people to break ebook DRM to make the books accessible to them.
On its face, this exemption is a mere ornament – there's not much overlap between Americans with print-disabilities and master reverse-engineers. The reality is a little gnarlier, because all DRM has been broken and a little diligent searching will turn up jailbreaking tools for all ebook locks, from Kindle to Adobe and beyond. If you are blind, this exemption allows you to download and use these tools without risking legal sanction – though the person who supplied you with the tool can still go to prison for 5 years for letting you download it.
So the volunteers and nonprofit employees who worked their guts out to get this exemption passed weren't wasting their time. They did something good and just and important and deserve to feel proud of themselves.
And they deserve our sympathy, because the Copyright Office managed to kick them in the teeth even as it grudgingly granted this exemption. As Damon Beres writes for Wired, the Copyright Office denied a petition to make the exemption permanent.
https://www.wired.com/story/ebooks-drm-blind-accessibility-dmca/
That means that, every three years, these same volunteers and staffers will have to use their precious time to fight for this commonsense exemption. More importantly, it means they won't be able to use that time to produce cogent, evidence-based cases for more exemptions to benefit people with disabilities, including print-disabled people who aren't blind. Ebook DRM isn't just a problem for visual impairments – people with dyslexia, people who are paralyzed or missing limbs or have coordination and muscular impairments can all struggle with the arbitrary limitations of DRM.
The triennial exemption hearings are frustrating for all concerned. Many Library of Congress/Copyright Office staffers (even lawyers!) have privately expressed their outrage over the statutory limitations of the triennials to me. Congress should fix this idiotic, symbolic kabuki and replace it with a better system.
They could start by issuing a blanket exemption for all circumvention that doesn't result in a copyright infringement, and for all the tools needed to effect those circumventions. If you buy a gadget, you should be able to decide how it works, and you should be able to ask other people to help you make it do what you want. You bought it, it's yours. Period.
That point was made in a submission to the Copyright Office by the leaders of the National Telecommunications and Information Administration. The letter tells the Copyright Office that it has a duty to authorize tools as well as uses.
https://cdn.loc.gov/copyright/1201/2021/2021_NTIA_DMCA_Letter.pdf
"NTIA recommends expansion of the current exemption to include circumvention of [technical protection measures] (TPM) for the diagnosis, maintenance, and repair of all software-enabled devices, machines, and systems for lawful modification that is necessary for a repair or maintenance, and for modifications of software regarding the functionality of a device…
"NTIA also recommends that the Librarian specify that the exemption permits these activities to be carried out with the assistance of third parties."
Writing for Motherboard, Matthew Gault gets to the heart of the matter: "TPMs have become so ubiquitous that device manufacturers are building a future where no one can do any kind of basic repair of their own stuff without violating the law.'
https://www.vice.com/en/article/5dgzza/federal-telecom-agency-wants-broader-exemptions-to-the-dmca
As you can see, the Right to Repair is a wedge issue on DRM-breaking. Existing R2R proposals have tried to avoid getting mired in DMCA debates by requiring manufacturers to provide independent repair techs with tools to remove DRM without circumventing it. But with R2R on Biden's agenda and with orders likely to come down from the FTC and other agencies, the DMCA is finally in R2R's crosshairs. It's fine for manufacturers to be required to provide technical know-how to independent technicians, but technicians shouldn't have to rely on this. They should be able to make, share and sell their own tools.
Ironically, R2R is one of the few areas where Copyright Office exemptions can (sometimes) make a real difference. The Copyright Office can grant an exemption allowing circumvention for the purposes of building a diagnostic tool (say, by jailbreaking the encrypted diagnostic codes that a car's computers generate). When that happens, a diagnostic tool maker can reverse-engineer a car, figure out how to interpret its diagnostic messages, and then sell a new tool that does that interpretation, without having to circumvent. Since that new tool isn't a "circumvention device" it is legal to make and sell.
The triennial Copyright Office hearings aren't a waste of time. They can produce tangible benefits. They can also produce intangible benefits: an evidentiary record in which a federal agency admits that Congress's law is getting in the way of legit activity.
But it's important that we remember that while the Copyright Office can document problems with the law, the exemptions process gives them almost no leeway to fix those problems. That's something only Congress or the courts can do. When we win an exemption, the victory is in the form of another piece of official evidence to throw at Congress – it's not (much of) a victory for the people whose problems gave rise to the exemptions.
Without reform, this problem will only get worse. My 2019 novella "Unauthorized Bread" is an only lightly fictionalized account of how these rules can end up touching every part of your life, from your dishwasher and toaster to your immigration status:
All of science gets a general index (permalink)
It's hard to overstate what a scam academic and scientific publishing is. It's run by an oligopoly of wildly profitable companies that coerce academics into working for free for them, and then sell the product of their labors back to the academics' employers (often public institutions) for eye-popping sums.
Here's how that works: a publicly funded researcher (often working for a public institution) does some research. In order to progress up the career ladder and secure more funding, they need to publish their research in a prestigious journal. That journal asks other publicly funded researchers (chosen by a volunteer editorial board of publicly funded researchers) to peer-review and edit the paper. If the paper is selected for publication, the researcher signs over their copyright in it – life plus 70 years – to the journal, for free.
Then, the sales department of the journal pays a call on institutions that pays the salaries of the paper's authors. They offer a "subscription" to the journal – that is, access to a database that costs almost nothing to maintain – that can cost tens of thousands of dollars per year. Journal subscriptions have experienced rapid, sustained price inflation for decades.
If someone at that institution were to share the paper their colleague produced in the next lab over, they'd be committing copyright infringement – because their colleague had to give their copyright away to the publisher as a condition of publication, which is, in turn, a condition of career advancement.
This is chokepoint capitalism at its finest: publishers' primary "asset" is a legally defensible barrier between academics and their career prospects, so it can coerce them into accepting all kinds of abusive conduct.
But as bad as it is that billion-dollar multinationals are extracting huge, parasitic rents from our publicly funded knowledge-creation system, that's really just the tip of the iceberg. The real harms come from what this does to science and scholarship. Locking up all those papers means that researchers who aren't affiliated with wealthy institutions are denied access to the raw materials of study and experimentation. (Naturally, this problem is most keenly felt in the Global South, which means that scientists and scholars in poor countries are denied access to the materials that might help them alleviate the scourges of poverty).
Just as bad is the problem of the study of knowledge itself – the kind of textual analysis that can reveal holes, biases and defects in our research programs. Large-scale text-mining is essential to this kind of work, especially when it comes to fighting corruption in science.
Back when Aaron Swartz was at Stanford, he used his access to the digital law library to do text-mining that showed that when law schools got money from fossil fuel giants, their scholars produced papers that exonerated carbon barons from liability for climate change.
No one knows what Aaron was doing when he downloaded millions of papers from MIT – an act that resulted in his malicious prosecution, leading to his eventual suicide. But many of Aaron's friends suspect he was in the early stages of a similar project.
Aaron's was not the first researcher with a great idea for text-mining analysis, and he won't be the last. And the next Aaron will have a much easier time of it.
That's because Carl Malamud has just released "The General Index" – a full-text-searchable index of 100,000,000 scientific articles.
https://archive.org/details/GeneralIndex
The catalog contains 355 billion words, and returns five-word snippets (firmly within fair use's boundaries) and citations in response to queries. It's publicly available for all to mine and search.
https://www.nature.com/articles/d41586-021-02895-8
It's the latest in a series of breathtaking open knowledge efforts from Malamud, who was a frequent collaborator of Aaron's.
And it's part of a wider movement to free up access to scientific and scholarly knowledge by any means necessary, from wildcat efforts like Sci-Hub to the campaign to end vaccine apartheid:
https://pluralistic.net/2021/05/25/the-other-shoe-drops/#quid-pro-quo
Europe's trustbusters lose the plot (permalink)
Last year, the EU introduced the Digital Services Act as part of a package of anti-monopoly measures aimed at US-based Big Tech. EU regulators could lead here, since – unlike US regulators – they don't have to worry about Big Tech as a source of national "soft power."
That's why the EU gave us the GDPR, a serious and far-reaching privacy law. Unfortunately, the GDPR has been hamstrung by its enforcement problems. Under the GDPR, enforcement is delegated to each country's Information Commissioner's Office (ICO). The US Big Tech companies all fly Irish flags of convenience, and in return the Irish state bends over backwards to help them. It's not just maintaining the fiction that Big Tech's billions are floating in untaxable, international waters somewhere in the Irish Sea, either.
As far as I can tell, the Irish ICO doesn't even put on pants in the morning. They just sit around in their pajamas, eating breakfast cereal and watching cartoons while the enforcement actions against GAFAM pile up on their doorstep.
https://pluralistic.net/2021/06/16/inside-the-clock-tower/#inference
With the DSA, the EU had a chance to take another hack at reducing US Big Tech's corrupting, destructive conduct. The first draft was actually pretty fantastic, creating fairness and transparency obligations that would have really hit Big Tech where it hurt:
But in the months since, the process has been hijacked by the same EU bad-idea-havers that gave us the 2019 Copyright Directive. These people suffer from incredible brain-worms. They are convinced that they can fight bad content by forcing Big Tech to build algorithmic filters that will magically detect and block illegal speech.
This is a fantasy, and a dangerous one. You can't fix Europe's technological problems by subjecting every European's online life to the opaque, instantaneous judgments of American companies' black-box "AI" filters.
https://www.eff.org/deeplinks/2021/10/europes-digital-services-act-collision-course-human-rights-0
These systems make speech disappear in an instant, and then send the censored to the back of an appeals queue that can stretch for weeks, or months, or years:
https://pluralistic.net/2020/05/17/cheap-truthers/#robot-sez-no
They're not cheap, either! Google's Content ID filter – falsely billed as keeping Youtube free of copyright infringement – has cost $100m so far, and the bill is still mounting. Putting an obligation on all tech companies to build these filters will wipe out the entire EU tech sector and leave five or six US companies to rule Europe's digital future.
Apologists for the latest DSA proposals will say they're not requiring filters per se. They're just ordering tech companies to block all illegal speech, and any speech that resembles previously identified illegal speech. That's the same argument they made about the Copyright Directive, only admitting that filters were always the plan after the vote went through.
These new proposals will hold companies liable for their users' speech if they act as "active platforms." An "active platform" is one that categorizes, sorts, analyzes or otherwise manages its users' communication. Punishing companies for being "active" is no way to fight illegal content. Finding and removing illegal content requires that you first analyze and categorize it!
All of this runs counter to EU law and principle. The GDPR, for all its flaws, bans subjecting people to "automated decision-making" without their consent. The foundational EU internet rules, the E-Commerce Directive, requires all content-removal rules to comply with "observance of the principle of freedom of expression."
Europe can still save the DSA and with it, its citizens' free expression rights, and its nations' digital autonomy from US platforms. The EU could balance content removal with speech and privacy rights. It could make the appeals process for the censored co-equal with the process by which content is removed. It could give platforms a reasonable timeframe to assess takedown demands. It could ban algorthmic filters, rather than requiring them. It could nurture – rather than exterminate – small, European platforms, by requiring big US companies to interoperate with them.
If it fails, the risk goes beyond Europe. We've seen how bad internet laws reproduce themselves, and especially how autocratic states use these rules to justify their own internet censorship and surveillance regimes. If Europe legitimizes the filternet, it will be a signal to the world's tyrants that they should try their hands at it, too.
This day in history (permalink)
#20yrsago RIAA claims it never compared downloading to terrorism, demands apology https://web.archive.org/web/20011102032429/http://www.mp3newswire.net/stories/2001/openriaa.html
#15yrsago Going Under: moving kids’ novel https://memex.craphound.com/2006/10/26/going-under-moving-kids-novel/
#10yrsago Toronto mayor confronted by comedy interviewer calls 911, reportedly shouts “You bitches! Don’t you fucking know? I’m Rob fucking Ford, the mayor of this city! https://www.joeydevilla.com/2011/10/27/im-rob-fucking-ford-or-the-mayor-the-ambush-and-the-911-call/
#10yrsago SOPA: US House of Reps copyright bill proposes national censorship, attacks on hosting services, Twitter, YouTube https://www.eff.org/deeplinks/2011/10/disastrous-ip-legislation-back-%E2%80%93-and-it%E2%80%99s-worse-ever
#10yrsago Canon of St Paul’s resigns over plans to evict Occupy London https://www.theguardian.com/world/2011/oct/27/giles-fraser-st-pauls-profile
#5yrsago UK MPs realise that age filtering won’t work so now they just want to block all porn in the UK https://www.openrightsgroup.org/blog/now-we-want-censorship-the-digital-economy-bill-is-running-out-of-control/
#5yrsago The Pirate Party are poised to form Iceland’s government in Saturday’s election https://qz.com/817784/icelands-pirate-party-looks-likely-to-take-the-countrys-general-election-on-oct-29/
#1yrago Comcast v Comcast https://pluralistic.net/2020/10/27/peads-r-us/#diseconomies-of-scale
#1yrago Monopolies Suck https://pluralistic.net/2020/10/27/peads-r-us/#sally-hubbard
#1yrago The president's extraordinary powers https://pluralistic.net/2020/10/27/peads-r-us/#peads
Today's top sources: Slashdot (https://slashdot.org/).
Currently writing:
- Spill, a Little Brother short story about pipeline protests. Yesterday's progress: 292 words (27046 words total)
-
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. Yesterday's progress: 1120 words (30361 words total).
-
A Little Brother short story about remote invigilation. PLANNING
-
A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS
-
A post-GND utopian novel, "The Lost Cause." FINISHED
-
A cyberpunk noir thriller novel, "Red Team Blues." FINISHED
Currently reading: Analogia by George Dyson.
Latest podcast: Breaking In https://craphound.com/news/2021/09/26/breaking-in-fixed/
Upcoming appearances:
Recent appearances:
Latest book:
Upcoming books:
- The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022
This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
https://mamot.fr/web/accounts/303320
Medium (no ads, paywalled):
(Latest Medium column: "The Traitorous Eight and the Battle of Germanium Valley," How California's ban on non-competes saved the tech industry from eugenics. https://medium.com/@doctorow/a-the-traitorous-eight-and-the-battle-of-germanium-valley-86c455967d43)
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
Like this:
Like Loading...
from Hacker News https://ift.tt/2XUOVsb
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.