*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ THE COMPUTER LAW REPORT *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ October 20, 1995 [#12] ===================================== GENERAL INFO: The Computer Law Report is distributed (usually) weekly for free and is prepared by William S. Galkin, Esq. The Report is designed specifically for the non-lawyer. To subscribe, send e-mail to galkin@aol.com. All information contained in The Computer Law Report is for the benefit of the recipients, and should not be relied on or considered as legal advice. Copyright 1995 by William S. Galkin. ===================================== ABOUT THE AUTHOR: Mr. Galkin is an attorney in private practice in Owings Mills, Maryland (which is a suburb of Baltimore), and he is also an adjunct professor of Computer Law at the University of Maryland School of Law. Mr. Galkin has concentrated his private practice in the Computer Law area since 1986. He represents small startup, midsized and large companies, across the U.S. and internationally, dealing with a wide range of legal issues associated with computers and technology, such as developing, marketing and protecting software, purchasing and selling complex computer systems, and launching and operating a variety of online business ventures. He also enjoys writing about computer law issues! ===> Mr. Galkin is available for consultation with individuals and companies, wherever located, and can be reached as follows: E-MAIL: galkin@aol.com/TELEPHONE: 410-356-8853/FAX: 410-356-8804/MAIL: 10451 Mill Run Circle, Suite 400, Owings Mills, Maryland 21117 ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^ Articles in The Report are available to be published as columns in both print and electronic publications. Please contact Mr. Galkin for the terms of such usage. ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ EXTINCTION OF THE DIGITAL LOCK PICKER? *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ [This is the second of a series of articles discussing recommendations made in the report issued September 5, 1995 by President Clinton's Information Infrastructure Task Force. The report is entitled "Intellectual Property and the National Information Infrastructure," and is commonly referred to as the White Paper. The previous article was entitled "Stopping the Altruistic Infringer" and dealt with recommendations for criminalizing infringement activities where there is no profit motive.] Infringement is the mortal enemy of the Information Highway. A "highway" robber, a blood-thirsty terrorist, lying in wait to pillage an unsuspecting victim vulnerable to unauthorized duplication and mass distribution. However, the destructive infringer is a relatively new concern on the Internet. A robber can thrive only where there is something of value to be stolen. In the "old" days of the Internet, there was nothing of "value". Most information was there for the taking - the more taking, the merrier everyone was. Not any more. The future of much of the Internet is as a free enterprise zone. Commercial enterprise cannot develop if the environment is not secured from theft. Enter the White Paper, and its recommendation to prohibit devices that are designed to break through technological security systems. The White Paper recommends that a new chapter be added to the U.S. Copyright Act which would "prohibit the importation, manufacture or distribution of any device, product or component incorporated into a device or product, or the provision of any service, the primary purpose or effect of which is to avoid, bypass, remove, deactivate, or otherwise circumvent, without authority of the copyright owner or the law, any process, treatment, mechanism or system which prevents or inhibits the violation of any of the exclusive rights under [the Copyright Act]." Under the current law, established by several prominent cases, a company is free to develop a device which can be used to infringe another's copyright as long as the device has a substantial legitimate use. In one case (Vault Corp. v Quaid Software, Ltd.), a company developed a software program (RAMKEY) specifically designed to break through copy protection software. The court held that this did not constitute contributory infringement (that is, assisting others to unlawfully duplicate software), because this software has a lawful purpose. Under the copyright law, a person is permitted to make one backup copy of software, which is to be used only if the original copy is destroyed or damaged. Therefore, the lawful use of this lock-breaking program is to assist others to make backup copies. The court in Vault was not bothered by the fact that RAMKEY's primary purpose may have been to indeed assist others in producing unlawful copies. The Supreme Court in Sony Corp. of America v. Universal City Studios, Inc. reached a similar result. The owners of motion picture and television programs sued Sony claiming that production of VCR's was an unlawful act of contributory infringement. They claimed consumers used VCR's to make infringing copies of the programs. The court held that as long as the device is capable of substantial noninfringing uses, then the manufacturer has no liability, even if the primary use is one of infringement. Therefore, VCR's can be marketed since VCR's can be used in homes in a permitted way (for example, taping a show to watch later). How bleak would the world be today if the Supreme Court ruled otherwise, and there were no VCR's? The White Paper points out some other areas where prohibitions similar to the one suggested are already in effect. For example, Congress enacted the Audio Home Recording Act of 1992, which combined legal and technological protection for sound recordings. The Audio Home Recording Act requires a serial copy management system in all digital audio recording devices and digital audio interface devices imported, manufactured or distributed in the United States. Such a system allows unlimited first generation digital copying of sound recordings, but prevents the making of digital copies from copies. The Act prohibits the importation, manufacture or distribution of any device, or the offering or performance of any service, the primary purpose of which is to circumvent any program or circuit which implements a serial copy management system. However, it is disingenuous to compare the proposed prohibitions with the Audio Home Recording Act. The proposed prohibitions are potentially very broad in scope and application, whereas the prohibition of disabling a specific device (a serial copy management system), which is only found in digital sound duplicating devices, is extremely narrow and well-defined. Some commentators feel that the White Paper's recommendation is dangerously vague. Perhaps, under its terms, merely having a conversation about decryption algorithms would be illegal. What about decryption by police for the purpose of arresting criminals? How are manufacturers and distributors to determine what the primary purpose of the device is, where is it used for both illegitimate and legitimate purposes. What if the primary use changes over time? Accordingly, the direction that this proposal should take in order to address this vagueness is to focus on the purpose of the decryption, as opposed to the decryption itself. Concern has also been expressed that this provision would inhibit fair use, because activities that would qualify as fair use could be blocked by anti-access devices for which there is no available breaking device available. The same concerns would apply to the inability of accessing copy-protected works which are in the public domain, and therefore, not protected by the copyright laws at all. Additionally, reverse engineering, which in many cases is permissible, and which significantly contributes to the development of technology, could be severely inhibited.The White Paper answers these concerns by stating that (1) copyright owners have no obligation to allow for fair use and (2) if a device is primarily used for lawful purposes, then it would be available for use. In summary, the White Paper is correct that technological security protections are necessary and should be bolstered by legal consequences. Nevertheless, the proposal as currently formulated needs to be reconsidered because it could have the extremely negative result of limiting access to valuable information that should be freely accessed.