The following text is copyright 2000 by Network World, permission is hearby given for reproduction, as long as attribution is given and this notice is included.

Ignorance is bliss

By Scott Bradner

The U.S. court system is beginning to enforce one of the more controversial provisions of the recent copyright protection legislation. It is far from clear that the organizations which pushed for the inclusion of this provision will not ultimately be badly hurt by its enforcement.

The Digital Millennium Copyright Act, signed into law by President Clinton on October 28th, 1998, (available at prohibits "any technology, product, service, device, component, or part thereof, that ... is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner." Two weeks ago two U.S. judges, one in New York and the other in California, ruled within a day of each other that web sites posting copies of the DeCSS software, designed to circumvent the copy protection of DVDs, violated the Digital Millennium Copyright Act.

Material on DVDs is encrypted to try to prevent unauthorized copying. The encryption that was chosen is not all that good and most observers felt it was only a matter of time before someone would figure out how to break it. In fact, the encryption was so poor that many legal scholars assumed that the DVD people were trying to set up a "low curb protection" -- i.e. that the encryption was only there to force a user to take an explicit action to circumvent it, not to give actual protection. This might make it easier to prosecute violators. (There might even be an argument that DeCSS did not violate the Act because the Act refers to "effectively protecting" the rights of a copyright holder and the DVD encryption could be said to not do that.)

But if this prohibition is carried to its logical extreme the Act will outlaw the software that cryptographic researchers use to figure out if encryption algorithms are any good. Without this kind of testing copyright holders might just pick an encryption algorithm that is even weaker than the current DVD one to try to protect even more valuable content. You not knowing that your protection is weak will not prevent others from finding out.

Note also that the Act only covers the U.S. Since the DeCSS program was written outside of the U.S. it is not directly subject to it. The U.S. courts may be able to prevent U.S. based web sites from knowingly making it available but there will always be plenty of non-U.S. sites where it will remain available and it will get posted periodically to newsgroups that will automatically distribute it to millions of U.S. Internet users.

Since any U.S.-based prohibition is likely to be largely ineffectual and will not effect the piracy factories where most of the illicit copies are made, might it be that the copyright industry is just trying to add yet another small legal curb that can be pointed at when they take some teenager to court over an extra copy of Austin Powers?

disclaimer: The title phrase & Harvard University do not belong on the same page so the above must be my own opinion.