Slashdot Mirror

← Back to Stories (view on slashdot.org)

Preliminary Injunction Issued in DVD CCA Case

Posted by emmett on from the sad-news-for-open-source dept.

jlj writes "Judge Elfving has just issued the preliminary injunction. We're having the opinion faxed over now and we'll have it up on www.opendvd.org ASAP. This has truly been a sad week... but we will keep fighting!" In the word of EFF Attorney Robin Gross, "We're going to need some bigger guns." The judge's official opinion can be found here. This story will be updated as we get information.

4 of 345 comments (clear)

  1. Time for a new strategy by Effugas · · Score: 5

    As much as I love the EFF, having attended the trial I can see why we lost:

    They said their stuff was stolen. We argued that we should be able to get away with it.

    "Their secret wasn't protected enough" "They waited too long" "They knew it'd be broken" "They don't know for sure we got it from Xing" "Maybe they don't really have the right to sue us!"

    Note, we didn't argue some greater good that is served by the taking, nor the harm implied by enforcing a unilateral license agreement upon a captive audience. We didn't claim they had no right to deprive us of rights, hell, we didn't claim a single right at all. This is coming out a hell of alot more bitter than it should, but I think this loss will make us stronger in the long run.

    They proved they lost something. We tried to prove...something. I'm not sure.

    Here's my summarization of the plaintiff's case. I'm not going to continue this document, but rather work on something completely different--something that directly addresses just exactly what the DVD CCA is trying to take away from us.

    I'll be honest: I'm not happy with the way this turned out, and if I wasn't so crammed for time(I literally just secured long term housing for myself around 20 hours ago), I wouldn't even post this. But C'est La Vie.

    =====

    DVD Redux: The Plaintiff's Complaints
    =====================================
    A Courtroom Analysis by Dan Kaminsky
    effugas@best.com
    http://www.doxpara.com

    After receiving a rude awakening from the Linux community--and, make no mistake, it's us they're fighting--the DVD Copy Control Association today stepped up their efforts to restrict the further release of the codes necessary to play a CSS-encoded DVD disc. Last time, they walked into court with the presumption of victory on their lips. This time, they fought with far more intensity. But with far more time to prepare, so did we.

    As of the writing of this summary, it remains to be seen who will prevail.

    For sheer lack of time(and because I have no idea if anyone wants me to finish), I will restrict my analysis to the opening case of the plaintiffs.

    The plaintiff's case seemed dedicated to addressing the wounds it received at the TRO(Temporary Restraining Order) hearing. Extensive evidence was offered justifying the claim that the DeCSS code was derived from Xing--a fact not extensively challenged online, but a core doubt raised by the defense at the TRO hearing. Posts on Slashdot were quoted *heavily* by the plaintiffs as an attempt to prove that the Linux community was on notice that it would be illegal to decrypt the video stream.

    Yes, this means that Ye Olde Anonymous Coward has been entered into the court record. Numerous comments from many parties to that discussion, including AC's, that contradicted the plaintiff's case and notified developers of their rights to reverse engineer were however conveniently ignored by the plaintiff. Such examples of distorted reality propped up all throughout the hearing; quite annoying, to say the least.

    At this point, the Plaintiff's case turned truly bizarre. While the DVD CCA fell over itself to say it wasn't actually invoking the Digital Millenium Copyright Act, which may only be invoked in federal court, it made arguments under the act as a means to express and provide a perspective upon the Public Policy of the United States of America and, indeed, the 171 signing nations of the WIPO treaty. The relevance, argued the plaintiffs, was that since California's Uniform Trade Secret Act spoke of improprietity and not unlawfulness, the established public policy of the country should be used as the standard of what is proper and what isn't.

    I must admit, I wasn't aware that playing a DVD qualified as a particularly unamerican activity. It might explain the civil disobedience campaigns(tshirts/contests) that the plaintiffs were so utterly disturbed by, however. Anyway, one wonders about the public policy the courts are supposed to apply when there's absolute consensus outside of Hollywood that individuals should be able to A) Play their own videos, B) Sell their own CDs, and C) Record their own TV Shows while still remaining good, patriotic Americans.

    The case then moved into the International realm. Much noise has been made of the fact that reverse engineering of this type is generally quite legal in Norway, and indeed Europe as a whole. Both sides presented experts on the topic; needless to say, the opinions were not identical. pretty much claiming their expert made a more convincing argument than our expert. The plaintiff's expert, a Norwegian lawyer, claimed that the general law prohibiting unauthorized access to another individual's property, and particularly another person's data, should be applied in this case. On its face, this seems rather strange, since this case is about preventing a person from accessing data contained within their own physical property--the lawfully purchased DVD disc. But that's just my opinion.

    The defendant's expert, claimed the plaintiff, was far more circumspect and wishy-washy, saying in effect that it could go either way and that the issue was undecided in norwegian courts. Since the plaintiff's answer was definitive and the defendant's answer was less so, the former ought to be considered more valid than the latter.

    Returning to the core facts of the case, the plaintiffs reasonably argued that of all the defendants, none had provided an alternative source of the data aside from the Xing rip. Furthermore, the applicable law stated that prevention of *further* disclosure of a fact discovered after the usage to be a trade secret was an acceptable remedy, and since they weren't suing for anything more than such restraint(no damages, real or punitive), an injunction would specify the exact relief the law provided for. Since the defendants were on notice anyway, by both the passage of the DMCA and through "pervasive Slashdot discussions", this wouldn't be a surprising or inappropriate occurance.

    Next, the plaintiff's primary counsel addressed the Linux interoperability argument. Given that a Linux developer would be willing to accept the arguably onerous terms of the CSS license(among which is that no imported DVDs may be playable, and that the source code be heavily closed and encrypted), the DVD CSS would be more than happy, he argued, to provide legal access for Linux users to play DVDs. Since IBM and Intel are both heavily invested in Linux, they argued, the means exists for a Linux DVD license to be signed.

    The plaintiffs then trotted out the obligatory Coca Cola example: McDonalds sells Coke products, but Burger King only sells Pepsi. Just because you want Coke at Burger King, doesn't mean you get to steal the syrup off the truck, or break into Coca Cola headquarters and steal the formula. (I was unaware any DVDs had been stolen at gunpoint from UPS, or that Eric S. Raymond had led a crack commando team into the heart of Santa Clara for Operation LiViD-By-Any-Means-Necessary.) Because of this willingness, stealing the trade secret could not constitute appropriate self-help under the exceptions granted for interoperability. Sony's successes against the emulation community were raised, and the point that there was no fair use of trade secrets was made.

    At that point, a new attorney for the plaintiff came up and began arguing against the EFF's extensive 1st amendment case. The EFF pointed out that the DVD CCA is seeking prior restraint against news sources(Slashdot itself is a named party), and that people merely want their traditional free speech rights to be enforced. Three responses were made: First, that the theft of trade secrets does not constitute a traditional usage of free speech rights. Second, that the defendants were not news sites(Slashdot?), and even if they were, they still couldn't post trade secrets. Finally, that the posting went beyond discussion--actual code was either directly there or being linked to.

    The plaintiffs provided an example of what they'd like the judge to rule. It'd be acceptable to them for the San Jose Mercury News to provide commentary and analysis on the topic of the DVD decryption system, but to actually publish or link to the broken system would be a violation of trade secret law in their eyes. (As the defense later noted, such a linking has already taken place.)

    In an interesting move, the plaintiffs used the Bernstein precedent that code is a form of speech to defend their position: The government was trying to suppress Bernstein's publication of his own encryption code. This is about a judge suppressing 200 John Doe's republication of someone else's encryption code. Of course, that implies that the code being republished was, in fact, someone elses--an access key does not a software product make, particularly when, as Sega v. Accolade decided, stripping the access key from a piece of software is the necessary to make other software interoperable.

    The plaintiffs are continuing to attack even mere linkers--the whole concept of "instant access" to infringing sites scares the DVD CCA. One would think that the downsides of implicating the New York Times(as the defense pointed out) would override the advantages of a bit more protection against spurious links, but perhaps the DVD CCA sees things differently.

    One thing the DVD CCA took particular offense to was the claim that the defendants were, in fact, helping them out by exposing the weakness of their system. They rather reasonably noted that, if the defendants were looking to help the CCA out, they could have sent an email, perhaps a real letter. Selling T-Shirts and running contests wasn't helpful.

    On a sad note, the plaintiff's case concluded with some of the more vitriolic fear mongering and inappropriate references I have seen in quite some time. Beginning by claiming that the defense was trying to dismantle the entire IP system, massive(and rather irrelevant) hacks against military bases funneled through stolen Pac Bell internet account information, as well as the recent CDUniverse credit card scandal, were brought up as what could only be termed as character assassination against the "hackers" of the defense. Then, with the size of the DVD industry paraded in front of the judge as the sole reference to the irreperable economic damage that DeCSS and Linux players must surely create, the plaintiff made the entirely valid point that while the hacker community has embraced DeCSS, LiViD, and other CSS cracking systems, the mainstream has not yet adopted such tools. But what of the harms, should a mainstream that fought bitterly against record "spoiler systems" and has spent the last twenty years making audio mix tapes using their cassette recorders?

    The direct harms that the DVD association brought to bear were summed up in a quote, in which it was stated that without legally backed copy protection, no media format(such as DVD Audio) could ever be good enough for Hollywood. And perhaps this is true. Manufacturing costs, the splurge of spending that accompanies repurchasing of previously owned content, now New And Improved, maybe even the profits from the conflicted interest consumer electronics divisions(Sony) just wouldn't be enough. Without the ability to technologically mandate what the courts would never accept--government enforced regional sale restrictions, arbitrary demands on DVD player manufacturers, a ban on personal backups and "mix DVDs"--perhaps we'd never see the big studios agree to new formats.

    Oh well, I'm off to go play an 8-Track and catch some sleep, secure that they'll never give me a better quality music format for me to play with...

    More next time, if you like.

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com

  2. The solution... a reverse-engineer-CSS HOWTO. by Ami+Ganguli · · Score: 5

    I gather from reading the injunction (IANAL) that there is a big opening: find a country where click-contracts are explicitely invalid. Apparently the judge thinks that the law in Norway is unclear.

    So the obvious thing to do is for somebody with appropriate skills in such a country to reverse-engineer CSS again. Then post a new (indepentant) version of deCSS to a media.

    You would have to have some witnesses who would swear that this effort was independant. You wouldn't be able to use the current CSS as a starting point, but (I think) you could take advantage of the same hole in the Xing player along with information on HOW the original hacker did their magic.

    Maybe the original hacker could create a "reverse-engineer-CSS" HOWTO with tips on technique, but no actual trade-secrets. Then people all over the place could post independant code and each version would require a separate legal challenge.

    --
    It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
  3. A plan for action by Booker · · Score: 5

    Blow by blow from the TRO:


    The circumstantial evidence, available mostly due to the various defendants' inclination to boast
    about their disrespect for the law, is quite compelling on both the issue of Mr. Johansen's improper means and that Defendants' knowledge of impropriety.

    1) Stop taunting the lawyers. It pisses off the judges, and gets you nowhere. Calling the plaintiff's lawyers "cocksuckers" will not get you a sympathetic ear in court. Take a Zen attitude about the whole thing - respect your opponent.


    Defendants make the additional argument that even if Johansen clicked on the license
    agreement, such an agreement contravenes Norwegian law. This Court is not well positioned to
    interpret Norwegian Law, and Defendant's own expert, even if this Court could consider expert
    testimony on a question of legal interpretation, states that the issue has not been conclusively
    decided in Norway. Defendants have not sufficiently supported their argument that the licence agreement, like the one at issue here, would be disallowed by Norwegian Law, although they may at some point be able to do so.

    Defendant stated in passing at the hearing on Preliminary Injunction that issues of
    foreign law are questions of fact, however neither side has provided this Court with argument or
    authority on this point.

    2) Read up on Norwegian law - this may actually provide some credibility to the original act of reverse engineering. A large part of this case boils down to the legality of the reverse engineering, and it's time to get those facts straight.


    However, the Court refuses to issue an injunction against linking to other websites which
    contain the protected materials as such an order is overbroad and extremely burdensome. Links to
    other websites are the mainstay of the Internet and indispensable to its convenient access to the vast world of information. A website owner simply cannot be held responsible for all of the content
    of the sites to which it provides links.

    3) Move your links to point to offshore repositories, for now. We can comply with the restraining order, and still have access to the code. Defiance will not help (see number 1, above).

    Also - offer up the true pirates, those who wish to traffic in stolen, copyrighted material. Those are the people that they'd like to lump us all in with, and it's simply not accurate. It's time to make a clear distinction between the pirates and the programmers.
    ----

  4. Why Geeks Need to Know More About The Law by Carnage4Life · · Score: 5
    • At this point in the proceeding, the harm to the Defendants is truly minimal. They will simply have to remove the trade secret information from their websites... On the other hand, the current and prospective harm to the Plaintiff... will be irreperable
    This is the part that really, really annoys me. What this says is that DVD CCA's right to have their ass covered by the law when they made a booboo and picked a weak encryption scheme, and god forbid it lets make fair use of a recording medium we purchases, is more imporant than our (I am a defendant) right to disseminate information freely.

    Okay here goes....I really can't stand reading slashdot whenever the discussion is about a legal argument because the posts that rave and rant about what geeks think is legal or right get moderated up while constructive argument about our legal position is not. Take the above post for instance...this is a 4 insightful???
    First of all the purpose of an injunction is to prevent harm to a party in a legal dispute by the actions of the other party. This is a similar concept to bail...(i.e. a suspect in a child slaying less likely to get bail than a suspected burglar)... That said there was only one way this injunction could go. All the raving, ranting and spewing of rhetoric in the world cannot change the fact that it costs nothing to link/unlink to DeCSS but the potentially costs MPAA a considerable amount in piracy costs. Before anyone gets their 1st Ammendment flamethrowers out try this analogy on for size

    ...Imagine a situation where a guy just breaks up with his girlfriend and decides to put her phone # on a webpage with descriptions of a sexual nature of the things that they did. She has a right to sue and seek an injunction on him to remove to offending webpage while the case is yet to be tried. Following the arguments of most slashdotters with regards to the injunction (including the above post), the ex-boyfriend's freedom of speech overruns her right to privacy (after all the stories posted on the site are true and the girlfriend's phone number is freely available from the phone book). Thankfully most judges are not the typical slashdot reader and will move to protect a victim of harm until the case is tried.

    Now on to my main gripe about the way this case is being handled by the Defendant's lawyers and also the mindset of slashdot readers saying that the encryption was weak is not an argument that will hold up in any court of law. The judge rightfully pointed that any safeguards can be broken by a clever enough theif. Saying that the encryption should have been stronger sounds too much like a burglar saying it was Ok to break in because there was no steel door protecting the house. The argument should have been and should be focused on what exactly is fair use with regards to DVDs and the nature of the licence. Are they selling permission to watch the DVD and if so does this mean if it get's scratched all we need is a proof of purchase to get another one or are they selling the entire contents of the DVD? Either way this case will not stop the proliferation of DeCSS code on the web and the MPAA is fighting a losing battle.