Slashdot Mirror
Peer-to-Peer Copyright Issues
JimCYL writes "Fred von Lohmann, Attorney and visiting researcher at the Berkeley Center for Law and Technology, recently posted this article on the Electronic Frontier Foundation (www.eff.org) website. It's part crash course on copyright, part guidebook on how not to have your P2P file sharing service sued. All in all, very interesting for those of us who are interested in copyrights in cyberspace." Very informative and very well-written - this is one to bookmark, especially if you plan to do any development on a P2P application.
A curious thought: Microsoft is said to have remote shutdown capabilities built into Windows (at least some newer versions) to be able to terminate uses that break the EULA. Windows includes a file-sharing mechanism. What if somebody were to show the RIAA/MPAA that people are using Windows sharing to copy copyrighted material? Well, M$ has the ability to control it, and file sharing is certainly a selling point of Windows, so they would have vicarious liability. They would have to actually go out and shut down services that people have bought from them.
I wonder if the ensuing legal battle would end up like a battle between Sauron and Saruman:)
-Lars
The paper raises some important issues and one must wonder where the copyright laws leads. As I read the piece I could not help but consider Slashdot itself and what possible 'infringing' role it may play. In many ways it mirrors the situation with Napster - a centralised service, with 'control' over it's users and a 'direct financial benefit' arising. I posit that there appears to have been copyright 'infringement' on Slashdot in the past - people reproducing protected works within a post or copying elsewhere (and linking). We have probably also seen infringement as far as the DMCA goes - any DeCSS code for instance. Maybe this gives the folks at Slashdot sleepness nights (or will in the future). It should certainly give the users pause for thought. The time may come when Slashdot is required by law to change it's moderation policies and start actively removing and policing content (a 'moderation' downwards won't suffice).
I also started to wonder about Ian Clarke's Freenet project. Although it fits many, if not all, of Von Lohman's criteria for possible safety (no central control, knowledge and 'open-source', amongst others), I can't help wondering whether Ian's dug a hole for himself to a degree. I seem to recall some pretty inflammatory statements regarding the 'death' of copyright coming from Ian in the past. One wonders whether this opens him up to legal challenge of any sort and an attack on the Freenet system. I have not gone back and looked for any of his statements however and I might be wrong. Whether a legal attack on such a system as Freenet would be 'successful' (given it's architecture) is moot. He might find himself in a personally uncomfortable position.
Then again, he's not a US citizen. I live in the UK and would love to see a discussion such as this on the copyright issues here. However, given the increasingly international (nay, global) flavour of copyright law today, I suspect we will all be 'harmonised' at some point soon. The fact that much of this law is treaty based worries me more since national governments, and their electorate, are bypassed. Public 'consultation' is a poor substitute, if it occurs at all.
Thanks for listening.
--
Alastair
London UK
Allow me to point out that 17 USC 117 creates a statutory exemption to copyright with regards to computers making any copies they need to function of software (e.g. loading it into ram) and that you can make backup copies of software up the wazoo, as long as you don't keep them when you get rid of the original.
EULAs are rather moot these days, and the arguments that they're null and void are getting stronger (as are the precedents to that effect)
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
Would this not also mean that backup companies would be liable for both contributory and vicarious infringment. 1) They should know that users are backing up copyrighted materal 2) The are providing the site and facilities 3) they are recieving finacial gain from activities. 4) The control who can use their site and facilities As the person points out, encryption and head in the sand about what's happening is not and excuse.
I'd like to first make this disclaimer: I know nothing about P2P programming, and I know only the very basics of how many P2P applications like Napster, Gnutella, Freenet can work. In addition, perhaps this has already been thought of, or is already in implementation. Oh yeah - and I'm not an avid IRC user.
What about the use of an existing network/infrastructure to facilitate P2P interaction, such as IRC servers? Make a custom P2P file-sharing client which connects to an IRC server, and joins a particular channel. Other users connect in a likewise fashion. File search requests are sent to the IRC server, clients read those requests, and reply in a private IRC channel if they've got a similar filematch...
The centralized server then becomes the IRC server/network. Is this really lame? Would the administrators of the said IRC networks ban certain client identifiers or something? Would this not scale? Just thinking out loud here...
Quidquid latine dictum sit, altum viditur.
I only post comments when someone on the internet is wrong.
One of the weak points of the multi-tool strategy may be the search engine. The RIAA may be able to convince a judge that searches could be filtered based on songs.
Good point, and I have been working for months on a fully decentralized, open source searching network called the ALPINE Network which performs searching, and only searching.
The actual transfer of resources is done via other networks, like Freenet or Swarmcast, FTP, etc.
The previous poster had the same ideas in mind, namely, provide a decentralized, legally safe peer based searching network, and then use whatever you wish to actually get content/resources.
The searching is the most vulnerable part, and hence the reason I am pushing a fully decentralized network so hard.
Yes.
Wrong. You don't own the contents. But you are licensed (if you wish to be) to redistribute it, or even distribute derivative works. This may sound similar to owning it (due to the GPL giving you so much), but it isn't the same thing.
Yes, thanks to a license, not ownership.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Wait a second. Who said anything about abolishing copyrights? The GPL relies on copyrights to do its work. Take away copyright and you lose the GPL. Contrast this with the BSDL. Since the BSDL essentially has no limitations, BSD software would remain basically unaffected in the absence of copyright.
Also, I don't understand what you mean by "Is the central theme of the FSF user ownership of software? Yes." I don't see what the FSF or the GPL have to do with ownership of software. Care to explain?
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
You haven't understood the article. In the case of Linux, Linus is not liable because he as no on going control of what the user actually does with the product. That is the clear and simple distinction between a Service like Napster and a Product like the Linux Kernel.
The difference wrt BetaMax in the court's eye seems to be the fact that Napster has full access to the details of what's being exchanged (well, the filenames, anyway), and can thus be viewed as being aware of the infringement.
So, the bottom line is, if your product or service is used primarily for copyright infringement, and YOU know about it, you're screwed (or you have to take action, as Napster is doing).
Is this silly? Yup, in my opinion. Wish my opinion mattered more though...
-Roy
If you're going to quote the constitution, you might as well be complete about it. You quoted Article I, Section 8, Clause 8. The sentance fragment that is Clause 8 is part of a larger sentance that describes the powers of the US Congress. The sentance reads (eliminating the other, non-relevant Clauses):
Don't confuse this with somthing in the Bill Of Rights. Copyright is not a natural or human right. We are used to it here in the USA, but it doesn't have to be this way.
It could be argued that if any such copyright laws that exist no longer "promote the Progress of Science and useful Arts," they are unconstitutional.
The fact of the matter is that the advent of computers and the Internet make exercising your exclusive right either extremely difficult or downright impossible. The economic, or market value of content in such a situation approaches zero. The cultural value (a concept erroniously conflated with market value in the US) of those works can be arbitrarily high independantly of that. Fundamentally, content in an internet context is not a commodity: there can be no shortage of a particular item, it can only grow. Only by imposing artificial constraints on technology in the form of copying roadblocks can a shortage be created, thus injecting market value into each instance of that content. It's as simple as that.
Back in the old days, before the DMCA, there seemed to be strong concepts of "common carriers" and public forums. The basic idea was that if someone provided a "public" facility they could not be held responsible for how that facility was used. The definition of "public" was that there had to be absolutely no monitoring or censorship, and for that reason phone companies and large BBSes or conferencing systems were careful to avoid any such activities. As soon as they took any interest, basically, they also took responsibility.
I guess my question, which I was sort of hoping the article would answer, was whether the "safe harbors" of the DMCA were intended or interpreted to supplant or augment these older concepts. It seems to me that it supplants them, and sets a much higher standard for the facility owner/operator, but I'd appreciate it if anyone with better knowledge could clarify. It used to be that you could choose not to monitor or censor activity even if you had the technical means, publicize that choice, and be safe legally. Now it seems that you're left with no choice; the mere ability is enough and if you have the ability but choose not to exercise it that doesn't get you anything but trouble. Is that really the case?
Slashdot - News for Herds. Stuff that Splatters.
It's sickening that this is how our court system works...
It works both ways. Pick an easy target where someone is obviously infringing on fair use rights, and sue and win. Then work up the ladder to less "obvious" ones.
What's good for the goose is good for the gander..
Or did you ever think that if a law is always pushed in one direction, it's not surprising that it moves in that direction? If you want it to stay where it is - push back!
--
Exigo spamos et dona ferentes
Knowledge isn't enough (eg. the author of Freenet doesn't have to stop watching CNN). Knowledge + Ability to stop infringement is the key.
--
Any IRC bot that uses DCC to transfer files is doing exactly what you describe, and have been around far longer than Napster.
I gots ta ding a ding dang my dang a long ling long
Maybe, just maybe, the whole point is that the notion of anyone owning or controlling *any* information is simply wrong. Sure, the law currently says that distributing copyrighted information without permission is illegal in certain cases, but just because the law says it doesn't make it right. Perhaps people's notions of copyright needs to change. If the result of strong copyright laws is that a few large corporations get to keep realizing outrageous profit margins, then maybe such laws no longer serve the public interest. There is nothing that says a company is entitled to continue to make money. Things change. The distribution modality of digital information is such that it costs $0.00 to distribute unlimited copies once the work has been created. This has an economic impact on the value of the work created. It is now worth less, and any law that attempts to erect road blocks to prevent digital distribution in order to artificially maintain high prices will fail. Big distribution companies have to take this econonomic reality into consideration and either find new revenue streams, or be satsified with smaller margins. Ultimately this benefits the artists themselves because they are free to take advantage of this new channel and market directly to consumers. Maybe they will only get $.25 per song downloaded, but that's more than they currently get from the record companies. Maybe some artists won't become millionaires. There's nothing wrong with that. It's simply a reflection of a changing economy. Artificially maintaining the status quo has never worked in the long run, and it won't work in this case.
-Vercingetorix
-Vercingetorix
"Necessitas non habet legem." -St. Augustine
In the ideal FSF world, the GPL would cease to exist. It would no longer be needed. The GPL is a reaction to outdated and counterproductive copyright law. Without those laws, the GPL is unnecessary.
-Vercingetorix
-Vercingetorix
"Necessitas non habet legem." -St. Augustine
no, this is exactly the wrong answer!
/.), but i can't find it right now...
your arguement is based on a hugely faulty assumption, and one the recording industry is trying very hard to propagate: that they own all the copyrights. let's say i produce a CD. i wrote the music, i ran the recording equipment, i mixed it... everything. it's all mine. the recording industry still wants money from it - they want to be able to restrict who can produce, or profit from every production. but i should be able to do what i want with that recording - including making mp3s of my tracks and distributing them anywhere i want, without RIAA, or anyone else, getting a cent. i should be able to make mp3s, plop them on Napster or Gnutella or whatever, and encourage everyone to take them, without paying me or anyone else, if that's what i want. the RIAA should not be able to restrict this, nor should anyone else.
your argument also ignores the "fair use" realm of copyright law. if i have a Rio, i should be able to (freely) encode mp3s for my own enjoyment, if i've already bought the CD. this is exactly the same as burning copies of my CDs so i don't have to have one copy for work, one for home, and one for my car.
oh, and for the record, this is already practiced in related areas. lots of digital recording devices, like MiniDisc players, either only provide analog in or only provide analog out - the prohibit you from making full-quality digital reproductions. regardless of the copyright status. it's an institutionalized version of exactly what you're suggesting, and all it does is exactly what the big corps want: restrict who can produce.
there was a really good article i read on this (maybe even on
i speak for myself and those who like what i say.
But, you are not arguing for the ability to keep the "fruits of ones labor". Copyright isn't about that. It is about the ability to partition out who can benefit from the fruits of your labor. There is a big difference.
When you create a work, you have the work. That is the "fruit" of your labor. What you are arguing for is the ability to control what others can and cannot do with copies of that "fruit".
> You can disagree in your personal ethical view,
> but nobody died and gave you the power to
> arbitrary state what is a "real" right and what
> isn't.
Nor you. However, at some point, these ideas get translated into law. Some people like the law, some don't.
I do disagree in my personal ethical view. And thus do not support a law which conflicts with my ethical view.
Copyright was invented "to promote the progress of science and usefull arts". The trade off being that we, the people, cede our "right" to do what we want with what is in our posession, to the creators of a work.
The only useful discussion, then, is whether this trade off is worth it. Is copyright having more negative side effects than good? Is it promoting enough to be worth the trade off?
Anything else delves into the "religious" and becomes a pointless argument.
-Steve
"I opened my eyes, and everything went dark again"
> Maybe, just maybe, the fact that I created
> something gives me the right to dictate the
> terms of distribution.
An idea which is not only contrary to the fsf position, but also contrary to current law, and the tradition of copyright.
Copyright is a monopoly on the copying of a work, specifically designed to encourage production and publication of works. NOT a protection of the rights of the author.
Now, if you feel that the author has some right to the works that they produce, thats fine. It is your right to believe that. However, it means that any discussion of copyright with someone who does not fundamentally believe that pointless. It would be like trying to convince a hindu in the divinity of rabbi jesus, by using arguments from the bible.
Gnutella, Freenet, even napster, are existant proof that not everyone shares your worldview.
-Steve
"I opened my eyes, and everything went dark again"
If this is to become the case, the government is left with two very clear choices. Either keep fighting these systems in vain and tying up the courts, or create a new conception of copyright. Perhaps copyright will no longer have its meaning. I don't know what the ramifications are for this, and I'm not sure its the best course, but it seems like it could very well be inevitable. Part of the government and supreme court's job is to evaluate the relevancy of laws, and update them to match the times. A perfect example of this is the DMCA, trying to update copyright for the digital age. We all know the short sighted and fair-use problems with it, but the real problem is that it will be obsolete within 5 years. Can copyright survive into the next few decades?
.. of Slashdot repsonse to anything.
(1) It doesn't say what I want to hear so it must be wrong.
(2) It doesn't say what I want to hear and thus evil corporations are to blame.
(3) hey, that was an interesting peice.
Sad thing is we see so little of 3. This man did a service to the community in writing a free plain-english legal brief. I for one am greatful he did so. I know a lot about copyright already but i learned a lot about the most recent decisions and their meaning.
Pay attention to his concluisions about deniability and the need to act once notified.
Both FedEx and MaBell have many desirable characteristics:
(1) They are carriers but they never have even a transient copy of the item in memory. In contrats all P2P systems actually ceate a copy of the file. It is much more like a fax machine then a P2P system.
(2) The legal uses of the system far outweigh the illegal uses in terms of actual revenue drivers. The same cannot be said of naptser in actual practice. This helps reduce the idea of "vicarious infringement."
If you look at it honestly, you can see that napster was designed to be used for an illegal purpose, copying copyrighted music, promoted for that purpose, and thats far and away the most common use to which it is put and thus where the majority of their revenue directly or indirectly coems from.
(3) MaBell and FedEx both have models where it is not only difficult but in fact illegal for them to monitor activity of their users. Ergo again they have maximal deniability.
(4) When illegal uses of their systems are brought to their attention, both FedEx and maBell bend over backwards to support and help proper law enforcement.
As mucha s you'ld like to believe it does, the "common carrier" defense celarly does NOT apply to napster as the courts have decided.
if not go back to college and take a basic scientific methods course.
The Slashdot communty in NO way represents a reasonable or scientific sampling of anything other then the tiny subsection of the communtiy who are drawn to a place like Slashdot.
Nopw with that out of the way... why does anyone want to poll??? Yo udon't get to vote for what laws you do or don't want to be held accountable for. You vote for lawmakers who make laws we are ALL obliged to follow or suffer the consequences. Civics 101.
The technology employed to carry the data is not the issue.
The issues coem down to control or lack thereof, and your economic model in terms of where your profit derives from.
If the courts decided that youw er eseliing a program thats primary draw was to do somethign illegal with it then you might be in trouble. If its a generic, non centralized, non controlled file sharing prgoram you might be okay-- but then its doubtful you cna fidn any wayto make money off it.
As soon as you have any kind of ongoing conenction to the users (ie serving ads to them0 you have a potentail control mechanism and become obligated potetnailly to use that mechanism to police your users.
The courts work, once again its been restablished that making money off of the theaft of someone elses property, whether you do the theaft or enable others to, is an illegal act. Thsi s how it should be if we dont want rampant anarchy. If you really believe in this grand moral vision of a connected world then DON'T try to make money off it and you will be significantly safer.
You wrote:
"Specifically, the Copyright Board says their ruling "does not legalize (a) copies made for the use of someone other than the person making the copy; and (b) copies of anything else than sound recordings of musical works. It does legalize making a personal copy of a recording owned by someone else."
You had better check this witha canadian lawyer, I have a feeling youa re misinterpretiung this.
If you are in fact correct, then Canada has just violated the International Copyright treaty and you cna expect a general outcry from the rest of the developed nations. In fact if this were true I suspect record companies here in the states (I knwo how canadians hate it when refer to the sates as "america") will immediately stop shipping releases to Canada.
Is not to try to make money by stealing something of someone elses or providing the tools for that theaft.
Precisely.
The term for this in Copyright law is "implied license."
Yes, it coems down to control.
Itw as not considered reasonable that a copy shop have to stand over the shoudler and check copyrights on every thing brought in.
HOWEVER if there is a pattern of a given book being xeroxed at a given store-- al lthe students for one class fro instance regualrly photocopying the oen text book, the copy shopo CAN be made to watch for and stop that particular behavior.
It all comes back to the control issue.
I should add...
That as soon as the copy shop publicizes the fact that, if you do your own copying, you can copy illegal stuff they DO become liable because they are actively encouraging and profiting from an illegal activity.
And some already exist for some things you specifiy.
For instance there are a few RFCs the togetehr define IRC.
because they thought of it before the last minute compromise of the bill of rights? Because you say so?
Nothing "has to" be thought of as a natural human right. (frankly I don't do natural law to begin with so trying to use that as a distinction is meaningless to me). The bill of rights is certainly neither the begining or the end. But the main point is that the first US mention of legal copyright and all of its implications are quite distinctly about the rights of creators to control their work, and the previous comments to the contrary were lies.
Personally I think that the right to the fruits of ones labor is pretty high up on the list of basic rights. You can disagree in your personal ethical view, but nobody died and gave you the power to arbitrary state what is a "real" right and what isn't.
Kahuna Burger
...will work for Chick tracts...
ohh... I feel so bad. "Makes you sound like a fifth grader" is such an insightful and intellectually demolishing comment, it takes my breath away.
Sorry, but you haven't actually addressed my point. The language was inflamatory, sure, but pathetic? Sounds like a dodge to me. Why don't you try dealing with the actual question of "since when does the free market mean that if you don't like the price of something you take it?" Instead of building strawmen about whistling tunes, and claiming that you know what copyright is really about (as opposed to what its been written as) why don't you tell me why making theft easy could ever make it right?
Once in a while, some innocent napsterite will just tell the truth "I want something, and I have a chance to just take it, so I will." They don't pretend that they have any right to, they don't care if its right or wrong, they want, they don't have any consequences, so they take. It takes a /.er to dress that up in some sort of law of the jungle/information wants to be free/not real property bullshit and try to convince themselves that this is really the way it SHOULD BE.
Ah, whatever, my food's here and I waste to much time on /. I should take a break until I can put you all in the proper perspective.
Kahuna Burger
...will work for Chick tracts...
you are full of it. If that were true, all work would be work for hire and those with the means of publishing would be the owners of work that they published. The opposite is true. Copyright belongs to the creator of a work unless there is a specific work for hire, and the "tradition of copyright" which you are apparently cluesless on is that copyright always returns to the author after a limited print run unless there is a specific contract stating otherwise.
Copyright is exactly about the creator having control over his or her work, and that position is enshrined in law and tradition, and for that matter, the bloody US constitution.
To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
Note the words "exclusive right" and "authors" and the total lack of mention of publishing monopolies or any other such crap.
Now stop lying about authors' rights and go back to violating them, I'm sure you're better at it.
Kahuna Burger
...will work for Chick tracts...
You don't have a right to anyone else's creative work, unless you go through the process they have decided on, be that payment, reading in in conjection with ads, or them just giving it to you. The fact that it is getting easier for you to violate other people's rights does not and never will make it right. It just makes it easier to be wrong.
Maybe the oppertunities of distribution will lead to some artists to give their work away for the joy or the recognition or whatever. But that doesn't remove the rights of those who choose to not go that route, or make you any less a theif if you decide to ignor their rights and take what you want.
Kahuna Burger
...will work for Chick tracts...
huh? So if you are a druggist and are allowing people to illegally obtain controlled drugs through you it should be ok, because there might be another way of them doing it where you couldn't stop them?
If napster can stop it from happening on their servers, they have a legal responsibility to or be held accountable. The existance of other routes to illegality doesn't absolve them of any responsibility. That would be rediculous.
Kahuna Burger
...will work for Chick tracts...
That analogy is flawed, the real situation is WORSE than that.
Knowlege is NOT required for vicarious liability.
The correct analogy would be the makers of pantyhose being liable for bank robberies, even if they didn't know and had no reason to know their product was being used. To analogize the 3 tests for vicarious liability: Direct infrigement would translate to people robbing banks using pantyhose as a disguise. Financial benefit: if someone buys pantyhose to rob a bank, does the manufacturer get money - Yes. Ability to control - well theoretically the pantyhose people could refuse to sell to people with criminal records. So now they would have a requirement to, or get sued.
Outlandish, I know, but the Napster decision is right up there with that. It is just as unreasonable to scan every request that goes through Napster's server against all possible infringements. They would have to increase their server's resources by at least 1 or 2 orders of magnitude.
Courts would recognize the pantyhose example as violating common sense. But they lose all notion of common sense in the digital realm. Indirect infringement does not exist in the law as written, the courts made it up, by taking real world doctrines of liability (contributory="aiding and abetting", vicarious=like employer liability) and misapplying them and misinterpreting them in the digital realm.
Just because it CAN be done, doesn't mean it should!
This is good because contributory and vicarious infrigement exists does not imply that these theories apply to DMCA violations, which are different things. This is bad because fair use is a defense to infrigement, and not to a DMCA violation, which is a different thing. What may be uncertain is whether the courts will invent contributory and vicarious DMCA violation theories or whether the DMCA itself makes such activities offenses or whether a anti-consumer judge would say it does.
I am not a lawyer, ask a lawyer for real legal advice.
Just because it CAN be done, doesn't mean it should!
Except one thing I think Linus missed: protesting the overly excessive copyright expiration times. I wouldn't call that "whining".
Oh, and IANAL. And I'm Canadian.
To get something done, a committee should consist of no more than three persons, two of them absent.
So if I had, say, a closed-source operating system (such as Windows) and it had a mechanism for restricting what code can be run on it (such as Windows ME's requirement that DLL's be distributed in a signed package), would that satisfy the control requirements? What about a system with an anti-virus package, which from a functional standpoint consists of "code we have declared as bad will not be run"? And while we're at it, let's not forget the whole ActiveX code-signing deal.
I'm half-joking in the above paragraph, but I'm also half-serious. Is it possible for there to be a compelling legal argument for software manufacturers to start providing safety controls to prevent code with an illegal intent from running? I'd like to hope that I'm speculating out on the "kook" end of a slippery slope, but I do think it's a point worth thinking about.
I found his open source comments especially interesting when considered with respect to everyone's other favorite current major legal battle involving a four-letter industry association.
Imagine an open-sourced DVD player that provides hooks such that anyone with a copy of the infamous DeCSS.c source can drop it into the source tree for the player, change a #define or re-run GNU's configure, and then build a fully functional DVD player. Let's also imagine that, since the player doesn't actually include DeCSS, that it is being developed openly and publically on something like SourceForge, with no effort being made to conceal the identity of the developers.
Now under vicarious infringement, the open sourced nature would provide a fairly strong protection via negating the "control" clause. However, let's look at contributory infringement:
Now, normally one could argue against contributory infrigement by pointing at a number of non-infringing uses. However, thanks to the DMCA, playing the same region 1 DVD that I can legally play on a DVD player on my TV set would be considered infringement when played via this open sourced player.
I was actually thinking about this from the darker end of things (i.e. "The program you have tried to run, LOADLIN.EXE, has not been signed with an unapproved and/or expired software vendor key. Please contact the vendor for an update."), but I see how security holes might count.
On the other hand, I can see the liability from something like that easily exceeding any and all potential revenue it could generate. If I were Microsoft, I'd pull IE and the networking code out of Windows, sell them as-is to a third-party vendor, and simultaneously minimize a lot of my exposure while at the same time deflating the DOJ's anti-trust case.
Also, there're things that're only security issues if configured improperly. How far should a system go to prevent this? To use Unix as an example, is requiring a non-empty root password at installation time sufficient or should we disable any and all forms of root access if someone were to manually edit /etc/passwd and blank out root's password field? If we absolve misconfiguration, what's to stop Unix vendors from just installing with all remote services disabled? (Admittedly, this is a good idea, anyway, but it circumvents the issue of a security hole in a service that an admin would want running under normal circumstances.)
Anoynmous Coward wrote: How do you figure? "The Little Mermaid" is a copyrighted work, while the bible is in the public domain. *Specific* printings of bibles, especially those with new concordances or indices are new works and protected by copyright.
My poor, quasi-educated friend, back when Gutenberg printed the bible, it WASNT public domain. To get a bible back then you had to pay the catholic church an exorbitant amount of money, build a church (which would house the bible), and agree to have the church send along people that would handle the reading and interpretaion of the bible. Oh my god, doesnt this sound like a familiar train of thought?
Im sure the more devout amongst you are saying to yourself, as I once did, "but how can that be, the bible being free (as in speech) greatly helped the spread of christianity!" (for better or worse) Ah yes, but this freedom also created the protestant reformation and weakened the overall power of the Catholic Church. Eventually the freedom that was created by the printing press ushered in a new age of literacy and intellecualism known as The Enlightenment. The Catholic Church saw, just as RIAA et MPAA see now, that their influence and control are weakening because the internet is the movable type of our century. This is your much hyped bridge to the new millenium- isnt it fucking great? I am certainly begining to think so.
I only alluded to all of this in a semi-serious fashion because I assumed everyone here was smart enough to get my allusions. Im not implying that anyone is actually dumb here, only that people are taking too short sighted and narrow-minded a view of the whole issue. This is still happening everywhere you look, so dont feel bad if you dont get it yet, or you think im talking out of my ass. I just hope that we dont end up having a RIAA led inquisition to prevent the spread of change (oh crap too late, damn). Well, you were all warned, dont say I didnt try. Just be glad they cant torture you, and if they ever get the right to torture you, be glad they cant find you.
Total control or total anarchy was the main point in vicarious liability. The kernel is free software and anyone can download and it and make changes and distribute those changes. In other words Linus has no control over what people do with the kernel. He can't shutdown a user's linux machine by pressing a button etc. So I would say he doesn't pocess enough control to police his "product" and therefore is not liable for vicarious infringement. Although IANAL.
There was also the point of financial benifit. Although it is debatable wether Linux benifit's financially from the kernel, he is not a financial instituion (read he's not a business and doesn't make linux for profit) and therefore he does not benifit from script k1dd13s cracking websites running linux.
However, the article was related to copyright infringement which has absolutely nothing to do with cracking websites or robbing banks.
--
Garett
I don't see why you see it that way. All that is needed to escape liability is to:
So a system like freenet where the creator does not benefit financially and can not deny access to any user's would be on the legal side.
So why not enjoy the best of both worlds and be legal and unlimited? So long Microsoft.
--
Garett
Interesting point. I'm having a hard time thinking of infringing uses, however. DOC files of Harlan Ellison Stories? DeCSS as an Excel file? PowerPoint presentation by Marketing, Images via the Matrix, Soundtrack by Metallica?
They probably have thought about these things, and think that the existing laws grant them immunity. Maybe you have to click "I Agree" twice, to really prove you won't hold Microsoft liable!
Obviously not. Because Linux is open-source, and because Linus doesn't add skr1pt k1dd13 features to it, Linus can't be sued. He has no control over the script kiddies - he can't stop them from obtaining Linux, and he can't restrict them from using the operation system for their purposes.
Pantyhose manufacturers are in the same boat - their product is be used in a way they don't endorse and can't control.
Napster can control its users - it can ban them when it is notified of copyright enfringement (however ineffective that banning is). It is reasonably aware of infringement, based on internal emails, advertising they created, and their own hard drives.
They are profitting from the trading of copyrighted materials - the more that are availible, the more users there are, and the more venture capital they can obtain. Their salaries are being funded by that capital.
They can also prevent it by limiting search queries, which is technically difficult but not impossible. By including search capabilities in their product, they both facilitate copyright infringement, and give themselves a means to prevent it.
Napster has the means of blocking illegal activites and it profits from illegal activities, in the minds of the judges. The article explained all this. Did you read it?
This would be a good idea - make software manufacturers legally liable for security holes that others could demonstrate could be avoided. It could be done in such a way that the first security breach is free, but companies could sue creators for further breaches.
Unfortunatly, Microsoft et. all have lawyers, and they make sure you agree to waive all liability claims. Don't you know that clicking "I Agree" is as legally binding as signing away your rights with two witnesses' signatures?
This is one of the benefits in selling a Product (like Microsoft does) vs. a Service (like Napster tried to) - once you sell a product, you can protect yourself with limited warrenties, instructions, warning labels, etc. (Philip-Morris - "It says it may kill you on the side of the package!") If you sell a service, you are liable for any illegal activities performed using the service (as long as you could stop them, are informed of the violation, etc. etc.).
According to the article (which is increasingly more difficult to get to), yes, and in fact is one of the few possible strategies for legally defensible P2P products.
The other strategy would be a legal, completely controlled product that integrates search, transfer, chat, etc. This would be pretty restrictive, and the RIAA would love it. I bet Microsoft is developing one right now, and attaching an operating system to it.
One of the weak points of the multi-tool strategy may be the search engine. The RIAA may be able to convince a judge that searches could be filtered based on songs. A judge may be convinced if searches were formulated in the "Artist", "Song" categories that Napster uses.
One interesting non-infringing use would be transfer of text files that the author put in the public domain. For instance, if I wrote a thesis titled Analysis of Feminist Issues in Britanny Spears songs, focusing on "Baby Hit Me One More Time", then a filtered search engine would block it.
This promotes two plans of action. First, search engines and other products need to be file-type agnostic, so that the lawyers can't argue about filtering on .MP3 files. Second, we all need to start writing public-domain position papers on pop stars and songs. Death and Religion in Metallica's "Enter Sandman", anyone?
This argument assumes that all audio data stored on all CDs is copyrighted material owned by someone other than the possessor of the CD.
That is a very bad assumption to make. Following that assumption, you could easily surmise that no one other than the recording industry has any business writing data to a CD. We would have no CD writers, no media software, and no capability to record or edit video or audio for any reason whatsoever.
So can Slashdot now file suit against Microsoft as a direct infringer? Microsoft gains direct financial benefit by having people download Internet Explorer, and their software directly infringes copyrights when viewing webpages. Must Microsoft incorporate code into IE to block users that view copyrighted material?
This brings up the topic of authorized distribution and reproduction. Is the act of serving your copyrighted material through a webserver an implied/implicit permission to distribute/reproduce said content? Or is it implied that you may only store 1 copy? What then about caching? What about proxy servers that cache popular websites? Would I have to name Google since they cache my copyrighted material? Would I have to name Verizon/@Home for caching my material in their proxies? If Slashdot changed their copyright policy to deny ANY reproduction/storage/distribution could they then go after each and every one of us for viewing their webpage?
What about photography? If I take a picture of a work, am I infringing? If I record a concert, am I infringing? Can I not distribute my photograph? What if I'm in the picture with the copyrighted work? Can I not distribute that either? Suppose I consider MP3's an art, similar to photography. I don't copy a song exactly, I merely take a lossy image of it. How does that differ from photography exactly? What if I include extraneous non-copyrighted material inside the lossy, "MP3-photograph" of the song? Somebody please enlighten me.
As it goes without saying, IANAL, or rather, IA-Damn-glad-IANAL.
Well, to lapse into realpolitik for a moment:
The ultimate right of the creator, and the only absolute one, is the decision of whether or not to release the work in the first place. Once it's out there, control is an illusion supplied by the courts. We're primarily talking about intangibles here; a tune, a storyline, an image. You cannot really control that once you've shown it to someone else. This only becomes absolutely clear in a world of digital reproduction, where the dissemination of the intangible becomes trivial. And while your argument about the value of a work is valid from a certain point of view, from the point of view of the market, it's bullshit. The thing is worth what people will pay for it--and they won't pay much if it's easy to get for free. Which it will be, from now on. Game over. The details are still falling out, but I think it's pretty clear that the genie is not going back into the bottle. So you're wrong--art is worth less to the market than it used to be. Artists are going to have to get used to it.
So we get to the purpose of copyright: which is to encourage the creators of art to disseminate their works by making it possible for them to profit by their reproduction. It's not a guarantee that you're going to get rich off of it, and it's not designed to do so. It's there so that people won't hang on to their ideas for fear of having them stolen.
Now, I would propose that the ultimate test of the function of copyright is whether or not ideas are still being published by their creators. If they're not, then copyright law isn't working; if they are, then it is or it's unnecessary.
So I ask you this: how many groups are not publishing tunes now because they're afraid of getting them ripped off on Napster?
I don't know of any. I doubt there are any. The mega-bands don't have much to lose; smaller groups tend to have everything to gain by getting a wider audience. I have a great degree of difficulty imagining that any garage band, anywhere, is going to fold up shop and stop producing because of something like Napster. Because of that, I find that most arguments for stringently enforcing copyright in this medium are somewhat spurious--the intent of the law is already being served.
No relation to Happy Monkey
That would be nearly all of them. It was passed via a non-registered (if that's the right term) hand vote. I've been trying to find out who voted for it and who didn't, but it looks like it was nearly unanimous.
Sigh...
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
NO, what distinguishes Napster was the recording industry's ability to fight it. They chose a weak and obvious target, fight it, win, and ultimately end up with legal precedent on their side.
This is EXACTLY why the MPAA went after 2600 in the DeCSS case. Easy target. It's a hacker site for cryin' out loud... despite what we all know, the courts were going to rule against 2600 despite the merits of the case. Same thing... choose an easy target, establish legal precedent, and use that precedent to win against more worthy opponents.
It's sickening that this is how our court system works...
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
This would put the RIAA in the same situation the MPAA was against the Betamax. It would be easy enough to say that such software does indeed have "significant non-infringing uses". I have dozens of CD-Rs full of .mp3s ripped from CDs that I OWN. I use them to listen to music that I BOUGHT in a more convenient way for me... on my laptop... on my PC... etc. I'm going to build a dedicated .mp3 PC for my home stereo system.
All of those things fall under FAIR USE and the recording industry would be absolutely foolish to fight them.
.mp3 is just a file format that uses audio compression. Going after the applications that create those files would be like going after Adobe Acrobat because someone scanned in a copyrighted book and distributed it in .pdf format.
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
I think IRC clients do not get sued because, compared to Napster, they are insignificant!
What distinguishes napster (and now gnutellas) from other file sharing/distributing apparati is that it is so easy to use that any kid with AOL can and does use it! The RIAA doesn't know how to use, let alone care about, some random IRC client with a gig of music flies on it, because thousands, not millions of people access it.
This article does, however, pave the way for building un-assailable p2p file sharing networks. Unfortunately, it seems that the most successful projects would either be open source or *sold* by a large corporation.
Can anyone say "MS Peer-to-Peer Suite"! Its not so far-fetched...they could sell a lot, and I don't think the RIAA is gonna get Boise working for them anytime soon....
"Chill, Orrin!"---Trent Lott
Maybe, just maybe, the whole point is that the notion of anyone owning or controlling *any* information is simply wrong.
Maybe, just maybe, the fact that I created something gives me the right to dictate the terms of distribution.
This has an economic impact on the value of the work created. It is now worth less...Maybe they will only get $.25 per song downloaded
Your head is so deep in the sand that you don't even realize that you are contradicting yourself. Something that has no value will not be paid for, and anyone who expects to be paid for something worthless is deceiving themselves.
However, a work of art (whether it be music, art, or software) has value because of both the amount of time and energy the creator put into creating it and its value resulting from its utility. To create an environment that does not reward creators, by artificially forcing all works to be freely available by some means, results in a removal of some of the incentive to create.
Just because the method of reproduction and distribution of information makes it incredibly cheap and easy, you do not automatically get a Right to reproduce and distribute works that are not yours. You get that right when the creator of the work allows you to, which is to say if the creator releases his work under a license like the GPL or into the public domain.
Dancin Santa
Strange, I've never had vaporware running on my pc before. Does that mean it is actually running in the fifth dimension or something?
-- Give me ambiguity or give me something else!
It's an interesting resource, but it's a little mendacious to give advice on P2P at the moment, considering the number of unresolved cases flying around. "Do nothing!" is the only safe advice right now.
Witness the disclaimer "Nothing contained herein constitutes legal advice--please discuss your individual situation with your own attorney", which I'm sure many people will happily ignore and quote this article as gospel. ;)
If you were blocking sigs, you wouldn't have to read this.
Is just about the most bullshit thing I can think of. Does that mean that Linus T. is responsible for every little skr1pt k1dd13 who hacks a website using linux? Today in salon I saw a great quote: Are the makers of pantyhose liable for bank robberies, because they are fully aware that robbers use thier products for concealment?
There is a far cry from providing a service taht has numerous non-infringing uses and giving someone a gun to rob a bank with. (I know, ended sentance with preposition, but I'm ranting)
Furthermore, we have no idea where this technology can go, and no idea what can happen with it and if we start stomping it into the ground, it will die. Ooh. this makes me so mad.
Brant
Brant
Argle. Bargle.
Show me a use for FTP that ISN'T file sharing :) Quick! Someone call the lawyers!
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
Interestingly enough, it was deemed that if a person makes a photocopy of a copyrighted material at k*'s the person is responsible, and if a worker did it for them the company (k*'s) was responsible. It was deemed in court that the person copying was the responsible party.
-CrackElf
"Blake is an idealist, Jenna. He cannot afford to think." - Kerr Avon, Star One, Blakes 7
Here is a plan that I am working on, and would appreciate your input
The pitfall of all P2P sharing programs is that one single company or product is the P2P program. This single entity is usually the target of copyright suits and other problems. (ie NAPSTER) I think one strong statement made in the article above, was that a solid way to beat infringment is to component-ize the P2P program. This way, there is no single target or entity for companies to go after, and claim they knew that infringing uses were being done through their service.
What I am saying is that we need to standardize the way P2P programs are built, and have groups specialize in these different functional areas. For example, a few groups would work on search mechanisms, other groups on the transfer protocols, others on a chat mechanisms, etc...
Finally, it would be up to the user to decide how he puts his P2P program together. He could pick from different search components, different transfer components, etc...
This standard would allow anyone who produced a single component to claim no knowledge of how it may be used in the end (ie The BETAMAX defense). The user is the one who decides to put the program together and use it for either infringing uses, or non-infringing uses.
Does this make sense?
-Lab-
Copyright laws apply to the product, not the means of transmission.
This was an excellent article, and towards the end, which some of you may have missed, is a list of things you can do as a peer-to-peer developer or designer to prevent legal liability. These are very interesting suggestions...
;)
1) Your two options: total control or total anarchy.
So, either a secure and monitored Napster or an efficient Gnutella are the two most resistant architectures. This has pretty broad implications.
2) Better to sell stand-alone software products than on-going services.
Assuming that you are using a decentralized model. A centralized service is by nature an ongoing service.
3) Can you plausibly deny knowing what your end-users are up to?
Only in a decntralized or mostly decentralized network. If you try to intentionally make it hard to know what your users are doing, you're again opening yourself up to liability.
4) What are your substantial noninfringing uses?
This applies mainly to a centralized service. And in fact, you really need to have ONLY noninfringing uses if you are turning a profit from the network. (vicarious liability)
5) Disaggregate functions.
For example, use one service to locate content. Use another service to transfer content, preferably in an anonymous, secure fashion. Etc. This is what the ALPINE Network is designed to accomplish.
6) Don't make your money from the infringing activities of your users.
The section on vicarious infringement which this relates to, is rather troubling. If you are a centralized service making money from its popularity (i.e. Napster) you need to have very stringent controls on what your users are doing. Filename filtering is only the very first step, and proactive monitoring is required.
7) Be open source.
Nuff said!
8) Do not be a direct infringer: make and store no copies.
This includes caching content! The DMCA safe harbor rules will not apply to you unless you have gone through a number of hoops to do so. (After reading through the requirements, only ISP's can do this. Anything riding on top of an ISP is pretty much screwed.)
9) Do not build any "circumvention devices" into your product.
Like including a DeCSS filter for downloaded movies.
So, in short, I think a lot of the peer based network that have sprung into recent existance need to chew on this for a while, as many of them do not comply with what is need to be truly safe from legal attack.
Also, this is assuming that current laws remain unchanged. There is a very real possiblity that parts of the DMCA or copyright law will be modified in a more linient manner. Don't hold your breath
Several reasons,
1. The encoding algorithm for MP3's is patented. If an MP3 encoder is free ITS infringing.
2. An MP3 encoder is simply a recording device (Like a Betamax). There are considerable non-infringing uses for encoders and the Betamax Defense would almost certainly apply here.
3. Using an MP3 encoder doesn't require assistance from anyone once you have acquired the encoder (see #2). Thus noone is facilitating infringement.
4. A copyright only covers distribution. I can encode all my cd's to mp3 on my own computer (I have) and so long as I don't give them to anyone else (I don't) there's no direct infringement.
-- Rich
Free your mind and your Ass will follow -- George Clinton
What is the difference between these scenarios? I can find the software for creating mp3s for free.
I honestly don't think that P2P software is the problem. I think that the music industry in particular should NOT get all hot and bothered about the software for sharing (insert file type here) files or the files themselves, rather, target the applications that create the files. Does any of the software that can convert a file from CD to any format have to pay a license to the recording industry? If there is should it be more? Should software of this nature be more controlled as to who has access to it, should there be registration?
In conclusion, I think it is utterly infeasable to target P2P software, I say take care of the problem at the source, where it's created.
Of course you don't have to listen to me.
-----
No the game never ends when your whole world depends
crazy dynamite monkey
In the section of the article on "Lessons and Guidelines for P2P Developers" is a section on using open source to remain safe. Being open source will drastically reduce your chances of becoming a target of litigation: hard to prove financial benefit and impossible to control use of users since code can be modified. Plus, non-open source components that don't involve copyright infringement can be used for profitability of the p2p product. Very interesting.
Developers: We can use your help.
It's the problem. The right of ownership concept that the FSF uses as its main pillar is faulty and damaging as a concept when stretched beyond the limits of the GPL. The idea that you own a work that you had no hand in creating but have the full privileges of distribution as the original creator falls apart once the concept ventures beyond the realm of Free information.
Only the creator of a work can choose to make it Free. As Linus said, "everything else is just whining." It seems to be commonsense that distributing something that has not been cleared for free distribution by its owner would be met with legal challenges. Knowingly enabling this distribution by providing a venue for this is equally offensive as actually pirating the works.
The sense of entitlement that the FSF has engendered through its 'community ownership' and Free information concepts has confused people into thinking that anything they can lay their hands on should be theirs in the name of Free. This is not meant to be a slight against the FSF, but against those who have confused between speech and beer and 'it's just not yours'.
Dancin Santa
Bottom line is, if your product or service is used primarily for copyright infringement, and everyone knows it, you're screwed.
In the event you would like to read the text of any of the laws relating to copyright or the DMCA, take a look here. I teach a class on copyright law, particularly as it relates to new technology.
The real problem with P2P these days isn't that P2P services or programs are breaking the law, its that the record companies have the ability to force rewriting and reinterpretation of the law in their favor, regardless of what steps programmers and p2p providers take. Even the strongest good-faith legal defence is powerless against a system that is completely biased and corrupt.
RIAA and MPAA pushed through DMCA once and they could push through more stuff in the future. The courts have pushed through bogus definitions of contributory infringement, bogus definitions of "financial gain" and completely ignored the betamax and rio cases. They also completely ignored AHRA and fair use. Why? Because the law doesnt pay you to interpret it correctly. The RIAA pays you to interpret it correctly. Well, as correctly as serves their interests.
The solution is not "obey the law." We have seen that is not possible to obey the law if you are a potential threat to the record companies. The law is twisted to make you guilty and remove you as a threat. The solution is either to
-ignore the law: use all the technological measures available to you to hide from the RIAA and from any enforcement agencies (goverment or otherwise) that they employ. Deal only with trusted pirate entities and be careful about what you do.
-change the law: this will be difficult. One way to change the law is to give congress more money than RIAA and MPAA do. This is not likely to be a trivial matter to accomplish. Another way is to start voting congressmen out of office who voted for things like DMCA. However, most of the voting public is completely ignorant of technical issues.
-have a bloody revolution: record company tyranny isnt really a good enough reason to break out the guns. Give it time. Just hope that you still have the right to own guns by that time.
File sharing is here to stay, including sharing music, movies, etc. Those that create the systems will be under constant legal attack until either the law changes or a legally defensible system is created.
This article draws a huge grey line between legal and illegal systems, and Naspter is clearly on the illegal side, and in a lot of trouble. If you disagree, read the article, and then come back and argue.
There is room on the legal side, however. The best news is, the most legal software would be anarchist open-source free software! Microsoft will never make it!
This may be the dividing line between Linux and Microsoft - Microsoft's product would be popular, legal, but limited, while the Linux equvalent would be geeky, illegal but unenforcable, and unlimited. Perhaps even a legal, open-source version could be created, to meet the criteria halfway.
Good news and bad news. Good news, more people will try Linux to satisfy their Napster desires. Bad news, Linux will get a further reputation as a haven for pirates and hackers (hackers in the media sense).
We all have a good idea of what the Microsoft solution will be: Encryption and copy protection enforced at the operating system level, designed to fit the desires of the RIAA. We should try to beat them to the punch, creating a legal system that allows some freedoms, rather than the anarchist systems proposed elsewhere.