SSSCA Editorials

idiotnot writes: "This editorial from the New York Times, by Jonathan L. Zittrain, a professor at Harvard Law School, urges legislators to exercise caution in regulating the PC. Eisner, et. al. want to limit the PC's capability, which will limit what PC users are allowed to do. See this earlier story about Eisner's testimony to Congress. '[W]e should beware the haste with which some would sacrifice flexibility for control.'" Other readers submitted a story in Hardware Central and an AP article. Seems like the ruckus over the SSSCA is finally reaching the mainstream press.

text of article

[CmdrTaco+(editor)]

Last month the top executives of two of the most powerful media companies in the world traveled to Washington to testify before Congress about the most dangerous threat they face: the American consumer.

Of course they didn't quite phrase it that way. Michael Eisner, chief executive of the Walt Disney Company, complained that the technology industry made it too easy for "people wanting to get anything for free on their television or computer or hand-held device." Peter Chernin, president of the News Corporation, worried that the Internet's "ability to empower the general public" would lead to the online theft of some of the contents of media companies' digital treasuries.

Both men want the next generation of personal computers to be unable to deliver unauthorized movies, music and other content, and they asked that Congress stand ready to intervene if industry failed to deliver the necessary technology to safeguard its products. A lone executive, from Intel, objected. The market, he said, not Congress, should dictate how technology works.

The debate on Capitol Hill between content providers like Disney and those who make the products to deliver that content, like Intel, was really a proxy for a much larger debate: What do we want our technology to do? How do we want it to work? And do we have any say in the matter?

For most forms of current technology, these questions have long been settled. No executives are worried about illegal uses of televisions or coffee makers, for instance, and no consumers need to worry that these appliances will crash or become infected with viruses and we would never accept it if they did. Our TV's and VCR's don't take ill when we watch infected programs, and our refrigerators never require rebooting.

Yet we have come to tolerate such problems from our personal computers. The PC's fundamental and unique unreliability flows from its construction as a so-called flexible platform a mere staging area for many kinds of software. The point (and bane) of a PC is, essentially, to run whatever software it encounters.

There are plenty of reliable computers: the controls of the modern Airbus 340 are fully given over to a computer, and video-game consoles consistently work as advertised, as do Aegis missile cruisers, cellular telephones and digital watches. All contain transistors. Can technologists figure out how to replicate the reliability of airplanes, telephones, watches and televisions in future versions of Windows and Linux, so that a mischievous 12-year-old half a world away can't erase a thousand far-flung hard drives?

Absolutely. In January Bill Gates sent a memo to all Microsoft employees declaring a new, overarching, even revolutionary mandate: Software must be reliable and "trustworthy." This new focus is both welcome and worrisome, because the very steps needed to secure our computers and networks can be the steps that will deaden them to continued innovation and creative uses while opening them to more intrusive monitoring by mainstream technology manufacturers and content providers.

Mr. Gates and the co-captains of his industry are producing blueprints for so-called "trusted" PC's. They will employ digital gatekeepers that act like the bouncers outside a nightclub, ensuring that only software that looks or behaves a certain way is allowed in. The result will be more reliable computing and more control over the machine by the manufacturer or operating system maker, which essentially gives the bouncer her guest list.

And as soon as there are limits on the software a PC can run, there will be limits on what PC users can do. That's exactly what executives like Mr. Eisner and Mr. Chernin want. They'd like software and hardware companies to build PC's to allow a publisher an exquisite level of control over a book or a song or a movie in the hands of a consumer. Trusted PC users might spend $1.95 for a single viewing of the latest Disney animated feature, or they might pay a similar amount for three listens of U2's most recent single. Security, stability, reliability and control.

Users may buy a trusted PC even if it won't show a digital video lent by a friend, because it will act less like a temperamental computer and more like a crash-free super-VCR like the just-released Microsoft X-box. But in the process of "improving" our PC's, the manufacturers and their partners will be able to determine what software will and won't be allowed to run, what we can and can't do with the information to which we're exposed, and what data about our online activities will be collected and sent to the manufacturer or content provider to assist in future marketing.

NYT Login

[markov_chain]

Use foobar/foobar to read the article.

Workable DRM?

[seaan]

As both a dedicated member of the EFF, and an applied crypto specialist, I've been wondering how and if a DRM/content-control system could be made "reasonable". I even worked on a proposal for the product that became DIVX in a past job. My problem with pretty much every commercial system I've seen so far boils down to the issue: I don't trust the people designing and administering the system.

For example, I have no conceptual problem with restricting some traditional fair-use rights when it comes to renting movies. I don't think a renter needs the ability to copy the movie for either time-shifting or back-up purposes. Congress started with that basic thought, and ended up with section K of the DMCA that required copy protection on all new VCR's (CopyGuard/MacroVision). The problem is that the movie industry promptly screwed the consumer!

* They put copy protection on all tapes (and DVDs), not just ones for rental.

* The copy protection removes fair-use (that I think) should still be available in a rental situation: such as "quoting" a section of a movie for review or analysis.

* The copy protection does not expire once the movie becomes public domain, an issue that will cause our future historians fits!

Most the DRM systems I've seen proposed eliminate most of the rights/benefits consumers (and society) normally have under traditional copyright law. If the DRM clauses were put into a "shrinkwrap" contract, they would be ruled unenforceable (for example the courts quashed the publishers attempt to enforce a "do not resell" notice in a book). A DRM system combined with the DMCA anti-circumvention measures puts the consumer at the mercy of the system designer. Your only option is to not buy it, which may mean going without since the publishers/recording-industry are going to be loathe to make any non-DRM content available.

Ignoring all the practical issues with the SSSCA for a moment (and there are a bunch!), the only way the bill should proceed is if it guarantees that no DRM will hamper or eliminate rights in the copyright balance. I'm not talking about Disney's definition of fair-use either (which as best I can tell, is something to the effect that Disney can use public-domain material, but does not have to release any of it's own work into the public domain). To take my rental example, the DRM would have to find some way to accommodate all three bullets (not an easy thing to do).

To be fair, another slant on this is the definition of new "relationships". We can now think of two normal methods of obtaining a movie for example: "purchase" and "rental". The DRM proponents are trying to make new workable models. The original idea behind DIVX went something like this: Electricity used to be charged based on capacity. Edison would count the number of lights in your house, and set the monthly charge based on the potential capacity of how much electricity you might use. Once they designed a power meter (a very tricky area, even now), they could dramatically lower the prices and only charge you for the electricity that you used. DIVX would allow a very low charge per use (planned to be lower than a traditional rental charge), instead of a one-size-fits-all purchase price.

The DIVX problems make a good illustration for almost all the DRM schemes I've seen. I never heard of DIVX being cracked. Secure client software backed up with a centrally managed server can make things pretty bullet proof (up to the point it converts to something outside of the DRM scheme). But security aside, DIVX had a whole host of problems, which frankly I don't know of a way to get past. Aside: I've considered job offers at today's DRM companies, but many of them are just too sleazy. The typical attitude is that public domain and fair-use is unimportant - the copyright holders content needs to be protected at all costs!

* The most obvious issue, is that once the central DIVX system died, all the media became useless. This is the single largest issue with DRM.

* The discs were too machine specific (they did have some theoretical "sharing pool" for people who had multiple DIVX players, which I'm not sure how well it worked). Even if you paid for a life-time access (see above), you could not play the disc on your neighbor's machine.

* There was a large potential for "marketing abuse", since they had to identify each item played on the machine (they would know who played what media, how many times, etc.). Your only protection was voluntary agreement that the data collected would not be misused.

* You are at the mercy of the DIVX operations staff. They could change the price or terms-of-use any time they wanted to.

As to the practicalities of the SSSCA, I think the closest analog the computer industry has experienced is export regulations. I [unfortunately] have lots of experience of just how bad that can be! I worked for a company that used encryption in virtually all of it's products. We once estimated that approximately 20% of the company's resources were used to deal-with, design, and follow export regulations. Of a hundred employees, "only" 3-4 actually dealt with the regulations daily, but virtually the entire design team had to take them into account. What should have been a single product would be split into multiple products to fit the ever changing interpretations of the regulations (resulting in a dramatic increase in development, testing, manufacturing, and marketing). Believe me, very few people in or out of the industry have any idea of how bad the SSSCA would clog our technology industry up!

Re:I've written my representatives

[regen]

As someone who lives in Washington D.C. and has numerous friends who work as Congressional aids and in the administration, I can tell you that writting is not the most effective method, although it is better than nothing.

The best method is to try and arrange a face to face meeting with your Rep. Calling on the phone, come next, followed by writting and lastly e-mail. Basically, the more effort it is the more effective it is. If you are willing to travel to washington or arrange a meeting with your Rep. when they are at home, they will realize that what ever issue you want to discuss is very important to you.

Not bad for a lawyer

[dinotrac]

Hope my lawyering background doesn't bias me here, but I thought he did all right for a lawyer.

Too much time on the freedom vs. reliability thing.
Sure, making reliable machines means curtailing freedom, but not the freedoms he thinks. It means curtailing the freedom of developers to do bad things in the code they write, not curtailing their freedom to deliver capabilities to the consumer.

What he missed altogether was the potential for reduced reliability as the result of systems designed to keep you from doing things. As with all things done by mere humans, there will be bugs, there will be shortcuts, there will be...oh, you get the idea.

The end result will be things that don't work that would work in the absence of controls.

OTOH: He is bang-on about letting the market decide and bang-on about the ultimate loss of utility that comes with content providers' desire to clamp down on PCs.

Re:joe sixpack

[Rogerborg]

• Sony music, I believe, grosses 4 billion dollars a year, while Sony Electronics, makers of mp3 players, etc grosses 40 billion dollars. In this case, I wonder which part of the company will win out

Senator Kickback: So, what can you guys offer me?

Recoring Exec:A roofied teenage pop starlet, a sack full of crack, and a job in marketing for your idiot waster nephew.

Electronics Exec: Uh, I dunno, how about a really neat watch that turns into a robot dinosaur?

Consider that internally these departments are knifing each other with merry abandon. Want to bet they can't lobby separately? Then it comes down to who's the more corrupt and ruthless. I know who my money's on.

Re:So that's what he meant

[Melantha_Bacchae]

An AC wrote:

> Umm I hate to tell you this, Microsoft actually is against this as a law.
> Maybe you should read the press releases more.

Maybe you should read up on Microsoft's patents more. Here's one that might interest you: Patent # 6,330,670; "Digital rights management operating system"; dated December 11, 2001. You can read all the gory details at:

http://patft.uspto.gov/netacgi/nph-Parser?Sect1= PT O1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm &r=1&f=G&l=50&s1='6,330,670'.WKU.&OS=PN/6,330,670& RS=PN/6,330,670

Really, Microsoft would have to come out publicly opposing SSSCA. The first time round (last fall), they didn't have the above patent. This second time round, they have the patent, but Enron happened. Microsoft has paid out two to three times the campaign contributions as Enron, and probably can't afford to be caught paying for and then embracing and extending SSSCA into its total and eternal dominion of the operating system market for all devices.

So Microsoft quietly grumbles and complains, all the while letting the MPAA and RIAA do its dirty work. When SSSCA passes, Microsoft brings out its DRMOS patent, and forces its competitors (Linux, OS X, etc.) to license it (and embrace IE, .Net, their Media Player, etc.) or break either patent law or the SSSCA. If anyone tries to charge them with buying the law, Microsoft can just pull out a pile of press releases and say they are just obeying a law they protested against. Welcome to the Microsoft Millenium, now mandated by law!

We've got 12 to 18 months to stop SSSCA. That's how long Senator Hollings is giving the industry to comply voluntarily (as if an already wounded industry should further cripple itself to serve the fat sharks of Hollywood!). Fight it! Writing your congress critters is good. Telling all your friends and family, writing letters and press releases to your local papers, writing articles for news sites, etc. is better. Get the word out to ordinary folks in a way they can understand. That way, both you and all of them can write their congress critters. With enough public outcry, this nightmare of a law might be stopped for good!

Come on, Tok Wira, these sharks have got to pay!
New Kirk calling Mothra, "We need you today!"

NYT Letter to Editor info

[Tungbo]

Letters to the Editor

Letters to the Times should only be sent to the Times, and not to other publications. We do not publish open letters or third-party letters. When writing be certain to include your name, address and a daytime and evening phone number. Letters should be limited to about 150 words. We regret we cannot return or acknowledge unpublished letters. Writers of those letters selected for publication will be notified within a week.

Letters may be shortened for space requirements.

To e-mail a letter to the editor, write to letters@nytimes.com

You may also send your letter to:

Letters to the Editor
The New York Times
229 West 43rd Street
New York, NY 10036
fax: (212) 556-3622

Re:I've written my representatives

[DreamingReal]

Did you read the fucking page?

Yes I read it, but I missed your summary (scanned the header and got right to the meat of it!)

It wasn't a matter of being bothered by someone else's opinion - I agree wholeheartedly with your position and you make good arguments - but rather with some of the atrocious open letters that some /.ers have posted (i.e. incoherent, threatening, containing profanity, and/or TOO LONG). Obviously, I thought yours fell into the latter category.

But you have good reasons for the length, particularly as a tool for sparking discussion as you do distill the best arguments against SSSCA. So mea culpa, I stand corrected.