Slashdot Mirror

← Back to Stories (view on slashdot.org)

SSSCA Editorials

Posted by michael on from the soapbox dept.

idiotnot writes: "This editorial from the New York Times, by Jonathan L. Zittrain, a professor at Harvard Law School, urges legislators to exercise caution in regulating the PC. Eisner, et. al. want to limit the PC's capability, which will limit what PC users are allowed to do. See this earlier story about Eisner's testimony to Congress. '[W]e should beware the haste with which some would sacrifice flexibility for control.'" Other readers submitted a story in Hardware Central and an AP article. Seems like the ruckus over the SSSCA is finally reaching the mainstream press.

1 of 234 comments (clear)

  1. Workable DRM? by seaan · · Score: 5, Informative
    As both a dedicated member of the EFF, and an applied crypto specialist, I've been wondering how and if a DRM/content-control system could be made "reasonable". I even worked on a proposal for the product that became DIVX in a past job. My problem with pretty much every commercial system I've seen so far boils down to the issue: I don't trust the people designing and administering the system.

    For example, I have no conceptual problem with restricting some traditional fair-use rights when it comes to renting movies. I don't think a renter needs the ability to copy the movie for either time-shifting or back-up purposes. Congress started with that basic thought, and ended up with section K of the DMCA that required copy protection on all new VCR's (CopyGuard/MacroVision). The problem is that the movie industry promptly screwed the consumer!

    * They put copy protection on all tapes (and DVDs), not just ones for rental.

    * The copy protection removes fair-use (that I think) should still be available in a rental situation: such as "quoting" a section of a movie for review or analysis.

    * The copy protection does not expire once the movie becomes public domain, an issue that will cause our future historians fits!

    Most the DRM systems I've seen proposed eliminate most of the rights/benefits consumers (and society) normally have under traditional copyright law. If the DRM clauses were put into a "shrinkwrap" contract, they would be ruled unenforceable (for example the courts quashed the publishers attempt to enforce a "do not resell" notice in a book). A DRM system combined with the DMCA anti-circumvention measures puts the consumer at the mercy of the system designer. Your only option is to not buy it, which may mean going without since the publishers/recording-industry are going to be loathe to make any non-DRM content available.

    Ignoring all the practical issues with the SSSCA for a moment (and there are a bunch!), the only way the bill should proceed is if it guarantees that no DRM will hamper or eliminate rights in the copyright balance. I'm not talking about Disney's definition of fair-use either (which as best I can tell, is something to the effect that Disney can use public-domain material, but does not have to release any of it's own work into the public domain). To take my rental example, the DRM would have to find some way to accommodate all three bullets (not an easy thing to do).

    To be fair, another slant on this is the definition of new "relationships". We can now think of two normal methods of obtaining a movie for example: "purchase" and "rental". The DRM proponents are trying to make new workable models. The original idea behind DIVX went something like this: Electricity used to be charged based on capacity. Edison would count the number of lights in your house, and set the monthly charge based on the potential capacity of how much electricity you might use. Once they designed a power meter (a very tricky area, even now), they could dramatically lower the prices and only charge you for the electricity that you used. DIVX would allow a very low charge per use (planned to be lower than a traditional rental charge), instead of a one-size-fits-all purchase price.

    The DIVX problems make a good illustration for almost all the DRM schemes I've seen. I never heard of DIVX being cracked. Secure client software backed up with a centrally managed server can make things pretty bullet proof (up to the point it converts to something outside of the DRM scheme). But security aside, DIVX had a whole host of problems, which frankly I don't know of a way to get past. Aside: I've considered job offers at today's DRM companies, but many of them are just too sleazy. The typical attitude is that public domain and fair-use is unimportant - the copyright holders content needs to be protected at all costs!

    * The most obvious issue, is that once the central DIVX system died, all the media became useless. This is the single largest issue with DRM.

    * The discs were too machine specific (they did have some theoretical "sharing pool" for people who had multiple DIVX players, which I'm not sure how well it worked). Even if you paid for a life-time access (see above), you could not play the disc on your neighbor's machine.

    * There was a large potential for "marketing abuse", since they had to identify each item played on the machine (they would know who played what media, how many times, etc.). Your only protection was voluntary agreement that the data collected would not be misused.

    * You are at the mercy of the DIVX operations staff. They could change the price or terms-of-use any time they wanted to.

    As to the practicalities of the SSSCA, I think the closest analog the computer industry has experienced is export regulations. I [unfortunately] have lots of experience of just how bad that can be! I worked for a company that used encryption in virtually all of it's products. We once estimated that approximately 20% of the company's resources were used to deal-with, design, and follow export regulations. Of a hundred employees, "only" 3-4 actually dealt with the regulations daily, but virtually the entire design team had to take them into account. What should have been a single product would be split into multiple products to fit the ever changing interpretations of the regulations (resulting in a dramatic increase in development, testing, manufacturing, and marketing). Believe me, very few people in or out of the industry have any idea of how bad the SSSCA would clog our technology industry up!