Finnish Appeals Court Rules Breaking CSS Illegal

Thomas Nybergh writes "Due to an appeal court decision from a couple of days back, breaking the not-very-effective CSS copy protection used on most commercial DVD-Video discs is now a criminal act in Finland (robo translated). The verdict is contrary to what a district court thought of the same case last year when two local electronic rights activists were declared not guilty after having framed themselves by spreading information on how to break CSS. Back then, it was to the activists' benefit has CSS been badly broken and inneffective ever since DeCSS came out."

Oh, that CSS

[langelgjm]

For a moment there, I shook my head at the idea of the courts getting involved in webpage layout.

Re:Oh, that CSS

[PinkyDead]

...for a moment there, my heart leapt at the possibility of Bill Gates getting sent to jail for crimes against conformity.

Re:Oh, that CSS

[switchfutguy]

i knew some people were intense about WC3 validation, but this is a bit much

Re:Oh, that CSS

[clarkcox3]

Blizzard get's pretty upset when Warcraft III's online component gets cracked.

Re:Oh, that CSS

[kylehase]

Yea I thought I'd have to uninstall Greasemonkey.

Better URL

A better URL to a non-robo-translated english version is http://www.turre.com/blog/?p=156

Human made translation of Turre Legal's blog entry

[livingdeadline]

There's now a proper, human made translation of Turre legal's blog entry available

Linux DVD playback

[Nomaxxx]

What will be the impact on Linux DVD playback? "You're breaking the law by watching them, we'll have to seize your original DVD collection!"

Re:Linux DVD playback

[livingdeadline]

Well, since cracking CSS is criminal according to the court it seems pretty clear that it's illegal

Re:Linux DVD playback

In which case, who will refund Finnish Linux users the cost of their DVD's? Or should they just p2p download a version with CSS removed?

Re:Linux DVD playback

Impact is between zero and zilch.

Business continues as usual, people will just show the law the finger. As they have done thus far regarding Lex Karpela. (The nickname of this law in Finland.) Not even the police cares.

Re:Linux DVD playback

[menace3society]

If the police change their minds, what are the statutory penalties involved?

I don't plan on going to Finland to play Linux DVDs, but I'm curious to know how other states' criminal penalties stack up to the US's (up to five years in jail and a $250000 fine).

Re:Linux DVD playback

[betterunixthanunix]

More likely, "You are breaking the law by watching those DVDs using royalty free software, so we will seize your computer and fine you more than you can afford to make an example of you. Oh yeah, and we are bowing to American business interests in the process."

Re:Linux DVD playback

[jlarocco]

There will be no servers hosting DeCSS in Finland.

Other than that, there won't be any change. I've been watching DVDs under Linux in the United States for years and have never had a problem.

Unless you call up your local copyright police, report you're "illegally" watching a DVD, and then let them watch you play it on an "unapproved" player, there's no way for them to prove you've broken the law. Short of that, if it ever comes up, point to your regular DVD player and claim you've only used it to watch movies. Burden of proof is on them.

Re:Linux DVD playback

[Hal_Porter]

Maybe they can get a refund for all the Windows only software they bought too.

Re:Linux DVD playback

[TypoNAM]

How about every single Linux user out there that watches a DVD via mplayer, xine, VideoLAN Client, or any other open source DVD/multimedia player?
Most of them simply use libdvdcss in order to access CSS encrypted content.

Re:Linux DVD playback

[egork]

In other news in Germany a prosecutor has refused to start criminal investigations against private filesharers, as he sees an abuse in the way lawyers use this process to find out the identity of those sharers. The lawyers then would drop the criminal charges and start a civil case where they can earn money. In a criminal case there is not much they can earn. The said prosecutor was himself in turn sued for refusing the cooperation.

How long until the futility and the craziness of chasing and criminalizing of the software will be realized on a world scale.

What can people do? The best would be a flashmob where everybody using Linux in USA would just call the "copyright police" and denounce themselves in one go. So that police realize, what a nonsense it is to run after the millions of better educated citizens for such petty crimes!

Re:Linux DVD playback

[Technician]

What can people do? The best would be a flashmob where everybody using Linux in USA would just call the "copyright police" and denounce themselves in one go.

I've pretty much done that with SONY. I picked up a copy of Open Season and couldn't play it due to the new copy protection experiment they did. When they had the backlash, and offered free replacement DVD's, I called them and ordered my replacement. They asked what player I had trouble with. I told them, Mplayer on Linux. I got my copy in the mail with no further questions. I'm sure, I'm not the only one who let them know what player their incompatible copy protection broke. This reporting should be the norm, not the exception. Demand standards and return anything broken.

criticized

[Fri13]

On Finland, it is now a criminal act to play/copy DVD by using libdvdcss but if you download same movie from P2P network, it is just criticized. If you upload movie to network, it is criminal act.

So, if you do not want to be a criminal and you use GNU/Linux, download your movies from P2P network, if you dont like to use codeina (included on Mandriva Linux) to buy codecs.

Re:criticized

[Wookieblaster]

In other words it more legal to download a movie illegally than watching it from a DVD (also illegal). Oh my.http://yro.slashdot.org/article.pl?sid=08/05/26/1357257#

Re:criticized

[weicco]

You missed a little, but crucial point. You must download non-encrypted version of the movie from P2P network. If you download encrypted one, you are still breaking the law if you are watching it without properly licensed player. And you must download it by using a client which doesn't share the same file you are downloading.

This law, Lex Karpela as some might call it, is really confusing but luckily I don't have to deal with it. I do live in Finland but I own a standalone DVD player and buy all my DVDs :)

Re:criticized

On Finland, it is now a criminal act to play/copy DVD by using libdvdcss In Finland, we are not going to give a shit about these laws. Not now, seemingly not before, and most importantly not in the future.

Re:criticized

Anyone know of any encrypted movies being traded on P2P networks?

Re:criticized

[Darkness404]

Wow.... So now, not only using "piracy" do you get A) Free content B) No DRM C) Faster content (if what you are downloading hasn't been localized for where you live) but now it is more legal then buying a DVD and watching it?!?! And people wonder why "piracy" has grown.

Re:criticized

[Sloppy]

If you download encrypted one, you are still breaking the law if you are watching it without properly licensed player.

I don't know Finnish law and haven't read the court's decision (how's that for a disclaimer prior to spouting off?), but I wouldn't just assume that buying a DVD and using a licensed player, is enough to make it legal. It may be that all CSS-scrambled DVDs are now illegal to watch in Finland, regardless of the player device.

Even in USA, it's pretty murky. The issue just hasn't come up, because it hasn't been tested in court. DMCA says you're not allowed to watch a CSS-scrambled DVD "without authorization" but I have never seen a DVD that comes with any sort of notice that explains under which conditions the owner of a DVD is allowed to watch it. We all just ass/u/me that watching it on a DVDCCA-licensed player, is one of the allowed conditions. The MPAA companies have no incentive to sue anyone for watching their DVDs on DVDCCA-licensed players. But that doesn't mean it's legal. We don't know. Nobody except the copyright holders do. It might be that you're only authorized to push a play button that descrambles the DVD, if you are wearing blue socks at the time.

If the Finns copied US' DMCA, they could have the same vagueness.

The way to force-test the issue in USA, would be for someone "friendly" (not a MPAA member) to publish a CSS-scrambled DVD, and then start suing people. (Sue someone who bought your DVD, for bypassing the CSS without authorization, and also sue Sony for selling circumvention devices.) You can even put a notice on the case the DVD comes in: "you are not authorized to bypass this disk's CSS under any circumstances." (Most people would still buy the DVD, not even knowing what that means, just as they supposedly agree to multiple pages of EULA legalese prior to spending their money.)

Copy Protection?

[Sparr0]

I take offense at the blurb's description of CSS as "copy protection". CSS has nothing to do with copying, it is "playback protection", just like almost any other sort of encryption.

Re:Copy Protection?

[mdmkolbe]

CSS prevents copying a DVD to a video tape or other format. But it does nothing to prevent duplicating (i.e. copying) the DVD using another DVD because doing that doesn't require cracking CSS.

In the days before DVD burner's were common, CSS may have been effective copy protection, but now days it just keeps people from playing it in the wrong country. Country codes mean that it is and was at least in part intended to be playback protection.

Re:Copy Protection?

[Kjella]

But it does nothing to prevent duplicating (i.e. copying) the DVD using another DVD because doing that doesn't require cracking CSS. In the days before DVD burner's were common, CSS may have been effective copy protection, but now days it just keeps people from playing it in the wrong country. The CSS key is written to sector 0, and if I remember correctly regular DVD recorders can't write to sector 0 and regular platters have sector 0 filled with zeros. So no, you could not make a 1:1 copy using a regular DVD burner. I honestly don't remember or care, it might be illegal but it's been about two lines of commands to get it in any recent Linux box.

Re:Copy Protection?

[Anonymous+Cowpat]

well, sort of.

The idea of region encoding is so that they can set different price points (and release dates) for different parts of the world.

They can sell a DVD in region 6 (China) for the equivalent of $2 (say) because that is the maximum price that the market will bear. The region encoding stops someone from buying up 10,000 DVDs at $2 and then importing them to the US and selling them for $10. Making $8 profit whilst still significantly undercutting the discs that the studios want to sell in the US.

It also means that they can stagger the release of a movie around the world, and then stagger the DVD release whilst keeping people from getting DVDs from one of the earlier regions into one of the other regions whilst the movie is still in the theatres there (thus creating extra ticket sales from the people who just have to see the movie more than once and can not get it on a DVD yet)

Re:Copy Protection?

[ultranova]

The only reason they have added this crap is to stop copying anyway, it's obvious that it isn't intended to stop actual playback for 'legal' uses.

I seem to recall the very people who passed Lex Karpela saying that they don't know what it actually forbids and allows. Given this, I think the only thing it actually intends is to help are the profits of Karpela's then-boyfriend, movie director Olli Saarela.

Oh well, just the usual corruption associated with politics, coupled with the also-usual outright lies and attempts to suppress the understandably critical reaction from the citizens by blaming it on "outside forces". Finnish politicians at their finest indeed...

Re:Copy Protection?

[gnuman99]

You can get "special" burners for $1000 or so that will write to those sectors. Someone posted it on a similar discussion months ago. You can search for those types of authoring dvd writers.

It also doesn't stop pirates these can easily afford these special burners or just get a DVD shop to press real DVDs for them from the original "master" they bought for $30.

Re:Copy Protection?

For many of the anti-IP zealots on Slashdot (I don't know if you are one of them), the first step to understanding the situation would be to realise that the judges, economists, lawyers and so on who work on these matters are not simply tools of some industrial conspiracy. There is a solid basis in economic theory for intellectual property, just as there is for physical property, and this is one of the reasons why there are laws protecting IP (another is the notion of moral rights to one's creative works, which has a strong tradition especially in French law).

I think you can find many economists who would argue that current copyright laws (distinct from patents) give too much economic protection to producers of creative works, and for too long a time. I haven't myself yet read enough of the literature to make up my mind on whether copyright should be reduced in length or scope, but the idea of abolishing it (or intellectual property generally), as many Slashdot zealots favour, is generally viewed as an extreme and nonsensical position.

The central problem with copyright at the moment is, I would say, a technical one, ie how to protect IP and still take advantage of technological developments that make it easier to duplicate and transmit creative works etc. The fact that it is often easier to download works illegally than legally (never mind the cost) is a major problem that must be addressed before there can be any hope of curtailing rampant copyright violation. Official toleration of violation of IP laws in many countries (eg China, where widespread violation of IP laws is a major factor in producing enormous trade surpluses with the EU and USA) is another.

Re:Copy Protection?

[Pig+Hogger]

One day businesses will learn that forced price discrepancies like that kill your business long term.

One day, geeks will learn that businesses are run by business types who don't give a flying fuck about the long-term but want their profit **NOW**.

Re:Copy Protection?

[poetmatt]

Actually, I run my own business, and I think long term, and it pays off every time.

Not every business is stupid enough to think short term, just the ones that want to be big now and die out just as fast.

It's only the fault of the companies that give shareholders majority control thus failed long term thinking in the first place.

Re:Copy Protection?

[mpe]

It also means that they can stagger the release of a movie around the world, and then stagger the DVD release whilst keeping people from getting DVDs from one of the earlier regions into one of the other regions whilst the movie is still in the theatres there (thus creating extra ticket sales from the people who just have to see the movie more than once and can not get it on a DVD yet)

Or at least that is the theory. In practice most of the planet has region free DVD players, which are not catching on in the US now that TV series are appearing on DVD. Some countries have even declared the whole region coding system to be illegal. Finally just about everything is likely to be available free of any DRM as soon as it's been made available anywhere...

Re:Copy Protection?

[dwater]

Living in China, I get DVDs for next to nothing (USD0.5). They're usually crap quality[1], but they do the job most of the time.

If the purpose of region codes were to allow a 'title' to be sold here at a lower price than in the US (say), then surely we'd see them for sale; but we don't. Such a policy requires that every title be sold in every market, at least the identical DVD as other places, but preferably, with region specific subtitles/audio.

[1] They are crap quality usually deliberately since they try to cram a long movie onto a low-capacity disk or more than one movie onto a high capacity disk. Many DVD players have trouble playing both these (we have two). There are also DVDs which are just crap because eg a hand-held camera in a cinema.

Headline incorrect - CSS breaking is still legal.

Actually the headline is incorrect - the court did NOT rule that breaking CSS is illegal but distributing the software to accomplish this is illegal - breaking the copy protection for private use IS STILL LEGAL.

So nothing changed really - media is just screwing over the whole thing as usual.

So the quality of security matters not, then?

If that's the case, why not just protect everything with ROT-13 and make it illegal to 'crack' it. Seriously, it the logical step. Why spend millions developing the latest copy protection when you can simply use the law to help you pretend what you've got is good enough.

Re:So the quality of security matters not, then?

[Aetuneo]

This post in encrypted with rot-26. If you are able to read this text, you have violated the law by circumventing the encryption.

Sorry, it had to be said.

Re:How?

I tried to reply but apparently /. comment engine is even worse than Diggs.

The headline is WRONG - it's NOT illegal to break the CSS content protection for PERSONAL use - it's completely legal. Period.

This ruling is not about viewing the movies on Linux or any other device but spreading the DeCSS program itself.

So bottom line:
Decryption of movies to view them on Linux was not and is not even after this ruling illegal.

Unfortunately Slashdot fails and posts every piece of FUD they can get their hands on without any verification.

Madness

[growse]

The more we criminalize the behaviour of those who try to reverse-engineer or break security features, the more we are saying "we give up" to those looking to capitalize on breaking them, and the less secure we'll become.

So it's illegal? What does that mean?

[fishbowl]

Crossing the street on foot against a signal is illegal.
Killing a family with an axe is illegal.
Decrypting CSS is illegal.
Having weeds in your yard taller than half a meter is illegal.

Does one word sufficiently characterize all these crimes?

Re:How?

[zappepcs]

I have wondered a few times, what if you built your own encryption/decryption software/hardware, then decoded a DVD, further, encoded it in your encryption scheme and shared this with a small group of friends who also have the same hardware/software.

Would you be compelled to allow the **AA et al to have your keys and view what you have on DVD, or would that be against the law for them to do? What works for them should surely work for the private individual regarding encryption. Yes it's not exactly a workable answer, but the question remains valid IMO. To know that you have a copy of a movie on the DVD they would have to crack your encryption. This means that unless they actually caught you physically making the copy, they would have zero evidence. Cracking your encryption in the US would be illegal. I'm not sure about elsewhere.

Am I missing something?

Using your own encryption ensures private use only, and may not be all that useful, but I'm interested in what the law would do.

Re:Human made translation of Turre Legal's blog en

[sudog]

Not much of a translation. That link seems mostly to be a rant about how wrong the court was. The best we get of what the court actually *said* was a two-line couple of sentences, and some single-word translations like "seemingly" as though the word "seemingly" somehow makes their judgement suspect.

Sigh.

CSS was all about region coding, not copying.

[argent]

CSS doesn't even slow down the class of people who were the main copying threat back when CSS was devised in the late '80s and early '90s. Copying and passing around DVDs over computer networks wasn't even on the horizon... people were treating software released on CD instead of floppy as being more protected just because it would take too long to download... and writable discs didn't come out until 1997. CSS doesn't do anything to stop people who can read the data off the DVD and create a new master from it to create counterfeit DVDs (often in the same factories in Asia that were making the originals), and that's what copy protection was about back then.

Re:Headline incorrect - CSS breaking is still lega

My original comment is still valid, here's an excerpt from the Finnish law:

"Mità 1 momentissa sÃÃdetÃÃn, ei sovelleta, jos tekninen toimenpide kierretÃÃn salaustekniikoita koskevan tutkimuksen tai opetuksen yhteydessà taikka jos teoksen kappaleen laillisesti hankkinut tai haltuunsa saanut kiertÃà teknisen toimenpiteen teoksen saamiseksi kuultavilleen tai nÃhtÃvilleen. Teoksesta, jota suojaava tekninen toimenpide on kierretty teoksen saamiseksi kuultaville tai nÃhtÃville, ei saa valmistaa kappaletta."

A crude translation is as follows:

"What is set in moment 1 shall not be applied if the technical system is circumvented for in use in research or teaching or if the item in question, being legally acquired by the person, is circumventing the copy protection in order to allow the owner to view or hear the item. Item that is decrypted in this fashion to remove the protection shall not be copied further."

Note that the translation is very crude because I wrote it here in the silly editor adn the English isn't very good either but the bottom line stays, if the person has legally obtained a copy of the DVD and is decrypting it for personal use it is still completely legal.

This is straight from the Big Book'o'Law.

Not Cascading Style Sheets... d'uh

[Crazyswedishguy]

I was slightly confused at first, and from the comments I see I wasn't the only one. For those who didn't at first know what the post was referring to, it's not Cascading Style Sheets, but Content Scrambling System.

Content Scramble System (CSS) is a Digital Rights Management (DRM) scheme used on almost all commercially produced DVD-Video discs. It utilizes a relatively weak, proprietary 40-bit stream cipher algorithm. The system was introduced around 1996 and has subsequently been compromised. CSS: Content Scrambling System

Re:Live by the golden rule

[zrq]

And nothing can change that fact that piracy is and will remain stealing!

Sigh. No, it is not stealing, it is copyright infringement.
Both illegal, but they are different laws.

One appeal left

[Aggrajag]

The defendant can still appeal to the Finnish equivalent of Supreme Court.

Re:Live by the golden rule

[TheP4st]

Wow... With your flawless logic and profound argumentation you have succeeded in turning me into a RIAA supporter for life.

Re:Encryption versus encoding

[mpe]

What's the difference between encrypting and encoding? Is passwordless encryption anything more than a mere encoding of the data?!

What many people insist on calling "codes" are actually ciphers anyway. The difference is that actual codes are linguistic whereas ciphers are mathematical. Anything which uses a machine has to be some sort of cipher...

Let's just call ASCII a way to cipher text!

It would be more accurate to have this mean "American Standard Cipher for Information Interchange" since it's a simple subsitution cipher. As is EBCIDIC, unicode, baudot, even morse "code".

Re:How?

[h4rm0ny]

So they have basically concluded that it is legal to do something, but to help someone else do this legal thing, is illegal.

Re:Encryption versus encoding

[Mental+Maelstrom]

What I wanted to get to was:

In case brute force decryption attacks, which do not disrupt external systems, are illegal:

1. Encrypting and decrypting are algorithms for encoding and decoding which use an external variable, a key
2. A brute force decryption attack is a decoding algorithm with no key, which produces the same result as the decryption algorithm with a key.
3. Therefore, applying certain data decoding algorithms is illegal.
4. Therefore, some forms of transferring data from one format to another is illegal.

So in case a genius breaks the CSS encryption in his head by just reading a binary DVD data stream from a computer monitor, he had commited an illegal act.

I guess my argument is heading into the fuzzy domain of thought crimes...