Engadget has the Microsoft internal email. Though many may end up claiming this as a victory for DRM, that’s the wrong lesson to take away.
Meanwhile, Engadget is also reporting that Apple’s FairPlay DRM has also been broken, which is similarly less of a big deal than it sounds.
Filed by Derek Slater at 12:43 pm under General news
No Comments
On the one hand, I’ve said that most users won’t care about FairUse4WM
because they already could easily get unencrypted
copies. On the other hand, Janus DRM has discouraged music fans from subscribing and hurt online music businesses.
In what sense can both these statements be true? In short, music fans
would flock to a true all-you-can-eat mp3 subscription service, but, don’t be surprised if FairUse4WM has little impact on user adoption of subscription services.
Many users who currently rely on P2P
would put down money for a slick Rhapsody-like service that didn’t
restrict their uses, just like many online music users already flit
between iTunes and P2P depending on which happens to be more convenient
at a given moment. And, in the long run, an all-you-can-eat mp3
service may be where we’re headed.
But in the short run, I don’t
think that’s how things will play out. Most music fans still don’t
want anything that smells like a subscription “rental” service, and,
unless FairUse4WM gets integrated into Rhapsody in some form, it
doesn’t make the experience seamless enough. The iTunes Music Store has
dominated the market not just because of the price point, but because
it and the iPod work with no fuss. In contrast,
Rhapsody-to-FairUse4WM-to-iPod still requires some energy, and, more to
the point, Rhapsody+P2P downloading will for many people be as or more
convenient than Rhapsody+FairUse4WM. FairUse4WM may make some current
Rhapsody customers happy, but it won’t attract too many new ones.
Furthermore,
remember that this hack could be cut off, potentially by forced
upgrades or by the roll-out of new subscription services and devices
down the road. That could prompt users to tune out the licensed
services even more, but it will give certain industry folks the sense
that this was a victory for DRM. After all, if the DRM can’t be broken
once and then run everywhere forever, it “works,” right?
Of course not — as I said, most users who want
to get around the DRM already can easily do so through
non-circumvention means, and, as Engadget argued, the people who would
download the whole catalog and then cancel the subscription aren’t
going to be Rhapsody customers anyway. The DRM might get a few extra
pennies out of a few people, but that’s far less than the money
Rhapsody would attract with mp3s, and it certainly ain’t enough to
build an online music service business around. The service providers like Yahoo already understand this, but the record labels don’t or have other interests in mind, and middlemen like Microsoft are indifferent.
So
my worry — one that in part motivated my initial analysis — is that the
music industry and others will take all the wrong lessons away from this, and none
of the right ones. Stay tuned, and hope for the best. As both an Activist and a Rhapsody user, I’m keeping my fingers crossed.
Filed by Derek Slater at 4:45 am under General news
No Comments
My report on FairUse4WM, the Windows Media DRM evasion tool, focused on whether users would care. Again, I think most music fans won’t care about the tool, though the few subscribers who are unwilling or unable to use the readily-available alternative avenues for acquiring unencrypted content will be quite happy.
But the question remains: will online music subscription businesses be harmed by the tool? And will Microsoft block music fans’ ability to make fair use of legitimately acquired music and respond with DMCA threats or even lawsuits, perhaps at the record labels’ behest?
Engadget makes the case for why they shouldn’t in an open letter published today:
“We’re big fans of the subscription services [which currently use Microsoft DRM] … but let’s face facts: the damn things don’t work very well. It’s pretty easy to download tracks, but it’s a serious pain in the ass to successfully transfer them to a portable device…. [W]e get tons of emails from consumers complaining about how hard it is to get Napster, Rhapsody, Yahoo Music Unlimited, etc. tracks on to their players, or, god forbid, Macs.
“Are a lot of people going to pay $15 to sign up for a subscription service, download a ton of music, and then cancel a month later? Absolutely, but that’s not a big deal. Those people were never, ever going to sign up for a service that offers locked down music anyway, so be happy that you squeezed any money out of them at all. (Yeah, this does make it tougher to offer free, unlimited trials, but that’s not the end of the world.) Could those same people then put all the music they’ve just downloaded up on the P2P networks? Sure, but all that music is available there anyway, so it shouldn’t make a bit of difference in the grand scheme of things.”
Well said — the DRM doesn’t do anything to stop music “pirates,” but it does discourage potential customers from ever using licensed music services. In turn, the DRM hurts not only music fans, but also online music download and subscription businesses, as Yahoo! is quite willing to admit. Certainly, Microsoft and the record labels have some unique interests in perpetuating the Windows Media DRM and stifling start-up innovators. But let’s hope Microsoft and the major record labels lay off the lawsuits and, ultimately, the DRM.
Filed by Derek Slater at 12:12 am under General news
No Comments
Windows Media DRM has apparently been compromised. Reader Frank Payne pointed me towards a program called FairUse4WM that decrypts Windows Media files. I had heard of a similar program recently called drmdbg. I cannot confirm how and the extent to which these function, including incompatibilities with certain software setups. I also can’t tell how new these tools are — I found posts about drmdbg from over a year ago, but only news in the last few months about FairUse4WM. Regardless, the tools apparently are ways around the DRM for WMA and WMV, including Janus DRM.
While interesting news, it’s rather irrelevant to online media services using WM DRM. Most users won’t care about these decryption tools, not because the DRM is “consumer-friendly,” but rather because there are already readily-accessible alternatives to acquire unencrypted copies and thus get around the DRM’s unfriendly limits.
About a year ago, I reported on the development of a work-around for pre-Janus WMA DRM. To my knowledge, this development never produced a working crack, and, given how readily other DRM systems like CSS have been circumvented, that may be surprising to some. One might wonder why it took so long for a decryption utility to become widely-available.
The most plausible answer is that the online music DRM is so easy to get around that essentially no one gives a damn about actually circumventing it. If iTunes or Napster Light users want to make a use that the DRM prohibits, he or she can burn the song to CD and rip, use the analog hole, or get on a P2P network. All three are trivially easy ways to get an unencrypted copy and make circumvention practically unnecessary. The subset of users unable or unwilling to perform these steps is, I suspect, an incredibly low percentage of the whole userbase. (Which is not to say that the DRM causes no outrage or damage among users. That small subset of users is unfortunately prevented from making many non-infringing uses of purchased music, while the DRM does nothing to prevent “Internet piracy.”)
This answer is a lot more compelling, I think, than believing that the online music DRM was particularly well-designed and difficult to beat in the face of the DMCA. But my answer prompts another question: why would these WM tools come out at all, and why now?
I can think of two main responses. First, people might still have wanted to create these tools for fun. Sure, few would have a practical use for them, but that discourage everyone. The alternative avenues for DRM evasion merely meant there was less incentive to work on a decryption tool and thus less people developing one — less, but not zero.
Second, the recent though meager growth of Movielink, Cinemanow, Rhapsody Unlimited, Rhapsody-to-Go, and similar services created a matching recent though proportionately meager increase in incentives to create decryption tools. All the content on those services remains readily-accessible on P2P. But burning and re-ripping is not possible, and, for movies, using the analog hole is a little bit more difficult. So, with those alternative avenues slightly cut off, that was enough to kickstart a little renewed interest in creating an actual decryption tool.
That’s my speculation. Again, this doesn’t really affect the argument over whether DRM+DMCA can achieve their intended purpose of stopping “Internet piracy” — they don’t and can’t, as I addressed at length in recent posts. But that would have been true had these tools never been created.
Update, 11:23 AM Friday: Endadget has screenshots and apparently successfully tried this tool. See: http://www.engadget.com/2006/08/25/fairuse4wm-strips-windows-media-drm/
Filed by Derek Slater at 1:04 am under General news
21 Comments
The IP Scholars Conference recently took place at Berkeley — many papers are just early drafts, but plenty of food for thought.
And while we’re on the topic:
* This paper was forwarded to me, haven’t read it but looks interesting:
David Choi, “Online Piracy and The Emergence of New Business Models.” From the abstract: “This explorative paper examines the impact of online piracy on the emergence of innovative, legitimate business models. While often dismissed by academics and professionals alike, online piracy has shown to be a valuable source of innovation to both industry incumbents and entrepreneurs.” See also, this blog thread from a year ago.
* Previously mentioned on this blog, now published in the Georgetown Law Review - Dotan Oliar’s “Making Sense of the IP Clause: Promotion of Progress as a Limitation on Congress’ IP Power.” See also, Oren Bracha, “Owning Ideas: A History of Anglo-American IP.”
Filed by Derek Slater at 1:20 am under General news
1 Comment
Felten’s put together a fine series on evolving defenses of DRM and related anti-circumvention laws. He’s right that the entertainment industry has begun more frequently offering alternative arguments to defend the DMCA+DRM, but I wouldn’t go so far as to say that they are “replacing” the DRM as speed bump to “Internet piracy” myth. Yet if this were the case, I would welcome the switch. Indeed, if the DMCA’s existence hinged on these issues, I bet it would be wholly reformed.
Hollywood certainly can’t sell the public on these arguments, as Felten also suggests. They can’t convince consumers that restricting compatible devices is a good thing — heck, the record labels won’t even defend the iPod-iTunes tie, though they reluctantly go along with it. And if the major entertainment companies’ best argument for price discrimination is that they’ll get to take away your ability to freely burn CD copies of purchased music, then they’ll be doing my job for me. Consumers don’t want fair use taken away so that it can be sold back to them bit by bit.
This isn’t to say no one can make a coherent argument defending these practices. Rather, I think consumers are generally — and rightly — suspicious of them. Policymakers and judges might be similarly wary — remember, even as many legislators ignored the DMCA’s broad harms, the issue of music player incompatibility got a hearing relatively soon after its effects began to be felt. But, at present, the fear of “Internet piracy” blinds many of them to DMCA+DRM’s actual impact.
So I say: bring on the Property Rights Management wars and a fair evaluation of the DMCA+DRM’s impact. Of course, because they don’t want such an honest look at the DMCA, the RIAA and MPAA will continue to focus on the DRM-as-speed-bump myth, and too many policymakers will continue to buy it. But, hopefully, with enough convincing, the latter will one day change their tune.
Filed by Derek Slater at 1:27 am under General news
No Comments
If you are an AOL member, use EFF’s Action Center to contact AOL and find out whether you were one of the AOL customers whose search data was publicly disclosed. By voicing your concerns now, you can make sure AOL works to prevent another damaging data leak from happening again.
Regardless of whether you’re an AOL user, send a link to the Action Center (http://action.eff.org/aolsearch) to friends and family who use AOL. You can grab sample letter text as well as blog buttons here.
Filed by Derek Slater at 11:48 am under General news
1 Comment
Bill McGeveran sez, “I am delighted to report that the Berkman Center has released the white paper on which I have been working, along with Professor Terry Fisher and a terrific team of Berkman fellows and Harvard Law students, for the last year. The Digital Learning Challenge: Obstacles to Educational Uses of Copyrighted Material in the Digital Age explores the ways in which copyright-related restrictions impede innovative educational uses of digital content.”
Get the paper here. Congrats to Bill and the whole team on the release!
[update: whoops, seems my post led to Cory to think I was an author. Love the paper, but I didn’t work on it and can’t take any credit for it.]
Filed by Derek Slater at 11:29 am under General news
No Comments
Here’s Tim Armstrong’s lengthy response to me. Tim’s right that you can “draw a distinction between objections to the types of digital rights management (DRM) measures that are deployed to protect copyrighted works, and objections to the legal regime that protects those DRM measures against circumvention.” But what he concludes from that distinction and other related notions is seriously misguided. Supporting wholesale DMCA reform is based on principles Tim has not dispelled, and it is also the pragmatic tact. (**Footnote 1)
Let’s start with his “analytical” objection and the several examples of “good” DRM uses he cites. I am not a lawyer, but last time I checked, Title 17 is the Copyright Act — it’s meant to encouarge creation and distribution of artistic (and related) works insomuch as it benefits the public. Title 17 is not the Medical Privacy Act, nor the Privacy in Embarassing Pictures And Emotional Distress Act, nor the Confidentiality Agreement Enforcement Act. It’s the Copyright Act, and it shouldn’t be turned into a Christmas tree on which everyone hangs a pet project that they think technical restrictions might achieve.
Tim already knows this, and when he teaches his students about the Lexmark and Skylink cases, I suspect this is roughly what his sentiment will be. Why this insight doesn’t apply in Tim’s cited examples, I don’t know. (**Footnote 2)
This insight is actually at the core of what’s wrong with the DMCA, and it applies with respect to restrictions on digital entertainment content as well. Consider the iPod-iTunes tie and similar situations. Reverse engineering for compatibility and distribution of compatible devices have been protected as non-infringing. And yet the DMCA turns Title 17 into a broad Compatible Device Restrictions Act, bootstrapping dramatically increased control over *devices* onto copyright holder’s limited control over *works*.
But what about actual infringing uses — wouldn’t it be worth using DRM to stop them? As we’ve already discussed, DRM doesn’t stop the only illegal use that matters — “Internet piracy.” The other infringing uses it could stop — heavily caveated in this post — are of marginal concern (please, come up with those hypos). Regardless, DRM would still have to limit non-infringing uses and innovation to stop such infringing uses. DRM that truly permits the full range of non-infringing uses wouldn’t be worth using, because it wouldn’t be practically useful in stopping any infringing uses either. (**Footnote 3)
Therefore, saying “all DRM under the DMCA is bad DRM” is not a tautology. The DRM *that anyone would ever actually use* limits lawful uses, and, to the extent the DMCA prohibits circumvention for those uses and distribution of circumvention devices with substantial non-infringing uses, *that DRM is bad.* Absent the DMCA, the DRM would not necessarily be bad inasmuch as people could get around it to make lawful uses.
Of course, this argument doesn’t necessarily hold if you believe that it’s good for society to enable “new business models” that rely on restricting non-infringing uses and compatible devices. Tim offers a headfake this way, but I don’t think he actually buys this, and as I’ve argued before, I don’t think these restrictions are actually good for society. Even if they were good some of the time, they don’t balance out the severe damage done by the DMCA.
I hope I’ve convinced you of the flaws in Tim’s analytical arguments. Now let me turn to his pragmatic ones. He thinks that my arguments don’t move the DMCA reform ball forward.
IMO, he’s wrong, and, what’s more, positions like his can sometimes move the reform ball *backward*. Unless you actually think DRM’s restricting legitimate uses and innovation is good for society, pushing for wholesale DMCA reform is a more pragmatic response.
Of course I’d prefer DRM that allows more lawful uses to DRM that is draconian, and I’d prefer more statutory exceptions for lawful uses than less. There’s room to discuss legal alternatives and assume for the sake of argument that you can’t convince policymakers of the best and correct choice: allowing circumvention for all non-infringing uses and distribution of circumvention tools with substantial non-infringing uses.
But that exercise too often becomes a distraction from getting real reform. Tim’s suggesting that some more statutory exceptions would “solve” the problems I’ve identified is one such incorrect notion. There are others, though – most importantly, ignoring that DRM doesn’t actually prevent Internet piracy. In repeating that “DRM isn’t inherently good or bad,” people also often ignore that DRM is ill-suited to meaningfully stopping infringement and serving any worthwhile uses without seriously restricting non-infringing uses.
At best, strained attempts to find this ”good” DRM and anti-cirumvention laws middle ground are simply treated as beside the point. At worst, those who want wholesale reform get painted as misguided extremists. In suggesting this intentionally or not, such depictions hurt the cause for real, substantive reform. These real reformers become “outraged bloggers, snarky comment[ers] on Slashdot, FSF dress-up protest[ers], and poison-pen law review [authors]” (and/including me). Why not describe them as principled bloggers or law review writers making the correct policy prescription even though it’s hard to push through Congress? Meanwhile, those lauding “good” DRM appear like consummate moderates, offering up a ”compromise” pitched as the right solution. (**Footnote 4)
This isn’t just an issue with regard to the DMCA. Take the broadcast flag, a fundamentally flawed policy that cannot be fixed. My colleagues and I were deeply disappointed when CDT tried to offer a compromise solution and seemingly supported the flag. Fortunately and rightly, they backed off their original comments to some degree.
Anyone is free to play the role of consummate moderate. But if you actually agree with people who want wholesale DMCA reform, call any “moderate,” “compromise” DMCA reform what it is — a second-, or third-, or billionth-best policy, a policy that is better than nothing but not the correct and appropriate policy. Consistently call out the ways that it still isn’t up to snuff. Speaking for only myself, one person in this fight, I would appreciate that.
**Footnote 1: This is long too, but I have a lot of respect for Tim and I do think we’re ultimately on the same side of the fence. For that reason, I want to give convincing him a shot and that requires some lengthiness.
**Footnote 2: And that’s to say nothing of the inefficacy of DRM in these contexts. If you think you can use DRM to restrict a third party that you don’t trust with medical information or that wouldn’t sign a medical confidentiality contract in the first place; or if you rely on DRM to keep your employees from retyping and distributing confidential info; or if you rely on DRM to prevent your friends from taking a photo of their computer screen and then sending your embarassing pic around the Internet, then you’re in for a world of disappointment. His only example that could work is the “enterprise” one, and that’s because Tim isn’t talking about DRM there, he’s talking about “conditional access” systems — that’s like putting password protection on your website, and, yes, that can be effective, even without the DMCA, as any website operator knows. That’s different than an “access control” like on DVDs, where you’re storing the key with the attacker and giving them access to unencrypted analog copies in a compliant player. Those access controls are like locking the door while leaving the window wide open. (Also: everything in this post - but esp. this paragraph - is informed by discussions with Seth Schoen and Cory Doctorow, as well as Cory’s article cited above).
**Footnote 3: I’m going to skip giving a refresher on how fair use and other exceptions to c-holders’ exclusive rights is a context-sensitive affair that cannot be modelled by finite DRM rules. It’s worth noting that my argument includes the hypothetical fair-use-challenge system Tim describes in his article - to truly permit the full range of lawful uses in that way, it would have to be capable of giving the user a cleartext copy no longer subject to the audit trail. For instance, say you have a networked video device without digital restrictions on its inputs/outputs. If you can challenge the DRM (which, for non-infringing uses, you clearly should be able to despite the lack of trusted inputs/outputs), you will then have access to the unencrypted copy in transit from or to that device. That copy can be captured and used outside the audit trail.
**Footnote 4: I’m not saying Tim is the only one who’s ever done this, or that his writing always has fallen into this camp. He ends his paper by saying “If digital rights management, in one form or another, is truly here to stay, there is a vital public interest at stake in the form DRM ultimately takes.” He could have also said “if strong anti-circumvention laws are here to stay….” At the same time, he doesn’t seriously rebut arguments that DRM stops piracy, and he has also intimated in his post that simply implementing exceptions to c-holders rights’, short of wholesale DMCA reform, “would solve what you rightly label the ‘bad DRM’ problem.” Sorry, it wouldn’t “solve” that problem.
Furthermore, to the extent I have fallen into this trap and made similar errors in my own writing, I am equally critical of myself.
Filed by Derek Slater at 1:31 am under Big Ideas
5 Comments
Harvard Blogs Home
My News Aggregator
Copyfight
EFF
Berkman Center
Creative Commons
Lawmeme
Napsterization.org
Ed Felten
EFF Deep Links
Siva Vaidhyanathan
Larry Lessig
Seth Schoen
BoingBoing
Tech Law Advisor
Frank Field
Digital Music Weblog
PaidContent.org
Digital Music News
Joe Gratz
John Palfrey
Jason Schultz
Public Knowledge