The Digital Dilemma Intellectual Property in the Information Age (2000) / Chapter Skim
Currently Skimming:
Appendix G: The Digital Millenium Copyright Act of 1998 and Circumvention of Technological Protection Measures
Appendix G: The Digital Millenium Copyright Act of 1998 and Circumvention of Technological Protection Measures
Pages 311-330
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 311... ...
except in certain narrowly defined circumstances, to circumvent an "effective technical protection measure" used to protect a work. The DMCA seemingly makes it illegal (again, except in certain narrowly defined circumstances)
|
From page 312... ...
The DMCA's anticircumvention provisions respond to the (presumed) economic importance of these developments by giving content owners a property right over the technological protection mechanisms they deploy, in addition to their existing rights over the content that these mechanisms protect.
|
From page 313... ...
HOW THE CRYPTOLOGY AND SECURITY R&D COMMUNITIES WORK Understanding the interaction of intellectual property and technical protection services requires an understanding of the research and development process in cryptology and security.2 A distinguishing feature of these disciplines is that they proceed in an adversarial manner: One member of the R&D community proposes a protection mechanism; others attack the proposal and try to find its vulnerabilities. Using this approach, serious vulnerabilities can be discovered and corrected before the mechanism is fielded and relied on to protect valuable material.
|
From page 314... ...
In addition to their methodological role in basic research in cryptology and security, experimental attacks on secure hardware and software play an important and growing role in commercial practice. Responsible vendors assemble and fund internal "tiger teams" that try to circumvent a security mechanism before a product relying on the mechanism enters the marketplace.
|
From page 315... ...
wrote a more comprehensive analysis of the underlying problem, and Sun's subsequent Java Development Kit, version 1.1, adopted Dean's suggestions.7 Numerous examples of attacks, both theoretical and experimental, on proposed security mechanisms can be found in, for example, the proceedings of the International Association for Cryptologic Research (IACR) Crypto and Eurocrypt conferences, the Institute for Electrical and Electronics Engineers (IEEE)
|
From page 316... ...
For this reason, strong opposition exists in the security R&D community to the idea of developing a licensing process for circumvention activity and trying to use the process to strengthen copyright owners' control over the fate of their property. The effect of a licensing process might just be the opposite (i.e., in fact to weaken the protection for owners)
|
From page 317... ...
The advantages of media coverage of results are considerable: Well-written popular articles can raise public awareness of the importance of computer security in general and IP protection in particular. Media coverage also forces vendors of flawed products to pay attention to the problem, denying them the option of hoping that customers won't discover that the tool may not be offering the advertised protection.
|
From page 318... ...
And once a particular circumvention technique becomes available on the Internet, its wide distribution occurs in a very short time span.~° DISCUSSION AND CONCLUSIONS The general approach taken by the Digital Millennium Copyright Act (see addendum below) is to make circumvention illegal except under certain conditions.
|
From page 319... ...
In particular, section 1201(j) should not concern itself only with "accessing a computer, computer system, or computer network." The discussion of "breaking out of the lava sandbox" above is a prime example of "security testing," but it is not an example of "accessing a computer, computer system, or computer network." The Java system security work was done by Professor Ed Felten and his students as a research project at Princeton, but Sun Microsystems could have justified the same project under the rubric of "security testing" before lava was released (and might regret that it didn't)
|
From page 320... ...
For example, suppose that a software vendor sells a digital library product, the owner of a valuable collection uses that product to control access to the collection, and a computer security expert wants to test the rights-management feature of the digital library product by attempting to get access to the collection without paying for it. Should he or she make a good-faith effort to get authorization from the software vendor, the collection owner, or both?
|
From page 321... ...
encryption research and the development of encryption technology; (B) the adequacy and effectiveness of technological measures designed to protect copyrighted works; and (C)
|
From page 322... ...
Violations Regarding Circumvention of Technological Measures.(1~(A) No person shall circumvent a technological measure that effectively controls access to a work protected 1 lPage 112 STAT.
|
From page 323... ...
is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title; (B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or [iPage 112 STAT.
|
From page 324... ...
is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; (B) has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; or (C)
|
From page 325... ...
(1) A nonprofit library, archives, or educational institution which gains access to a commercially exploited copyrighted work solely in order to make a good faith determination of whether to acquire a copy of that work for the sole purpose of engaging in conduct permitted under this title shall not be in violation of subsection (a)
|
From page 326... ...
(A) , a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been [iPage 112 STAT.
|
From page 327... ...
develop and employ technological means to circumvent a technological measure for the sole purpose of that person performing the acts of good faith encryption research described in paragraph (2~; and (B) provide the technological means to another person with whom he or she is working collaboratively for the purpose of conducting the acts of good faith encryption research described in paragraph (2)
|
From page 328... ...
the adequacy and effectiveness of technological measures designed to protect copyrighted works; and (C) protection of copyright owners against the unauthorized access to their encrypted copyrighted works.
|
From page 329... ...
(A) , it is not a violation of that subsection for a person to engage in an act of security testing, if such act does not constitute infringement under this title or a violation of applicable law other than this section, including section 1030 of title 18 and those provisions of title 18 amended by the Computer Fraud and Abuse Act of 1986.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.