The Legal Status of Technical Protection Measures
John D. Gregory*
IT.Can Spring Training, May 2006
The law of copyright gives many rights to the
originator of works subject to it: to publish the work, to perform it, to adapt
it, to translate it, and so on.
Creators may take advantage of one or more of these rights over
time. They also arrange to manage these
rights, for example by direct contract with publishers or performers, or by
participating in collectives to assert rights and to receive and distribute
payments for their use.
In the digital age, creators engage in digital
rights management, often known as DRM.
While DRM has some of the attributes of traditional rights management,
it offers challenges and opportunities of its own, because of the nature of
digital works. These works, being
expressed in electronic form as bits – compilations of ones and zeroes, can be
reproduced readily, and subdivided, and distributed in a multiplicity of
forms. In short, digital rights may be
put out to many different markets in different forms for different prices.
Thus one finds musical works being marketed on
tapes and compact disks, and by way of soundtrack to music videos, and by way
of downloadable files distributed by Internet and subject to a multiplicity of
rights – to save on one computer, to burn onto a CD, to send to another
computer, to be played on a mobile player or streamed to another, and so
on. Likewise movies are marketed in
different digital forms in different parts of the world, with “regional codes”
for six main regions. Movies too may
now be downloaded directly onto home computers or played on mobile
players. Texts may be produced for
consultation on line or downloaded into electronic books.
The combination of rights that a holder chooses
to make available depends on the estimate of the market – how can demand best
be stimulated and satisfied? – and on the costs of production, ease of
distribution, and other factors.
However, this choice is also influenced by the
risks of making works available in digital form. The problem is that bits are
readily copied, and the copies are perfect, bit for bit, and do not suffer the
degradation of quality that limits particularly amateur copying of works on
traditional media for commercial purposes.
The electronic version of musical works has been subject to copying and
distribution, especially by Internet, for some years, and more recently
compression software and broadband connections have made such activities worthwhile
for movies too. The risk of copying
beyond the plans – and economic reach – of content owners has discouraged some
owners from digital distribution entirely; the most famous example is probably
Apple Corps, the owner of the music of The Beatles.
Creators and publishers have tried to reduce
the risk in four main ways: by persuasion, through advertising in movies and in
trailers on DVDs discouraging “piracy”’; by lawsuits brought by especially
record manufacturers against those who download music files from the Internet;[1]
by contract, especially in license agreements[2]
that restrict what the user can do with the digital content; and by technical
protection measures (TPMs) that attempt to reduce the likelihood or the value
of someone using the work other than in a way contemplated by the DRM scheme
for it. (For example, one may reduce
the likelihood by making music or movies harder to copy; one may reduce the
value by making it hard to play unauthorized copies on likely equipment.)
In addition, governments have provided a
palliative, arguably a remedy, in the levy made on blank recording media such
as tapes, CDs and MP3 players.
Presuming that some of the copying media will be used to copy works
under copyright, the levy is distributed to the owners of copyright through
collectives. This system provides tens
of millions of dollars a year to artists.
Some people argue that its presence amounts to a recognition that copying
for personal use is legal, and that it has prevented artists from losing significant
amounts of money from such copying, even by file-sharing.[3] On the other hand, the levy is imposed on
those who use the copying media for non-copyrighted works – such as their own
creations – and it is not imposed on all the media now used for copying,
notably computer hard drives. So it may
be imperfect, but it is not negligible in theory or in practice.
This note reviews the policy and the law
applicable to TPMs: their current legal status and proposals to increase
protection for them at law, and proposals as well to reduce protections or
otherwise to control their use. It will
look briefly at the use of contract to serve the same ends.
Essentially, TPMs aim to prevent works from
being copied, displayed, performed or distributed except according to the
conditions of the content owners, in other words, they serve to maintain the
goals of DRM for the digital work. Not
all TPMs aim at all of these goals, and not all DRM schemes seek to achieve all
of them. Not all TPMs work in practice,
either, but that is another (part of the) story.
Some TPMs are standard throughout the relevant
industry. Movies are almost all
encrypted through the Content Scrambling System (CSS) devised by a consortium
of movie producers. Manufacturers of
DVD players must licence the descrambling system from the consortium and comply
with the terms of the licence. In this
way the producers hope to ensure that descrambled movies cannot be played on what
most people will have in their homes, so people will acquire movies properly
distributed (with payment reaching the producers.)[4] Likewise the regional coding of movies is
widespread, so movies bought in one region of the world cannot readily be
played in others. This allows for different market timing and pricing in
different regions.
Some TPMs are proprietary. Apple Computers has its “Fairplay” system
that allows iTunes to be played on iPods but not on other manufacturers’
machines. Video streaming systems are all proprietary and incompatible. RealNetworks sued a company that distributed
a system to allow its streaming system to be played on other systems, i.e. to
protect the exclusivity of its system.[5]
The use of TPMs raises a number of legal and
policy questions that will be reviewed here.
i)
Are they legal,
i.e. either permitted or enforceable?
ii)
Are they
desirable in policy?
iii)
Should they have
greater legal protection than they do?
iv)
Should they be
subject to greater legal controls than they are?
i)
Are they
legal, i.e. either permitted or enforceable?
To some extent the question “Are TPMs legal?”
is the equivalent of asking “Is
DRM legal?” The answer is
fairly clearly Yes. Creators or owners
of works in which they hold copyright are not required to publish the works at
all, and they can decide how – in what medium, to what extent, in what places –
they can publish them. To the extent
that TPMs allow the content owners to control the market for the works, they
are not stepping out of the traditional sphere of copyright.
However, the power to
control copyrighted works is not absolute.
Users or readers or purchasers of such works have some power to use them
even without the consent of the owners.
The Copyright Act contemplated non-infringing, non-consensual
uses in educational institutions, and for fair dealing (criticism, private
study), and other activities. The
Supreme Court of Canada has said that the law of copyright is a balance between
the need to protect creators of works and ensure that they have a possibility
of earning a return for their efforts and investments, on the one hand, and the
need of some users for some purposes to use the work whether or not the
creators or owners agree.[6]
TPMs are often designed
to be absolute: they may allow no copying without payment, or no distribution,
or no extracting. It is hard to program
in the kinds of flexible limits that the law of copyright traditionally
recognizes, and content owners may have little incentive to try. It suits their purposes to extend their
powers as widely as possible.
Under present law, this
seems to be legally proper. Owners are
not obliged to restrict the scope of their TPMs. As one advocate of TPMs says, what are described as users’ “rights”
are in fact only defences to charges of infringement. If the technology does not present an opportunity for such uses,
then there is no need for the defences, but nothing has been lost.[7]
Further, content owners often try by contract
to assert the full scope of protection that the TPMs effect. As Mr. Sookman says, users who wish to have
access to the works may agree that they have access only on the terms on which
the owners choose to make them available, and if the agreement does not include
any educational or fair dealing rights, that is a matter of choice between the parties.[8]
This is inherent in the nature of a
licence. A licence sets out the terms
on which someone can use another’s property without violating the owner’s
rights. A licence is a defence against
a claim of infringement. Thus the
limits of copyright may be shifted in a licence from what they might be by
statute in the absence of the licence.[9]
ii)
Are they
desirable in policy?
A number of people have expressed their concern
that the balance of rights between content owners and content users – held the
key to copyright policy by the Supreme Court – has been changed by TPMs. The social values of promoting education, or
of freedom of expression, are said to be at risk when content owners can decide
through their technology to deprive users of these rights. If the only way to access the work is on the
terms of the owner, then the non-infringing uses provided by law are taken
away. The only balance is that designed
by the content owners and expressed in the TPMs.
A study done for Heritage Canada (but expressing
only the views of its authors) concluded that TPMs presented a clear threat to
accepted activities by users.[10]
Consequently, the advent of TPMs and DRMs has
the potential to upset copyright law’s delicate balance between the private
rights of copyright holders and the public interest in the ability to use the
works subject to copyright. The resultant transfer of control from public to
private would also have potentially serious implications for public access to
information, consume privacy and freedom of expression.[11]
Furthermore, some TPMs work by verifying that
the equipment used to view or use the works is properly authorized to do so, or
that the software on a computer is properly licenced. “Trusted computing” systems[12]
– so-called because the owner of the content can trust them to serve the
owner’s purpose, though they are allegedly more secure against outside
unauthorized attacks as well – review what is being run on the computer against
a list of what is acceptable or not for that computer. Some versions “call home” to report on the
hardware and software being used, and to ensure that no unlicensed programs are
running, or any programs that might allow the use of unlicensed works. Others may check from time to time to see
that the licence to use the works is still in force.[13]
Information about the state of an individual’s
computer appears to be personal information within the meaning of Canadian
privacy statutes, or information that can be linked in other ways to the
individuals involved. Thus the
computers are sending to content owners personal information about the users of
the copyrighted material. Is this
desirable? Does it make a difference if the user consented to this collection
of information, perhaps in a click-through contract with many provisions? Does it make a difference what the owner
does with the information, given that the statutes impose separate limits on
collection, use and disclosure of personal data? Three Canadian privacy commissioners and a number of privacy
advocates and organizations have recently written to the Ministers of Heritage
and Industry to urge that any laws about digital rights management and
technical protection measures consider their impact on personal privacy rights.[14]
The most notorious case of a TPM to date was
the “Sony rootkit” affair of late 2005.[15] In Professor deBeer’s words,
At least 22 million Sony BMG music CDs included
software that was designed to control consumers’ uses of music, but which in
fact installed on their computers a program that interfered with normal system
operations, caused serious security vulnerabilities, was practically impossible
to uninstall and surreptitiously transmitted information about users’ computers
and listening activities.[16]
This was generally acknowledged to have gone
beyond both the acceptable policy and the legal limits of TPMs. A number of class actions were begun in the
US and in Canada against Sony BMG. Most
were quickly settled by Sony, probably because the company did not want
drawn-out discussion in court of just what it had done. The main U.S. settlement required Sony “to
provide updates and uninstallers, to place a two-year moratorium on the use of
[at least one of the TPMs in question], to obtain third-party verification of
its privacy practices and to promise independent testing of DRM technologies in
the future.”[17]
Professor deBeer points
to potential liabilities for Sony BMG in the law of competition, consumer
protection, privacy, trespass to chattels (if such a cause of action exists in
Canada), negligence, conspiracy and deceit, and contract. His view was that the Canadian class actions
would probably be settled on similar terms to those in the U.S.
One of the problems in
this area is knowing just what particular TPMs are in fact doing. Most are not as all-embracing as the Sony
rootkit, but they do not reveal themselves in all their detail to the general
user, no doubt in part because their makers do not want the general user to
disable them.
iii)
Should
they have greater legal protection than they do?
TPMs are usually a kind of software, though in
some cases they are built into computers or other electronic devices, like DVD
players. Software is simply a set of
instructions to a digital device. Instructions can be altered by other
instructions. They may even be
deleted. Thus TPMs are to some extent
vulnerable to counter-measures by those who do not like the restrictions that
the TPMs place on use of the copyrighted works. For example, a TPM intended to make it difficult to copy a CD
could be avoided by simply pressing the Shift key when the disk was playing.[18] Another could be made ineffective by tracing
a line with a marker around the edge of the disk. Likewise, a program for defeating CSS for movies, known as deCSS,
has been very widely available.
Naturally, the copyright and content owners are
not pleased with these methods of circumvention of TPMs, since circumvention
threatens the success of their DRM – and possibly of their ability to make a
serious return on their creation or their investments. Besides making the TPMs technically harder
to beat, they have sought legal remedies, notably to make circumvention
illegal. As the home of a large
proportion of copyrighted works of interest to the global market, partly from
merit and partly from aggressive promotion, the United States has led the world
in promoting such legal protections for TPMs.
The current world standard for legal protection
is found in the World Intellectual Property Organization (WIPO) treaties of
1996. WIPO adopted two treaties, the
Copyright Treaty and the Performances and Phonograms Treaty.[19] The treaties have essentially the same
language about TPMs:[20]
Contracting Parties shall provide adequate
legal protection and effective legal remedies against the circumvention of effective
technological measures that are used by authors in connection with the exercise
of their rights under this Treaty or the Berne Convention and that restrict
acts, in respect of their works, which are not authorized by the authors
concerned or permitted by law.
Canada signed the WIPO
treaties in 1997, but unlike many other countries, it has not yet ratified
them.[21] Ratification has been under study in Ottawa
for some years. One of the knottiest
issues is the obligation to protect TPMs from circumvention. It appears fairly clear that the general law
in its present form will not give “effective legal remedies” for circumvention
as such – whether or not it gives effective remedies for infringement of
copyright. The main source of law to
that end would be contract between the providers of the protected works and the
end user. Besides the difficulty in enforcing the contract, or knowing whether
it had been breached, it is possible that many people could find their way to
the TPMs who were not bound by any contract.
The copyright owners’
model for statutory protection of TPMs is the US statute called the Digital
Millennium Copyright Act.[22] The DMCA bans circumvention of protection
measures, whatever the purpose of the circumvention. Equally important, it bans any publication of methods of
circumvention, not just the act of circumvention. (The Act provides a list of exceptions from the ban on
circumvention, including security testing, reverse engineering of software,
encryption research and law enforcement.)
Thus lawsuits have been brought under the DMCA against a magazine that
published the DeCSS code or even a link to a site with that code, though the
magazine did not itself invent DeCSS or use it.[23] It is fair to say that the DMCA has been
used aggressively in the US to pursue those who would circumvent TPMs.
A number of cases under
the DMCA have caused considerable nervousness about the drafting and the scope
of the statute.[24] Some of them involve the use of the Act to
fight competitors. For example, Lexmark, the maker of printers, sued a
competitor who was selling substitute printer cartridges, on the ground that
the link between the printer and the cartridge depended on a software handshake
protected by a TPM, and the competitor had circumvented the TPM in order to
make its cartridges work on Lexmark printers.
Ultimately Lexmark lost on appeal, but the competitor was kept off the
market for nearly two years by the litigation.[25] The Electronic Frontier Foundation report
gives a dozen other examples of suits or threats of suit based on the DMCA.[26] The Cato Institute report says “there is
every reason to expect more frivolous lawsuits in the future.”[27]
In several of them, it would appear that businesses are trying to achieve by
copyright litigation what they have not been able to protect by patent.
Another line of cases
concerns the attack on free speech. The best-known is probably that of
Professor Edward Felten, who was threatened with a DMCA suit when he prepared
to publish his method for breaking a security code, a method he had developed
in response to a contest launched by the creators of the code.[28] Professor Felten later sued the Recording
Industry Association of America to assert his rights to publish.[29] Again, the Electronic Frontier Foundation
article lists 18 instances of the use or threat of the DMCA to quell criticism
or research.[30]
Mr. Sookman claims that
any new legislation has a breaking-in period where its interpretation has to be
tested in the courts, and the results in these cases show that the DMCA is
being limited to true cases of piracy.[31] The Electronic Frontier Foundation report
may leave one less sanguine. Many
potential critics will not risk litigation, rather than run test cases through
to an appeal court to get the “right” answer.
Others are concerned
that the DMCA makes circumvention of TPMs and publication of circumvention
techniques a criminal offence. The WIPO
treaties do not require criminal rather than civil enforceability. This is particularly worrisome for critics
when issues of fair dealing and freedom of expression are at stake.[32]
In 2005, the then
government of Canada introduced a statute to amend the Copyright Act, Bill
C-60, intending to lay the foundation for Canadian ratification of the WIPO
treaties. It had a much more limited
protection for TPMs and methods to circumvent them. In particular, it prohibited circumvention only when the result
was to violate copyright, or put another way, it allowed circumvention in order
to exercise permitted uses of the copyrighted material.[33]
A
number of people thought that this approach had a lot of merit, focusing as it
did on intention to do something illicit.
After all, the WIPO articles required legal protection for TPMs that
restricted acts not authorized by the authors of the work “or [not] permitted
by law”. Where the TPMs were used that
restrict acts permitted by law, the WIPO treaties do not require an effective
legal “remedy” against their circumvention.
Likewise, the WIPO treaties do not expressly
require a ban on publishing or distributing circumvention methods, as distinct
from prohibiting the circumvention itself. However, this distinction may be
hard to draw persuasively. The treaties
require “adequate legal protection” and “effective legal remedies”. How adequate or effective is a ban on
circumvention if the methods of circumventing circulate freely? Most people cannot figure out how to get
around a TPM. However, it takes only
one smart analyst to figure it out, and then publish the method to the web, for
word to circulate widely. Programs and
workarounds and hacks are child’s play to transmit.
But how to balance the limits on protection
contemplated by the treaties, with the apparent need to cast a broad net to be
effective at all?
Barry Sookman published a very skeptical
analysis of the adequacy of Bill C-60 in early 2006.[34] He thinks that a much stronger protection is
needed, including aspects not included in the Bill, such as protection for TPMs
effecting an access control, and a publication ban. An economic analysis presented at the same session by Michael
Einhorn agreed.[35] But Dr. Einhorn’s answer to a concern that
works that are or that fall into the public domain may be inaccessible because
of enduring TPMs is that “it is possible to allow an exemption from
anti-circumvention protection for any person who cracks protection in order to
access a public work.”[36] If methods of circumvention are not
publishable, then this is small comfort to the vast majority of potential
readers. In any event, this is an
intention-based exemption of the kind provided by Bill C-60, roundly criticized
by Mr. Sookman. It suggests that there
needs to be some flexibility somewhere.
It is not clear that the American exemptions are satisfactory.
It
should be noted in this context that Canada already has some laws against
circumvention of TPMs, in the satellite communications area. The Radiocommunications Act prohibits
decoding an encrypted communication signal without authority, receiving such a
decoded signal or rebroadcasting it.[37]
iv)
Should
they be subject to greater legal controls than they are?
The concerns about the measures to protect the
protection, and the uses made in some cases of the protections themselves, have
led to suggestions that we need protection from TPMs rather than for them.[38] An all-party committee (the “All Party
Internet Group”) of the United Kingdom Parliament has been holding an inquiry
into digital rights management, which is due to report in June 2006.[39] It heard a similar range of concerns,
including some that advocated legal limits to the uses of TPMs, or at least
legal guarantees that some workarounds would be permitted. “Policy makers must now carefully consider
putting consumers’ legitimate interests on a more robust legislative, and
positive footing.”[40]
What would this legislation consist of? It could be included in limits to statutory
protection, as there are in the DMCA, so that Bill C-60’s successor could be
considered a start, or even an end. If
the Copyright Act were to have stronger protections, then perhaps
stronger offsetting exceptions would be needed as well. The Organization for Economic Cooperation
and Development (OECD) has recently published a report on “Disclosure Issues Related
to the Use of Copy Control and Digital Rights Management Technologies”.[41]
Governments should take action to prevent
failures to disclose information concerning CCT [copy control technology] and
DRM technology (i) that deceive consumers, or (ii) that are otherwise likely to
cause substantial injury that consumers cannot reasonably avoid and that is not
offset by benefits to consumers or competition.[42]
The final words about offsetting benefits leave
open some room for debate, since it is arguable – by Dr Einhorn for example[43]
- that consumers benefit enormously from the market freedoms and digital rights
management techniques that are enabled by TPMs. However, it may be hard to measure the benefits in a way that
would offset not just deceit but “substantial injury”. The Sony rootkit comes to mind.
Besides mandating disclosure, what would such
legislation say? Could one prohibit the sale or distribution of digital works
with certain kinds of TPMs, and could we describe that class with
certainty? Would it be an offence to
distribute them, or would the remedy be that legal protections for them would
be unenforceable?
It might be argued as well that common law
remedies – or remedies under other statutes, like the consumer protection acts
or the Competition Act, would suffice.[44] The class actions against Sony BMG for its
rootkit TPM did not rely on the Copyright Act. Freedom of expression has other legal protections.
This being Canada, one has to ask about such
legislation whether it would be federal or provincial! Copyright is of course a federal
responsibility, and Bill C-60 was a federal statute to amend that Act. However, to the extent that DRM aims at
market divisions and pricing strategies, and the exchange of personal
information, and the distribution of products, even if intangible, then there
is at least an issue whether provincial competence is invoked. The Constitution Act does not mention
“para-copyright”.
Is it to protect copyright that movie makers
insert regional codes on DVDs, and insist that measures to remove the codes or
ignore them contravene the DMCA? Is it
not rather to protect marketing strategies, to allow for differential pricing
or differential release dates? When does the management of digital rights go
beyond protection from infringement into protection of marketing strategies?
The strategies may be perfectly legitimate, but how much power of law must our
legislatures give them? And when does
it stop being copyright, if ever?[45] If the nature of copyright is to allow a
division and subdivision of rights, with different versions of works destined
for different markets on different terms, then any marketing strategy, digital
or otherwise, may be part of copyright.
Protecting the ability to make such subdivisions of publication (or
performance, or accessing) of the work must arguably be seen as a protection
against infringement of copyright.
To some extent the federal-or-provincial
question becomes one of deciding who participates in the policy
discussions. Should provincial
attorneys general or consumer ministers be involved, or is it a matter for
content owners and consumers (including large “consumers” like educational
institutions) to carry on in Ottawa only?
So far, the latter has been the default choice.
The debate about the
legal status of technical protection measures raises fundamental questions
about copyright law, contract law, and public policy. Is copyright law evolving from a sole focus on creators’ and
publishers’ rights to a balance with users’ interests? Do users’ interests amount to rights in law,
or are they only descriptions of defences to infringement? Are they infinitely waivable by contract?
The debate here is
about indirect enforcement of copyright.
The discussion is not about infringement; that remains prohibited and
actionable. There have been successes
in direct actions, both in Canada and in the United States.[46]
How does one balance
the clear need for some TPMs to protect works in the digital age against the
values of research, freedom of expression, accessible education? The market can serve the latter values, but
there is no guarantee that it will. Is
it the possibility of infringement that impels owners to come to arrangements
with users who assert such values, or is it mere (but powerful and legitimate)
economics?
To what extent are
legal protections called for as a way simply to slow down the progress of
technology so the content owners can catch up?
Digital distribution of works by or on behalf of owners has proved very
lucrative in the past few years, after several years of concern about losses to
pirates or file-sharers (who may or may not be the same). Is the success of iTunes and its many
competitors due to better legal protection of TPMs, or better TPMs, or just their
arrival on the market to offer what only the informal market offered a few
years ago?
Some of the answer may
depend on one’s assumptions. Barry
Sookman says that “the evidence is overwhelming that only a small portion of
downloading does not involve infringement or illegal activity.”[47] Those who want to limit legal protection of
TPMs are more favourably disposed to the motives of those who aim to use the
works. The Electronic Frontier
Foundation says that many of the people harmed by the DMCA were not
pirates. “It is hard to see why a competitor
should have to solve [the content owner’s] piracy problem before it can offer
legitimate products for legitimate owners of [the owner’s] games.”[48]
This is part of the
debate, then. Mr. Sookman’s slides
refer frequently to “unfair” appropriation of owners’ rights.[49] He writes of the Streambox case[50]
as involving the ability of users of Streambox’s device to “make and
redistribute digital copies” of RealNetwork’s programs.[51] The Electronic Frontier Foundation
characterizes Streambox’s device as a method of “time-shifting streaming media”[52],
presumably by innocent watchers.
So who is innocent, and
who is opening floodgates to piracy? Given the vulnerability of any TPM to
ultimate deciphering and circumvention, should the law try to help the owners
develop what many call “speedbumps” against infringement, or in favour of
DRM? Is it cavalier to separate the
value of digital marketing strategies from the prevention of infringement, and
say as the Electronic Frontier Foundation does that the owners should not try
to solve their piracy problems with laws that (also? primarily?) protect
marketing strategies? Is the
distinction in the world of copyright so clear?
Does it depend on a
balance of convenience? Is there more
benefit in protecting owners’ rights through legally secure TPMs than is lost
by restricting users who can after all bargain for licences – and in a
competitive market, who is to say for sure that they will not get affordable
access to what they want – or who can type out passages of works to cite for
criticism, if they cannot copy them digitally?[53] Or should the law let the owners invent
their technologies and rely on them as best they can, without “taking
sides”? We already have law, and it
finds a public benefit in protecting owners’ rights, though balanced in some
way with users’ interests (or rights).
Is legally protecting TPMs a logical and necessary extension to the
existing policy, or is it aiding and abetting an unjustified extension of the owners’
rights at the expense of the users?
This paper stops
here. Readers may answer the questions
– and tell the government![54]
* General Counsel, Policy Division, Ministry of the Attorney General (Ontario). The views in this article do not necessarily reflect those of the Ministry.
[1] The leading case in Canada on this is BMG v Doe, 2005 FCA 193, online: http://decisions.fca-caf.gc.ca/fca/2005/2005fca193.shtml, though its meaning is disputed. A quasi-litigious way of protecting copyright is the “notice-and-takedown” method, which involves giving notice to a web publisher of a work in which the notice-giver claims rights and threatening to sue for infringement unless the work is taken down. There is some legal power behind such notices here. In the United States, their use is sanctioned by the Digital Millennium Copyright Act (DMCA), and they are consequently very widely used.
[2] Particularly in “End-user licence agreements” (EULAs) imposed on the ultimate user of the copyrighted work, rather than on intermediate distributors or even the owner of the computer on which the work may be run (though it is not always possible to know who of several users of a computer is using the work and thus who is the licensee.)
[3] See for example M. Geist, “Piercing the peer-to-peer myth: an examination of the Canadian experience” in First Monday, April 2005, online: http://firstmonday.org/issues/issue10_4/geist/
[4] Interestingly, the general use of CSS can prevent movies downloaded directly from websites, even licitly, from being copied to CDs for playing on people’s TVs rather than on their computers. The DVD players will not play them. The frontier of adapting to this appears to be the pornography industry: G.Gentile, “Porn maker allows downloads for TV viewing”, Silicon Valley.com, May 14, 2006, online: http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14579823.htm. In other words, DRM is running into problems because of TPMs created for earlier rights management systems
[5] RealNetworks, Inc. v. Streambox, Inc., 2000 WL 127311 (W.D.Wash. 2000)
[6] See for example Théberge v Galérie d’Art du Petit Champlain Inc.,
[2002] S.C.R. 336.
[7] B. Sookman, “’TPMS’: A Perfect Storm for Consumers: Replies to Professor Geist”, (2005), 4 C.J.L.T. No. 1 p. 23, online: http://cjlt.dal.ca/vol4_no1/pdfarticles/sookman.pdf.
[8] Ibid. p. 34.
[9] The role of contract in this field is largely beyond the scope of this paper. However, it might be noted that some US courts have upheld a contractual (licence-based) restriction on doing something that would be acceptable under copyright law in the absence of a licence. See Bowers v Baystate Technologies, Inc., 65 U.S.P.Q. 2d 1746 (Fed. Cir. 2003); Frontline Test Equipment Inc. v. Greenleaf Software, Inc., 10 F. Supp. 2d 583 (W.D.Va. 1998). The Australian government found the enforceability of such agreements “unsettled” in Australian law, but recommended limiting the ability to amend user rights in copyright by contract, in some circumstances. See the Copyright Content Review Committee’s report (2004), online: http://www.ag.gov.au/www/clrHome.nsf/AllDocs/5EC397B374406C04CA256C4F0006F070?OpenDocument
[10] I. Kerr, A. Maurushat, C. Tacit, “Technical Protection Measures: Part I – Trends in Technical Protection Measures and Circumvention Technologies; Part II – the Legal Protection of TPMs”, (2003), online: http://www.pch.gc.ca/progs/ac-ca/progs/pda-cpb/pubs/protection/protection_e.pdf (Part I) and http://www.pch.gc.ca/progs/ac-ca/progs/pda-cpb/pubs/protectionII/protection_e.pdf (Part II).
[11] Ibid, Part II, p. 3.
[12] See the Wikipedia definition at http://en.wikipedia.org/wiki/Trusted_Computing.
[13] Grant Robertson, “MTV enters on-line music fray”, Globe and Mail, May 16, 2006, p. B4.
[14] See the letters of May 17, 2006, and background papers online: http://www.intellectualprivacy.ca.
[15] For a detailed look at the technical and legal aspects, see J. deBeer, “How Restrictive Terms and TechNologies Backfired on Sony BMG Music”, in (2006-06), 6 Internet & E-Commerce Law in Canada 93 and (2006-07) 7 I.E.C.L.C. 1. It was called a “rootkit” because it installed itself in the “root directory” of the user’s computer, where it was very hard to detect and from which it was very hard to remove without serious damage to the operating system.
[16] Ibid., 6 I.E.C.L.C. 93 (Internet and E-Commerce Law in Canada, Lexis-Nexis).
[17] Ibid., 7 I.E.C.L.C. 2.
[18] Katie Dean, “Shift-Key Case Rouses DMCA Foes”, Wired, October 12, 2003, online: http://www.wired.com/news/digiwood/0,1412,60780,00.html.
[19] Both WIPO treaties can be found at http://www.wipo.int/treaties/en/ - as “WCT” and “WPPT” in the IP section.
[20] Article 11 of the Copyright Treaty. Article 18 of the Performances and Phonograms Treaty is the same but replaces “authors” with “performers or producers of phonograms” and “works” with “performances or phonograms”, and does not refer to the Berne Convention.
[21] As a matter of international law, signing a treaty does not require a country to ratify it, just to give serious consideration to ratifying.
[22] 17 United States Code. The TPM protection chapter 12 is online: http://www.copyright.gov/title17/chapter12.pdf. The DMCA and of course copyright legislation generally protects copyrights in a number of ways not related to TPMs as well.
[23] Universal Studios v Remeirdes, 111 F. Supp. 2d 294 (S.D.N.Y. 2000) aff’d sub nom. Universal Studios v Corley, 273 F. 3d 429 (2d circ. 2001).
[24] Electronic Frontier Foundation, Unintended Consequences: Seven Years under the DMCA, April 2006, online: http://www.eff.org/IP/DMCA/f=unintended_consequences.html. For an economic efficiency concern, see T.B.Lee, “Circumventing Competition: The Perverse Consequences of the Digital Millennium Copyright Act”, Cato Institute, March 21, 2006, online: http://cato.org/pub_display.php?pub_id=6025.
[25] Lexmark v Static Control Components, 387 F.3d. 522 (6th circ. 2004)
[26] Electronic Frontier Foundation, above note 24, section 2.
[27] Lee, above note 24, p. 17.
[28] The letter to Professor Felten is online: http://www.eff.org/IP/DMCA/Felten_v_RIAA/20010409_riaa_sdmi_letter.html.
[29] Felten v RIAA, in the Electronic Frontier Foundation archive, http://www.eff.org/IP/DMCA/Felten_v_RIAA/ .
[30] Electronic Frontier Foundation, above note 24, section 3.
[31] Sookman, above note 7, p. 37-38. It might be noted that the appeal court in the Chamberlain case, involving garage door openers, said in obiter that if there has been a contract not to use a competing device, as well as the DMCA claim, that might have been effective to bar the use of the competing opener, while the DMCA alone was not. Chamberlain Group v Skymark Technologies, 381 F. 3d 1178 (Fed. Cir. 2004)
[32] Lee, above note 24, p. 18, noting that the owner of the copyrighted work cannot be prosecuted or jailed, whatever the merits of the dispute, only the user or publisher of the circumvention device.
[33] An Act to amend the Copyright Act, Bill C-60, section 27, adding s. 34.02 to the Act. The Bill died on the dissolution of Parliament in November 2005 and has not yet been reintroduced by the new government. Its text is still online: http://www.parl.gc.ca/38/1/parlbus/chambus/house/bills/government/C-60/C-60_1/C-60.html.
[34] Sookman, “Protection for Technical Protection Measures - What Should Canada Do?” a PDF presentation delivered at the Rotman School of Business, University of Toronto, March 3, 2006, online: http://www.mccarthy.ca/pubs/sookman_rotman.pdf.
[35] Michael A. Einhorn, “Canadian Quandary: Digital Rights Management, Access Protection, and Free Markets”, delivered at the Rotman School of Business, University of Toronto, March 3, 2006.
[36] Ibid. p. 38-39.
[37] R. S.C. 1985, c. R-2, online: http://laws.justice.gc.ca/en/r-2/text.html, paragraphs 9(1)(c – e). The provision was upheld in the Supreme Court of Canada in Bell ExpressVu Limited Partnership v Rex, 2002 SCC 42. A constitutional challenge based on freedom of expression was rejected in the Superior Court of Quebec in R. v. D’Argy, 2005 IIJCan 8977 (QC.SC), online: http://www.canlii.org/qc/jug/qccs/2005/2005qccs19052.html (in French). Leave to appeal has been granted.
[38] Michael Geist, “TPMs: A perfect storm for consumers”, Toronto Star (January 31, 2005), online: http://www.michaelgeist.ca/resc/html_bkup/jan312005.html. It was in response to this piece that Barry Sookman composed the article cited above at footnote 7.
[39] See http://www.apig.org.uk/current-activities/apig-inquiry-into-digital-rights-management.html.
[40] See for example the submission of the National Consumers Council, 6 January 2006, online: http://www.ncc.org.uk/intellectualproperty/digital_rights.pdf.
[41] OECD, DSTI/CP(2005)15/FINAL, April 18, 2006, online: http://www.oecd.org/dataoecd/47/31/36546422.pdf.
[42] Ibid, p.13.
[43] Above note 35, notably at pp. 12 – 14.
[44] See the list of possible causes of action listed by Professor deBeer, above at text accompanying note 17.
[45] On the provincial jurisdiction side, see Professor deBeer, “Constitutional Jurisdiction over Paracopyright Laws”, in Geist, ed., In the Public Interest, Ottawa 2005, online: http://209.171.61.222/PublicInterest/two_1_debeer.htm. On the federal side, see Barry Sookman, above note 34, slides 16 – 19.
[46] In the US, notably the MGM Studios Inc v Grokster, Ltd case in the Supreme Court – see http://www.copyright.gov/docs/mgm/index.html, but other operations have been closed down by law, notably Napster in an earlier incarnation. The Recording Industry Association of America has had a lot of settlements in its many suits against file sharers, for better or worse in the general battle against file sharing.
[47] Sookman, above note 7, p. 26.
[48] EFF, above note 24, text at note 51.
[49] Sookman, above note 34, slides 7, 8, 13 (“unauthorized copies”), slide 18 (“unauthorized exercise of their exclusive rights”).
[50] Above note 5.
[51] Sookman, above note 34, slide 30.
[52] EFF, above note 24, text at note 36.
[53] That does not work well if one wants to insert a video clip into a film review, however. Is that a huge loss, or a different kind of speed bump? The answer may depend on one’s view of creativity – or it may reside in arguments about the duration of copyright rather than its incidents while in force.
[54] And readers get to decide which government, federal or provincial.