The Legal Status of Technical Protection Measures
John D. Gregory*
IT.Can Spring Training, May 2006
The law of copyright gives many rights to the originator of works subject to it: to publish the work, to perform it, to adapt it, to translate it, and so on. Creators may take advantage of one or more of these rights over time. They also arrange to manage these rights, for example by direct contract with publishers or performers, or by participating in collectives to assert rights and to receive and distribute payments for their use.
In the digital age, creators engage in digital rights management, often known as DRM. While DRM has some of the attributes of traditional rights management, it offers challenges and opportunities of its own, because of the nature of digital works. These works, being expressed in electronic form as bits – compilations of ones and zeroes, can be reproduced readily, and subdivided, and distributed in a multiplicity of forms. In short, digital rights may be put out to many different markets in different forms for different prices.
Thus one finds musical works being marketed on tapes and compact disks, and by way of soundtrack to music videos, and by way of downloadable files distributed by Internet and subject to a multiplicity of rights – to save on one computer, to burn onto a CD, to send to another computer, to be played on a mobile player or streamed to another, and so on. Likewise movies are marketed in different digital forms in different parts of the world, with “regional codes” for six main regions. Movies too may now be downloaded directly onto home computers or played on mobile players. Texts may be produced for consultation on line or downloaded into electronic books.
The combination of rights that a holder chooses to make available depends on the estimate of the market – how can demand best be stimulated and satisfied? – and on the costs of production, ease of distribution, and other factors.
However, this choice is also influenced by the risks of making works available in digital form. The problem is that bits are readily copied, and the copies are perfect, bit for bit, and do not suffer the degradation of quality that limits particularly amateur copying of works on traditional media for commercial purposes. The electronic version of musical works has been subject to copying and distribution, especially by Internet, for some years, and more recently compression software and broadband connections have made such activities worthwhile for movies too. The risk of copying beyond the plans – and economic reach – of content owners has discouraged some owners from digital distribution entirely; the most famous example is probably Apple Corps, the owner of the music of The Beatles.
Creators and publishers have tried to reduce the risk in four main ways: by persuasion, through advertising in movies and in trailers on DVDs discouraging “piracy”’; by lawsuits brought by especially record manufacturers against those who download music files from the Internet; by contract, especially in license agreements that restrict what the user can do with the digital content; and by technical protection measures (TPMs) that attempt to reduce the likelihood or the value of someone using the work other than in a way contemplated by the DRM scheme for it. (For example, one may reduce the likelihood by making music or movies harder to copy; one may reduce the value by making it hard to play unauthorized copies on likely equipment.)
In addition, governments have provided a palliative, arguably a remedy, in the levy made on blank recording media such as tapes, CDs and MP3 players. Presuming that some of the copying media will be used to copy works under copyright, the levy is distributed to the owners of copyright through collectives. This system provides tens of millions of dollars a year to artists. Some people argue that its presence amounts to a recognition that copying for personal use is legal, and that it has prevented artists from losing significant amounts of money from such copying, even by file-sharing. On the other hand, the levy is imposed on those who use the copying media for non-copyrighted works – such as their own creations – and it is not imposed on all the media now used for copying, notably computer hard drives. So it may be imperfect, but it is not negligible in theory or in practice.
This note reviews the policy and the law applicable to TPMs: their current legal status and proposals to increase protection for them at law, and proposals as well to reduce protections or otherwise to control their use. It will look briefly at the use of contract to serve the same ends.
Essentially, TPMs aim to prevent works from being copied, displayed, performed or distributed except according to the conditions of the content owners, in other words, they serve to maintain the goals of DRM for the digital work. Not all TPMs aim at all of these goals, and not all DRM schemes seek to achieve all of them. Not all TPMs work in practice, either, but that is another (part of the) story.
Some TPMs are standard throughout the relevant industry. Movies are almost all encrypted through the Content Scrambling System (CSS) devised by a consortium of movie producers. Manufacturers of DVD players must licence the descrambling system from the consortium and comply with the terms of the licence. In this way the producers hope to ensure that descrambled movies cannot be played on what most people will have in their homes, so people will acquire movies properly distributed (with payment reaching the producers.) Likewise the regional coding of movies is widespread, so movies bought in one region of the world cannot readily be played in others. This allows for different market timing and pricing in different regions.
Some TPMs are proprietary. Apple Computers has its “Fairplay” system that allows iTunes to be played on iPods but not on other manufacturers’ machines. Video streaming systems are all proprietary and incompatible. RealNetworks sued a company that distributed a system to allow its streaming system to be played on other systems, i.e. to protect the exclusivity of its system.
The use of TPMs raises a number of legal and policy questions that will be reviewed here.
i) Are they legal, i.e. either permitted or enforceable?
ii) Are they desirable in policy?
iii) Should they have greater legal protection than they do?
iv) Should they be subject to greater legal controls than they are?
i) Are they legal, i.e. either permitted or enforceable?
To some extent the question “Are TPMs legal?” is the equivalent of asking “Is
DRM legal?” The answer is fairly clearly Yes. Creators or owners of works in which they hold copyright are not required to publish the works at all, and they can decide how – in what medium, to what extent, in what places – they can publish them. To the extent that TPMs allow the content owners to control the market for the works, they are not stepping out of the traditional sphere of copyright.
However, the power to control copyrighted works is not absolute. Users or readers or purchasers of such works have some power to use them even without the consent of the owners. The Copyright Act contemplated non-infringing, non-consensual uses in educational institutions, and for fair dealing (criticism, private study), and other activities. The Supreme Court of Canada has said that the law of copyright is a balance between the need to protect creators of works and ensure that they have a possibility of earning a return for their efforts and investments, on the one hand, and the need of some users for some purposes to use the work whether or not the creators or owners agree.
TPMs are often designed to be absolute: they may allow no copying without payment, or no distribution, or no extracting. It is hard to program in the kinds of flexible limits that the law of copyright traditionally recognizes, and content owners may have little incentive to try. It suits their purposes to extend their powers as widely as possible.
Under present law, this seems to be legally proper. Owners are not obliged to restrict the scope of their TPMs. As one advocate of TPMs says, what are described as users’ “rights” are in fact only defences to charges of infringement. If the technology does not present an opportunity for such uses, then there is no need for the defences, but nothing has been lost.
Further, content owners often try by contract to assert the full scope of protection that the TPMs effect. As Mr. Sookman says, users who wish to have access to the works may agree that they have access only on the terms on which the owners choose to make them available, and if the agreement does not include any educational or fair dealing rights, that is a matter of choice between the parties.
This is inherent in the nature of a licence. A licence sets out the terms on which someone can use another’s property without violating the owner’s rights. A licence is a defence against a claim of infringement. Thus the limits of copyright may be shifted in a licence from what they might be by statute in the absence of the licence.
ii) Are they desirable in policy?
A number of people have expressed their concern that the balance of rights between content owners and content users – held the key to copyright policy by the Supreme Court – has been changed by TPMs. The social values of promoting education, or of freedom of expression, are said to be at risk when content owners can decide through their technology to deprive users of these rights. If the only way to access the work is on the terms of the owner, then the non-infringing uses provided by law are taken away. The only balance is that designed by the content owners and expressed in the TPMs.
A study done for Heritage Canada (but expressing only the views of its authors) concluded that TPMs presented a clear threat to accepted activities by users.
Consequently, the advent of TPMs and DRMs has the potential to upset copyright law’s delicate balance between the private rights of copyright holders and the public interest in the ability to use the works subject to copyright. The resultant transfer of control from public to private would also have potentially serious implications for public access to information, consume privacy and freedom of expression.
Furthermore, some TPMs work by verifying that the equipment used to view or use the works is properly authorized to do so, or that the software on a computer is properly licenced. “Trusted computing” systems – so-called because the owner of the content can trust them to serve the owner’s purpose, though they are allegedly more secure against outside unauthorized attacks as well – review what is being run on the computer against a list of what is acceptable or not for that computer. Some versions “call home” to report on the hardware and software being used, and to ensure that no unlicensed programs are running, or any programs that might allow the use of unlicensed works. Others may check from time to time to see that the licence to use the works is still in force.
Information about the state of an individual’s computer appears to be personal information within the meaning of Canadian privacy statutes, or information that can be linked in other ways to the individuals involved. Thus the computers are sending to content owners personal information about the users of the copyrighted material. Is this desirable? Does it make a difference if the user consented to this collection of information, perhaps in a click-through contract with many provisions? Does it make a difference what the owner does with the information, given that the statutes impose separate limits on collection, use and disclosure of personal data? Three Canadian privacy commissioners and a number of privacy advocates and organizations have recently written to the Ministers of Heritage and Industry to urge that any laws about digital rights management and technical protection measures consider their impact on personal privacy rights.
The most notorious case of a TPM to date was the “Sony rootkit” affair of late 2005. In Professor deBeer’s words,
At least 22 million Sony BMG music CDs included software that was designed to control consumers’ uses of music, but which in fact installed on their computers a program that interfered with normal system operations, caused serious security vulnerabilities, was practically impossible to uninstall and surreptitiously transmitted information about users’ computers and listening activities.
This was generally acknowledged to have gone beyond both the acceptable policy and the legal limits of TPMs. A number of class actions were begun in the US and in Canada against Sony BMG. Most were quickly settled by Sony, probably because the company did not want drawn-out discussion in court of just what it had done. The main U.S. settlement required Sony “to provide updates and uninstallers, to place a two-year moratorium on the use of [at least one of the TPMs in question], to obtain third-party verification of its privacy practices and to promise independent testing of DRM technologies in the future.”
Professor deBeer points to potential liabilities for Sony BMG in the law of competition, consumer protection, privacy, trespass to chattels (if such a cause of action exists in Canada), negligence, conspiracy and deceit, and contract. His view was that the Canadian class actions would probably be settled on similar terms to those in the U.S.
One of the problems in this area is knowing just what particular TPMs are in fact doing. Most are not as all-embracing as the Sony rootkit, but they do not reveal themselves in all their detail to the general user, no doubt in part because their makers do not want the general user to disable them.
iii) Should they have greater legal protection than they do?
TPMs are usually a kind of software, though in some cases they are built into computers or other electronic devices, like DVD players. Software is simply a set of instructions to a digital device. Instructions can be altered by other instructions. They may even be deleted. Thus TPMs are to some extent vulnerable to counter-measures by those who do not like the restrictions that the TPMs place on use of the copyrighted works. For example, a TPM intended to make it difficult to copy a CD could be avoided by simply pressing the Shift key when the disk was playing. Another could be made ineffective by tracing a line with a marker around the edge of the disk. Likewise, a program for defeating CSS for movies, known as deCSS, has been very widely available.
Naturally, the copyright and content owners are not pleased with these methods of circumvention of TPMs, since circumvention threatens the success of their DRM – and possibly of their ability to make a serious return on their creation or their investments. Besides making the TPMs technically harder to beat, they have sought legal remedies, notably to make circumvention illegal. As the home of a large proportion of copyrighted works of interest to the global market, partly from merit and partly from aggressive promotion, the United States has led the world in promoting such legal protections for TPMs.
The current world standard for legal protection is found in the World Intellectual Property Organization (WIPO) treaties of 1996. WIPO adopted two treaties, the Copyright Treaty and the Performances and Phonograms Treaty. The treaties have essentially the same language about TPMs:
Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention and that restrict acts, in respect of their works, which are not authorized by the authors concerned or permitted by law.
Canada signed the WIPO treaties in 1997, but unlike many other countries, it has not yet ratified them. Ratification has been under study in Ottawa for some years. One of the knottiest issues is the obligation to protect TPMs from circumvention. It appears fairly clear that the general law in its present form will not give “effective legal remedies” for circumvention as such – whether or not it gives effective remedies for infringement of copyright. The main source of law to that end would be contract between the providers of the protected works and the end user. Besides the difficulty in enforcing the contract, or knowing whether it had been breached, it is possible that many people could find their way to the TPMs who were not bound by any contract.
The copyright owners’ model for statutory protection of TPMs is the US statute called the Digital Millennium Copyright Act. The DMCA bans circumvention of protection measures, whatever the purpose of the circumvention. Equally important, it bans any publication of methods of circumvention, not just the act of circumvention. (The Act provides a list of exceptions from the ban on circumvention, including security testing, reverse engineering of software, encryption research and law enforcement.) Thus lawsuits have been brought under the DMCA against a magazine that published the DeCSS code or even a link to a site with that code, though the magazine did not itself invent DeCSS or use it. It is fair to say that the DMCA has been used aggressively in the US to pursue those who would circumvent TPMs.
A number of cases under the DMCA have caused considerable nervousness about the drafting and the scope of the statute. Some of them involve the use of the Act to fight competitors. For example, Lexmark, the maker of printers, sued a competitor who was selling substitute printer cartridges, on the ground that the link between the printer and the cartridge depended on a software handshake protected by a TPM, and the competitor had circumvented the TPM in order to make its cartridges work on Lexmark printers. Ultimately Lexmark lost on appeal, but the competitor was kept off the market for nearly two years by the litigation. The Electronic Frontier Foundation report gives a dozen other examples of suits or threats of suit based on the DMCA. The Cato Institute report says “there is every reason to expect more frivolous lawsuits in the future.” In several of them, it would appear that businesses are trying to achieve by copyright litigation what they have not been able to protect by patent.
Another line of cases concerns the attack on free speech. The best-known is probably that of Professor Edward Felten, who was threatened with a DMCA suit when he prepared to publish his method for breaking a security code, a method he had developed in response to a contest launched by the creators of the code. Professor Felten later sued the Recording Industry Association of America to assert his rights to publish. Again, the Electronic Frontier Foundation article lists 18 instances of the use or threat of the DMCA to quell criticism or research.
Mr. Sookman claims that any new legislation has a breaking-in period where its interpretation has to be tested in the courts, and the results in these cases show that the DMCA is being limited to true cases of piracy. The Electronic Frontier Foundation report may leave one less sanguine. Many potential critics will not risk litigation, rather than run test cases through to an appeal court to get the “right” answer.
Others are concerned that the DMCA makes circumvention of TPMs and publication of circumvention techniques a criminal offence. The WIPO treaties do not require criminal rather than civil enforceability. This is particularly worrisome for critics when issues of fair dealing and freedom of expression are at stake.
In 2005, the then government of Canada introduced a statute to amend the Copyright Act, Bill C-60, intending to lay the foundation for Canadian ratification of the WIPO treaties. It had a much more limited protection for TPMs and methods to circumvent them. In particular, it prohibited circumvention only when the result was to violate copyright, or put another way, it allowed circumvention in order to exercise permitted uses of the copyrighted material.
A number of people thought that this approach had a lot of merit, focusing as it did on intention to do something illicit. After all, the WIPO articles required legal protection for TPMs that restricted acts not authorized by the authors of the work “or [not] permitted by law”. Where the TPMs were used that restrict acts permitted by law, the WIPO treaties do not require an effective legal “remedy” against their circumvention.
Likewise, the WIPO treaties do not expressly require a ban on publishing or distributing circumvention methods, as distinct from prohibiting the circumvention itself. However, this distinction may be hard to draw persuasively. The treaties require “adequate legal protection” and “effective legal remedies”. How adequate or effective is a ban on circumvention if the methods of circumventing circulate freely? Most people cannot figure out how to get around a TPM. However, it takes only one smart analyst to figure it out, and then publish the method to the web, for word to circulate widely. Programs and workarounds and hacks are child’s play to transmit.
But how to balance the limits on protection contemplated by the treaties, with the apparent need to cast a broad net to be effective at all?
Barry Sookman published a very skeptical analysis of the adequacy of Bill C-60 in early 2006. He thinks that a much stronger protection is needed, including aspects not included in the Bill, such as protection for TPMs effecting an access control, and a publication ban. An economic analysis presented at the same session by Michael Einhorn agreed. But Dr. Einhorn’s answer to a concern that works that are or that fall into the public domain may be inaccessible because of enduring TPMs is that “it is possible to allow an exemption from anti-circumvention protection for any person who cracks protection in order to access a public work.” If methods of circumvention are not publishable, then this is small comfort to the vast majority of potential readers. In any event, this is an intention-based exemption of the kind provided by Bill C-60, roundly criticized by Mr. Sookman. It suggests that there needs to be some flexibility somewhere. It is not clear that the American exemptions are satisfactory.
It should be noted in this context that Canada already has some laws against circumvention of TPMs, in the satellite communications area. The Radiocommunications Act prohibits decoding an encrypted communication signal without authority, receiving such a decoded signal or rebroadcasting it.
iv) Should they be subject to greater legal controls than they are?
The concerns about the measures to protect the protection, and the uses made in some cases of the protections themselves, have led to suggestions that we need protection from TPMs rather than for them. An all-party committee (the “All Party Internet Group”) of the United Kingdom Parliament has been holding an inquiry into digital rights management, which is due to report in June 2006. It heard a similar range of concerns, including some that advocated legal limits to the uses of TPMs, or at least legal guarantees that some workarounds would be permitted. “Policy makers must now carefully consider putting consumers’ legitimate interests on a more robust legislative, and positive footing.”
What would this legislation consist of? It could be included in limits to statutory protection, as there are in the DMCA, so that Bill C-60’s successor could be considered a start, or even an end. If the Copyright Act were to have stronger protections, then perhaps stronger offsetting exceptions would be needed as well. The Organization for Economic Cooperation and Development (OECD) has recently published a report on “Disclosure Issues Related to the Use of Copy Control and Digital Rights Management Technologies”.
Governments should take action to prevent failures to disclose information concerning CCT [copy control technology] and DRM technology (i) that deceive consumers, or (ii) that are otherwise likely to cause substantial injury that consumers cannot reasonably avoid and that is not offset by benefits to consumers or competition.
The final words about offsetting benefits leave open some room for debate, since it is arguable – by Dr Einhorn for example - that consumers benefit enormously from the market freedoms and digital rights management techniques that are enabled by TPMs. However, it may be hard to measure the benefits in a way that would offset not just deceit but “substantial injury”. The Sony rootkit comes to mind.
Besides mandating disclosure, what would such legislation say? Could one prohibit the sale or distribution of digital works with certain kinds of TPMs, and could we describe that class with certainty? Would it be an offence to distribute them, or would the remedy be that legal protections for them would be unenforceable?
It might be argued as well that common law remedies – or remedies under other statutes, like the consumer protection acts or the Competition Act, would suffice. The class actions against Sony BMG for its rootkit TPM did not rely on the Copyright Act. Freedom of expression has other legal protections.
This being Canada, one has to ask about such legislation whether it would be federal or provincial! Copyright is of course a federal responsibility, and Bill C-60 was a federal statute to amend that Act. However, to the extent that DRM aims at market divisions and pricing strategies, and the exchange of personal information, and the distribution of products, even if intangible, then there is at least an issue whether provincial competence is invoked. The Constitution Act does not mention “para-copyright”.
Is it to protect copyright that movie makers insert regional codes on DVDs, and insist that measures to remove the codes or ignore them contravene the DMCA? Is it not rather to protect marketing strategies, to allow for differential pricing or differential release dates? When does the management of digital rights go beyond protection from infringement into protection of marketing strategies? The strategies may be perfectly legitimate, but how much power of law must our legislatures give them? And when does it stop being copyright, if ever? If the nature of copyright is to allow a division and subdivision of rights, with different versions of works destined for different markets on different terms, then any marketing strategy, digital or otherwise, may be part of copyright. Protecting the ability to make such subdivisions of publication (or performance, or accessing) of the work must arguably be seen as a protection against infringement of copyright.
To some extent the federal-or-provincial question becomes one of deciding who participates in the policy discussions. Should provincial attorneys general or consumer ministers be involved, or is it a matter for content owners and consumers (including large “consumers” like educational institutions) to carry on in Ottawa only? So far, the latter has been the default choice.
The debate about the legal status of technical protection measures raises fundamental questions about copyright law, contract law, and public policy. Is copyright law evolving from a sole focus on creators’ and publishers’ rights to a balance with users’ interests? Do users’ interests amount to rights in law, or are they only descriptions of defences to infringement? Are they infinitely waivable by contract?
The debate here is about indirect enforcement of copyright. The discussion is not about infringement; that remains prohibited and actionable. There have been successes in direct actions, both in Canada and in the United States.
How does one balance the clear need for some TPMs to protect works in the digital age against the values of research, freedom of expression, accessible education? The market can serve the latter values, but there is no guarantee that it will. Is it the possibility of infringement that impels owners to come to arrangements with users who assert such values, or is it mere (but powerful and legitimate) economics?
To what extent are legal protections called for as a way simply to slow down the progress of technology so the content owners can catch up? Digital distribution of works by or on behalf of owners has proved very lucrative in the past few years, after several years of concern about losses to pirates or file-sharers (who may or may not be the same). Is the success of iTunes and its many competitors due to better legal protection of TPMs, or better TPMs, or just their arrival on the market to offer what only the informal market offered a few years ago?
Some of the answer may depend on one’s assumptions. Barry Sookman says that “the evidence is overwhelming that only a small portion of downloading does not involve infringement or illegal activity.” Those who want to limit legal protection of TPMs are more favourably disposed to the motives of those who aim to use the works. The Electronic Frontier Foundation says that many of the people harmed by the DMCA were not pirates. “It is hard to see why a competitor should have to solve [the content owner’s] piracy problem before it can offer legitimate products for legitimate owners of [the owner’s] games.”
This is part of the debate, then. Mr. Sookman’s slides refer frequently to “unfair” appropriation of owners’ rights. He writes of the Streambox case as involving the ability of users of Streambox’s device to “make and redistribute digital copies” of RealNetwork’s programs. The Electronic Frontier Foundation characterizes Streambox’s device as a method of “time-shifting streaming media”, presumably by innocent watchers.
So who is innocent, and who is opening floodgates to piracy? Given the vulnerability of any TPM to ultimate deciphering and circumvention, should the law try to help the owners develop what many call “speedbumps” against infringement, or in favour of DRM? Is it cavalier to separate the value of digital marketing strategies from the prevention of infringement, and say as the Electronic Frontier Foundation does that the owners should not try to solve their piracy problems with laws that (also? primarily?) protect marketing strategies? Is the distinction in the world of copyright so clear?
Does it depend on a balance of convenience? Is there more benefit in protecting owners’ rights through legally secure TPMs than is lost by restricting users who can after all bargain for licences – and in a competitive market, who is to say for sure that they will not get affordable access to what they want – or who can type out passages of works to cite for criticism, if they cannot copy them digitally? Or should the law let the owners invent their technologies and rely on them as best they can, without “taking sides”? We already have law, and it finds a public benefit in protecting owners’ rights, though balanced in some way with users’ interests (or rights). Is legally protecting TPMs a logical and necessary extension to the existing policy, or is it aiding and abetting an unjustified extension of the owners’ rights at the expense of the users?
This paper stops here. Readers may answer the questions – and tell the government!
* General Counsel, Policy Division, Ministry of the Attorney General (Ontario). The views in this article do not necessarily reflect those of the Ministry.
 The leading case in Canada on this is BMG v Doe, 2005 FCA 193, online: http://decisions.fca-caf.gc.ca/fca/2005/2005fca193.shtml, though its meaning is disputed. A quasi-litigious way of protecting copyright is the “notice-and-takedown” method, which involves giving notice to a web publisher of a work in which the notice-giver claims rights and threatening to sue for infringement unless the work is taken down. There is some legal power behind such notices here. In the United States, their use is sanctioned by the Digital Millennium Copyright Act (DMCA), and they are consequently very widely used.
 Particularly in “End-user licence agreements” (EULAs) imposed on the ultimate user of the copyrighted work, rather than on intermediate distributors or even the owner of the computer on which the work may be run (though it is not always possible to know who of several users of a computer is using the work and thus who is the licensee.)
 Interestingly, the general use of CSS can prevent movies downloaded directly from websites, even licitly, from being copied to CDs for playing on people’s TVs rather than on their computers. The DVD players will not play them. The frontier of adapting to this appears to be the pornography industry: G.Gentile, “Porn maker allows downloads for TV viewing”, Silicon Valley.com, May 14, 2006, online: http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14579823.htm. In other words, DRM is running into problems because of TPMs created for earlier rights management systems
 RealNetworks, Inc. v. Streambox, Inc., 2000 WL 127311 (W.D.Wash. 2000)
 See for example Théberge v Galérie d’Art du Petit Champlain Inc.,  S.C.R. 336.
 B. Sookman, “’TPMS’: A Perfect Storm for Consumers: Replies to Professor Geist”, (2005), 4 C.J.L.T. No. 1 p. 23, online: http://cjlt.dal.ca/vol4_no1/pdfarticles/sookman.pdf.
 Ibid. p. 34.
 The role of contract in this field is largely beyond the scope of this paper. However, it might be noted that some US courts have upheld a contractual (licence-based) restriction on doing something that would be acceptable under copyright law in the absence of a licence. See Bowers v Baystate Technologies, Inc., 65 U.S.P.Q. 2d 1746 (Fed. Cir. 2003); Frontline Test Equipment Inc. v. Greenleaf Software, Inc., 10 F. Supp. 2d 583 (W.D.Va. 1998). The Australian government found the enforceability of such agreements “unsettled” in Australian law, but recommended limiting the ability to amend user rights in copyright by contract, in some circumstances. See the Copyright Content Review Committee’s report (2004), online: http://www.ag.gov.au/www/clrHome.nsf/AllDocs/5EC397B374406C04CA256C4F0006F070?OpenDocument
 I. Kerr, A. Maurushat, C. Tacit, “Technical Protection Measures: Part I – Trends in Technical Protection Measures and Circumvention Technologies; Part II – the Legal Protection of TPMs”, (2003), online: http://www.pch.gc.ca/progs/ac-ca/progs/pda-cpb/pubs/protection/protection_e.pdf (Part I) and http://www.pch.gc.ca/progs/ac-ca/progs/pda-cpb/pubs/protectionII/protection_e.pdf (Part II).
 Ibid, Part II, p. 3.
 Grant Robertson, “MTV enters on-line music fray”, Globe and Mail, May 16, 2006, p. B4.
 For a detailed look at the technical and legal aspects, see J. deBeer, “How Restrictive Terms and TechNologies Backfired on Sony BMG Music”, in (2006-06), 6 Internet & E-Commerce Law in Canada 93 and (2006-07) 7 I.E.C.L.C. 1. It was called a “rootkit” because it installed itself in the “root directory” of the user’s computer, where it was very hard to detect and from which it was very hard to remove without serious damage to the operating system.
 Ibid., 6 I.E.C.L.C. 93 (Internet and E-Commerce Law in Canada, Lexis-Nexis).
 Ibid., 7 I.E.C.L.C. 2.
 Katie Dean, “Shift-Key Case Rouses DMCA Foes”, Wired, October 12, 2003, online: http://www.wired.com/news/digiwood/0,1412,60780,00.html.
 Article 11 of the Copyright Treaty. Article 18 of the Performances and Phonograms Treaty is the same but replaces “authors” with “performers or producers of phonograms” and “works” with “performances or phonograms”, and does not refer to the Berne Convention.
 As a matter of international law, signing a treaty does not require a country to ratify it, just to give serious consideration to ratifying.
 17 United States Code. The TPM protection chapter 12 is online: http://www.copyright.gov/title17/chapter12.pdf. The DMCA and of course copyright legislation generally protects copyrights in a number of ways not related to TPMs as well.
 Universal Studios v Remeirdes, 111 F. Supp. 2d 294 (S.D.N.Y. 2000) aff’d sub nom. Universal Studios v Corley, 273 F. 3d 429 (2d circ. 2001).
 Electronic Frontier Foundation, Unintended Consequences: Seven Years under the DMCA, April 2006, online: http://www.eff.org/IP/DMCA/f=unintended_consequences.html. For an economic efficiency concern, see T.B.Lee, “Circumventing Competition: The Perverse Consequences of the Digital Millennium Copyright Act”, Cato Institute, March 21, 2006, online: http://cato.org/pub_display.php?pub_id=6025.
 Lexmark v Static Control Components, 387 F.3d. 522 (6th circ. 2004)
 Electronic Frontier Foundation, above note 24, section 2.
 Lee, above note 24, p. 17.
 The letter to Professor Felten is online: http://www.eff.org/IP/DMCA/Felten_v_RIAA/20010409_riaa_sdmi_letter.html.
 Electronic Frontier Foundation, above note 24, section 3.
 Sookman, above note 7, p. 37-38. It might be noted that the appeal court in the Chamberlain case, involving garage door openers, said in obiter that if there has been a contract not to use a competing device, as well as the DMCA claim, that might have been effective to bar the use of the competing opener, while the DMCA alone was not. Chamberlain Group v Skymark Technologies, 381 F. 3d 1178 (Fed. Cir. 2004)
 Lee, above note 24, p. 18, noting that the owner of the copyrighted work cannot be prosecuted or jailed, whatever the merits of the dispute, only the user or publisher of the circumvention device.
 An Act to amend the Copyright Act, Bill C-60, section 27, adding s. 34.02 to the Act. The Bill died on the dissolution of Parliament in November 2005 and has not yet been reintroduced by the new government. Its text is still online: http://www.parl.gc.ca/38/1/parlbus/chambus/house/bills/government/C-60/C-60_1/C-60.html.
 Sookman, “Protection for Technical Protection Measures - What Should Canada Do?” a PDF presentation delivered at the Rotman School of Business, University of Toronto, March 3, 2006, online: http://www.mccarthy.ca/pubs/sookman_rotman.pdf.
 Michael A. Einhorn, “Canadian Quandary: Digital Rights Management, Access Protection, and Free Markets”, delivered at the Rotman School of Business, University of Toronto, March 3, 2006.
 Ibid. p. 38-39.
 R. S.C. 1985, c. R-2, online: http://laws.justice.gc.ca/en/r-2/text.html, paragraphs 9(1)(c – e). The provision was upheld in the Supreme Court of Canada in Bell ExpressVu Limited Partnership v Rex, 2002 SCC 42. A constitutional challenge based on freedom of expression was rejected in the Superior Court of Quebec in R. v. D’Argy, 2005 IIJCan 8977 (QC.SC), online: http://www.canlii.org/qc/jug/qccs/2005/2005qccs19052.html (in French). Leave to appeal has been granted.
 Michael Geist, “TPMs: A perfect storm for consumers”, Toronto Star (January 31, 2005), online: http://www.michaelgeist.ca/resc/html_bkup/jan312005.html. It was in response to this piece that Barry Sookman composed the article cited above at footnote 7.
 See for example the submission of the National Consumers Council, 6 January 2006, online: http://www.ncc.org.uk/intellectualproperty/digital_rights.pdf.
 Ibid, p.13.
 Above note 35, notably at pp. 12 – 14.
 See the list of possible causes of action listed by Professor deBeer, above at text accompanying note 17.
 On the provincial jurisdiction side, see Professor deBeer, “Constitutional Jurisdiction over Paracopyright Laws”, in Geist, ed., In the Public Interest, Ottawa 2005, online: http://188.8.131.52/PublicInterest/two_1_debeer.htm. On the federal side, see Barry Sookman, above note 34, slides 16 – 19.
 In the US, notably the MGM Studios Inc v Grokster, Ltd case in the Supreme Court – see http://www.copyright.gov/docs/mgm/index.html, but other operations have been closed down by law, notably Napster in an earlier incarnation. The Recording Industry Association of America has had a lot of settlements in its many suits against file sharers, for better or worse in the general battle against file sharing.
 Sookman, above note 7, p. 26.
 EFF, above note 24, text at note 51.
 Sookman, above note 34, slides 7, 8, 13 (“unauthorized copies”), slide 18 (“unauthorized exercise of their exclusive rights”).
 Above note 5.
 Sookman, above note 34, slide 30.
 EFF, above note 24, text at note 36.
 That does not work well if one wants to insert a video clip into a film review, however. Is that a huge loss, or a different kind of speed bump? The answer may depend on one’s view of creativity – or it may reside in arguments about the duration of copyright rather than its incidents while in force.
 And readers get to decide which government, federal or provincial.