Cory Doctorow, European affairs coordinator for the Electronic Frontier Foundation (EFF), closed O'Reilly Media's first-ever EuroOSCON Thursday afternoon in Amsterdam. For Doctorow, open source is an important social phenomenon in the tradition of science, in which the culture encourages the sharing of knowledge and not the hoarding of knowledge. His keynote explored the problems with digital rights management (DRM) and how it fails on some of the important science tests.
Doctorow began by explaining how EFF's history was deeply rooted in open source. To combat prohibitions on exporting strong crypto in the early 90s, the EFF brought a first-amendment suit on behalf of Princeton mathematician Dan Bernstein to publish the speech that was embodied in his source code. The Ninth Circuit Court ruled that "your code is protected speech."
Doctorow said that although that victory was good news, it's old news, and that the EFF is once again fighting for the rights of authors to publish their code. He says, "Right now, we find ourselves in the midst of a global attack on free software. A global attack that is supposed to uphold copyright, but that has no nexus with what copyright actually does. What this is about is rewriting copyright to convert it from a monopoly over who can copy, perform, exhibit, and make new works from your works into a monopoly over who can design devices capable of playing back, making derived works from, exhibiting, and performing a work." How intrusive are these proposed restrictions? Doctorow explained that they might include how large your family is allowed to be and how your network has to be configured.
DRM is intended to be a security system. When it comes to securing distributed content, you need to enable the path from sender to receiver while protecting against the interference by attackers. You want to allow the senders and receivers to communicate securely without the attacker disrupting the communication or potentially without even knowing that communication has taken place. Doctorow explained that since World War II, standard and effective security has been based on the idea that the sender, receiver, and attacker all know about the cipher and how it works. This takes us back to the scientific foundations because it is the publishing of the method for securing the communication that reassures everyone that it works. As a result, everyone "knows that the message exists and can capture a copy of the messages being sent on a public network. What the sender and the receiver share that the attacker doesn't have is the key. This one secret is the smallest secret possible because secrets are hard to keep."
Contrast this with the DRM world. Doctorow says that in this case, you only have two role players involved. You have an attacker and a sender. What happened to the receiver? Doctorow explains that in the view of those employing DRM, the receiver and the attacker are the same person. If you buy a DVD, then the receiver must be able to decrypt the information on the DVD or you would not be able to view the material as it is intended to be viewed.
But, says Doctorow, "DRM is a system that treats the owner of the media that it delivers as the attacker of the system. So it is a system that necessarily requires that owners of equipment not be able to modify, service, understand, or improve on their own equipment. DRM is antithetical to free and open source software." Much later he explained, "One of the key benefits we derive from free and open source software is the ability to understand and improve upon our own tools." The assumption that your receivers are potential attackers is similar, he says, to the notion that you can build a safe so strong that you can leave it in the bank robber's living room.
Doctorow argues that DRM doesn't protect copyright. He feels that it encourages people who want to use materials they could have paid for in legitimate ways to seek non-sanctioned means. The only way to view a region-free version of a movie that is distributed on DVD, or a version that you can move from your home theatre to your phone, is to obtain a copy of the movie where the DRM is broken.
Generally, copyright laws have a notion of flexibilities for the public interest. For example, suppose you wanted to use excerpts from some work in order to critique something covered by DRM. Copyright law would allow you to do so to prevent the copyright holder from being able to restrict reviews to only the positive ones. He offered an example of a Boing Boing reader who tried to record a humorous bit from an IMP stream but was unable to. Copyright law would allow such recording but the technology is unable to discern fair copying from illegal copying, so it prevents all copying. In effect, Doctorow explains, "DRM rewrites the copyright law to create a new suite of rights for rights holders."
You might view these restrictions as a contract that you have somehow agreed to in order to use particular equipment to view particular content. Already there is information about the rights of certain programs being streamed along with the content. Systems such as CGMSA can specify that you make no copies or one copy, or restrict the time during which you can copy the show. Doctorow says that those working in the motion picture industry contend that you enter into an agreement to waive your fair-use rights to the content when you change the channel and tune into that show. Every time you click your channel changer, you are forming a new agreement.
These instant agreements are invisible to the viewer and are enforced by various DRM hardware. In addition, each DRM system has renewability built in. Doctorow explained that "this is a euphemism for revokability. Remotely, they can revoke features in your device that were present when you bought it. You buy a device that does ten things and tomorrow it does nine things." So, even if you think it is reasonable to buy a DRM device because you understand the rights you are waiving at time of purchase, there may be new rights that you will be required to waive without having a say in the matter.
For the last few years, the Digital Video Broadcasters (DVB) forum has been working on a suite of restrictions for digital television. This organization sets standards for Europe, Asia, Latin America, and Australia. Doctorow said that their influence does not end there. Time Warner and the North America Broadcasters Association have promised to use global mandates to further widen the effects of the DVB access restrictions. This new initiative is called CPCM and specifies flags that can be set by the rights holder. Hardware manufacturers are simultaneously being encouraged to design devices that resist user modification and to resist the creation by the community of free and open source drivers.
The rights holder can specify the number of screens you can view a program on, the number of times you are allowed to watch it, a time window within you are allowed to watch it, the distance from the receiver, and the restriction that a piece be viewed only on devices within a single household. Doctorow says that even this last restriction may seem, at first, to be reasonable. But, he points out, "a household is whatever the technology says it is. We're moving from a world where 'household' is a word that has complex social, legal, and religious meaning to one where household has an exact technical meaning defined by the entertainment industry. We're moving from a world where copyright specifies who can copy your movie to a world where copyright is a thing that allows you to specify what a family is."
In the United States, the regulatory agency was willing to go along with the entertainment industry's demands for these changes. It was the lawmakers who realized that taking away your electors' televisions was not politically wise. EFF and others brought and won a lawsuit in the U.S. challenging the regulators' right to make this policy, and so the U.S. Broadcast Flag was defeated. Since then, however, the Broadcast Flag has emerged twice in riders in bills. In Europe, there are current discussions about turning the DVB policies into a national mandate. Doctorow asks that you make five friends aware of what's going on. And, he added with a smile, encourage them to join the EFF.
Daniel H. Steinberg is the editor for the new series of Mac Developer titles for the Pragmatic Programmers. He writes feature articles for Apple's ADC web site and is a regular contributor to Mac Devcenter. He has presented at Apple's Worldwide Developer Conference, MacWorld, MacHack and other Mac developer conferences.
Return to the O'Reilly Network.
Copyright © 2009 O'Reilly Media, Inc.