Cites & Insights: Crawford at Large
ISSN 1534-0937
Libraries · Policy · Technology · Media

Selection from Cites & Insights 8, Number 8: August 2008

©4: Locking Down Technology

Never Enough

That’s the rallying cry of copyright maximalists—Big Media and their ilk. No matter how much control they have, it’s never enough. And any steps that provide any measure of balance are “loopholes” that must somehow be closed. How else to interpret Jared Bernstein’s news piece in the July/August 2007 EContent, “A DMCA fix needed to eliminate online copyright loophole”?

What loophole? The safe harbor provision of the DMCA—the provision that ISPs and other websites aren’t guilty of copyright infringement simply because infringing material is found on the site, as long as they take down the material as soon as they’re notified. Bernstein writes this as a straight “technology development” story (which is also how at least one software company is trying to sell it): “content-filtering technology has evolved…which may in turn affect how the law is interpreted and enforced.” Supposedly, one program automates “detection of illegal distribution of copyrighted material on the internet.”

Bernstein says “the courts have begun to send a message to service providers: Now you have technology available to help avoid infringement, so you need to take a more proactive role in filtering copyrighted content.” What U.S. court cases have negated the DMCA clause to that extent? None is cited. A copyright lawyer “explains” that lawsuits will keep cropping up and thinks “congress needs to reexamine the law,” further saying that the issue is “whether the DMCA unduly burdens the content owners.”

There it is: DMCA is unbalanced against copyright holders. One might ask whether software can truly detect copyright infringement without also identifying fair use materials as infringing—and there, I believe, the answer is most assuredly No. Already there are erroneous takedown requests. If there is such a thing as fair use (which copyright maximalists would deny), then it is essentially impossible for a filter to be completely effective without taking down legitimate material. The tone of the article is clear (primarily quoting a lawyer): Congress should force ISPs to use content filtering whether it works or not.

If there are other “loopholes” in DMCA, you can be sure the maximalists are working on them. The analog hole? Under direct attack.

This piece reports on a series of skirmishes over a period of time. It’s not exhaustive by any means. Just a few incidents as originally reported and, when feasible, the current status. These are skirmishes. The war—continuing attempts to lock down technology and make it clear that citizens have no rights in media use other than those explicitly granted by unsigned contract—continues, but not actively in Congress, at least not this year.

Loading DVDs onto iPods

Way back from November 16, 2006 comes this story, as reported at EFF’s Deep links ( Here’s part of Fred von Lohmann’s post:

The MPAA studios are at it again, snatching away our fair use rights, so they can sell them back to us for an "additional fee."

In a lawsuit filed in federal court in New York, Paramount Pictures v. Load 'N Go Video, the MPAA member companies have sued a small business for loading DVDs onto personal media players (e.g., iPod Video) on behalf of customers.

According to the suit, Load 'N Go sells both DVDs and iPods and loads the former onto the latter for customers who purchase both. The company then sends the iPod and the original DVDs to the customer. So the customer has purchased every DVD, and Load 'N Go just saves them the trouble of ripping the DVD. The movie studios' suit claims that this is illegal, because ripping a DVD (i.e., decrypting it and making a copy) is illegal under the DMCA. The suit also claims that this constitutes copyright infringement.

Although this lawsuit happens to be aimed at Load 'N Go, the DMCA theory in the complaint makes it crystal clear that the MPAA believes it is just as illegal for you to do the same thing for yourself at home. Apparently, Hollywood believes that you should have to re-purchase all your DVD movies a second time if you want to watch them on your iPod…

What happened? The only report I could find says Load ‘N Go “went out of business more or less immediately after the suit was filed”—which is what usually happens when DMCA is used as a hammer against a new small business. Score one for the studios.


Kaleidescape produces media servers that store your DVDs and CDs on a hard disk (or array). Kaleidescape tried to do it right; the company became a CSS licensee. But the DVD Copy Control Association (DVD CCA) sued Kaleidescape, claiming that the server breached license conditions—unless the DVD itself was actually in the device whenever you played a movie. Kaleidescape countersued.

This time, the court found that the specifications at issue weren’t actually part of the license agreement. Naturally, DVD CCA appealed—and claims that it doesn’t want to put Kaleidescape out of business (although that’s basically what would happen), it just wants to force compliance with an extremely restrictive requirement. (The same requirement would presumably mean that you could copy a DVD to an iPod if Apple had a CSS license—but you’d somehow have to have the DVD within the iPod when you’re playing it, making the copy superfluous.)

The Kaleidescape is a very expensive product—and it only reads DVDs, it can’t copy them. It’s useless for a true pirate, and anyone who can afford a Kaleidescape seems unlikely to be borrowing DVDs and copying them to save a few bucks. (Currently, a Kaleidescape “1U” server sells for something like $16,000—but that’s a big reduction from the original $32,000 for a Kaleidescape.)

As far as I can tell, DVD CCA’s appeal is pending.

Use Our Products—Or Else!

That’s the remarkable tactic of two companies—BlueBeat (and its parent Media Rights Technologies) and SafeMedia corporation. In the first case, Media Rights Technologies sent cease and desist letters to Apple, Microsoft, RealNetworks and Adobe—claiming that they’re violating DMCA because their products don’t use MRT’s X1 SeCure Recording Control technology.

As reported in a May 11, 2007 ZDNet story, Jessica Litman called the letters “a play for publicity”:

“I’m no fan of the DMCA, but it doesn’t impose liability simply because some product could be redesigned to implement a technological protection scheme but its makers decline to do so.”

An intellectual-property lawyer called the legal theory “out there.” Basically, MRT is claiming that its technology has been “proven effective” as a way to prevent capture of streamed music…and that companies not adopting its technology are, as a result, violating DMCA. The company also petitioned the Copyright Office to revoke webcasting licenses for most of the top webcasters (AOL, iTunes, MSN, Pandora, Rhapsody) using the same novel theory—and asked Congress to “hold Apple and Microsoft accountable for piracy.” Checking MRT’s website, I see nothing later than July 2007 on any of these moves. I see no indication that the letters and petitions were ever followed up by lawsuits—which, of course, would cost real money.

Then there’s SafeMedia and its Clouseau. For some reason, SafeMedia was sending me press releases for a while during 2007, touting the quality of its products for disrupting peer-to-peer distribution of copyright material. I don’t believe SafeMedia actually threatened lawsuits, but it certainly made much of a claim that anyone with “contaminated P2P network programs” on their own computer was “committing copyright infringement.”

One problem with Clouseau (a network appliance), according to one review I saw, is that it basically shuts down all peer-to-peer traffic, including BitTorrent, thus eliminating most Linux and World of Warcraft-update downloads, for example—although that’s not what SafeMedia has claimed at times. According to a June 22, 2007 post by Ed Felten at Freedom to Tinker,, one document claims Clouseau “detects and prohibits illegal P2P traffic while allowing the passage of legal P2P such as BitTorrent”—but a white paper used by SafeMedia’s salespeople says BitTorrent is illegal (not generally true) and was consistently blocked.

The CEO claims Clouseau is “fully effective at forensically discriminating between legal and illegal P2P traffic with no false positives.” Felten doesn’t believe that’s possible. (I looked at SafeMedia’s explanation of how Clouseau works; it relies heavily on “DNA markers” it claims to identify within P2P traffic.)

When Felten first wrote about SafeMedia, he concluded that the company was “a brilliant parody”—since it made claims (about breaking through all encryption, for example) that even intelligence agencies wouldn’t make. The company also called for Congressional funding to install Clouseau “on every Federally-supported computer network in the country”—but, of course, the company is real and still in business. It appears to make claims that appear to be impossible—but in a faith-based economy, what’s so special about that?

When I look at recent press releases, I basically see a claim that Clouseau bars all “infringing P2P networks”—and so long as SafeMedia argues that every P2P network has access to at least one infringing file, the appliance can carry out that claim, by simply blocking all P2P traffic, legal or not. Once again, it’s a sledgehammer approach—like assuming that all MP3 content that isn’t directly licensed is infringing, because some of it could be.

Circumventing Effective Protection

Two related skirmishes, both from May 2007. One was a Very Big Deal at the time; the other, a low-key court decision in Finland.

The big deal was “09 f9”—the first two bytes of a sixteen-byte encryption key that unlocked the AACS copy protection on most existing high-def discs (Blu-ray and HD DVD). Someone figured out the key; it appeared on a handful of websites. The AACS Licensing Authority (AACS LA) sent takedown letters to sites with the key, claiming it was a circumvention technology violating DMCA. Once enough people heard about this, thousands of people reposted the key. As Ed Felten said on May 1, 2007,

The key will inevitably remain available, and AACS LA are just making themselves look silly by trying to suppress it. We’ve seen this script before. The key will show up on T-shirts and in song lyrics. It will be chalked on the sidewalk outside the AACS LA office. And so on.

As Felten noted, AACS LA’s strategy didn’t even make a lot of sense. The greatest deterrent to redistribution of high-def video is practicality. The files are just too damn big to redistribute. Comments on the first post were interesting—someone had already registered the key as a domain name, it was in fact on a t-shirt on May 1, and at least one site posted the takedown letter it received—which, to be sure, included the key.

Then Digg users got into the action, recommending pages containing the key. Digg chose to comply with the takedown letter—and the users went nuts. As Felten says, they “launched a deluge of submissions to Digg, all mentioning or linking to the key.” For part of May 1, the entire front page of Digg consisted of links to the AACS key—they were showing up faster than administrators could take them down. It didn’t take long before Digg capitulated. Its founder posted the key and offered an interesting message:

“[A]fter seeing hundreds of stories and reading thousands of comments, you’ve made it clear. You’d rather see Digg go down fighting than bow down to a bigger company. We hear you, and effective immediately we won’t delete stories or comments containing the code and will deal with whatever the consequences might be.

“If we lose, then what the hell, at least we died trying.”

Digg sided with its users—and may not have had much choice. Would AACS LA actually sue them? Could its claim stand up in court?

Well, AACS could do one thing, and did later in May 2007. To wit, they could change the key—which would make new discs unplayable on older players (unless the players are upgraded through software updates), but would theoretically limit the damage. So they changed the key—and almost immediately, a company updated its copy-protection-defeating software to include the new key.

Here’s the thing: DMCA says something about circumventing effective protection. Would any reasonable court accept that protection is effective if it can be circumvented so easily? (Could Sony have possibly won a lawsuit claiming DMCA violation if someone said “Psst. Turn off AutoRun before you insert a Sony audio CD in your PC”?) Highly unlikely.

Speaking of CSS, the Helsinki district court concluded that CSS protection “can no longer be held ‘effective’ as defined by law,” given that it’s been readily circumvented for so long—and, thus, that circumvention measures aren’t violations of the European version of DMCA. Unfortunately, DMCA itself defines “effective” differently; as a result, it’s possible that a U.S. court would (in the words of Ed Felten) protect “any DRM technology, no matter how lame.”

Since then? It’s hard to say.

Don’t Rip That CD?

Here’s an odd question: Am I guilty of copyright infringement? I would say no, absolutely not—but if you believe some commentators and some RIAA documents, the RIAA would argue otherwise.

How so? I’ve ripped most of my CDs to my PC (in MP3 form)—twice, actually, at a higher bit rate the second time to get higher quality. I’ve made compilation CD-Rs (expanded back to audio files) from the PC. And, more recently, I’ve written about 220 of those 320kbps MP3 tracks to a cute little Sandisk Sansa MP3 player.

I own all of the CDs. I haven’t “flipped” them—I would regard doing so, while retaining the music, as some form of theft. I haven’t even discarded the CDs. Ripping is done purely for my convenience in listening to songs in my preferred sequence or when I’m traveling and don’t wish to haul along a CD player.

According to Ryan Singel’s January 9, 2008 story at the Wired blog network ( 2008/01/riaa-believes-m.html), the RIAA may believe I’m a criminal. “The RIAA has repeatedly taken the position that ripping MP3s from CDs you own is illegal.”

Really? Well, it’s certainly true that, in an infringement trial in October 2007, Jennifer Pariser of Sony BMG said that making one copy of a track you’ve legally purchased is “a nice way of saying, ‘steals just one copy’.” The next day, RIAA’s president said Pariser had misspoken.

It’s also verifiably true that the RIAA wrote to the Copyright Office (opposing a DMCA exemption) arguing that space-shifting or format-shifting should not be considered noninfringing uses—and that creating a backup copy of a music CD was not a noninfringing use. The letter basically says that, if you can readily buy legitimate copies for each device, then you have no right to move music from one device to another.

On its own website, the RIAA concedes that you can copy music onto cassettes (they’re analog) and onto Audio CD-Rs (which include royalty fees).

Beyond that, there’s no legal "right" to copy the copyrighted music on a CD onto a CD-R. However, burning a copy of CD onto a CD-R, or transferring a copy onto your computer hard drive or your portable music player, won’t usually raise concerns so long as:

* The copy is made from an authorized original CD that you legitimately own

* The copy is just for your personal use. It’s not a personal use—in fact, it’s illegal—to give away the copy or lend it to others for copying.

This is interesting language. It denies fair-use rights for shifting devices (“there’s no legal ‘right’”) but says the RIAA probably won’t sue you (“won’t usually raise concerns”). The first bullet also seems to say that you’re in trouble if you do two stages of copying—that is, ripping to MP3 on your computer, then to your portable player. The player copy is not “made from an authorized original CD.”

In more than one case, RIAA’s lawyers have used “unauthorized copies” to mean the MP3 versions on a PC of CDs the defendant owned. I find it hard to argue with Singel’s wording here: “For clear propaganda reasons, the music industry won't publicly say it considers ripping MP3s to be copyright infringement.”

Is this interpretation a reach? If so, it’s only because RIAA keeps muddying the water. I’ll close this skirmish and essay by noting a January 7, 2008 entry on The Patry copyright blog by William Patry, currently senior copyright counsel for Google: “What RIAA has said about home taping” (

Patry goes back to home taping issues—a case where RIAA clearly said that RIAA had never sued anybody for home taping, but that they would prevail under existing law if they did so. In other words, RIAA didn’t feel that home taping was fair use. The Audio Home Recording Act clarified this—at least  in the House report, although not in the statute itself: “In the case of home taping, the exemption protects all noncommercial copying by consumers of digital and analog recordings.”

Patry cites the same RIAA language quoted above (and more) and has some similar concerns:

The other part of the passage--“won’t usually raise concerns” is puzzling because the passage assumes an individual has made a copy from an authorized CD that the individual owns, and he or she has made the copy for personal use. Why “usually” then? When would that specific use not be fair use? It is not sufficient to say there might be different facts that could lead to different results because the hypo has its own facts.

Patry quotes from another site that’s full of obfuscation, offering nothing that can clarify whether it’s legit to rip your own CD. He’s trying to avoid distorting RIAA’s statements—but, he says, of the material he found and cited,

[I]t must also be stated that RIAA has said precious little…to give simple, straightforward answers; the answers are hedged or qualified, and it appears the RIAA doesn’t want to ever concede that personal use is lawful—as compared to “usually won’t raise concerns.” What does that mean? If I ask a cop whether I can drive 35 miles per hour on a particular road with no speed sign, is it sufficient for him to say, “well that usually won’t raise concerns”?

In 1987, the answer was clear: There is no personal use exemption or fair use immunity for home taping (at least prior to AHRA). Patry concludes (in part):

It may be that these very clear sentiments do not reflect RIAA’s current thinking, but one wouldn’t be able to tell from the current material. So here’s a proposed solution: let’s give honest people what they want, clear guidance; instead of wasting Congress’s time on gluttonous issues like getting even greater statutory damage awards, why not spend that time drafting a personal use exemption—not fair use guidelines, but a real exemption. One that will exempt all home copying and use by individuals off of lawfully purchased copies, including space and format shifting, for noncommercial purposes. Such a law would earn copyright owners (and Congress) tremendous public applause, while those who are honest could forget about copyright law, finally. Those who are engaged in the truly problematic activities, like massive unauthorized distribution of works would be isolated, legally and in the public’s eyes. What I think is unacceptable is the status quo, one that deliberately keeps things vague and that lumps honest people who want to engage in home, personal, noncommercial uses in with those who deserve to be called pirates. If copyright owners wanted to change they status quo, they could, so why are they not? Drafting difficulties is not an answer: As copyright counsel to the House, I drafted, along with copyright owners, numerous far more complicated provisions. Nor is there any question that Congress is the only vehicle for achieving the necessary clarity. Sometimes things unsaid or not done also speak loudly and when that is the case it is hard to complain there is a misunderstanding about what is meant.

Emphasis added.

Cites & Insights: Crawford at Large, Volume 8, Number 8, Whole Issue 105, ISSN 1534-0937, a journal of libraries, policy, technology and media, is written and produced by Walt Crawford, Director and Managing Editor of the PALINET Leadership Network.

Cites & Insights is sponsored by YBP Library Services,

Opinions herein may not represent those of PALINET or YBP Library Services.

Comments should be sent to Cites & Insights: Crawford at Large is copyright © 2008 by Walt Crawford: Some rights reserved.

All original material in this work is licensed under the Creative Commons Attribution-NonCommercial License. To view a copy of this license, visit or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.