Sen. Fritz Hollings’ new bill embeds copy-protection tech in digital hardware devices. But the proposal would have an even bigger impact on the software industry. Programmers, look out.
WASHINGTON — America’s programmers, engineers and sundry bit-heads have not yet figured out how much a new copyright bill will affect their livelihood.
When they do, watch for an angry Million Geek March to storm Capitol Hill.
A bill introduced this week by Sen. Fritz Hollings (D-South Carolina) would roil the electronics industry by forcibly embedding copy protection into all digital devices, from MP3 players to cell phones, fax machines, digital cameras and personal computers.
But the Consumer Broadband and Digital Television Promotion Act (CBDTPA) would also wreak havoc on programmers and software companies — both those distributing code for free and those selling it.
No more than two years and seven months after the bill becomes law, the only code programmers and software firms will be able to distribute must have embedded copy-protection schemes approved by the federal government.
To put this in perspective: The CBDTPA would, if enacted in its current form, have the electrifying effect on computer professionals that the Supreme Court’s decision in Bush v. Gore did to some Democratic Party members.
Legal experts said on Friday that the CBDTPA regulates nearly any program, in source or object code, that runs on a PC or anything else with a microprocessor.
That’s not just Windows media players and their brethren, as you might expect. The CBDTPA’s sweeping definition of “any hardware or software” includes word processors, spreadsheets, operating systems, compilers, programming languages — all the way down to humble Unix utilities like “cp” and “cat.”
“The definition will cover just about anything that runs on your computer — except maybe the clock,” said Tom Bell, a professor at Chapman University School of Law who teaches intellectual property law.
Then Bell paused for a moment and reconsidered. “There’s a risk you could say it covers things like even a digital clock program on your computer,” he said.
According to the CBDTPA, any software with the ability to reproduce “copyrighted works” may not be sold in the United States after the Federal Communications Commission’s regulations take effect. Even programmers who distribute their code for free would be prohibited from releasing newer versions — unless the application included federally approved technology.
Violators face civil and criminal penalties.
There is a loophole: Programmers could still create unapproved code on one computer. But they couldn’t give it to anyone else or transmit it on a network.
A second loophole would grandfather in code that existed before the CBDTPA took effect. Software that was manufactured and in the hands of consumers before the FCC’s rules take effect would be exempt.
America’s National Firewall
Because the rest of the world hardly seems eager to enact a similar law — at least not immediately — the CBDTPA would effectively erect an informational firewall around America.
It could become unlawful for U.S. programmers to distribute any newly developed non-compliant code after the CBDTPA takes effect. Because the CBDTPA also regulates importing software, it could be illegal to download non-compliant code from overseas.
“(That) Draconian reading is certainly a defensible one, and the DeCSS and (Dmitri) Sklyarov litigation suggest that it may be a likely one,” said Jessica Litman, a professor at Wayne State University who teaches intellectual property law.
“I would expect the Disney studio to argue that either downloading or posting code that doesn’t adhere to the security system standard transports the code” — and would therefore be unlawful, Litman said.
Anyone violating the CBDTPA would be subject to statutory damages ranging from $200 to $25,000 per violation. An irked content owner would have a quiver of legal arrows to aim at a violator: Search warrants, impounding or destruction of equipment used in the illegal activity, plus attorney’s fees, reimbursement for lost profits and actual damages.
That’s not all. Anyone who ignores the CBDTPA’s prohibitions — and does it for “commercial advantage or private financial gain” — would face the same criminal penalties that once threatened the Russian hacker Sklyarov: up to a $500,000 fine and five years in prison.
R. Polk Wagner, who teaches intellectual property law at the University of Pennsylvania, says that free software developers could risk criminal charges — even if no cash transactions are involved.
“The law has taken people who give it away for free to be sellers for some purposes,” Wagner says. “If you give it away on a site that has ads, or if you’re doing it for reputational value, you’re probably still falling in the commercial category.”
Free Software Movement Woes
Because the free software and open-source movements rely so much on international collaboration, the CBDTPA’s firewall-at-the-border would create knotty problems for programmers living in the United States.
If the CBDTPA were to be enacted, American developers would be sharply restricted in their ability to collaborate with their counterparts overseas. In a worst-case interpretation, for instance, the CBDTPA means that only pre-ban versions of the Linux operating system could legally be sold inside U.S. borders.
The University of Pennsylvania’s Wagner says it’s unclear how high an international firewall the CBDTPA would erect.
The CBDTPA says no “importer” may download non-compliant software — but who qualifies as an importer? “If you’re doing this to load on your computer at home, I suspect that most courts would probably not find you to be an importer,” Wagner says. “But who knows what the legislative history is? Someone in Congress could include a memo saying we mean ‘importer’ to be everybody.”
Wayne State’s Litman said there is some reason to be hopeful: The FCC’s standards, which the agency must approve a year and seven months after the CBDTPA is enacted, could grant developers some flexibility. The CBDTPA requires the FCC to publish a “security system standard.”
“The piece we don’t have is what the security system standard is going to say,” Litman said. “It might, for example, require the security system standard to be incorporated only in certain classes of digital media devices, or might incorporate exemptions for software designed for unrelated purposes.”
Peter Wayner, author of Free for All: How Linux and the Free Software Movement Undercut the High-Tech Titans, says that the CBDTPA would result in a do-not-copy bit being added to all digital content — and requiring that all software and hardware recognize that bit.
“Anything that ships bits would be covered,” Wayner says. “You have to go after every computer and every hard disk. That’s their goal.”
It’s unclear why Hollings, the powerful chairman of the Senate Commerce committee and an ardent supporter of the movie studios’ attempts to rid the Internet of piracy, chose to draft the CBDTPA so broadly.
Hollings first circulated a draft of the CBDTPA’s predecessor, the Security Systems Standards and Certification Act, last August. In the seven months that have elapsed, the electronics industry, computer makers, chip makers and nonprofit advocacy groups have slammed it as unworkable and preposterous.
But while some “fair use” requirements have been added to the CBDTPA that did not appear in its previous incarnation, the general approach has not changed.
During a recent hearing, Senate Judiciary chairman Patrick Leahy (D-Vermont) said he was skeptical of Hollings’ approach, and House Republicans have also been less than enthusiastic.
Joining Hollings as co-sponsors of the CBDTPA are one Republican and four Democrats: Ted Stevens (R-Alaska), Daniel Inouye (D-Hawaii), John Breaux (D-Louisana) and Dianne Feinstein (D-California). At a hearing last week, Feinstein showed her colleagues a pirated movie that she said an aide had downloaded from a file-trading service.
The entertainment industry desperately wants this bill, a version of which Disney and News Corp. endorsed as far back as last summer. But the Sept. 11 terrorist attacks snarled Congress’ usual schedule, and only now has Capitol Hill’s attention returned to online piracy.
On Thursday, the Motion Picture Association of America and the Recording Industry Association of America hailed the CBDTPA as the only way to prevent the continuing Napsterization of their businesses. MPAA’s Jack Valenti said the measure will “serve the long-term interests of consumers,” while RIAA’s Hilary Rosen predicted that without it, “online piracy will continue to proliferate and spin further out of control.”
Author: Declan McCullagh
News Service: Wired News