Lawrence Lessig will give his keynote, "Preserving the Innovation Commons: What's At Stake" at the O'Reilly Conference on Peer to Peer and Web Services
2001 has been a bad year not just for dot-coms but also for people interested in preserving the public's right to fair use of copyright materials. From the shutdown of Napster and the DeCSS case to the prosecution of Dmitry Sklyarov, federal prosecutors and U.S. courts have acted in support of copyright interests and against the public's ability to use technology to secure fair-use rights. OpenP2P.com editor Richard Koman talked about these turns of events with Lawrence Lessig, a leading expert in Internet law and policy and a keynote speaker at the O'Reilly Conference on Peer-to-Peer and Web Services. Lessig will keynote at the conference on Thursday, Sept. 20.
Richard Koman: Your keynote is called "Preserving the Innovation Commons," and you just wrote a piece in the New York Times on the Dmitry Sklyarov case, so perhaps you can weave those together for us. What does Dimitri have to do with preserving the innovation commons?
Lawrence Lessig: The Internet under its original design built a platform that induced lots of innovation in applications and content. And it did this by embracing an end-to-end principle, which meant that the network would remain as simple as possible and push all of the intelligence and, therefore, innovation to the end. This is the vision that is now enabled by a peer-to-peer architecture, and it's the environment that has inspired the greatest amount of innovation around the Internet in its history.
|"Technology is actually granting copyright holders more control over content than copyright law itself would require."|
Now this architecture threatens existing interests, business interests and Hollywood interests, and in response to that threat there have been a number of changes that have occurred in both the technical and legal environment, aiming to undermine this platform for innovation, aiming to change it into a platform where it's easier for certain interests to exercise control over innovation on that platform. And the changes at the technical level include changes to the architecture, enabling network owners to exercise more control or discrimination over content that flows across their network or for applications that run on the network. And in the legal environment, the change is brought about by changes in copyright law essentially -- also patent law, but let's start with copyright law -- that radically increase the extent to which copyright holders can exercise control over their content.
Now these changes in the law were induced originally by the view that cyberspace would threaten copyright in a way that copyright has never seen before. But that assumption was based upon an assumption about the architecture of cyberspace, or the architecture of technologies for delivering content in cyberspace. And the assumption was that it will be relatively hard to develop technologies to protect content in cyberspace, and therefore there needed to be pretty significant new rules to reinforce those technologies. One set of these new rules is the rules enacted under the Digital Millennium Copyright Act, and one part of that is the anti-circumvention provisions of that statute, which essentially make it a crime to develop and distribute tools whose purpose is to crack a copyright protection system.
Now the problem with this technique for protecting copyright law is that copyright law itself is a very subtle and balanced legal regulation. It doesn't guarantee authors perfect control over copyrighted material. What it does is balance a certain incentive that is given to authors against certain public rights of access, and those are typically enforced through a fair-use doctrine but also through requirements that copyright be for limited times. Now those balances are typically enforced through court decisions that refuse to find infringement except when there is no fair use or except when it's legitimate copyright. When it's technology that's being used to protect copyright, however, that technology doesn't have to be as subtle or as balanced as copyright law is. So if you have a trusted system that is protecting certain content, there's no reason that trusted system would have to free that content for purposes of fair use or protect that content for just a limited time.
Now that means that technology is actually granting copyright holders more control over content than copyright law itself would require. And that means that when provisions like the anti-circumvention provision of the Digital Millennium Copyright Act are used to protect technology that's protecting copyright interests, the law is actually protecting a stronger copyright interest than copyright law itself would protect, because when you crack a technological protection system, even if it's for the purposes of fair use, the tools used to crack it are criminal under the anti-circumvention provisions. So the effect of fair use in a digital rights management world can shrink quite dramatically, and what this essentially means is that the power to develop technologies that enable the distribution and research into the technologies for encryption is essentially centralized into the hands of those digital rights management companies that are supporting mainly traditional Hollywood or media interests.
Koman: So what is your assessment of where we are in terms of the public's right to fair use and the public's right to access these materials?
|What's happening to public rights to information in this country? Are we on the right road or the road to hell?|
Lessig: I think both of them are being restricted, because the law is in both cases shifting a significant amount of power into the hands of existing copyright holders -- or you could more accurately say hoarders, because for example, the most popular copyrighted music is not generally diffusely distributed. It's concentrated in the hands of a relatively small number of companies, so the ability to get access to that content and the ability to control that content is increasingly concentrated, and what that means is that the right to research around these technologies is also concentrated. So, for example, there was an earlier case in April where Professor Edward Felten from Princeton University attempted to give a presentation of a paper that he and some colleagues had written describing weaknesses in the SDMI -- Secure Digital Music Initiative -- encryption systems, and the RIAA sent him a letter that essentially said that if you publish this paper you would subject yourself to enforcement actions under the Digital Millennium Copyright Act.
That means they are essentially asserting that the right of people to tinker with and describe weaknesses in encryption systems depends upon who you work for. If you work for them, you can do it. If you don't work for them, you can't without violating federal law. And that kind of concentration of the right to do research and describe weaknesses in encryption systems is antithetical both to a free society and to good security systems, because security systems depend upon open, easy abilities to describe weaknesses and critique them.
Koman: So is the problem the DMCA or is the problem the technologies put in place by the copyright holders, the DRM software?
|"If you work for them you can describe weaknesses in encryption systems; if you don't, you're violating federal law."|
Lessig: Well, in the first book that I wrote about this, "Code and Other Laws of Cyberspace," my real concern was the technology, and I said that the real danger would be when the technology's backed up by the law. Right now, it seems that the real problem is the law backing up the technology, because what that's doing is very quickly chilling the opportunity for some balance to be struck between the protections afforded by the technology and the rights of access that should, in a balanced copyright world, be granted to authors. Now both of these changes are coming about because there's this skewed view of the significance of protecting or finding perfect protection for copyright interests in cyberspace, which really sets it apart from many other similar problems or legal interests that could be protected in cyberspace.
So you could think about privacy as a legal interest that cyberspace undermines, or you could think of protecting children from pornography as a legal interest that cyberspace undermines. In those two cases, privacy and pornography, courts and legislatures have gone relatively slow in making sure that the securing of those interests -- protecting children or protecting privacy -- is not achieved at the expense of free speech or innovation in cyberspace generally. But in this one case of copyright, there's been this race to protect it as quickly and strongly as possible. And it's that which I think is skewing this process in a way that is undermining the opportunity for innovation, especially in the context of peer-to-peer systems.
Koman: So you find the judge's decision in the Napster case extreme?
Lessig: Yes, extreme, and fortunately the latest opinion from the District Court judge [Marilyn Patel] is so extreme that I think people are going to begin to get just how ridiculously extreme this is. You know, in that opinion, Napster had essentially said to the judge that they had found a way to make sure that 99 percent of the downloads would be essentially legal under copyright law. And the judge said, "99 percent's not enough for me. I want 100 percent," and so she basically ordered the company shut down until it could guarantee 100 percent. Now there's no technology that facilitates copying anywhere that's 100 percent effective. I mean imagine a court saying, "Xerox Corporation has to stop producing copiers until it can guarantee -- 100 percent guarantee -- that nobody will violate anybody's copyright law using a Xerox machine." But that's exactly the attitude, and it's that kind of extreme attitude that I think is most harmful to the opportunity for innovation here.
|"Employees at Smith & Wesson don't have to fear arrest because their products led to somebody being killed, yet employees at software companies need to fear arrest because somebody may have used their code to steal a John Grisham novel."|
Koman: What do you perceive about the public's attitude toward the sanctity of copyright these days?
Lessig: Well, fortunately I think it's beginning to change a bit. It's changing because people are just in a sense outraged with extremism that's being demonstrated by both the recording industry and now federal prosecutors. I think most people -- for example looking at the Sklyarov case -- most people think, here's this programmer, employed by a company in Russia who writes a bit of software that is legal in Russia. That software is then distributed across the Internet by his employer in a way that imports it into the United States. It's illegal in the United States because it violates the Digital Millennium Copyright Act. But he comes to the United States not to sell the software but to give a speech about the weaknesses in this encryption technology that's infused by Adobe to protect its PDF files. And Adobe essentially informs the government that this guy who's written software that's illegal in the United States is going to be in the United States and is going to be giving a speech criticizing Adobe. And the federal prosecutors arrest the guy.
Now I think most people look at this and think this is pretty extreme. I'm actually quite surprised that the government would have picked this as their first criminal prosecution under the Digital Millennium Copyright Act because it's not a clear case of piracy or of somebody developing a technology to enable people to steal lots of content. This technology enabled owners of e-books to do things with the e-books that, in many cases, would clearly have been fair use of the e-book.
Koman: So do I understand that he hasn't personally distributed the software in the U.S. or done anything except set foot in the U.S., after having written the software in Russia?
Lessig: Yeah, it's not clear what the relationship is between him and his employer, but he didn't sell it in the United States. What happened is the employer contracted with a company to facilitate online sales, and that company is the one that distributed the software in the United States, selling it through its online store. So that's what constituted the transfer in the United States that gave jurisdiction for an arrest. Now arresting him as opposed to holding the company responsible or holding that distribution company responsible is the interesting fact, and the government arrested him because he was essentially the copyright holder, at least of that version of the code. So it's those two things together -- that he wrote it and that it was distributed here -- that gave rise to the liability. And then whenever you're liable for violating federal law, if you stick your foot into the United States, you can submit yourself to jurisdiction to be arrested and prosecuted for that violation, so that's how they got jurisdiction.
Koman: So should he have released it as open source? Would that have solved his problem?
Lessig: No, that wouldn't have solved the problem, because he still would have been the author and licensing it. I'm not sure how he can solve his problem. And that's a symptom that also strikes people as extreme. It essentially means that any software written around the world that happens to be inconsistent with American law is now subject to criminal prosecution in the United States, you know?
Koman: You were talking earlier about the assumptions that the DMCA was based on -- basically that it would be technically difficult to protect copyright material, that some hacker out there would always crack the latest scheme, and so the law is in place to go where technology was assumed not to be able to go. Is it not still true that any encryption solution out there is bound to be hacked by a couple of programmers with a couple of days on their hands? That is, if we overturn the DMCA, is the copyright protection by code still strong or is it bound to be cracked?
|"Open societies with free people don't get them to obey the law by coding it so they can't do anything different."|
Lessig: First of all, I'm not saying that there should be no legal protection. I think the legal protection should be targeted on what we properly think of as piracy and exempting code that facilitates traditional fair use. That's the kind of DMCA I think would be perfectly adequate. Now, you're right that most of these encryption systems that are out there are easily cracked or crackable after a relatively short amount of time, but there's an implicit assumption about what follows from that fact. There's an article in Inside magazine criticizing people who were criticizing the arrest of Sklyarov, and it kind of races breathlessly to this conclusion that, "The big difference is that once you crack the encryption system on a novel, you can then post it on the Internet and anybody can download it for free anywhere."
Now this is a very crude understanding of what happens actually when you crack an encryption system. So certainly it's true that it's easier to distribute stuff in cyberspace than in real space, but to the extent the laws are targeting piracy, it's also easier to track down pirates in cyberspace than it is in real space. So it's true that the ability to crack the systems will mean that you can never have perfect protection, but perfect protection is not something we have in real space, either; and in fact I think we'll get closer to perfect protection in cyberspace than we will ever get in real space, even without something like the Digital Millennium Copyright Act.
So it's this kind of panic, that once there's any breach in the dam, then that's the end of all creative activity, which just seems to me to be completely unconsidered. You know, it's a messy world in all contexts and what we typically do is accept that freedom entails a certain amount of law breaking, and that doesn't mean you embrace law breakers or say that they should go free. People who are cracking copyright for the purpose of distributing content contrary to the legitimate control of the copyright owner or people who are cracking content for the purpose of redistributing for commercial purposes other people's content -- are criminals and they should be prosecuted as such. But you shouldn't lock up every technologist and make it impossible for them to experiment with encryption technologies merely because there are criminals out there. We don't do that with guns. I mean that's the bizarre thing, you know -- that employees at Smith & Wesson don't have to fear that the FBI is going to swoop down and arrest them because their products led to somebody being killed, yet employees of software companies need to fear that some FBI agent is going to swoop down and arrest them because it's possible that somebody used their code to steal the latest John Grisham novel.
Koman: Do you find that with Napster as a poster child that the whole P2P space is some sort of touchstone for things that challenge sort of status quo notions about morality in this stuff? That is, do you think there's some sort of over-the-top attacks on things that qualify as being peer-to-peer. And so besides the piracy accusations around Napster, there's also this story last week that Rep. Henry Waxman was very upset about the existence of pornography on the Gnutella network. Is there something about the notion of people without intermediation sharing their computers and having direct access to each other, is there something challenging about that to the status quo?
Lessig: Well, certainly peer-to-peer systems will make it harder for there to be centralized control of all sorts of things -- centralized control of criminal law, centralized control of morality, centralized control of culture. All of those things become harder when peer-to-peer systems basically vest that control closer to the individual. Now, in many contexts what we typically think is, "That's a good thing for the purpose of freedom, and a free and open society." We don't really embrace, openly at least, the idea that governments and powerful interests ought to be able to exercise direct control over the way we think or the things we buy or believe in, even though we do think that laws ought to be enforced and people ought not to be free to go out and break the law.
I think what peer-to-peer generally will be seen as is a threat to the ability to exercise this kind of centralized control, and many different interests will unite against that threat, and they include moral interests. This is the concern about pornography and Gnutella. They include copyright interests. They include content industries like the recording industry, which very much doesn't want to create an architecture that enables peer-to-peer distribution of content as opposed to this more-centralized system for distributing content. So I think all of those will unite behind this picture of a more-centralized universe and therefore resist the decentralization that peer-to-peer technologies could enable. And the fight about peer-to-peer will then be really a fight for the liberty of peer-to-peer systems to exist independent of these more-centralized, traditional structures.
Koman: And do you have any recommendations on where as a country we ought to be going? Should we be making a U-turn from the road we've taken recently?
Lessig: Yes. I think we should go back to the principles that defined us originally, which was about open societies with free people who should obey the law but you don't get them to obey the law by basically coding it so that they can't do anything different. You get them to obey the law by making the law reasonable and getting people to be respectful of it, and that's the direction we ought to be going.
Koman: What does the outlook look like for you for technology innovators that are interested in using some of these P2P concepts.
Lessig: Right now, not good -- because there's been no strong case or principle since the pornography cases in the Supreme Court, which has affirmed the principle of innovation and decentralized control. Instead, the general trend has been to a much stronger centralization to protect state and private interests. So until we have once again recognition and an embrace of the principle of freedom by some important governmental actor, I don't think we're going to actually see it realized in the actual litigation about these challenges to traditional interests.
Koman: So for the P2P technologists coming to the conference, it sounds like you don't have much good news.
Copyright © 2017 O'Reilly Media, Inc.