John Gilmore's piece in the May issue in response to Rivest's "devil's advocate" question "What's Wrong with Copy Protection?" makes some apologies for being too long. Apologies weren't needed. But if they were, they should only be made for omitting discussion of several important matters and failing to mention several things really wrong.
Only a part of the problem, and the lesser part, has to do with preventing copying as such. If it were possible -- it isn't -- but if it were, to keep certain bit sequences as embodied on CDs from being duplicated and to have no other effect upon the universe, then copy protection would not be so particularly bad. Fair use of copyrighted materials would suffer, and that would be unfortunate; some uncopyrightable matter would be protected as if copyrighted, and that would not be socially productive -- but the world would go on, if in slightly diminished condition.
However, as a matter of information science, let's call it, it is not possible only to prevent certain duplications of particular instances of encoded matter -- and do no more. And the worst injuries to our common well being particularly come from the additional measures and consequences that are emplaced with and result from the installation of copy protection.
To prevent copying, it is variously necessary to prevent users from having transparent and unimpeded access to the machines and virtual machine structures they use. In simple terms, boxes must be made black; people must be prevented from understanding how the apparatus they use works.
To try to prevent copying it is also necessary to attempt to make prior "mechanical" distinctions regarding uses and readings of text. Copying in fact is of the essence of engaging, dealing, transacting in any way with any informational thing. In order to listen to the music from a CD, for instance, a copy of the bit string encoded on it is made as modulations of laser light, which is copied as a series of discrete electronic pulses into a microprocessor, and copied to D/A converter, and copied as a varying voltage waveform... etc. Consider the copying involved in basic biological processes, DNA, tRNA, proteins... All computation of any kind is founded in copying, some of it literal, some of it amplificatory. A set of maladapted prior consequences is imposed upon uses and processes is made as an intrinsic part of the effort at copy prevention. The example given is the gratuitous assumption made by certain digital devices that all analog inputs are unlawful copies (and therefore mechanistically 'refused passage') -- but that is only one example among many.
The effort to prevent copying also seeks to limit the scope and utility of devices and processes that read and use information, to try to "cripple" apparatus otherwise extant in the world. Often this is a very large set of real or virtual machine structures, and the crippling often needs to be quite significant, at least as compared to what makes an interesting and useful device without consideration for imposing limitations to its usefulness.
And, although this list could be quite a lot longer, in order to prevent copying, the sanctions of the state tend to be engaged and applied in rather severe and partisan ways. Otherwise harmless speech becomes criminalized. Knowledge is restricted and constrained by threat. Legal rights are adapted, constructed and dis-constructed to permit invasive and nasty practices, "license audits" and such. Some of the basic rights of citizens must be made subject to the asserted needs of surveillance and enforcement. Because the prosecutorial burden is too great for any public entity to bear, private entities are given summary prerogatives.
So, everything that Mr. Gilmore says is true, but it is also true that copy protection schemes suppress and injure much more than wrongful duplication of lawfully copyrighted content. Just to add two (and only two of many) basic consequences to the list of what is wrong with copy protection: 1. It ruins trust, and 2. It creates extended irrational policy frameworks. I would say something about each of these very briefly.
The DMCA in substantial effect says 'If you are a copyrighted content provider, you can do whatever you want, without notice, to any machines, systems, or processes owned or used by someone who has bought your content -- and that person has no right to know, or to understand, or to examine, or to alter whatever it is that you have done; in fact anything that person or entity does to get around this ignorance or to gain some control of the computer or system that used to belong to him or her or to tell someone else how to is subject to criminal sanction.'
Trust walks with open eyes. It exists upon an exchange basis, not by means of unilateral arrogation. Where ignorance is mandated and verification is prohibited, genuine trust has little chance.
At the moment, the average computer user (or the average Circuit Court judge it also seems), does not particularly concern himself with the trustworthiness of the computer or system he uses. E-mail is scanned (and the scanned proceeds used for purposes not intended by the sender or recipient), browser use is monitored; the computer itself might as well be the active agent of others. More than anything else, the past decade indeed has seen the penetration of a particular set of encoded methods in the form of a certain operating system into every American home or business.
These are the prices, one might suppose it is assumed, of the convenience of sending messages over a network or gathering information (much of it forms of advertising) on video pages, or playing solitaire without the need for real cards. No matter what the immediate future brings, the lack of real trustworthiness in the machine or system will be of significant limiting consequence, however. The informational facility it provides will be used, but with a passivity and defeat reminiscent of public discourse in a country with an omnipresent secret police.
Somewhat similarly, Gilmore correctly suggests that copy protection is not just an enactment, it is a project of some scale (it is not just SDMI; it is the DMCA; it is the suppression of Felten; it is the "trusted" system concept) and it is indeed but a part of a larger project the purposes of which appear to be to regularize and impose order, to restrict the amplification provided by large scale information networks principally to certain business purposes, to centralize, to consumerize, and to gain a kind of collar hold on certain of the feed-forward properties associated with informational things, particularly active informational things.
That it would be is not too hard to understand. What is harder to understand is why certain, forgive the term, "Second World" potentially emerging economy countries seem to go along with the project. Considered, acquiescence is not in the rational national interest of a Chile, or an Indonesia -- or a Russia or an India. (That the British are supporters is rational on their part and not at all surprising.) To these recipient nations, copy protection so-called is merely a methodology that helps American hegemony grind its way into their economies to an extent well beyond any value the tokens of that hegemony might provide. Adhesive software licenses that propose no rights in the purchaser, prosecutions for barn-door broadly defined "circumvention" and circumventing methods, suppression of an analytic discussion of the weaknesses of an encoding scheme, -- these are the means of the unreasonable extension of power as capable as prosecutions for thought crimes. (True, a country such as Mexico has not literally legislatively adopted the DMCA or UCITA, but its participation in trade agreements that have a similar bent to their intellectual property provisions counts as curious enough from the point of view of rationality as seen by a thoughtful Mexican.)
One must suppose that this un-rational cooperation with the instances and methods of American hegemony, this making the world safe for Microsoft and Disney, copy protection and its means included, has some rationale behind it -- but it would be one that is comparatively temporary. The moment's quid pro quo. Money, say.
As likely as not, the bribe will have been spent while the cause in issue was postponed rather than determined. If so, an entire system of relations and conduct will have been built on an imposition that will have to be refused and discarded, and the oppressive qualities of which will then continue to taint any relationship for some time to come.
In the 21st century it is bad international policy to depend over much upon the subjection and dependence and non-rationality of other nations. Particularly if you are selling software. The reasonable risk is too great that various countries of the world would collectively realize that the back boxes of copy protection, (like other black boxes such as region coding and remotely defeasible software) do not work for their benefit. At that point, such countries might even collectively recognize not only that American protection schemes are partial in the protection afforded, but that American software isn't worth paying for in any instance. Or, amusingly, say, they might even think to sue for the costs of replacing the software they did not want but were forced to buy by means of the impositions of the "protections" associated with copy protection.
Just to be careful, I should say that this is not a brief against legitimate legal copyright and not against the legitimate rights of copyright holders. That is not the issue. Similarly, I don't think any of us should have much patience with the rather meatheaded proposition that there ought to be a sanctioned right to copy protection and its methods simply because some copying is illegal. Much copying is legal, and should be. There are also, for instance, rights to a public an impartial trial for an alleged offense not served by the summary imposition of sanctions by business interests. (We usually consider it a mark of civilization that, say, the illegality of assault does not sanction private revenge murder.) Rights to obtain knowledge should be recognized, as should be a rational interest in transparency and fairness.
Mr. Gilmore says some of this. More is to be said, and I've tried to point to some of it in this letter. An understanding as to why copy protection really is not about copy protection, that it is about business aggression -- the object of which should reasonably want to refuse to be its victim -- needs most to find its way to those who are litigating (and losing) the current cases on the issue. The litigation may continue to come out with bad results, but to the rather technical First Amendment arguments made (software as "expression" -- it is that but it is also an active agent, a virtual machine structure -- might as well say so and argue for reasonable policy regarding such things), must be added a real sense of the dynamics of what is going on.
Mr. Gilmore makes a good start. Thanks to him. But the kind of thing he says needs to be further considered and spoken to the world.