Date: Sun, 22 Oct 95 12:54:25 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V7#032
Computer Privacy Digest Sun, 22 Oct 95 Volume 7 : Issue: 032
Today's Topics: Moderator: Leonard P. Levine
Can you Sue if Credit is Denied for Lack of SSN?
Nov '95 PC World - good article!
Usenet Posters' Profiles Available to Anyone with WWW Browser
Copying Driver's Licenses
Email Addresses for Sale by Direct Marketing Agency
Re: Junk Sales Calls
Unprivacy in Britain
Call Blocking
PARTY! Nov. 18th, sponsored by Community ConneXion
Re: GE Capital Offer of Personal Information
Re: Copyright Notice
Re: Copyright Notice
State Phone Policies Survey
The Computer Law Report [long]
Info on CPD [new]
----------------------------------------------------------------------
From: straurig@mailgw.sanders.lockheed.com (Scott Traurig)
Date: 18 Oct 1995 14:57:06 -0400
Subject: Can you Sue if Credit is Denied for Lack of SSN?
Organization: Lockheed Martin M & S, Sunnyvale, CA
Can you sue a financial institution that denies you credit solely on
the basis that you refused to supply a social security number? All
other information would be happily provided, e.g. bank balances and
account numbers, etc.
Please reply via email.
--
Scott Traurig
straurig@mailgw.sanders.lockheed.com
------------------------------
From: malamb@ix.netcom.com (Michael Lamb )
Date: 18 Oct 1995 19:51:34 GMT
Subject: Nov '95 PC World - good article!
Organization: Netcom
Today I received the Nov issue of PC world and it contains an excellent
article by Jeffrey Rothfeder entitled "Invasions of Privacy".
While it contains nothing surprising to us, it may bring these abuses
and the need for tighter regulation to the attention of thousands of
others.
------------------------------
From: dzubint@freenet.vancouver.bc.ca (Thomas Dzubin)
Date: 18 Oct 1995 20:06:20 GMT
Subject: Usenet Posters' Profiles Available to Anyone with WWW Browser
Organization: Vancouver Regional FreeNet
Here's a bit of scaryness with some privacy implications. If you've
got the Netscape browser running on your micro, click on "Net
Search"...one of the items is called "Deja News" which will basically
search through the dejanews Usenet archives for a certain search
string.
the URL is "http://www.dejanews.com" and it works from all
browsers...even lynx (text browser).
The search will return a list of articles and who posted them.
You can "click" on the article to see the actual article posted
...OR...
You can "click" on the poster of the article and the dejanews server
will give you an "Author profile" which lists how many articles you
post to which news groups! I look at my profile and I can see that I
am a VMS/DEC person with interest in SNMP, network management, and
privacy (from my previous posts to comp.society.privacy). I also
probably have some cisco equipment at my site due to one post in
comp.sys.cisco.
This is very scary...For example If I were to start posting to
alt.i.kill.puppies.support, this can be called up by anyone and I could
potentially be harassed for posting to that newsgroup. (by the way:
for the Humour impared: I like puppies...I don't kill them).
...I think I'll be looking into anonymous posting services now...
RISKS? Standard risks for any information being automatically
collected...I wonder if I were forge a post under another person's name
if it will show up in their future profile?
This has a great potential as a marketing tool...or as a harrasment
tool....or even as a job screening tool? Will someone in the future
not hire me because I post to rec.whatever? Pretty scary potential.
I also looked up my Ex-wife's profile just for fun and found out that
she is now into winemaking...that's news to me!
--
Thomas Dzubin
Vancouver, B.C. CANADA
------------------------------
From: Maryjo Bruce <sunshine@netcom.com>
Date: 18 Oct 1995 20:15:43 -0700 (PDT)
Subject: Copying Driver's Licenses
I withdrew money from my savings account (over 10K) yesterday, and the
bank copied my driver's license before they would let me have the
money. Do they have the right to do that? Who can copy it? Who
cannot? Whom can I call to find out....accurately? What are they
going to do with the copy?
--
Mary Jo Bruce, M.S., M.L.S.
Sunshine@netcom.com
------------------------------
From: richmsr@niia.net (rich markwart)
Date: 19 Oct 95 03:27:50 GMT
Subject: Email Addresses for Sale by Direct Marketing Agency
Organization: rich
According to DM(Direct Marketing) News 10-16-95, Marketry, Inc. of
Bellevue, WA offerred a list of 250,000 Internet addresses to attendees
of the 1995 Direct Marketing Association (DMA) convention in Dallas.
The list of e-mail addresses was gathered from newsgroups, chat groups
and Web sites. The list is available for rental at $50/1,000 names.
Marketry is a list rental agency. In violation of DMA ethics rules,
the owner of the list was not revealed.
The list is available with selections in adult, computer, sports,
science, education, news, investor, games, entertainment, religion and
pets. New selection areas will be coming soon according to a Marketry
spokesperson.
The spokesperson admited that users did not realize that their
addresses were being captured, compiled and sold.
The Direct Marketing Association can be reached at 212-768-7277 or
212-790-1400.
--
rich markwart
chesterton, in
------------------------------
From: ahipc1j.dpeer01@eds.com (Don Peer)
Date: 19 Oct 1995 17:16:53 GMT
Subject: Re: Junk Sales Calls
Organization: EDS/National Car Rental
Bill said... ...make NOT transmitting ID be the default behavior
in all cases.. Let phone companies sell the option of having
Caller-ID-blocked calls automatically rerouted to a message saying
that you do not accept Caller-ID-blocked calls. Anyone want to
start a pool on the odds of phone companies ever voluntarily
offering such a scheme?
Although it was probably not voluntary, that is precisely the service
that US West offers! My default is to NOT transmit. When we get the
recording 'this number is not accepting calls from blocked numbers', we
redial with *67 in front.
With this service (which was free), I learn about who wants unknown
calls and who doesn't.
You could even argue that people who don't subscribe to caller ID
blocking are implicitly agreeing to accept telephone solicitations.
------------------------------
From: Rich Schroeppel <rcs@cs.arizona.edu>
Date: 19 Oct 1995 13:33:25 -0500 (CDT)
Subject: Unprivacy in Britain
I was in Borders over the weekend and read the Sunday London Times
(probably a week old). The top story on page 1 was that the guy who
did a movie of executions was just finishing up a movie of excerpts
from those public-area-surveillance cameras that are proliferating in
Britain. Supposedly contains footage of people having sex, etc. It's
apparently legal for the govt to sell the video recordings.
I suppose it's no surprise that Orwell was British.
------------------------------
From: Aaron Zaugg <relief@indirect.com>
Date: 19 Oct 1995 15:34:09 -0700 (MST)
Subject: Call Blocking
This anonymous call blocking problem everyone is talking about can be
immediately solved by purchasing a Caller ID box (not from phone co.)
which has that ability built in. I paid about 79$ for one from a
computer (junk mail) catalog. I think the place was called PCZone. If
your local phone company won't sell you the box that will eliminate
blocked calls just find one that will.
You may also want to try various Spy Shots.
------------------------------
From: sameer@c2.org (sameer)
Date: 19 Oct 1995 20:36:20 -0700
Subject: PARTY! Nov. 18th, sponsored by Community ConneXion
Organization: Community ConneXion: The NEXUS-Berkeley 510-549-1383
Community ConneXion: the Internet Privacy Provider is having a party!
We're partying to celebrate the spread of privacy on the net, through
the increased security of internet products, as well as the growth of
our services. (Many new services and new features on existing services
will likely be announced before the party. Stay tuned.)
We're inviting all our customers and other potentially interested
parties, which includes you, if you've received this note. So please
join us, and send a copy of this invitation to anyone else you may know
who would be interested in attending.
Where: Icon Byte Bar & Grill
299 9th Street (at Folsom)
SF CA 94103
When: Sat. Nov. 18 1995
7:00 PM
This is a good chance to meet and network with the people who are
making privacy on the internet a reality. Find out more about the
HackNetscape and HackMicrosoft contests. Learn about our specialized
web services, found nowhere else but at Community ConneXion. Hear about
the anonymous and psuedonymous servers here and what we're doing to
improve them.
There will be catered snacks and a no-host bar.
--
sameer Voice: 510-601-9777
Community ConneXion FAX: 510-601-9734
The Internet Privacy Provider Dialin: 510-658-6376
http://www.c2.org (or login as "guest") sameer@c2.org
------------------------------
From: tye@metronet.com (Tye McQueen)
Date: 21 Oct 1995 22:19:37 -0500
Subject: Re: GE Capital Offer of Personal Information
Organization: Texas Metronet, Inc (login info (214/705-2901 - 817/571-0400))
"Michael O'Donnell" <mod@world.std.com> writes: My mortgage is held
by GE Capital Mortgage Services. [...] I recently received an
offer from them whereby I'd pay $5 a month for the "privilege" of
getting allegedly current reports on our credit, driving, Social
Security and medical histories, including the ability to correct
errors and discrepancies. [...] Can it be that the $5 a month is
really all they're after? What are the risks in my subscribing to
this service?
For them to be able to do this you'd have to sign something giving them
the right to collect such personal information. Perhaps that is what
they are really after, a signature from you that tells all sorts of
agencies to give GECMS lots of personal information about you. They
probably don't promise to not sell this info to anyone who wants to buy
it either.
--
Tye McQueen tye@metronet.com || tye@doober.usu.edu
Nothing is obvious unless you are overlooking something
http://www.metronet.com/~tye/ (scripts, links, nothing fancy)
------------------------------
From: chris@ivanova.punk.net (Christopher Ambler)
Date: 18 Oct 95 15:28:46 PDT
Subject: Re: Copyright Notice
Two points on the copyright issue that I seem to have started (honest,
I didn't mean to! :-))
First, it does seem to be a can of worms. My question becomes one of
how I can keep a copyright when I want one, and release it when I
don't. This list, for example, may have full rights to whatever I send
to it. Telecom Digest, likewise (as an aside, to my knowledge, Pat has
never rejected a single item I've sent him intended for publication to
Telecom, for whatever reason.)
I would love to have a copyright on all Usenet postings specifically
prohibiting them to be included in any compilation CD Rom sold for a
profit. I'd also love to be able to prohibit MSN from carrying them
just because I feel ornerey this week. I don't expect to be able to do
either, and a discussion on that topic would probably be out of the
scope of this list.
Second, I am still under the impression that a submission to a mailing
list is granting that list the right to redistrubution simply by virtue
of the act itself. I am not a lawyer (I don't even play one on TV), so
I have no idea if this is truely the case... but I thought it was. Can
anyone confirm or deny this?
Sorry to have created a point of contention. Please note no sig right
now for this message :-)
------------------------------
From: "M. Otto" <otto@sol.acs.unt.edu>
Date: 19 Oct 1995 12:53:00 -0500
Subject: Re: Copyright Notice
Original-author: brad@clari.net (Brad Templeton)
Archive-name: law/copyright/myths/part1
Last-change: 28 Apr 1995 by brad@clari.net (Brad Templeton)
Changes-posted-to: news.misc,news.answers
10 Big Myths about copyright explained
By Brad Templeton
1) "If it doesn't have a copyright notice, it's not copyrighted."
This was true in the past, but today almost all major nations follow
the Berne copyright convention. For example, in the USA, almost
everything created privately after April 1, 1989 is copyrighted and
protected whether it has a notice or not. The default you should
assume for other people's works is that they are copyrighted and may
not be copied unless you *know* otherwise. There are some old works
that lost protection without notice, but frankly you should not risk it
unless you know for sure.
It is true that a notice strengthens the protection, by warning people,
and by allowing one to get more and different damages, but it is not
necessary. If it looks copyrighted, you should assume it is. This
applies to pictures, too. You may not scan pictures from magazines and
post them to the net, and if you come upon something unknown, you
shouldn't post that either.
The correct form for a notice is: "Copyright <dates> by <author/owner>"
You can use C in a circle instead of "Copyright" but "(C)" has never
been given legal force. The phrase "All Rights Reserved" used to be
required in some nations but is now not needed.
2) "If I don't charge for it, it's not a violation."
False. Whether you charge can affect the damages awarded in court, but
that's essentially the only difference. It's still a violation if you
give it away -- and there can still be heavy damages if you hurt the
commercial value of the property.
3) "If it's posted to Usenet it's in the public domain."
False. Nothing is in the public domain anymore unless the owner
explicitly puts it in the public domain(*). Explicitly, as in you have
a note from the author/owner saying, "I grant this to the public
domain." Those exact words or words very much like them.
Some argue that posting to Usenet implicitly grants permission to
everybody to copy the posting within fairly wide bounds, and others
feel that Usenet is an automatic store and forward network where all
the thousands of copies made are done at the command (rather than the
consent) of the poster. This is a matter of some debate, but even if
the former is true (and in this writer's opinion we should all pray it
isn't true) it simply would suggest posters are implicitly granting
permissions "for the sort of copying one might expect when one posts to
Usenet" and in no case is this a placement of material into the public
domain. Furthermore it is very difficult for an implicit licence to
supersede an explicitly stated licence that the copier was aware of.
Note that all this assumes the poster had the right to post the item in
the first place. If the poster didn't, then all the copies are pirate,
and no implied licence or theoretical reduction of the copyright can
take place.
(*) Copyrights can expire after a long time, putting someting into the
public domain, and there are some fine points on this issue regarder
older copyright law versions. However, none of this applies to an
original article posted to USENET.
Note that granting something to the public domain is a complete
abandonment of all rights. You can't make something "PD for
non-commercial use." If your work is PD, other people can even modify
one byte and put their name on it.
4) "My posting was just fair use!"
See other notes on fair use for a detailed answer, but bear the
following in mind:
The "fair use" exemption to copyright law was created to allow things
such as commentary, parody, news reporting, research and education
about copyrighted works without the permission of the author. Intent,
and damage to the commercial value of the work are important
considerations. Are you reproducing an article from the New York Times
because you needed to in order to criticise the quality of the New York
Times, or because you couldn't find time to write your own story, or
didn't want your readers to have to pay to log onto the online services
with the story or buy a copy of the paper? The former is probably fair
use, the latter probably aren't.
Fair use is almost always a short excerpt and almost always
attributed. (One should not use more of the work than is necessary to
make the commentary.) It should not harm the commercial value of the
work (which is another reason why reproduction of the entire work is
generally forbidden.)
Note that most inclusion of text in Usenet followups is for commentary
and reply, and it doesn't damage the commercial value of the original
posting (if it has any) and as such it is fair use. Fair use isn't an
exact doctrine, either. The court decides if the right to comment
overrides the copyright on an indidvidual basis in each case. There
have been cases that go beyond the bounds of what I say above, but in
general they don't apply to the typical net misclaim of fair use. It's
a risky defence to attempt.
5) "If you don't defend your copyright you lose it."
False. Copyright is effectively never lost these days, unless
explicitly given away. You may be thinking of trade marks, which can
be weakened or lost if not defended.
6) "Somebody has that name copyrighted!"
You can't "copyright a name," or anything short like that. Titles
usually don't qualify -- but I doubt you may write a song entitled
"Everybody's got something to hide except for me and my monkey."
(J.Lennon/P.McCartney)
You can't copyright words, but you can trademark them, generally by
using them to refer to your brand of a generic type of product or
service. Like an "Apple" computer. Apple Computer "owns" that word
applied to computers, even though it is also an ordinary word. Apple
Records owns it when applied to music. Neither owns the word on its
own, only in context, and owning a mark doesn't mean complete control
-- see a more detailed treatise on this law for details.
You can't use somebody else's trademark in a way that would unfairly
hurt the value of the mark, or in a way that might make people confuse
you with the real owner of the mark, or which might allow you to profit
from the mark's good name. For example, if I were giving advice on
music videos, I would be very wary of trying to label my works with a
name like "mtv." :-)
7) "They can't get me, defendants in court have powerful rights!"
Copyright law is mostly civil law. If you violate copyright you would
usually get sued, not charged with a crime. "Innocent until proven
guilty" is a principle of criminal law, as is "proof beyond a
reasonable doubt." Sorry, but in copyright suits, these don't apply
the same way or at all. It's mostly which side and set of evidence the
judge or jury accepts or believes more, though the rules vary based on
the type of infringement. In civil cases you can even be made to
testify against your own interests.
8) "Oh, so copyright violation isn't a crime or anything?"
Actually, recently in the USA commercial copyright violation involving
more than 10 copies and value over $2500 was made a felony. So watch
out. (At least you get the protections of criminal law.) On the other
hand, don't think you're going to get people thrown in jail for posting
your E-mail. The courts have much better things to do than that. This
is a fairly new, untested statute.
9) "It doesn't hurt anybody -- in fact it's free advertising."
It's up to the owner to decide if they want the free ads or not. If
they want them, they will be sure to contact you. Don't rationalize
whether it hurts the owner or not, *ask* them. Usually that's not too
hard to do. Time past, ClariNet published the very funny Dave Barry
column to a large and appreciative Usenet audience for a fee, but some
person didn't ask, and forwarded it to a mailing list, got caught, and
the newspaper chain that employs Dave Barry pulled the column from the
net, pissing off everybody who enjoyed it. Even if you can't think of
how the author or owner gets hurt, think about the fact that piracy on
the net hurts everybody who wants a chance to use this wonderful new
technology to do more than read other people's flamewars.
10) "They e-mailed me a copy, so I can post it."
To have a copy is not to have the copyright. All the E-mail you write
is copyrighted. However, E-mail is not, unless previously agreed,
secret. So you can certainly *report* on what E-mail you are sent, and
reveal what it says. You can even quote parts of it to demonstrate.
Frankly, somebody who sues over an ordinary message might well get no
damages, because the message has no commercial value, but if you want
to stay strictly in the law, you should ask first. On the other hand,
don't go nuts if somebody posts your E-mail. If it was an ordinary
non-secret personal letter of minimal commercial value with no
copyright notice (like 99.9% of all E-mail), you probably won't get any
damages if you sue them.
----------------- In Summary ---------------------------
These days, almost all things are copyrighted the moment they are
written, and no copyright notice is required.
Copyright is still violated whether you charged money or not, only
damages are affected by that.
Postings to the net are not granted to the public domain, and don't
grant you any permission to do further copying except *perhaps* the
sort of copying the poster might have expected in the ordinary flow of
the net.
Fair use is a complex doctrine meant to allow certain valuable social
purposes. Ask yourself why you are republishing what you are posting
and why you couldn't have just rewritten it in your own words.
Copyright is not lost because you don't defend it; that's a concept
from trademark law. The ownership of names is also from trademark law,
so don't say somebody has a name copyrighted.
Copyright law is mostly civil law where the special rights of criminal
defendants you hear so much about don't apply. Watch out, however, as
new laws are moving copyright violation into the criminal realm.
Don't rationalize that you are helping the copyright holder; often it's
not that hard to ask permission.
Posting E-mail is technically a violation, but revealing facts from
E-mail isn't, and for almost all typical E-mail, nobody could wring any
damages from you for posting it.
-----------------------------------------------------------
Permission is granted to freely copy this document in electronic form,
or to print for personal use. If you had not seen a notice like this
on the document, you would have to assume you did not have permission
to copy it.
This document is still protected by you-know- what even though it has
no copyright notice.
It should be noted that the author, as publisher of an electronic
newspaper on the net, makes his living by publishing copyrighted
material in electronic form and has the associated biases. However, DO
NOT E-MAIL HIM FOR LEGAL ADVICE; for that use other resources or
consult a lawyer. Also note that while most of these principles are
universal in Berne copyright signatory nations, some are derived from
Canadian and U.S. law. This document is provided to clear up some
common misconceptions about intellectual property law that are often
seen on the net. It is not intended to be a complete treatise on all
the nuances of the subject. A more detailed copyright FAQ, covering
other issues including compilation copyright and more intricacies of
fair use is available in the same places you found this note, or for
FTP on rtfm.mit.edu in
pub/usenet-by-group/comp.answers/law/Copyright-FAQ. Also consider
gopher://marvel.loc.gov/11/copyright for actual statutes. Another
useful document is http://www.eff.org/pub/CAF/
This FAQ can be found at http://www.clari.net/brad/copymyths.html
------------------------------
From: catalyst@pacifier.com (John M. Gear)
Date: 22 Oct 1995 05:55:29 GMT
Subject: State Phone Policies Survey
Organization: Pacifier Internet Server (206) 693-0325
Question in brief (long version below): Does your state allow or
forbid the phone company from charging you extra for privacy
(unpublished/unlisted #s)? If charges are allowed, how much? Why?
Please send your responses by e-mail to catalyst@pacifier.com I will
post a summary.
Question at length:
I live in Washington State where the Utilities and Transportation
Commission UTC allows the local telephone providers (US West and GTE to
my knowledge, perhaps there are others) to charge customers for not
violating their privacy.
I refer to the *monthly* charges for unlisted and unpublished numbers
(one doesn't appear in the book but can be obtained from information;
the other can't even be obtained from the information operator).
I can find no rationale for permitting a common carrier to force
citizens to pay extra not to have their privacy violated. The
telephone is a vital public service, explicitly required in many jobs
and a de facto requirement of most others. Access to emergency
services depends on access to telephone services. Thus, we're not
talking about a subscription list being sold by a private company. You
don't have any choice but to deal with the local phone company if you
want telephone service.
The Washington UTC appears to recognize that the telephone company
doesn't own the right to make you give your name and number away--phone
service providers here are required to offer free "line block" to
defeat Caller ID.
So why does the UTC allow the phone company to charge you extra, each
month, not to give your name and number away to, literally, millions of
people?
I believe this is wrong and should be changed. I have testified before
the UTC at a US West rate increase hearing and got a sympathetic
response from virtually everyone I spoke to, although I don't know how
the commissioners felt.
What I would like to know is if this system is forbidden in any
country, state or province? Does your state require the phone company
to let you out of the phone book without making you pay for the
privilege?
Please send e-mail on this to me at catalyst@pacifier.com
I will post a summary of responses.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 22 Oct 1995 13:55:25 -0500 (CDT)
Subject: The Computer Law Report [long]
Organization: University of Wisconsin-Milwaukee
This was sent me by the author, who has given me permission to post
it. lpl
From: Galkin@aol.com
Date: 20 Oct 1995 11:57:07 -0400
*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
THE COMPUTER LAW REPORT
*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
October 20, 1995 [#12]
=====================================
GENERAL INFO: The Computer Law Report is distributed (usually) weekly for
free and is prepared by William S. Galkin, Esq. The Report is designed
specifically for the non-lawyer. To subscribe, send e-mail to galkin@aol.com.
All information contained in The Computer Law Report is for the benefit of
the recipients, and should not be relied on or considered as legal advice.
Copyright 1995 by William S. Galkin.
=====================================
ABOUT THE AUTHOR: Mr. Galkin is an attorney in private practice in Owings
Mills, Maryland (which is a suburb of Baltimore), and he is also an adjunct
professor of Computer Law at the University of Maryland School of Law. Mr.
Galkin has concentrated his private practice in the Computer Law area since
1986. He represents small startup, midsized and large companies, across the
U.S. and internationally, dealing with a wide range of legal issues
associated with computers and technology, such as developing, marketing and
protecting software, purchasing and selling complex computer systems, and
launching and operating a variety of online business ventures. He also enjoys
writing about computer law issues!
===> Mr. Galkin is available for consultation with individuals and companies,
wherever located, and can be reached as follows: E-MAIL:
galkin@aol.com/TELEPHONE: 410-356-8853/FAX: 410-356-8804/MAIL: 10451 Mill Run
Circle, Suite 400, Owings Mills, Maryland 21117
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^
Articles in The Report are available to be published as columns in both print
and electronic publications. Please contact Mr. Galkin for the terms of such
usage.
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^
*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
EXTINCTION OF THE DIGITAL LOCK PICKER?
*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
[This is the second of a series of articles discussing recommendations made
in the report issued September 5, 1995 by President Clinton's Information
Infrastructure Task Force. The report is entitled "Intellectual Property and
the National Information Infrastructure," and is commonly referred to as the
White Paper. The previous article was entitled "Stopping the Altruistic
Infringer" and dealt with recommendations for criminalizing infringement
activities where there is no profit motive.]
Infringement is the mortal enemy of the Information Highway. A "highway"
robber, a blood-thirsty terrorist, lying in wait to pillage an unsuspecting
victim vulnerable to unauthorized duplication and mass distribution.
However, the destructive infringer is a relatively new concern on the
Internet. A robber can thrive only where there is something of value to be
stolen. In the "old" days of the Internet, there was nothing of "value". Most
information was there for the taking - the more taking, the merrier everyone
was. Not any more. The future of much of the Internet is as a free enterprise
zone. Commercial enterprise cannot develop if the environment is not secured
from theft.
Enter the White Paper, and its recommendation to prohibit devices that are
designed to break through technological security systems. The White Paper
recommends that a new chapter be added to the U.S. Copyright Act which would
"prohibit the importation, manufacture or distribution of any device, product
or component incorporated into a device or product, or the provision of any
service, the primary purpose or effect of which is to avoid, bypass, remove,
deactivate, or otherwise circumvent, without authority of the copyright owner
or the law, any process, treatment, mechanism or system which prevents or
inhibits the violation of any of the exclusive rights under [the Copyright
Act]."
Under the current law, established by several prominent cases, a company is
free to develop a device which can be used to infringe another's copyright as
long as the device has a substantial legitimate use. In one case (Vault Corp.
v Quaid Software, Ltd.), a company developed a software program (RAMKEY)
specifically designed to break through copy protection software. The court
held that this did not constitute contributory infringement (that is,
assisting others to unlawfully duplicate software), because this software has
a lawful purpose. Under the copyright law, a person is permitted to make one
backup copy of software, which is to be used only if the original copy is
destroyed or damaged. Therefore, the lawful use of this lock-breaking program
is to assist others to make backup copies. The court in Vault was not
bothered by the fact that RAMKEY's primary purpose may have been to indeed
assist others in producing unlawful copies.
The Supreme Court in Sony Corp. of America v. Universal City Studios, Inc.
reached a similar result. The owners of motion picture and television
programs sued Sony claiming that production of VCR's was an unlawful act of
contributory infringement. They claimed consumers used VCR's to make
infringing copies of the programs. The court held that as long as the device
is capable of substantial noninfringing uses, then the manufacturer has no
liability, even if the primary use is one of infringement. Therefore, VCR's
can be marketed since VCR's can be used in homes in a permitted way (for
example, taping a show to watch later). How bleak would the world be today if
the Supreme Court ruled otherwise, and there were no VCR's?
The White Paper points out some other areas where prohibitions similar to the
one suggested are already in effect. For example, Congress enacted the Audio
Home Recording Act of 1992, which combined legal and technological protection
for sound recordings. The Audio Home Recording Act requires a serial copy
management system in all digital audio recording devices and digital audio
interface devices imported, manufactured or distributed in the United States.
Such a system allows unlimited first generation digital copying of sound
recordings, but prevents the making of digital copies from copies. The Act
prohibits the importation, manufacture or distribution of any device, or the
offering or performance of any service, the primary purpose of which is to
circumvent any program or circuit which implements a serial copy management
system.
However, it is disingenuous to compare the proposed prohibitions with the
Audio Home Recording Act. The proposed prohibitions are potentially very
broad in scope and application, whereas the prohibition of disabling a
specific device (a serial copy management system), which is only found in
digital sound duplicating devices, is extremely narrow and well-defined.
Some commentators feel that the White Paper's recommendation is dangerously
vague. Perhaps, under its terms, merely having a conversation about
decryption algorithms would be illegal. What about decryption by police for
the purpose of arresting criminals? How are manufacturers and distributors to
determine what the primary purpose of the device is, where is it used for
both illegitimate and legitimate purposes. What if the primary use changes
over time?
Accordingly, the direction that this proposal should take in order to address
this vagueness is to focus on the purpose of the decryption, as opposed to
the decryption itself.
Concern has also been expressed that this provision would inhibit fair use,
because activities that would qualify as fair use could be blocked by
anti-access devices for which there is no available breaking device
available. The same concerns would apply to the inability of accessing
copy-protected works which are in the public domain, and therefore, not
protected by the copyright laws at all. Additionally, reverse engineering,
which in many cases is permissible, and which significantly contributes to
the development of technology, could be severely inhibited.The White Paper
answers these concerns by stating that (1) copyright owners have no
obligation to allow for fair use and (2) if a device is primarily used for
lawful purposes, then it would be available for use.
In summary, the White Paper is correct that technological security
protections are necessary and should be bolstered by legal consequences.
Nevertheless, the proposal as currently formulated needs to be reconsidered
because it could have the extremely negative result of limiting access to
valuable information that should be freely accessed.
-- END --
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 18 Oct 1995 13:55:25 -0500 (CDT)
Subject: Info on CPD [new]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
[new: Ordinary copyrighted material should not be submitted. If a]
[copyright owner wishes to make material available for electronic]
[distribution then a message such as "Copyright 1988 John Doe.]
[Permission to distribute free electronic copies is hereby granted but]
[printed copy or copy distributed for financial gain is forbidden" would]
[be appropriate.]
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the Subject: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Web browsers will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V7 #032
******************************
.