DRM

Sound Approach to Copyright Protection

In Digital Pirates Beware (subscription required), Wade Roush discusses:

the latest digital fingerprinting technology to scan public computer networks for unauthorized copies of music files, still images, movies and software. And they can watch as those illicit files spread from hard drive to hard drive—whether or not the files bear the invisible digital “watermarks” often used to identify their original owners.

My take on this, subject to some verification, is that these technologies can prowl the public P2P networks looking for specific files, generate some unique ID info based on the file, then catalog any other instances of that same file it may find. This provides content creators with an important tool to understand how much of their work is being pirated, where it's originating, and where it is spreading. More importantly, it puts the burden of proof where it belongs -- on the copyright holder -- without forcing prior restraint on honest purchasers.

While Roush's article intimates that the fingerprinters can scan my hard drive I suspect this is true only to the extent that I participate in publicly accessible P2P networks. It's theoretically possible to get past my firewall, install software on my machine, bypass my ZoneAlarm Pro monitoring and sneak packets out to some nefarious agency, but not very damned likely.

It's rather more likely that these guys are doing nothing more than scanning a directory I have voluntarily opened to public query by logging it into LimeWire, KaZaA, or similar sharing software. They have every right to scan it and that's the beauty of this approach. P2P systems only work to the extent that you open yourself up by being a peer, and once you are a peer you have given implied consent to having your "shared" files scanned by anyone who is interested.

I like this idea. If you are trafficking in pirated software the copyright owners have as much right to shut down your P2P "storefront" as they do to shutter a street corner vendor selling stolen watches. This is the sort of enforcement that makes rampant pirating of stolen material unattractive to the average user, while leaving them free to use their own files as they see fit. It also leaves the P2P networks free of overwrought regulation and ill-conceived legislation, allowing for the development of innovative -- and legitimate -- uses.

As usual, free enterprise has devised a snappy solution to a thorny problem without steamrolling users, while the bureacrats and bumbling behemoths have seen it as just one more chance to roll out a stupid world domination strategy.

I'd be interested to hear if you think I'm off base on this one.

For more info on this stuff see:
BayTSP
Cyveillance
LoudEye
Relatable

Details on TCPA/Palladium

TCPA / Palladium FAQ. [Privacy Digest]

A Dangerous Troika -- Government, Publishers, and PC Industry

Lawrence Lessig first introduced us to this foul juxtaposition in his book Code and Other Laws of Cyberspace. And in this Reason Magazine interview about his newest book, The Future of Ideas, says, "In my first book I was quite pessimistic. It turns out I was not pessimistic enough."

The problem is more than just starting down a "slippery slope". The motives for each of the three parties are quite different and, individually, their initiatives could be modified or repealed to a tolerable level. But when fate and circumstance align the goverment with two of the strongest economic powers in our nation to push for massive control architectures we have little means of fighting back save extraordinary diligence, a stoic skepticism, and an outright refusal to buy products that attempt to control our lives.

The courts are supposed to watch the government, the govermnent should be providing some limited "general welfare" oversight on business, and business is supposed to be responsive to its customers. None of that seems to be happening right now. Houston, we have a problem...

Dave Winer at Scripting News found the tweney report for 2002-06-28: Broken trust.

Windows XP has some rudimentary self-protection technologies built in, but Palladium won't appear full-blown until the next major release of Windows in a couple of years. That's because Palladium depends on specialized chips being developed by Intel and AMD, which will handle the encryption and authentication. In the early stages, this will rely on a so-called "Fritz" chip (named after Sen. Fritz Hollings, the sponsor of a draconian digital rights bill), which verifies that your computer is running an approved combination of hardware and software -- before your computer even boots up. Once Fritz certifies the system, it can pass that certification along to third parties, such as Microsoft, Disney, Sony, or AOL/Time Warner. Later, "Fritz" capabilities will be built right into the central processor, making it next-to-impossible to intercept unencrypted data. Everything coming in and out of the CPU will be encrypted and digitally signed. [...]