The seesaw ride of Web throttling and copyright

quote:

---

Originally posted by scooter:
[b]
Do the citizens own the network technology?[/b]

---

When we are talking about the wires, the answer is 'maybe' given we as citizens subsidized these companies to build the network. Should we call back those subsidies, with interests? Could these companies afford to exist if this was done?

These wires are placed above and below public and private property. Governments which we elect gave these companies the right-of-way to install these wires. If we were to start a feud between the property rights holders, the owners of the land would win out. If the phone and cable companies were retroactively charged rent for these wires it would easily wipe them out financially.

If we are to move to a world where the network operators can claim ownership rights, then we need to split up the network and separate the parts that can exist in a competitive marketplace from those that are a natural monopoly. It makes no more sense to expect every network operator to run their own last-mile connections as it does for every brick-and-mortar retailer to run their own roads. Those parts that are a natural monopoly must remain highly regulated or government managed (like our road system and other utilities). Competitive forces would then deal with any issues with the higher-level networking services.

See also: [url=http://blogs.itworldcanada.com/insights/2008/03/20/an-ideal-future-commu... ideal future communications infrastructure, how do we get there, and what is stopping us![/url]

quote:

---

Originally posted by Proaxiom:
[b]This sounds very strange.
[/b]

---

It [b]is[/b] very strange.

These issues [b]should[/b] be different and unrelated, but have been merged by various special interest groups.

Some copyright holders (independent, not just big corporate), their associations/unions/coalitions, and politicians believe that the way to deal with copyright infringement is to transfer the enforcement of copyright from law enforcement and the courts to technology. This is done by granting the providers of the technology (communications providers and device manufacturers) the legalized ability to control what is communicated using "their" technology.

The problem is, from a purely technological point of view the activities of creativity and the activity of copyright infringement are identical. You record/author, edit and communicate knowledge. Differentiating between creativity and copyright infringement is something that requires human intervention -- there is no way around this.

The only way copyright enforcement can work is if it is left as something managed by human law enforcement and the courts. Any attempt to have this enforced in technology will reduce the ability of citizens to create and communicate their own creativity -- which is a net negative for creators and society as a whole.

Net Neutrality, the 1996 WIPO treaties (which are biased against citizen/creator ownership/control over technology), the mis-titled Anti-Counterfeiting Trade Agreement (ACTA -- which has little to nothing to do with counterfeiting) are all very connected in that they are about this transfer of control from the law and citizens to the monopolistic/concentrated providers of technology.

Ironically, some of those assumptions weren't all that valid in the past. Voice circuits were originally analog from point-to-point. When they started to be digitized, they were the equivalent of 56K of traffic. What the phone companies wanted to do was use voice codecs to compress this data so that they could then under-build their networks (compared to what they were already doing) based on assumptions of what frequencies were in voice.

Modems of course screwed that up given they needed far more sound spectrum than a human talking would, and in the 80's there was an attempt to charge more for modem usage than voice calls based on this difference (and claims that it cost more to support modems).

But we need to go back -- this was phone companies trying to charge more money for less service. They had always had 56k (well, 64k for 8 bits, 56k for 7 bits) links from point to point in the past, and would need the same 56K for modems (yes, they had to push 56k of data for our 28.8kbps modems -- part of the silliness of analog modems which made ISDN far more sensible, if they had priced it appropriate to actual lower costs).

One of my arguments at the time was simple: are they going to charge me extra if I had Metallica (I was a fan in the 80's, but dropped in 2000 when they sued Napster) in the background and screwed up their compression?

This is why we need transparency and accountability for the telecom industry. There are times when there is legitimate congestion, and we need to have transparent and accountable rules used to handle that congestion. We also have what are essentially deliberate capacity limitations, attempts to circumvent existing regulation, or anti-competitive issues which are being alleged to be technical issues when they are not.

I believe (as the NDP private members bill says) that there are times when traffic management is legitimate and necessary, but that all that decision making has to be fully transparent to customers (and regulators). Not talked about in the NDP private members bill is the need to have sufficient competitors using alternative traffic management plans and pricing.

quote:

---

Originally posted by Proaxiom:
[b]I'd be interested to hear specific examples of technological controls against copyright limiting someone's ability to create original material.[/b]

---

You dove into a number of different technical issues which would need to be discussed separately in order to make sense of them.

The concept of "copy control", and what is now often called "Digital Rights Management" are not the same thing.

Copy control was most often done as a deliberate defect in the media which made copying harder. (IE: C-64 disks with deliberately placed holes in them so that the drive would read random data from that sector). It did not involve making modifications to the computer that would then be owned by citizens. They were also trivial to circumvent, and did not have any legal protection.

I worked in a Commodore dealer for a few years in the late 1980's. Given the physical damage to the drives that these "copy control" methods would cause (the drive head would be forced out of alignment), it was common practise for many dealers to hand long-standing customers the cracked version of any of the games they were buying.

Many (possibly still most) Satellite TV isn't encrypted, and doesn't have adequate controls on them. If they did upgrade their technology to use a crypto system it would wipe out most of the unauthorized reception fairly quickly. Even if the Satellite TV systems did use proper crypto it would still be largely outside the "DRM" debate as most of the reception devices are owned by the satellite company (and thus should be under their control) and not the home owner where the device is placed. We have different laws for "owners" and "renters" for a reason, and this should apply to digital hardware as well.

The easiest way to summarize the issue is this: Computer security and "DRM" use the underlying technology, but because of differences in who retains the digital keys implement different policies. Computer security is all about the owner of a device being able to lock unauthorized persons from accessing or controlling the device. "DRM" is all about a third party (most often the device manufacturer) being able to lock the owner of the device from being able to access and control the device.

It is hard to give you your specific example as we currently do not have end-to-end DRM systems. The DRM providers know that they need to get governments to pass the laws before they deploy the technology, otherwise there will be a greater understanding of the threats by the public which would make passing the laws harder. It is known to be far harder to get rid of existing bad laws than not passing them in the first place. Even simple mistakes like the Sony Rootkit fiasco has made passing these laws harder.

Today we have a few "output-only" devices such as an iPod which are locked down against their owner, but we don't generally have devices used for recording or editing which are similarly locked down. You need to be watching the global policy discussions to know what those who believe that locking down devices against their owners are doing. If you read up on the "Broadcast flag" or "closing the analog hole" you will find that the intent is to lock down camcorders and "personal" computers as well (all digital devices).

Picture this: You have a locked-down camcorder that has watermark detection in it. Your child takes their first steps, but unfortunately it is in front of the television and the camcorder goes dark because it detects the watermarks from the television. There is no way for this device to differentiate between a "pirate" and a "parent".

Closer to our current situation (locked down playback devices only), look at the massive problems the music industry is having with Apple. Such a large percentage of the music download market is owned by Apple that Apple is able to dictate terms to the labels rather than the other way around. In order to fight this the labels have been forced to make their music DRM-free (IE: more valuable to the customer) to competing outlets, while still forcing Apple to use DRM. The reality is that the only thing that this form of DRM accomplishes is create a platform monopoly where the hardware manufacturer (the keeper of the DRM keys) is able to leverage that monopoly to dictate terms to both the content industry and their audiences.

The same market and cultural problems that exist with other forms of media concentration exists here, except that there is public policy trying to discourage media concentration while this platform monopoly is legally protected by most implementations of the 1996 WIPO treaties (and this is included in ACTA, etc).

It is interesting how there is so much talk about C-10 which gives the Minister unaccountable control over the government funding of film and television. While important, this is an insignificant threat compared to the unaccountable market control for the distribution of content that platform monopolies are.

There is a cool video about "Trusted Computing" which explains the concept well: [url=http://lafkon.net/tc/]http://lafkon.net/tc/[/url]

Part of the problem with this discussion is that there are so many very different meanings of the different language ("copy control", "Digital Rights Management", "Trusted Computing").

To be clear, I'm talking about two specific harmful techniques: locking down devices where the owners are not given keys, and locking down content to only be interoperable with locked down devices. I believe that the owners of devices and legitimate audiences (IE: paid customers) of content should always have the relevant keys.

quote:

---

Originally posted by Proaxiom:
[b]Maybe you're not that into satellite TV piracy (not that I'm confessing anything), but it totally uses proper encryption.[/b]

---

I think we will quickly get into a longer discussion of what is an adequate use of encryption, which would confuse the heck out of most of the audience. Customer specific decryption keys and the necessity to periodically synchronize with a key server would solve the problem. The current system pretends you can deploy the receivers and not communicate bidirectionally with them, which isn't an adequate security system.

quote:

---

Originally posted by Proaxiom:
[b]I don't understand why the 'owner' vs 'renter' distinction is important: their legitimate customers are 'renters' only because the technological protections try to make it hard for 'owners' to decode their signals.[/b]

---

This distinction is critical.

If a given method to protect your intangible property value (IE: copyright infringement is not 'theft', it is just an illegal reduction of property value. See: [url=http://www.digital-copyright.ca/Jefferson_Debate]Jefferson Debate: A Godwin's law for copyright discussions?[/url]) involved revoking my [url=http://www.digital-copyright.ca/petition/ict/]tangible property rights in the hardware I own[/url], then your method of protection is invalid (and should be illegal).

I wrote an article
[url=http://www.digital-copyright.ca/node/3728]Another meaning for DRM: Dishonest Relationship Misinformation[/url] to detail the issue. We need to protect the rights of the owners of information technology to retain and manage the keys for what they own, and to disallow unauthorized foreign locks. Copyright is the least of the public policy issues that are implicated by legalizing or legally protecting these foreign locks.

quote:

---

Originally posted by Proaxiom:
[b]I don't have a problem with them at all, [b]provided they are not legislatively mandated[/b]. TPMs, for instance, have all sorts of legitimate uses. It is a security-enhancing technology.[/b]

---

Making these foreign locks legislatively mandated makes the situation far worse, but market conditions in a fully deregulated marketplace can ultimately have the same effect. Governments are not the only forces that can remove choices from and regulate the activities of citizens.

(See: [url=http://www.code-is-law.org/]Code: and other laws of cyberspace[/url])

We got caught in language again, given the term 'TPM' (whether "Technical Protection Measure" or "Trusted Platform Module") is a reference to a generic technology that is neutral to this specific debate.

Whether a given use of this technology is security-enhancing or anti-security isn't a technical issue, but a policy issue. The only distinguishing feature is [b]who retains and manages the keys[/b]. If it is the owner of the device (or their authorized representative), then it is security enhancing (and should have legal protection providing additional support to the technology). If the keys are held by someone not the owner of the device, and the device is specifically locked to disallow owner control or owner override, then this abuse should be illegal.

It is the same with a lock put on the door of a home. If the keys are controlled by the owner, then it is security enhancing. If the keys are controlled by someone else, and the purpose of the lock is to disallow the owner to enter their own home without permission from the third party, the same technology (a locked door) has an almost opposite policy implication. A lawsuit by the owners against the person who applied this foreign lock would likely be successful, but we don't have the same legal certainty if the lock is digital rather than physical.

Legalizing and legally protecting digital locks which revoke owner control and owner override is the issue I'm trying to bring up. Everything else turns out to be confusion caused by confusing language.

quote:

---

Originally posted by Proaxiom:
[b]And that's really important: Consumers decide how much control and functionality to relinquish in exchange for content.[/b]

---

I believe that "buyer veware" is a dangerously simplistic view of the issues. We must analyse market conditions and create and enforce policy such as competition law, privacy law, consumer protection laws, anti-counterfeiting laws, property and rental laws, and so-on. Much of our legal system is based on an understanding that the interests of society need to be protected far beyond just saying "buyer beware".

Have you read the clauses we used in our [url=http://www.digital-copyright.ca/petition/ict/]Petition to protect Information Technology property rights[/url]? Do you believe that what we are calling on the government to do is valid? Would you sign this, and recommend others sign it?