Tag Archives: DMCA

Be a Pioneer in the Field of Software Forensics

I hope you’re all aware of my book The Software IP Detective’s Handbook: Measurement, Comparison, and Infringement Detection. It’s the first book on Software Forensics, a field that I pioneered at Software Analysis and Forensic Engineering and Zeidman Consulting. Whereas Digital Forensics deals with bits and files, without any detailed knowledge of the meaning of the data, Software Forensics deals with analysis of software using detailed knowledge of its syntax and functionality to perform analysis to find stolen code and stolen trade secrets. The algorithms described in the book have been used in many court cases. The book also describes algorithms for measuring software evolution, particularly as it relates to IP changes.

If you are a teacher, this is a great time to incorporate the materials in the book into your courses on software development, intellectual property law, business management, and computer science. There’s something for everyone in the various chapters of the book. Your students and you will be at the forefront of an important and very new field of study.

If you’re interested, please contact me.

Will Congress Break the Internet? A look at SOPA and PIPA.

There has been a lot of writing, and action, by people for and against the two bills being considered by Congress for protecting intellectual property owners from having their rights infringed online. The PROTECT-IP Act (PIPA) is the version of the bill being considered by the Senate. The Stop Online Piracy ACT (SOPA) is its counterpart being considered by the House of Representatives. The law firm of LaRiviere, Grubman & Payne, LLP does a good job of summarizing the two laws here. The two bills are different and, if passed, will have to be rolled into a single bill, but their essence is to enable U.S. law enforcement or a private party to shut down websites that are “dedicated to infringing activities.” Such a website is defined in the bills one whose primary purpose is infringement. The accuser must show that the website has “no significant use” other than engaging in, facilitating, or enabling any of the following:

  1. Copyright infringement; or
  2. Infringement or violation of any of the protections contained in the DMCA (Digital Millennium Copyright Act) including its anti-circumvention provisions; or
  3. The sale or promotion of counterfeit goods.

The shutdown of the website is effected by disabling DNS translation. When a user types in a URL such as www.ZeidmanConsulting.com, the network devices that implement the Domain Name System (DNS) throughout the Internet, called “DNS servers,” translate the characters into an Internet Protocol (IP) address consisting of numbers such as

Recently the web domain registrar GoDaddy announced that it supported the bills. Shortly thereafter, angry Internet users at blog site reddit called for a boycott of GoDaddy and, not surprisingly, GoDaddy competitors immediately jumped in by offering users discounts to jump ship. To date, over 40 Internet companies have come out against the bills (see here)*. The House issued a paper listing over 140 companies that have come out in favor of the bills (see here). GoDaddy gave in to the pressure and reversed its position on the bills.

Renowned attorney Mark Lemley and colleagues David S. Levine and David G. Post wrote a recent article for the Stanford Law Review entitled Don’t Break the Internet. You can tell from the title where they stand, but I’d like to address each of their main points.

The Bills Will Not Harm Internet Infrastructure

These authors claim that “the bills represent an unprecedented, legally sanctioned assault on the Internet’s critical technical infrastructure.” The authors go on to say that implementing such filtering “threatens the fundamental principle of interconnectivity” and “will also have potentially catastrophic consequences.” I’ll give them the benefit of the doubt that they’re not trying to simply use exaggerated scare tactics, but rather they just don’t understand the technical issues.

Every time you register a new domain, the DNS servers throughout the Internet are updated with the translation. This is part of the normal course of events. Every time a domain name expires, the DNS servers are again updated to remove the translation. According to a report by VeriSign, there were 4.9 million new domain name registrations in the third quarter of 2011. That’s about 37 DNS changes per minute on average, not counting changes due to expired domains. From a technical point of view, the bills do nothing different than what happens many times each day on the Internet and has no technical challenges or risks whatsoever.

The Bills Do Not Violate Basic Principles of Due Process

These authors go on to state that these acts “violate basic principles of due process… by depriving persons of property without a fair hearing and a reasonable opportunity to be heard.” I’ll assume that these attorneys have never watched the TV show Law and Order, or any other cop show, or taken part in a criminal investigation where a court orders a warrant, based on evidence, that otherwise violates a person’s constitutional rights because there is evidence of illegal activity. These bills, as with all similar bills, require a court to make a decision to take action or not. I’ll assume that the authors of the paper have also not spent much time in a courtroom, because as an expert witness I can tell you that no judge takes such a decision lightly and that there are high thresholds of proof. Without this kind of ability to shut down illegal activity, accused criminals would simply avoid showing up for court in order to evade punishment.

The Bills Do Not Violate Free Speech Rights

These authors claims that each bill is an “unconstitutional abridgement of the freedom of speech protected by the First Amendment.” I’ll assume that the law professors are a little rusty on constitutional law particularly with respect to the First Amendment. Many types of speech are not protected such as hate speech, child pornography, and speech that infringes on copyrights.

The authors go on to claim that “[t]he Constitution requires a court ‘to make a final determination’ that the material in question is unlawful ‘after an adversary hearing before the material is completely removed from circulation.'” In other words, you cannot take down a website until you allow the accused to appear in court to defend himself. This quote is taken from the decision in the case of Center for Democracy & Technology v. Pappert. Again I’ll give the authors the benefit of the doubt that they were just too busy to actually read the court’s decision, but you can do so by clicking on the link. The full decision reads a “publication may not be taken out of circulation completely until there has been a determination  of obscenity after an adversary hearing” (emphasis added).This case is about the conflict between free speech rights and an accusation of child pornography, not about free speech rights and copyrights. But a case about free speech and copyrights on the web already has a precedent. Years ago the Digital Millennium Copyright Act (DMCA) was similarly challenged in federal court and survived. The decision in U.S. v. Elcomsoft confirmed that restrictions in the DMCA were not a violation of due process and did not conflict with the First Amendment.

In fact, copyrights have been enforced in this country as long as the constitution has been around, and longer than the Bill of Rights because their protection is given in Article I, section 8:Congress shall have power… To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries.

The formal codification of copyright law took the form of the Copyright Act of 1790, before the adoption of the Bill of Rights in 1791. So the First Amendment’s protection of speech and the Copyright Act’s provisions for injunctive relief, seizure, and forfeiture coexisted easily for over 200 years without conflict. Terry Hart explains the history of the relationship between copyright and free speech in his extensive article here and in several other well-researched articles on his Copyhype blog.

The Bills Would Not Turn the U.S. Into a Repressive Regime

The authors’ final point is made with this statement:

It would be not just ironic, but tragic, were the United States to join the ranks of… repressive and restrictive regimes, erecting our own “virtual walls” to prevent people from accessing portions of the world’s networks.

Repressive regimes are actually those that do not protect individual property rights, but rather allow the government to determine who owns what, or conversely allows property theft to go unpunished. Repressive regimes do not allow individuals to protect their own property but require the government to do so on their behalf. Repressive regimes do not have the court system and the legal system of the United States that strict procedures and requirements to be met. Repressive regimes do not have the checks and balances in their government systems to allow one organization, corporation, government branch, or individual to challenge any law and any action taken by any other organization, corporation, government branch, or individual. Repressive regimes concentrate power in a few elite, not in individuals. There is no realistic concern that this law will turn the U.S. into a repressive regime.

Copyright and Trademark Infringement on the Internet is a Very
Real Problem

In their conclusion I find surprising agreement with the authors. They state:

Copyright and trademark infringement on the Internet is a very real problem, and reasonable proposals to augment the ample array of enforcement powers already at the disposal of IP rights holders and law enforcement officials may serve the public interest. But the power to break the Internet shouldn’t be among them.

They are absolutely correct. We must find reasonable ways to stop infringement of intellectual property on the Internet. Such a solution must be fair to the victim of the infringement. It must uphold the principles of the Constitution of the United States. And it must not break the Internet. SOPA and PIPA may not be perfect implementations of such protection, but they meet all of these requirements. There may be better strategies that can be reached through measured and thoughtful debate, but not through excessive hyperbole and fear.

*It doesn’t surprise my to see Scribd on this list. I play a regular game of whack-a-mole trying to remove illegal, free copies of my articles and books on this site that just pop up again within a few weeks after I send them a DMCA takedown notice.

The Software IP Detective’s Handbook

My book on software intellectual property, a labor of love (and hate) for the last two years, has just been published by Prentice-Hall. The book is intended for several different audiences including computer scientists, computer programmers, business managers, lawyers, engineering consultants, expert witnesses, and high-tech entrepreneurs. Some chapters give easy-to-understand explanations of intellectual property concepts including copyrights, patents, and trade secrets. Other chapters are highly mathematical treatments describing quantitative ways of comparing and measuring software and software IP. The first chapter of the book outlines which chapters are most important for the different audiences.

Overall the book covers the following topics:

  • Key concepts of software intellectual property
  • Comparing and correlating source code for signs of theft or infringement
  • Uncovering signs of copying in object code when source code is inaccessible
  • Tracking malware and third-party code in applications
  • Using software clean rooms to avoid IP infringement
  • Understanding IP issues associated with patents, open source, and DMCA

You can purchase your copy from Amazon.com here.

The DMCA exemptions

The Digital Millennium Copyright Act has been praised by some, vilified by others. Many don’t know that the DMCA specifically allows copying of protected works by researchers, libraries, nonprofits, and academic institutions. Also, the Librarian of Congress is required to issue exemptions from the prohibition against circumvention of access-control technology when such technology prevents people from making non-infringing uses of copyrighted works. The current exemptions, issued just last week are described below. Note that all of these allowable uses assume that the person copying the work has purchased the work or has otherwise rightfully obtained it.

  1. To copy short portions of movie DVDs for the purpose of criticism or comment, specifically:
    • Educational uses
    • Documentary filmmaking
    • Noncommercial videos
  2.  To enable computer programs that allow cell phones to run software applications written for other cell phones (known as “jailbreaking” or “rooting”).
  3. To enable computer programs that allow used cell phones to connect to a phone network as long as it is authorized by the operator of the network.
  4. To run video games on personal computers for the purpose of testing for, investigating, or correcting security flaws or vulnerabilities.
  5. To bypass broken or obsolete dongles that prevent a program from running.
  6. To enable an ebook’s read-aloud function or screen readers that convert the text into a specialized format.