An uphill battle

Many bills before Congress would erode consumers' rights, but one measure deserves consumer backing

MAYBE IT'S TIME for a little self help of our own.

For years we've associated electronic self help -- the remote disabling of software -- with UCITA, the Uniform Computer Information Transactions Act. And UCITA is going to remain a threat in that regard as long as it remains on the books in Virginia and Maryland. But it's all too clear that the bigger threat now lies, geographically speaking, somewhere in between: on Capitol Hill.

It's almost a bad joke to see how many bills to deprive consumers of digital products their rights were introduced in Congress this year. Bills abound that would mandate all hardware and software products incorporate "technological protection measures" that would allow copyright holders to restrict and even terminate use of their products. And in this highly digitized, highly branded world, those products could be just about any household device you care to mention.

Some people are puzzled when I talk about these "copyright holder protection acts" in the context of remote disabling of software. After all, it's the motion picture and music industries that are hauling buckets of money to D.C. in support of these bills. And they are in fact opposed by many high tech companies as restricting technological innovation. But Congress also had the media moguls' interests uppermost in mind when they passed the DMCA (Digital Millenium Copyright Act) in 1998. That sure hasn't prevented the software industry from using the DMCA for its own purposes, such as jailing Russian programmers or arbitrarily shutting down online auctions of used software. As with the DMCA, any tools Congress hands copyright holders will almost surely be used most aggressively by the software industry for purposes Congress probably doesn't intend.

When it comes to electronic self help, the one thing that the DMCA and most of these proposed bills lacks is a "safe harbor" protecting the virtual repo man from criminal charges under data tampering and anti-hacking laws. Another bill introduced this year by Rep. Howard Berman of California is designed to fill that gap. The "P2P Piracy Prevention Act" (H.R. 5211) has created quite a stir by granting copyright holders immunity for hacking activities of their own, such as denial-of-service attacks, when done to thwart piracy on peer-to-peer networks. Responding to the outrage the bill has generated, supporters have argued in part that Berman's bill specifically prohibits those exercising self help from deleting, altering, or corrupting computer files. And it does, but with a very interesting loophole.

The Berman bill's central provision says "a copyright holder shall not be liable in any criminal action for ... impairing the unauthorized distribution ... of his or her copyrighted work on a publicly accessible peer-to-peer network, if such impairment does not, without authorization, alter, delete, or otherwise impair the integrity of any computer file or data residing on the computer of a file trader." Now, that "without authorization" phrase strikes me as rather incongruous. Why say that it's OK for the copyright holder to rape and pillage, as long as they have authorization? Who in their right mind is going to authorize anyone to impair the integrity of their system?

Well, it just so happens that Windows XP users have already authorized Microsoft to do just that. Remember, even before the Service Pack 3 for Windows 2000 update added all those additional nasty terms, the original Windows XP license agreement gave Microsoft the right to "download onto your computer such security updates that a secure content owner has requested" even though those updates "may affect your ability to copy, display, and/or play Secure Content through Microsoft software or third party applications." Is that the kind of authorization Rep. Berman had in mind when he stuck that phrase in there?

Some observers believe that H.R. 5211 has little chance of being passed in its current form, and the same can be said of many of the other bills that aim to give copyright holders more control. But the media conglomerates have deep pockets, so, for every bill that stalls, a few more crop up. One way or the other, they mean to have a law that gives teeth to their copy protection schemes.

There is at least one ray of hope. Earlier this month Rep. Rick Boucher of Virginia introduced the Digital Media Consumers' Rights Act (H.R. 5544), a bill designed to roll back some of the worst imbalances created by the DMCA. It would amend the DMCA to allow users to bypass copy protection schemes for noninfringing "fair use" purposes, and it would mandate that copy-protected audio CDs be clearly labeled so customers will know they're not getting a standard CD that can play in all devices.

Boucher's bill is certainly a step in the right direction, and the best thing about it is the range of support it has received, including endorsements from Intel, Verizon, Sun, Gateway, the Consumer Electronics Association, Consumers Union, Electronic Frontier Foundation, and the American Library Association. Of course, even with that show of support, Boucher's proposal will never have the kind of lobbying muscle (that is, cash) that the copyright holder protection acts have behind them.

But all these bills must wait for the next Congress, the one we are about to elect, and therein lies an opportunity. With Boucher's bill having been formally introduced, it makes it much easier for voters to push their congressional candidates to take a clear position on these issues. Ask your congressional candidates to take a stand in favor of H.R. 5544 and to oppose H.R. 5211, and see what they say. It's not likely to affect who wins this election, but it will serve notice that this is an issue that is on the voters' radar screen. That's the one way we have right now of helping ourselves.

Copyright © 2002 IDG Communications, Inc.

How to choose a low-code development platform