Information Technology and the Law

For those of low SES, Internet access at the public library is more than just another resource for research. It is difficult as Princeton students to imagine life somewhat “unplugged” where if we wanted to check our email we would need to go to the library to do so. However, for those that don’t have the means but want to remain technologically skilled the public library is one of their few options. It is important that those who use the Internet at the public library have full unrestricted to it, so that they can hone and fine tune their skills. Part of using the Internet is weeding out the junk. To install filtering technology (regardless of how well it works) is analogous to giving an AOL user an Internet-only ISP. It babies and dumbs-down the Internet in such a way that makes those trained on it incapable of being effective when sitting at a non-filtered / “pure” Internet box. I believe that it is only fair to those who are using the Internet in public libraries that they have full access to the internet, regardless of what the content is.

However, it is important also that children be protected from obscene material. Internet access in schools therefore should have restrictions. Very heavy filtering rules (possibly white-list only) should be applied, and only as students get older might those filtering rules be relaxed as age provides maturity but also the necessity for more potentially risqué resources for papers. If children wish to use the Internet in public libraries, they must be accompanied by an adult. This does not, however, alleviate the possibility of children walking by the computer when a user has something pulled up that might be objectionable, leaving objectionable materials on the screen or in the printer tray. The latter problem can be solved technically by causing timeouts and printer queues. The possibility of walking by on-screen objectionable material could be dealt with simple privacy screens placed over the monitors.

Lastly in order to encourage positive use of the Internet at both public libraries and schools, there need to be repercussions against those who deliberately seek out objectionable materials on the Internet. These should be levied against the individual, not against the organization, especially one that is providing such an important service. Those that are pulling this objectionable material are *not* the majority of web users, and they are the ones that should be blamed.

The recent Cnet.com article points out that The Family Entertainment and Copyright Act has severely increased the penalty for pre-release copyright infringement. According to Cnet, the current law considers “the reproduction of 10 or more copies of one or more copyrighted works, which have a total retail value of $2,500 or more.” The rewrite is “written so broadly it could make a federal felon of anyone who has even one copy of a film, software program, or music file in a shared folder and should have known the copyrighted work had not been commercially released.”

While I understand the reasoning behind why intellectual property should be protected, I just can’t help but to wonder why the RIAA and MPAA (those most ecstatic over the bill) haven’t done something more administrative to stop this sort of “pre-release” leaking. I mean, isn’t that the problem? I may be completely wrong, so please correct me if I am, but it is not like robbers dressed in all black carrying a bag with a big dollar sign printed on it are rummaging through various Hollywood movie studios and recording studios in a Mission Impossible sort of grand theft. It is understood that many of these leaks come from employees along the different lines of distribution.

I would not put the burden of pre-release piracy on the Department of Justice, but would readily blame the different associations. It seems though that this Family Entertainment and Copyright Act has had this pre-release criminalization tacked on to a larger bill. The way our system works, however, will mean that probably only those egregious pre-release sharers will be the ones to come under fire while the rest of those minor sharers will continue to fly under the radar.

Internet2 is NOT a private network. I am yet to read a press release about the RIAA and MPAA’s lawsuits against college students that doesn’t make this mistake. If a network connects in any way, shape, or form to the internet it should be assumed that it is not a private network.

Internet2 is just a high-speed only network. There are no chokeholds or bottlenecks to the network other than physical limitations of electronic transmission. The reason for an individual to use i2hub (the p2p software designed with the speed of internet2 in mind) is to achieve extremely fast downloads.

With that in mind, there was a significant “membership” sort of check in place on the i2hub servers. One needed to have his/her alias preceded by a call-sign for the given university that was accessing the p2p network. I would have assumed that those call-signs were checked against the IP addresses of the computer attempting access and then if the two matched, access was granted. So, for example, my dormnet subscription FQDN is edelaney.student.princeton.edu. If I wanted to hop onto i2hub, I would have need to place a “[pton]” in front of my alias. I2hub should have checked “pton” w/ “princeton.edu” and said “ok, those go together, welcome to i2hub p2p network.” Whether or not the i2hub servers actually filtered based on this is somewhat fuzzy to my understanding of the service. More importantly though, is how someone from the RIAA obtained access to this extremely rudimentary yet seemingly effective membership-limiting scheme. It has been pointed out that Warner Bros. is on Internet2, but to gain access from one of those machines would fail the above proposed network handshake: [pton] from riaa.warner.com FQDN should not be allowed onto the network. That’s not to say that university officials weren’t employed or asked to help out the RIAA/MPAA, which at this point seems like the only possible solution.

The fact that users of I2 and the media just don’t understand exactly what it is shows that there is bound to be a lot of confusion about these particular law suits. Unfortunately, in the end, while a good attempt at creating a seemingly private network of file traders, it is no different than other p2p technologies. Maybe we will see p2p networks crop up where you certain credentials are needed to join. I would suggest a RIAA/MPAA lawsuit, EFF membership card, or maybe some sort of gang-like handshake.

Associated Press (AP) is reporting on a recent Pew (Pew Internet and American Life Project) survey that claims Americans are more tolerant of SPAM. This comes at an interesting point, because an AOL spammer was just recently sentenced on a felony for sending bulk emails to nine years in prison (he will be appealing the case, and so will not start his sentence until it is held up by an appeals court). The Pew survey, done by Deborah Fellows, shows that a year ago sixty-two percent of Americans were not trusting of email because of spam, however the new Pew survey shows that number had dropped to fifty-three percent. This drop, Fellows argues, shows that Americans are more trusting of spam and care less that it is in their inbox. This is especially important considering that a fifth of more of those people surveyed have been receiving more spam than a year ago at either at work or home. Only fifty-three percent of those internet users surveyed felt that spam is “a big problem.” If we are to take the Pew survey as representative of the internet population, which is uncertain because they have not released their data set, than shouldn’t we assume that a nine-year prison sentence for a spammer may seem a bit stiff in the eyes of America’s internet population? Thomas Horne, the man who was, AP reports, one of the top ten spammers in the world, is appealing his case because the nine year sentence seems harsh considering the Virginia anti-spam law was enacted two weeks prior to his “spam attacks” and he lives in North Carolina. I find this particular scenario particularly fascinating. Large corporations who have the resources to push for harsh spam laws, which as we have discussed in class as being potentially unconstitutional, in spite of American sentiment towards spammers. Americans, as a general rule of thumb, tend not to get to terribly worked up about many things. Spam has become just another “annoyance like air pollution and traffic that [Americans] are just learning to live with.” Why then, if Americans just don’t care enough about spam, does AOL get to strong arm Virginia legislature into harsh spam laws that essentially affect the rest of the country, seeing how their servers are located on Virginia soil? There are many things that individuals can do to prevent spam, and there are many more that a service like AOL can do to thwart spammers. However, those require a sort of building and re-building a better mousetrap. While, I would in no way advocate spam, I do believe that it is the responsibility of large business like AOL develop better spam filters and better algorithms to detect fraudulent messages in order for their subscribers (and anyone they would want to sell their technology to) to be spam “free.”

The one thing that always seems to amaze me and excite me about computer science is the ability for people to get around different “road blocks,” whether they be anti-virus scanners, spyware removal tools, spam filters, DVD copy protection, etc. There always seems to be a different approach, and only good can come from the technological one-up-manship that the internet and computers encourage.

Continuing my tangent from my last post, the Playstation 1 and 2 are under scrutiny for patent infringement. Federal district courts have decided that the “Dual-Shock” controller, which gives haptic feedback during game play, infringes on a small California-based company called Immersion Corporation patent rights. The court ordered Sony to pay damages of $90.7m, but the real concern was that Sony would have to suspend sales of the Playstation. Fortunately for Sony, since they appealed, that court order doesn’t hold.

Now, personally, I’m always for the underdog sticking it to the mega-corporation, but in this case I just can’t help but be a bit cynical about Immersion Corporation’s real interest in anything but making oodles of money. This is a press release given by Immersion CEO:

“Immersion is built on a strong foundation of innovative technology and intellectual property. We now hold more than 270 patents in our worldwide intellectual property portfolio and have more than 280 patent applications pending. Immersion has a long list of licensees in the automotive, gaming, medical, mobility, and other markets, and we will continue to license our technology under appropriate circumstances. We will also continue to vigorously defend our intellectual property for the benefit of our licensees and shareholders.” – Viegas

The fact that the courts ruled so decisively on the issue shows that this is simply a patent infringement case. Ordering a company that makes the *worlds most popular gaming console* to pull its product is a pretty surefire bet that Sony was using the technology that Immersion patented. But, that brings me to a big question: who cares?! It’s just a video game system. Immersion is fully willing to spend the energy, time, and patiences of the federal court in order to cash in on a huge payday. 90 million dollars is not a number to be taken lightly, but why didn’t Immersion Corp. market their patented technology in the first place?

Sony did its own R&D to develop the Dual-Shock controllers, and the general consensus is that it’s the *best* controller (ergonomics, feedback, etc.) of any system. Microsoft also did its own R&D (but probably pulled a lot from the Playstation model) and came up with the exact same haptic design: 2 motors controlling two different sized / weighted vibrators that give various degrees of “rumble.” That being the case, is this setup for a video game controller really that novel? The first feedback controller I ever felt was a joystick for the computer made by Logitech, and then very shortly after an add-on battery pack for Nintendo 64. Immersion could have thwarted companies from stealing its intellectual property much sooner had it gone after these companies in the early 90’s.

So, I did some more digging and found this interview with Viegas. To me, it seems like Immersion was just waiting for that big payday and struck while the iron was hot. 90 million dollars sure does buy a lot of other technology patents, especially after inking a deal with Micro$oft that would give them the clout to muscle their way into R&D firms that would be maybe unwilling to just hand over patents. While patent law is good and all that it helps protect inventors, it is my opinion that companies such as Immersion can successfully run a business model that is shady at best and on average a coupe d’etat of legitimate technology companies.

The Lexmark v SCC case is being touted as a “serious blow to the DMCA” by various console mod-chip blogs. The DMCA is mind-numbingly difficult to fully grasp, but it seems that the arguments being made by these different blogs seems not to be 100% accurate. I am wondering if the discussions circulating various console gaming blogs about the Lexmark case are a realistic application of the Lexmark verdict.

SCC (Static Control Components) backward engineered Lexmark’s ink tank encryption chip that kept generic manufactures from creating cheaper alternatives to Lexmark branded ink cartridges. Lexmark brought suit against SCC, and just recently the Sixth Court of Appeals sided with SCC and said that what they did was acceptable. As I am trying to get a grasp on DMCA, trademark, and copyright law, it would seem that the ink cartridge encryption / authentication technique would be protected by trade secret or at least trademark. However, it seems that the prevailing argument, whether or not it is arguable under the DMCA, is that ink is consumable, needs to be replaced, and that for Lexmark to be able to protect themselves from competition by this encryption process is not “ok.”

According to CDFreaks, they argue that that the Lexmark decision can be applied to the BIOS that protects console systems like Xbox and Playstation 2 (PS2). The BIOS of these systems has been reverse engineered in most cases. Xbox-Scene and other likeminded sites argue that the games are analogous to the printer ink cartridges, which need to be authenticated in order for the game be played.

I believe that the DMCA allows for making backup copies of any media you own. So, if you own and CD, it’s completely legal to rip and copy it to your iPod. Backup copies of Xbox or PS2 games don’t work because in the backing up / copying process the authentication codes don’t copy. So, it is necessary to modify the BIOS of these systems in order to play the legal backups you have made. Additionally, modified BIOSes allow other programs to run on these consoles, which are essentially “gaming-only” computers. So, there has been a very successful effort to port Linux to Xbox, PS2, and now even Nintendo GameCube.

I don’t think that the Lexmark v SCC ruling word-for-word applies to console hacking mostly because the games can’t be seen as “consumable.” If you purchase a Lexmark printer at some point you will have to replace the ink cartridge; there is no way around that. If you purchase a PS2 with one game, you could essentially play that one game for the entire life of your PS2 without needing to purchase a new game (and game rentals only complicate the situation further). So, as I am trying to get more of a grip on the DMCA, this is my own reading of the Lexmark case and how it may apply to console hacking. The reverse engineering of consoles, seems to be plausible as being protected, but not exactly to spirit from which the ruling was made.

I found a very interesting site the other day, which reminded me of Joel and other’s comments in the class. Several said that they would gladly pay for music, and actually the less they could pay for it, the more they would buy. Someone commented that $0.10 per song would encourage them to purchase more songs than if those same songs were $0.20. I happened onto a Russian site which offers a pay service for the downloading of music. What sets this particular site apart from iTMS or others is that the user has the choice of which codec s/he wants the music encoded with and the bitrate. The service is exactly what it seems like users, at least from the comments made in class, are looking for. The service is rated at $0.02 per megabyte of download. So, higher bitrates mean higher fidelity music but larger download sizes. It’s a trade off that the user decides. The legality of the site is shady, but it’s a step in the right direction.

I would also be interested in seeing a music site that worked in such a way that popular tracks cost more than unpopular tracks. A Britney Spear’s track could cost $0.99 whereas a Postal Service track would cost $0.10. According to SoundScan, CD sales, and downloads, prices would fluctuate, as songs fall out of favor their prices fall, but maybe not as quickly as they rise. In this sort of auction system for online music sales, it would allow for record labels to have less of a “chance” for recouping on artists. Internet distribution would then determine which CDs get pressed. We discussed in class that record labels have a difficult recouping costs from their artists they “take a chance on.” The auction system would encourage the discovery of new talents early for users as well, while the prices of tracks are low.