Law and Information

My draft paper on “Legal Frameworks and Technological Protection of Digital Content: Moving Forward Towards a Best Practice Model” is now online available via SSRN. The abstract reads as follows:

The increased ability to copy and distribute information, knowledge, and entertainment in the digitally networked age has provoked a series of responses. In order to gain back control, copyright holders have made use of so-called technological protection measures (TPM) – including, for instance, Digital Rights Management (DRM) schemes – that are aimed at regulating the copying, distribution, and use of and access to digital works through code (“code is law”). Activists, in turn, have immediately taken counter-measures and designed tools that enable the hacking of technological protection measures such as copy and access controls. In response, law makers at both the international and national level have enacted legal provisions aimed at banning the act of circumvention of TPM on the one hand and the production and dissemination of circumvention tools on the other hand. Prominent examples of such legislation, among others, are the WIPO Internet Treaties (WCT art. 11 and WPPT art. 18), the Digital Millennium Copyright Act (DMCA sec. 1201), the European Copyright Directive (EUCD, art. 6 and art.8), and the respective implementations of the EUCD into the laws of EU Member States.

Against this backdrop, this paper takes it as its baseline that many countries have already enacted legislation or will soon legislate on TPM in order to comply either with international obligations under WIPO, or with international free trade agreements involving a party that has powerful content industries such as the U.S. Thus, the immediate question before us is no longer whether the second and third layer of protection of digital works is appropriate or viable. Rather, at this stage, attention should be drawn to the alternative design choices that remain with countries that face the challenge of drafting or revisiting a legal regime aimed at protecting TPM. Consequently, the purpose of this paper is to identify different legislative and regulatory approaches and to discuss them in the light of previous experiences with TPM legislation in the U.S. and in Europe. Ultimately, the paper seeks to formulate basic design (or best practice) principles and to sketch the contours of a model law that aims to foster innovation in the digitally networked environment and minimize frequently observed spillover effects of TPM legislation.

The Yale Journal of Law and Technology just published my article on search engine regulation. Here’s the extended abstract:

The use of search engines has become almost as important as e-mail as a primary online activity. Arguably, search engines are among the most important gatekeepers in today’s digitally networked environment. Thus, it does not come as a surprise that the evolution of search technology and the diffusion of search engines have been accompanied by a series of conflicts among stakeholders such as search operators, content creators, consumers/users, activists, and governments. This paper outlines the history of the technological evolution of search engines and explores the responses of the U.S. legal system to the search engine phenomenon in terms of both litigation and legislative action. The analysis reveals an emerging “law of search engines.” As the various conflicts over online search intensify, heterogeneous policy debates have arisen concerning what forms this emerging law should ultimately take. This paper offers a typology of the respective policy debates, sets out a number of challenges facing policy-makers in formulating search engine regulation, and concludes by offering a series of normative principles which should guide policy-makers in this endeavor.

As always, comments are welcome.

In the same volume, see also Eric Goldman‘s Search Engine Bias and the Demise of Search Engine Utopianism.

Two new documents by OECD on digital media policy. The first report is the official summary of the OECD – Italy MIT Conference on the Future Digital Economy: Digital Content, Access and Distribution (see Terry Fisher’s main conclusions and the interesting policy items at the end – monopoly of search engines, DRM, user-created content).

The second report is an OECD study on Digital Broadband Content: Digital Content Strategies and Policies. As complement to the above conference, this OECD study identifies and discusses six groups of business and public policy issues and illustrates these with existing and potential OECD Digital Content Strategies and Policies.

Jean-Baptiste Soufron writes:

Read more. (Thanks, Jean-Baptiste!)

Over the past few weeks I’ve been working, among other things, on a paper on third layer protection of digital content, i.e., anti-circumvention legislation in the spirit of Art. 11 WCT and Art. 18 WPPT and it’s counterparts in regional or national pieces of legislations (e.g. Art. 6/8 EUCD and Sec. 1201 DMCA.) The 50+ pages, single-spaced paper is very much research in progress. It is based on prior research and takes it as its baseline that many countries have already enacted legislation or will soon legislate on TPM in order to comply either with international obligations under WIPO, or with international free trade agreements involving a party that has powerful content industries such as the U.S. Thus, I argue that the immediate question before us is no longer whether the second and third layer of protection of digital works is appropriate or viable (personally, I’m convinced that it is not, but that’s another story. BTW, initial reactions to my draft paper by friends suggest that I should use stronger language and make a clear normative statement in this regard. I’m not sure whether a more radical approach will contribute to project’s goal, but I will re-consider it.) Rather, at this stage, attention should be drawn to the alternative design choices that remain with countries that face the challenge of drafting or revisiting a legal regime aimed at protecting TPM.

Consequently, the purpose of the working paper (drafted in the context of a consulting job for a government in the Middle East) is to identify different legislative and regulatory approaches and to discuss them in the light of previous experiences with TPM legislation in the U.S. and in Europe. Ultimately, the paper seeks to formulate basic design (or best practice) principles, and to sketch the contours of a model law that aims to foster innovation in digitally networked environment and minimize frequently observes spillover effects of TPM legislation.

The paper is divided into three parts. In the first Part, I provide a brief overview of international and national legal frameworks that protect technological measures by banning the circumvention of TPM. The second Part of the paper discusses three particularly important as well as generally contested elements of anti-circumvention legislation—i.e., subject matter and scope; exemption interface; sanctions and remedies—and analyzes in greater detail some of the differences among jurisdictions in order to identify alternative approaches or what we may call “design choices.” The third Part provides a brief summary of what commentators have identified as core areas of concern with this type of legislation. Based on the findings of Part II and the preceding section, basic design principles will be suggested. The final section paints in broad strokes a model law with discussion issues and some guiding principles that might be helpful to policy makers who face the challenge of crafting anti-circumvention legislation.

Today, I’d like to share with you some thoughts at the most abstract level of the paper. Against the backdrop of the analysis in the first two Parts of the paper, I tried to formulate five basic design principles for legislators that face the challenge to implement the WIPO Internet Treaties anti-circumvention provisions. These principles are further specified in the final part of the paper, which provides the rough outline of a model law. The relevant section reads as follows:

“Part II of the paper and the previous section has analyzed, inter alia, what approaches to TPM legislation have been taken and what consequences (intended as well as unintended) certain design choices might have. For the reasons discussed in Part II.C., it is not feasible to provide detailed substantive guidance as to how an anti-circumvention framework should look like without knowing the specifics of the legislative, judicial, cultural, economic, and political environment of the implementing country. However, it is possible, based on the analysis in this paper, to suggest three basic subject-matter design principles that should be taken into account by policy makers when drafting and enacting anti-circumvention laws:

• Principle 1: Get the terminology right, i.e. provide precise, clear, and unambiguous definitions of key concepts and terms such as “technological (protection) measures,” “effective” TPM, “acts of circumvention;” etc. The analysis of existing anti-circumvention laws in different jurisdictions across continents suggests that legislators, by and large, have done a poor job in defining core terms of anti-circumvention. Although it is true that laws often use abstract terms that require interpretation, it is striking how many vague concepts and ambiguous terms have been identified within the context of TPM legislation. The EUCD, as it has been transposed into the laws of the EU Member States, is particularly illustrative of this point since it leaves it up to the national courts and, ultimately, to the European Court of Justice to define some of the basic terms used in the respective pieces of legislation. In particular, legislators should avoid merely “copying and pasting” provisions as set out by international treaties or other sources of norms without making deliberative choices about the concepts and terms that are used.

• Principle 2: Recite traditional limitations and exceptions to copyright in the context of anti-circumvention provisions. The review of exception regimes under various legal frameworks as well as the overview of initial experiences with anti-circumvention legislation in the U.S. and in Europe has suggested that anti-circumvention provisions tend to change the carefully balanced allocation of rights and limitations previously embodied in the respective national copyright laws. Particularly significant shifts can be observed in areas such as research (including reverse engineering), teaching, and traditional user privileges such as fair use or the “right” to make private copies. Apparently, not all of these shifts have been intended or anticipated by policy makers. Thus, it is crucial to carefully design the exception framework applicable to TPM, provide appropriate mechanisms for the effective enforcement of exceptions, analyze the interplay of the exception regime with the other core elements of the anti-circumvention framework, and conduct an in-depth impact analysis.

• Principle 3: Use discretion with regard to sanctions and remedies and adhere to the principle of proportionality. International legal frameworks provide some degrees of flexibility in drafting civil and criminal penalties. Implementing countries should carefully consider the available design choices under the applicable framework, thereby following the principle of proportionality. Among the usual options to be considered are limitations on criminal and civil liability for non-profit institutions such as libraries, archives, and educational institutions, flexible sanctions for innocent infringers, and limitations on sanctions for legitimate purposes such as scientific research and teaching. Again, the interplay among the liability provisions and the other elements of the framework, including scope and exceptions, must be equilibrated.

The review of various controversies—both in practice and theory—surrounding the implementation and application of anti-circumvention frameworks suggests, as noted above, that both the intended effects (e.g. on piracy) as well as the unintended consequences of third layer protection of copyright (e.g. on competition, innovation, etc.) remain uncertain and contested. In this situation of uncertainty and in light of anecdotal evidence suggesting spillover-effects, policy-makers are well-advised to complement the three principles outlined above by two more general principles.

• Principle 4: Incorporate procedures and tools that permit the monitoring and review of the effects of the anti-circumvention provisions on core values of a given society. Given the degrees of uncertainty mentioned above, it is crucial to establish mechanisms that enable policy makers and stakeholders to systematically identify and assess the effects of TPM and corresponding legislation and, thus, to incorporate what we might call the ability to learn and improve based on “law in action.” Such processes and tools might include legislative, administrative, or academic review and might focus, among others, on the core zones of concern outlined above with special attention to the exception regime.

• Principle 5: Set the default rule in such a way that the proponents of a more protective anti-circumvention regime bear the burden of proof. As noted, experiences with anti-circumvention legislation so far have not (or at best, only partly) been aligned with its raison d’�tre. Instead, attention has been drawn to unintended consequences. This situation requires that the proponents advocating in favor of a more protective regime (i.e., a regime that increases, along the spectrum set by international obligations, the constraints on a user’s behavior) must provide evidence why additional protections for TPM—e.g. in form of broader scope, narrower exceptions, more severe penalties, or the like—are necessary.”

Comments welcome.

The French Cour de Cassation – the highest court in the French judicial system – recently reversed a ruling by the Paris Court of Appeals in the landmark case UFC v. Films Alain Sadre et al. and remanded it, stating that the private copying “right” is not an absolute users’ right and, therefore, that the application of technological protection measures inhibiting the making of copies for private purposes is not illegal under French law.

Recall that UFC, a consumer rights association, filed a lawsuit claiming that a copy protection system on a DVD (here: DVD Mulholland Drive) is in conflict with the provisions of the French Intellectual Property Code, which limit copyright owners’ rights regarding reproductions strictly made for the copier’s private use. The District Court disagreed and confirmed that such technological protection measures comply with the EUCD and French legislation. The Paris Court of Appeals, in contrast, held – as reported here – that the DRM system in this particular case was illegeal and that the failure on the part of the producers and distributor of the DVD to inform consumers of the presence of DRM upon the DVD violated French consumer protection law.

Last year, the Versailles Appeals Court rendered a judgment upholding the legality of technological protection measures on a CD from the French singer Alain Souchon, and – only a few weeks prior to the Cour de Cassation’s judgment – the Tribunal de Grande Instance de Paris (District Court) blocked the application of anti-copying technology on Warner Music’s “Testify” CD from Phil Collins (more here). Against this backdrop, it is interesting to observe how things will develop – not only on the copyright front, but also with regard to the consumer protection argument. For a detailed discussion pre-Feb 28th, see Natali Helberger’s analyses on INDICARE (1, 2, 3, 4).

My wonderful Berkman colleague Tim Armstrong has just released his great – and, finally, optimistic – paper on DRM and fair use via SSRN. Here’s the abstract:

Different in design, scope, and tone, but equally interesting, Doug Lichtman‘s short piece on DRM, also on SSRN. Also check Jay Dratler’s piece on Sec. 1201, although only the abstract is available by now.

Professor Terry Fisher has the difficult job, as the Day 1 Rapporteur, to present in 10 minutes the OECD conference conclusions. Here are the main points he made a few minutes ago:

A. Points of agreement (or at least substantial consensus)

(a) Descriptive level:
o We’re entering a participatory culture, active users, explosion of blogs; differences in web usage.

(b) Predictive level:
o Consensus that we’ll see a variety of applications that will florish; the shift to biz models that incl internet distribution will have long tail effects, increase diversity

(c) Level of aspiration:
o We should aim for a harmonized, global Internet – single, harmonized global approach (vs. competing legal/regulatory frameworks)
o Governments should stay out, but broad consensus of 6 areas where governmental intervention is desirable: (1) Stimulating broadband; (2) fostering universal access (bridging dig.div.); (3) educating consumers; (4) engage in consumer protection against fraud, spam; (5) fostering competition; (6) promoting IP to achieve an optimal balance
o We should attempt to achieve “biz model neutrality” (TF’s personal comment: appealing idea, but infeasible, there’s no way to achieve it.)

B. Points of disagreement

(a) Descriptive level
o Whether IP currently does strike optimal balance (yes, middle ground, no – spectrum of positions)

(b) Predictive level
o Which biz strategy will prevail: pay-per-view; subscription; free-advertisement based model?

(c) Level of aspiration:
o Network neutrality: required or not as a matter of policy
o TPM: Majority: yes, smaller group: no; intermediate group: only under certain conditions.
o Should governments be in the biz of interoperability?
o Using government power to move towards open doc format?
o Government intervention to achieve an Internet that is open vs. variations of a walled-gardened net?

Here are the keywords I wrote down during Marybeth Peters’ (U.S. Register of Copyrights, United States Copyright Office) statement here in Rome, which she delivered in the context of the final policy roundtable aimed at identifying priority issues, tools, and policy challenges.

• We must adjust our copyright laws to the digital environment. Copyright law has always responded to new technologies.
• Must be an internationally coordinated response due to the global nature of the Net.
• If copyright owner choose to use TPM, those TPM must be protected. Both copy & access controls.
• Key questions to ask: Are there new rights that are required to protect creators? But also: Do we need new exceptions (e.g. for libraries). Third, what are appropriate remedies (e.g. criminal penalties).
• Other important set of question: Who is the infringer (primary vs. secondary). This issue comes up in P2P context (Kazaa, Grokster, etc.) Secondary liability must be considered at the international level.
• Licensing issues: To be saved for the marketplace, no government intervention required. Consumers know what they want. Strongly opposed to compulsory licensing (costly, ineffective). Instead: DRM, collective administration to solve the problem.

Our Londoner colleague and friend Ian Brown (Happy New Year, Ian!) points us to Jamie Boyle’s FT.com Op-Ed on the European Commission’s recent Database Directive impact analysis.