Filed under: Features, Portable Audio

Legal analysis courtesy of Scott McMillan, Zachary Sharpe, and Trevor Adler of The Columbia Science and Technology Law Review.

The press and blogosphere have recently been abuzz over programs that remove copyright protections technologies known as Digital Rights Management (DRM) from purchased or rented media files. These DRMs restrict a consumer’s use of the media – morality notwithstanding, they are the only thing preventing you from copying your music or video files onto all of your friends’ computers. DRM-stripping programs remove such restrictions from the file (and typically violate your terms of service agreement, to say the least). In September, Microsoft filed suit against the hacker(s) responsible for one such DRM-stripping program, FairUse4WM, purportedly created by the now notorious Viodentia. Other such programs reportedly target the DRM protections of the iTunes Music Store and AllOfMP3, among others. What will become of Microsoft’s lawsuit? What does this have to do with “fair use” and the Digital Millennium Copyright Act (DMCA)? What follows is a brief overview in two parts. In the first, we’ll discuss current issues surrounding fair use with regard to the DMCA, and in the second we’ll approach Microsoft’s legal actions against Viodentia for FairUse4WM.

What fair use is, and how it works alongside the DMCA

“Fair use” is a doctrine under US copyright law that permits certain acts that might otherwise be considered copyright infringement. Copyright law gives authors the right to exclude others from their work, and can sometimes get in the way of the ultimate goal of copyright, which is to promote progress in art and science. The theory here is that without copyright protections, many artists and authors would be discouraged from distributing their work. The fair use exception allows copyright protections to remain in place while enabling consumers some degree of freedom in their use of purchased media. For example, it was generally understood that ripping CDs for personal use was legal because it fell under the fair use exception. However, fair use was dealt a serious blow with the enactment of the DMCA in 1998 and the widespread use of DRM protections. Indeed, fair use is not a defense to a DMCA claim.

The DMCA specifically prevents someone from “circumvent[ing] a technological measure that effectively controls access to [copyrighted works]” without permission from the copyright owner (17 U.S.C.A. § 1201(a)(1)(A) & (3)(A)). It also prohibits a person from, among other things, making such a tool or offering it to the public (17 U.S.C.A. § 1201(b)(1)). This provision has given content providers the power to take legal action against virtually anyone who tampers with their DRM protections, even those who would have otherwise been protected under the fair use doctrine — often times consumers like you.

A prime example of how courts have used this DMCA provision to strike down a DRM-removing technology involves DeCSS. As you might know, DeCSS removes the DVD content protection, or Content Scrambling System (CSS), essentially enabling anyone with a computer and a little know-how to rip DVDs. In the frequently cited case of Universal City Studios v. Corley 273 F.3d, 429 (2d Cir. 2001), the Second Circuit Court of Appeals affirmed a district court’s ruling that barred Eric Corley — aka Emmanuel Goldstein, publisher of the infamous 2600 hacker quarterly — from making DeCSS available for download on 2600.com, or posting links to other websites offering the program for download. Among other things, the court rejected the idea that DeCSS could be protected under the fair use doctrine, reasoning that fair use is concerned with how one uses a copyrighted work, not how someone obtains the work in the first place. Thus, the court concluded that the right to view a DVD does not create a right to decrypt the DVD.

Because the DMCA doesn’t distinguish between types of media involved or how protections are circumvented, the Corley case will most likely play a role in any future legal battle over DRM-stripping software. So far as FairUse4WM is concerned, the fair use doctrine would appear not give Viodentia (or users or distributors of the program) any protection against alleged DMCA violations, and FairUse4WM could suffer the same defeat in a US court as DeCSS. The European Union has enacted similar legislation to the DMCA, namely the 2001 EU Copyright Directive (EUCD). But Microsoft has admitted that it doesn’t know Viodentia’s location and has recently initiated action with Yahoo and Google to investigate. Legal defeat, however, has not at all magically eliminated the availability of DeCSS on the web. This may give some insight as to how effective current legal relief in the US will be once internet users take hold of a desirable new technology.

Have we seen the end of fair use? Current law still leaves a little wiggle room. While programs specifically designed to circumvent copyright protections have little chance of overcoming the DMCA, manual workarounds may still be legal. For example, most downloadable music services (begrudgingly) allow users to burn audio CDs from the music they buy. Doing so also strips the files of their DRM, but because users have permission to copy to CD, this use is acceptable under the DMCA. Re-ripping the CD back into unprotected audio files for personal use is probably acceptable under fair use or by some other right (the RIAA allows copying of CDs for personal use but not because of fair use). Whether courts would view this multi-step process as DRM “circumvention” under the DMCA has yet to be seen.

So where will the line between fair and illicit use eventually be drawn? The current legal incongruity between manual DRM workarounds and blatant DRM hacks reflects the questionable post-DMCA state of the fair use doctrine. Will this be enough to encourage lawmakers and courts to rethink their position on the DMCA? Only time will tell.

Microsoft takes legal action

On September 22, Microsoft filed a complaint against “John Does 1-10, a/k/a ‘Viodentia’,” alleging that Viodentia created and distributed software, FairUse4WM, that incorporates code from Microsoft’s Windows Media Format SDK v. 9.5. Microsoft argues that Viodentia should therefore be held liable for copyright infringement. Filing an action against a John Doe is somewhat tricky in the American legal system; we have an adversarial legal system, and when you file against a John Doe, you’re suing somebody whose identity you don’t know and who’s therefore not represented in court. One of the first steps, then, when suing a John Doe is to find out just exactly who you’re suing. This is done through a third party discovery motion, which needs to be approved by the court. Accordingly, Microsoft filed a Motion for Leave to Conduct Third Party Discovery on September 26.

In granting the motion for third party discovery to identify Viodentia, Judge John Coughenour set explicit limits on who can be subpoenaed and what can be requested. Judge Coughenour allowed discovery against two named e-mail providers, Yahoo! and Google. Microsoft may only look for information that is reasonably likely to lead them to identify the user of the targeted IP address(es). Judge Coughenour also authorized a limited second level of discovery that works as follows: if Microsoft’s Google and Yahoo! discovery uncovers an IP address relevant to the identification of Viodentia, Microsoft is permitted to issue subpoenas to the ISP that operates or issued that IP address in order to determine the identity of the user.

If Microsoft is unable to procure useful information from Google or Yahoo!, or if they run into a dead end at the ISP level, it will need to find some other means of identifying Viodentia. To expand the scope of its search, Microsoft would need to seek and receive further permission from the court. The present order gives Microsoft only 120 days to discover Viodentia’s identity. Although Microsoft can seek a time extension, if it cannot name an actual person in its suit before Judge Coughenour’s patience wears out, the case will likely be thrown out.

If Microsoft does identify Viodentia, the case can proceed. This would entail service of process and would involve thorny jurisdictional questions if Viodentia does not reside in or have sufficient ties to the US. In that case, even if the infringing acts alleged in the lawsuit occurred in the US, unless Viodentia can be prevailed upon to come to the US and be properly served, the case would likely be dismissed on grounds of forum non conveniens (inconvenient forum).

The critical importance of the subpoena power to Microsoft’s case against Viodentia explains the otherwise-mysterious question of why Microsoft has filed a suit for copyright infringement rather than for circumvention of DRM. The subpoena power is a little-noticed feature that the DMCA added to copyright law. In the old days, ISPs often refused to disclose the identities of their users. Then along came the DMCA’s 17 U.S.C. 512(h)(1), which enables a content owner to subpoena an ISP and demand user identities. This is crucial because ultimately, it is the only way to maintain a lawsuit and force a user like Viodentia to stop. But here’s the problem: 512(h)(1) applies only to copyright violation and not to DRM circumvention. If it were only a matter of hacking WM, Microsoft would not be able to use a subpoena to identify Viodentia. Therefore, Microsoft must claim copyright infringement, whether or not that actually is the case.

In the meantime, Microsoft is issuing cease-and-desist letters to websites hosting FairUse4WM, alleging the same copyright infringement as alleged against Viodentia. It remains to be seen if Microsoft will attempt to advance its copyright argument against these websites by filing suit, or whether it will focus its efforts on Viodentia. Since websites hosting FairUse4WM cannot hide behind the fair use doctrine as noted above, those that are within Microsoft’s legal reach will likely heed Microsoft’s threats rather than be ensnarled in a costly legal battle. However, it is important to note that legal defeat has not magically eliminated the availability of similar DRM-stripping programs like DeCSS on the web. This may give some insight as to how effective current legal relief in the US and abroad will be once internet users take hold of a desirable new technology.

Is all of this still relevant if Microsoft intends to turn its back on PlaysForSure? Absolutely. Zune or no Zune, PlaysForSure is supposed to live on for its current partners. What’s more, Microsoft’s case against Viodentia will likely establish important legal precedent for actions against the creators of other current and future DRM-stripping programs. If you thought Microsoft’s lawyers were scary, wait until you see Apple’s.

FairUse4WM followup

We’ve received scattered reports that the final version of Windows Media Player 11 “fixes” FairUse4WM by not recovering the previous, broken keys; 11 now apparently AES encrypts keys, but fortunately that too has apparently been circumvented — though not by Viodentia. Windows Media Player 10 users are still unaffected, and can technically feasibly continue use of the application, still at version 1.3. -Ed.

This piece by the STLR Engadget Team was led by Columbia STLR contributors Scott McMillan, Zachary Sharpe, and Trevor Adler.

Permalink | Email this | Linking Blogs | Comments

BOLD MOVES: THE FUTURE OF FORD A new documentary series. Be part of the transformation as it happens in real-time

Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!

Filed under: Features, Interviews, Portable Audio, Portable Video

Instead of our usual run of interviews with industry luminaries and the like, today we’re aiming the camera a different direction. We had a few things to ask the person whom we’ve identified as Viodentia, the creator of FairUse4WM — the thorn in Microsoft’s (and Yahoo’s, and Napster’s, and Real’s, etc.) digital media business for a month now. Seems at once likely and not that the big DRM scheme developed by the largest software company was broken and broken again by a single person, but here we are — and here’s what Viodentia had to say about the digital music business, where Microsoft went wrong with PlaysForSure, and what s/he thinks about this latest memo and patch.

Thanks for granting this interview. So FairUse4WM caused quite a stir. How long did it take you to crack Microsoft’s PlaysForSure DRM? Was anyone else involved?

Finding a way to extract key information took about a couple of weeks of spare time. Going from a prototype to a more general tool took a couple of months. I am the only developer, although my friends served as early beta testers and sounding boards, and with the initial release I’ve gotten to know some very helpful people.

So apart from any ideological or political distaste you may have for DRM, do you have any personal reasons for wanting to crack Windows Media DRM? Like, are you a Rhapsody or Napster subscriber?

No, due to geographic location, I’m unable to subscribe to those services. Only my selfish rationale is the challenge in pitting my skills against the industry leader.

Without revealing the secret sauce, what were the fundamental flaws with PlaysForSure that allowed you to break it? Did Microsoft know about these flaws?

Once code is released, there’s really nothing secret anymore — Microsoft didn’t follow standard security practices, and left sensitive data unencrypted on the stack while calling routines out of kernel32.dll. Even when they fix this by changing malloc() to alloca(), it’ll still be a big task to audit other sensitive routines for DLL calls. On a theoretical level, they have to send the decryption keys outside of their control, and their only defense is through obfuscation.

Microsoft apparently has teams working around the clock to fix the vulnerability — and on the legal front they’ve started getting their lawyers involved, sending C&Ds to places hosting the software. What do you think of their responses to FairUse4WM?

I think they’re fulfilling their contractual obligations, and I’m looking forward to their improved obfuscation technology. I certainly disapprove of Microsoft claiming copyright to my program, but realistically I can’t do much about that. Nor can I advocate that folks mirror my program against their local laws.

Presently Microsoft has yet to been able to fix this vulnerability — is it possible for them to repair PlaysForSure without totally starting over?

As soon as I release something, Microsoft can certainly patch around it. I can do the same. I don’t believe that either of us has a nuclear option.

What do you think of Microsoft’s latest memo, which claims to patch version 1.2?

I’ll reserve full commentary until I’ve had a chance to examine the new IBX in more detail. I’ll release a new version sometime this week.

How do you think FairUse4WM affects the industry? Do you worry that cracking PlaysForSure is going to lead to the end of subscription-based services?

I think FairUse4WM is a good thing for the industry — it demonstrates that the entire world doesn’t turn upside down when there’s no effective protection on content. I doubt subscription based services are impacted — programs exploiting the analog hole were already widely spamvertised. The value of a subscription is the continuing access to new titles, which isn’t dependent on the protection. I wonder if any subscription company will publicly admit that FairUse4WM was good for them.

Microsoft supposedly has a new DRM scheme they’ve cooked up for their forthcoming Zune media player. What do you think about their jettisoning PFS for their own device, and this new DRM system of theirs?

I don’t have any insight into the politics at Microsoft. If I come across a Zune, I might have more comments on their DRM system at that point.

I know a lot of people at Microsoft and its PlaysForSure partners read us — what do you have to say to them?

I think the biggest mistake with the PlaysForSure / WM design is that it’s targeted too broadly. By incorporating forced product obsolesence and platform restrictions, it misses the mark in managing content rights. My suggestion to future designers is simple: don’t bother with weak client-side decryption. Instead, provide a public specification for licenses using digital signatures, manage the PKI through a not-for-profit organization, and apply social and legal pressure to programs that don’t comform. Accept that folks can trivially patch around the system, but if the restrictions aren’t onerous most people won’t go through the hassle. If WM files were already interoperable and the license terms were clearly communicated, there wouldn’t be anything left for a program like FairUse4WM to accomplish.

Thanks!

Permalink | Email this | Linking Blogs | Comments

SPONSORED BY: BOLD MOVES: THE FUTURE OF FORD A new documentary series. Be part of the transformation as it happens in real-time.

Filed under: Portable Audio

Mere days after Microsoft started pushing a new IBX version for “protecting” PlaysForSure files from its users, the FairUse4WM guys have thrown down a new version that deals with that and other little DRM-circumvention obstacles. The new release — version 1.2 — knocks out DRMv1 files you’ve ripped yourself with protection, breaks down individualized WM9 files and has a workaround for WM11beta2. Of course, we’re guessing it won’t be long until Microsoft has another quick update to break FairUse4WM again, but it seems like a more drastic update might be in order to shut down this hack for good. We’re sure you’re well familiar with our stance on this whole issue, and hope that version 1.2 treats you right.

Read | Permalink | Email this | Linking Blogs | Comments

Filed under: Home Entertainment

Leave it to the Hawthorne Effect, right? It’s been three days since we spilled the beans about the PlaysForSure-stripping FairUse4WM app, and already Microsoft’s Windows Digital Media Division is issuing notices to its PlaysForSure licensees regarding patching up the problem. It’s a little difficult for the likes of us to decode, but check it out for yourself, we’ve printed the letter in its entirety (sans email addresses) for your perusal. From what we can glean, Microsoft’s prepared to combat this “new circumvention tool” by patching the individualized blackbox component (IBX) in PlaysForSure either as a push down through the software, or as an update availaable in the near future to Windows users. We won’t butcher the technical nuances of this one any further though, so we’ll let you guys see what’s what and figure out how to keep everyone in the Fair Use fair use loop. Either way, guess it looks like Microsoft wasn’t listening to our pleas; are you there Bill? It’s us, Engadget.

—copied from source—
From: Windows Media License Agreements [email removed]
Sent: Monday, August 28, 2006 8:52 PM
To: Windows Media License Agreements
Subject: Update to the Windows Media Format SDK version 9.5 [identifier removed]

Dear Windows Media Licensee,

On August 25th, 2006, Engadget.com reported on a software tool that would allow consumers to decrypt WMDRM protected content. In response, on August 28, 2006, Microsoft released an update to the individualized blackbox component (IBX) designed to ensure that client applications using the Windows Media Format SDK version 9.5 who individualize to this latest version are robust against a new circumvention tool.

This update is not yet available for the Windows Media Format 9 Series FSDK or for users of Windows XP Media Center Edition 2005 Update Rollup 2.

Consumers are not at risk in any way. Content services can require that the updates be present in order to issue licenses by following the instructions below. Please note that the version number of IBX was not incremented as part of these updates to avoid delaying the release of these critical breach mitigations. Consequently, the only way to determine if the update is installed is to query the build number of the IBX. This requires code executing on the client.

To determine the build number of the IBX:

1. Ensure the PC is running the August 2005 update to Windows Media DRM. See the attached white paper for details.
2. Determine the path of the WMDRM folder. The path is stored in the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\DRM\DataPath
3. Identify the file name of the latest IBX. If the machine has been individualized only once, the IBX file name will be indivbox.key. Otherwise, the IBX file name is in the form indivbox_xxx.key, where xxx are digits 0-9. The file name with the greatest value of xxx will be the latest IBX.
4. Call GetFileVersionInfo() to retrieve the build version of the file identified in step 3. See [link].
5. If the IBX file version is 11.0.5497.6285 or greater, then the updated IBX is installed

Please submit questions to [email removed]

Best regards,

Windows Media Licensing Department
Microsoft Windows Digital Media Division
——————————–

Permalink | Email this | Linking Blogs | Comments