Feb 202013

At an event on CFAA reform last night I heard Brewster Kahle say what to my ears sounded like, “Law that follows technology tends to be ok. Law that tries to lead it is not.”

His comment came after an earlier tweet I’d made:

I think we need a per se rule that any law governing technology that was enacted more than 10 years ago is inherently invalid.

In posting that tweet I was thinking about two horrible laws in particular, the Computer Fraud and Abuse Act (CFAA) and the Electronic Communications Privacy Act (ECPA). The former attempts to forbid “hacking,” and the second ostensibly tried to update 1968’s Wiretap Act to cover information technology. In both instances the laws as drafted generally incorporated the attitude that technology as understood then would be the technology the world would have forever hence, a prediction that has obviously been false. But we are nonetheless left with laws like these on the books, laws that hobble further innovation by how they’ve enshrined in our legal code what is right and wrong when it comes to our computer code, as we understood it in 1986, regardless of whether, if considered afresh and applied to today’s technology, we would still think so.

To my tweet a friend did challenge me, however, “What about Section 230? (47 U.S.C. § 230).” This is a law from 1996, and he has a point. Section 230 is a piece of legislation that largely immunizes Internet service providers for liability in content posted on their systems by their users – and let’s face it: the very operational essence of the Internet is all about people posting content on other people’s systems. However, unlike the CFAA and ECPA, Section 230 has enabled technology to flourish, mostly by purposefully getting the law itself out of the way of the technology.

The above are just a few examples of some laws that have either served technology well – or served to hamper it. There are certainly more, and some laws might ultimately do a bit of both. But the general point is sound: law that is too specific is often too stifling. Innovation needs to be able to happen however it needs to, without undue hindrance caused by legislators who could not even begin to imagine what that innovation might look like so many years before. After all, if they could imagine it then, it would not be so innovative now.

Feb 182013

It’s become clear that I will need to talk more about copyright policy in general on these pages, even if in a not-particularly-criminal-law context.  As we evaluate criminalizing acts involving technology that cause “harm,” and since some of that notion of harm is predicated on our notion of copyright, it’s important that we truly understand where the concept of copyright comes from and what policy objective it is supposed to achieve.  Particularly because it’s a fair question as to whether modern copyright law still achieves those objectives, or instead potentially represents its own harm. Continue reading »

Feb 132013

Last week the BBC contributed its thoughts to the W3C committee contemplating the Encrypted Media Extensions Proposal to the HTML standard, which would allow for more standardized video viewing across multiple platforms.  After establishing its bonafides as a source of Internet video broadcasting, it got to the point.  The proposal, it said, was was overall a helpful one as far as the standardization was concerned.  Technological fragmentation is a problem for someone who wants to make sure their video is viewable to a wide audience. Despite that enormous benefit, however, the BBC could only support the Proposal if it incorporated a DRM standard such that the BBC could pointedly control the retail market for its programming.

It’s worth questioning whether manipulating markets ultimately enlarges them — or, instead, potentially reduces them — but that’s not a subject for these pages right now.  The problem was how the BBC required the proposal to be changed in order to ostensibly enable such manipulation:

The proposed Encrypted Media Proposal looks to be a useful starting point. However, the BBC is unlikely to be able to use any such mechanism unless we feel that it is sufficiently secure that there would be the possibility of legal action in the event of bypassing it.

This is not an easy qualification: the W3C is an international body, and laws on bypassing technical protection measures vary significantly from country to country. In this instance the BBC would be looking for such a mechanism to be secure enough in the UK that it would be a “effective technical protection mechanism” under section 296zb of the Copyright, Designs and Patents Act 1988 (as modified by the Copyright and Related Rights Regulations 2003). We expect that other providers will look for similar assurances in their own territories, such as the anti-circumvention provisions in the Digital Millennium Copyright Act in the United States. (emphasis added)

To summarize, the BBC, “the world’s leading public service broadcaster,” “established by a Royal Charter” and “primarily funded by the licence fee paid by UK households” with a “mission […] to enrich people’s lives with programmes that inform, educate and entertain,” has just lobbied an international technical standards organization charged with “lead[ing] the World Wide Web to its full potential by developing protocols and guidelines that ensure the long-term growth of the Web” such that it enables “involves participation, sharing knowledge, and thereby building trust on a global scale” to make its standards such that people could be imprisoned for using that very technology in a way the BBC did not like.

True, perhaps the BBC was only contemplating there being civil penalties, which is problematic as well. But both the DMCA and section 296zb of the Copyright, Designs and Patents Act 1988 allow for state criminal enforcement when people circumvent technologies designed to control access to content, regardless of how legitimate that access would be.

Feb 092013

The following case, Twentieth Century Fox v. Harris, is not a criminal matter.  But I want to include it here nonetheless in part because it’s important to talk about copyright policy generally, particularly given the increasing trend for it to be criminalized.  And in part because, in this case, hardly two weeks after I asserted that copyright infringement analogized more to trespass than to theft, a court in England independently reached the same conclusion. Continue reading »

Feb 082013

This article on TechDirt summarizes a recent brouhaha that recently broke out in a corner of the Internet I tend to haunt with other lawyers and cyberlaw professionals and has started to percolate into the mainstream.  The upshot is that someone is upset that other people have reposted her tweets without her permission and control, and she is convinced this is legally wrongful.  So convinced is she, in fact, that she keeps threatening to sue a number of them who have used these tweets to comment on her erroneous legal theory, which only stokes further interest in criticizing her as even more observers come to note that the law is not, in fact, on her side.  (TechDirt’s analysis does a decent job explaining why.)

It is easy to be tempted to join in the mocking of this person’s very public tantrums, and to be sure, threatening litigation is not to be taken lightly.  Doing so, particularly when cloaked in legal ignorance, is ripe for justifiable criticism.

But while the exhibition of personal arrogance begs the schadenfreude of public censure, the underlying problem it can reveal is not.  The reality is that for me and my cyberlaw peers, we are so inured to how this area of law “works” (to the extent that it does) we tend to forget how foreign it is to most laypeople (and even many other lawyers), for whom its mystical mechanations can be really terrifying.  This sort of knowledge gap isn’t good for anyone.  That’s how we end up with bad law.

The answer naturally cannot be to modify the law to fit its common misperceptions.  Sometimes the law is what it is for very good reasons, or at least reasons that cannot simply be discounted, even if those reasons aren’t intuitively obvious to a layperson.  We can’t use common misapprehensions as the pillars upon which law should be based.  In fact, when we have done so in recent years, often in response to technology (another complex system that can be scary to those who don’t understand it), the end result has been law that so overreacts that it creates more problems while failing to properly solve any.

At the same time, however, rather than mocking those who don’t understand the law, those who do understand it should be endeavoring to explain it.  Let’s get everyone on the same page to understand how law works and why, so we can all work together to fix it when it doesn’t.  After all, in a democracy law should belong to everyone, not just the rarified few specially trained to understand it.

Of course, the above sympathetic sentiment is directed at those who would be willing to learn.  It’s not a moral failing to not know everything about the law, but it is to not care whether one does or not before proceeding with bumptious legal threats or dangerously inapt policy advocacy.  Those who would seek to use the law as a weapon without bothering to learn how it operates are justly entitled to whatever chastisement they get.