David Canton is a business lawyer and trade-mark agent with a practice focusing on technology issues and technology companies.
Boing Boing reports that there will be a protest against DRM Saturday at the Apple store in New York.
Defective by Design has decalred Tuesday Oct 2 as a “Day against DRM”.
The purpose is to raise awareness of DRM, and the issues that arise from it.
David Canton – for the London Free Press – September 26, 2006
Several countries have enacted or are considering enacting legislation dealing with Digital Rights Management (DRM).
DRM deals with electronic ways the vendor of digital content uses to limit what the buyer can do with that content. It might, for example, allow the buyer to play a song on a CD player, but not on a computer, or allow only a few copies to be made or make a song or video playable only on specific devices.
Canada is expected to make it illegal to break DRM in upcoming copyright reform legislation, which has caused much concern. Some say we need protection from DRM, rather than protection for it.
I believe legal protection for DRM is unwarranted and causes far more problems than it resolves.
The entertainment industry is not united in its support for DRM, either. While large media companies generally support it, many artists and smaller music and video companies do not.
The intent of DRM is to protect the vendor’s copyright. The reality is DRM is used to exert far more control than that and often restricts users from doing things they are legally entitled to do.
The U.S. protects DRM and has been criticized for the chill effect it has had on legitimate activity. Some countries have proposed to restrict DRM, rather than support it.
DRM often does not work as it is inevitable that ways are found to break it. The entertainment industry thus tries to lobby governments to make it illegal to break DRM.
Before content was digital, we could copy a vinyl record onto a cassette to listen to it in our car or walkman.
Until DRM, people were able to copy music they had purchased onto any recording medium.
DRM limits what we can do with music (or video or any other digital file) we purchase. It might, for example, limit us to playing it back on vendor-compatible devices.
It might limit us to playing it on no more than five computers — a significant limitation.
iTunes, for example, sells a lot of music, but the amount of music on iPods from iTunes is a small percentage. Many people download music for their iPods because they know about the restrictions.
One problem with DRM is it allows music vendors to limit consumer rights more narrowly than copyright law allows.
DRM advocates want to make it illegal for us to break DRM so we can exercise those rights the law has granted us — thus allowing the music vendor to limit the legal rights that the legislators have seen fit to give us.
To learn more on DRM and copyright legislation, see Prof. Michael Geist’s 30 days of DRM feature at www.michaelgeist.ca/daysofdrm.
I have not had much to say about this, as it has received so much press. It raises lots of issues, including the ability to get personal information through pretexting, or pretending you are the person you want the info on.
Some have been critical of how easy it was to get the phone records from the telcos. Its easy to say that all entities should have ways to require adequate proof from those requesting information to proove they are who they say they are. The practical challenge is to get that proof in a way that does not impede legitimate customer interaction.
For anyone wanting to catch up on the issues, CNet has articles on yet unanswered questions, the upcoming congressional hearings, and the telecom issue.
Read the CNet article on unanswered questions
The settlement for the Canadian class action lawsuit over the rootkit has generated controversy because it was not as comprehensive as the US one.
In addition to pointing out the differences, CIPPIC has filed complaints with various Canadian consumer agencies and privacy commissioners.
More evidence that we need protection from DRM, not for it.
An ATM in Virginia recently gave out twenties when it thought it was giving out fives. Seems the fraudster found the machine’s manual online that included the codes to put the machine in operator mode, and the default operator password – then used that to reprogram the machine.
It never ceases to amaze me that people don’t change default passwords or set up initial security on various devices, despite the manufacturer’s encouragement to do so.
I can perhaps understand when that happens to a typical consumer with a WiFi connection, but not for something like a bank machine. And putting an operator manual for a bank machine online might not be the best idea either.
I spoke at a seminar yesterday on records management.
One of the speakers was an Emergency Management Consultant who spoke about risk assessment and mediation. He had some interesting comments about actual risks.
While most people think about preparing for big event risks like a 9/11 type of attack, or a hurricane, the most common risk is water damage from such mundane events as a leaking roof, or a burst pipe. And where do many keep their valuable records? In a basement – which is the worst possible place for water problems.
The Canadian Internet Registration Authority – the body that governs .ca domain names – is currently holding elections for its board of directors. Any CIRA member – ie anyone with a .ca domain name – can vote.
I encourage members to vote for Clyde Beattie, the current CIRA chair, and a London resident. I have had some good discussions with Clyde over the years about CIRA issues. He approaches them in a well thought out, balanced, and forward looking manner.
Voting ends Thursday Sept 21 at 8:00 PM eastern time.
David Canton – for the London Free Press – September 16, 2006
Music downloading continues in Canada and downloading of TV programs and movies is becoming more popular. But is legal to do it?
The law is not totally clear. There are, for example, fair dealing exceptions that allow a person to copy or use copyright material for activities like private study, research and commentary. The courts have recently expanded the scope of those exceptions, but the exact limits are not clear.
We are also expecting a copyright reform bill soon that may change some of this.
Let’s start with the proposition that all creative works are automatically protected by copyright. That means it’s illegal to copy someone else’s music, video or image file.
The Copyright Act, however, makes it legal to copy another’s CD for one’s own use, but not to copy your CD and give that copy to another. Opinions vary, but most legal experts believe it’s also legal to download music from someone else, but not to allow others to upload from you.
Only music is covered by that exception — not video, photos or other material. Therefore. it’s indeed illegal to either download or upload TV shows and movies. It may be legal to download small portions of them in accord with the fair dealing exception.
The creator of those materials may decide it’s acceptable for others to copy their material. For example, an advertiser may be pleased with widespread viewing of its ads.
The Canadian recording industry tried to launch lawsuits against music uploaders. The court refused to force the Internet service providers to release the names of the individuals the recording industry was after.
Opinion varies as to whether the decision means actions against music downloaders and uploaders will never be successful or the court simply set out a procedure that would allow such actions if the recording industry so desired.
The terms of service we agree to with our Internet service providers generally contain provisions saying we are not to use those services for illegal or improper use.
The Internet service provider may have the contractual ability to stop one from using their service to perform illegal copying. They would be more inclined to do so if one was uploading massive amounts of material rather than downloading.
If the owner of copyright material notifies an ISP that an individual is improperly copying the owner’s material, the ISP is not obligated to take action and privacy obligations prevent the ISP from revealing the name of the individual without a court order.
So, in the end, several factors come together to determine copyright issues.
And if an action is brought, the Copyright Act includes a right to “statutory damages” between $500 and $20,000 per infringement.
Does anyone else see the the irony in this?
The press is all over Hewlett Packard for its pretexting phone record collection (rightly so), and it seems that criminal charges may be laid.
At the same time, the US and Canadian governments are trying to pass “lawful access” legislation that gives them more power to snoop around our communications without warrants or judicial oversight.
So its evil if a corporation spies on its board members and others, to the extent that the government may lay criminal charges – but its OK for the government to spy on its citizens at will?
Read a Silicon Valley.com article about the Hewlett Packard snooping
Read a Techdirt post about the Hewlett Packard scandal
Read a Wired News article about the US National Security Surveillance Act
Read an Ottawa Business Journal article about the proposed Canadian lawful access legislation
A US resident who suffered credit card fraud while in Montreal sent me an email to comment on my article saying that merchants should not print debit or credit card numbers on receipts.
UPDATE: See relevant comments from a US counsel, and by David Fraser of The Canadian Privacy Law Blog
I have mentioned this issue many times. Click on “debit card” or “credit card” in my tag cloud to see earlier entries on the subject. The privacy commissioners agree, and the major credit card issuers agree, but it still happens all too often.
The email says:
Mr. Canton,
After a long weekend dealing with my bank regarding an issue of credit card fraud I came across your article. I thought I would let you know this really does affect people and not necessarily who you would think. I visited Montreal a year ago for a conference; I used my check card at two stores. This weekend my check card was used in Montreal for roughly $6,000 worth of attempted purchases. I was of course not in Montreal this weekend I was at home in ***********. The bank was very good about stopping the transactions and freezing the card, I wonât be liable for any of the charges. But after dealing with it, I wondered how this could have happened. I hadnât lost my card; I still have it in my wallet in fact. I donât use it for online purchases. Then I thought, well I still have the receipts from the trip because it was for a business trip. I reviewed the receipts today, much to my surprise they have my name, full credit card number and expiration date on them. I am certain that this is how my card was used. I was shocked to find my full credit card number on a receipt. This is not done in the US at all. I cannot believe that businesses are foolish enough to do this let alone allowed to do this. I sent an email to the Commission dâacces a Lâinformation du Quebec regarding the matter at: cai.communications@cai.gouv.qc.ca and pointed them to your article. I just thought you might find this interesting. Thanks for your time.
Unless otherwise stated, all original material created by David Canton included in this blog is licensed under a Creative Commons License.
