For the last few years, a coalition of technology companies, academics and computer programmers has been trying to persuade Congress to scale back the Digital Millennium Copyright Act.
Now Congress is preparing to do precisely the opposite. A proposed copyright law seen by ZDNet UK sister site CNET News.com would expand the DMCA's restrictions on software that can bypass copy protections and grant federal police more wiretapping and enforcement powers.
The draft legislation, created by the Bush administration and backed by Representative Lamar Smith, already enjoys the support of large copyright holders such as the Recording Industry Association of America. Smith, a Texas Republican, is the chairman of the US House of Representatives subcommittee that oversees intellectual-property law.
A spokesman for the House Judiciary Committee said on Friday that the Intellectual Property Protection Act of 2006 is expected to "be introduced in the near future". Beth Frigola, Smith's press secretary, added Monday that Wisconsin Republican F. James Sensenbrenner, chairman of the full House Judiciary Committee, will be leading the effort.
"The bill as a whole does a lot of good things," said Keith Kupferschmid, vice president for intellectual property and enforcement at the Software and Information Industry Association in Washington, D.C. "It gives the (Justice Department) the ability to do things to combat IP crime that they now can't presently do."
During a speech in November, Attorney General Alberto Gonzales endorsed the idea and said at the time that he would send Congress draft legislation. Such changes are necessary because new technology is "encouraging large-scale criminal enterprises to get involved in intellectual-property theft", Gonzales said, adding that proceeds from the illicit businesses are used, "quite frankly, to fund terrorism activities".
The 24-page bill is a far-reaching medley of different proposals cobbled together. One would, for instance, create a new federal crime of just trying to commit copyright infringement. Such willful attempts at piracy, even if they fail, could be punished by up to 10 years in prison.
It also represents a political setback for critics of expanding copyright law, who have been backing federal legislation that veers in the opposite direction and permits bypassing copy protection for "fair use" purposes. That bill — introduced in 2002 by Rep. Rick Boucher, a Virginia Democrat — has been bottled up in a subcommittee ever since.
A DMCA dispute
But one of the more controversial sections may be the changes to the DMCA. Under current law, Section 1201 of the law generally prohibits distributing or trafficking in any software or hardware that can be used to bypass copy-protection devices. (That section already has been used against a Princeton computer science professor, Russian programmer Dmitry Sklyarov and a toner cartridge remanufacturer.)
Smith's measure would expand those civil and criminal restrictions. Instead of merely targeting distribution, the new language says nobody may "make, import, export, obtain control of, or possess" such anticircumvention tools if they may be redistributed to someone else.
"It's one degree more likely that mere communication about the means of accomplishing a hack would be subject to penalties," said Peter Jaszi, who teaches copyright law at American University and is critical of attempts to expand it.
Even the current wording of the DMCA has alarmed security researchers. Ed Felten, the Princeton professor, told the Copyright Office last month that he and a colleague were the first to uncover the so-called "rootkit" on some Sony BMG Music Entertainment CDs — but delayed publishing their findings for fear of being sued under the DMCA. A report prepared by critics of the DMCA says it quashes free speech and chokes innovation.
The SIIA's Kupferschmid, though, downplayed concerns about the expansion of the DMCA. "We really see this provision as far as any changes to the DMCA go as merely a housekeeping provision, not really a substantive change whatsoever," he said. "They're really to just make the definition of trafficking consistent throughout the DMCA and other provisions within copyright law uniform."
The SIIA's board of directors includes Symantec, Sun Microsystems, Oracle, Intuit and Red Hat.
Jessica Litman, who teaches copyright law at Wayne State University, views the DMCA expansion as more than just a minor change. "If Sony had decided to stand on its rights and either McAfee or Norton Antivirus had tried to remove the rootkit from my hard drive, we'd all be violating this expanded definition," Litman said.
The proposed law scheduled to be introduced by Rep. Smith also does the following:
Permits wiretaps in investigations of copyright crimes, trade secret theft and economic espionage. It would establish a new copyright unit inside the FBI and budgets $20m (£11.2m) on topics including creating "advanced tools of forensic science to investigate" copyright crimes. Amends existing law to permit criminal enforcement of copyright violations even if the work was not registered with the US Copyright Office. Boosts criminal penalties for copyright infringement originally created by the No Electronic Theft Act of 1997 from five years to 10 years (and 10 years to 20 years for subsequent offenses). The NET Act targets noncommercial piracy including posting copyrighted photos, videos or news articles on a Web site if the value exceeds $1,000. Creates civil asset forfeiture penalties for anything used in copyright piracy. Computers or other equipment seized must be "destroyed" or otherwise disposed of, for instance at a government auction. Criminal asset forfeiture will be done following the rules established by federal drug laws. Says copyright holders can impound "records documenting the manufacture, sale or receipt of items involved in" infringements.Jason Schultz, a staff attorney at the digital-rights group the Electronic Frontier Foundation, says the recording industry would be delighted to have the right to impound records. In a piracy lawsuit, "they want server logs," Schultz said. "They want to know every single person who's ever downloaded (certain files) — their IP addresses, everything."
CNET News.com's Anne Broache contributed to this report.
Talkback
Non US governments and companies should think twice about using US (embedded) software that agrees with the terms of the proposed 'super-DMCA'.
There's a high risk of ending up with software that has huge black-boxes inside (parts you can't even point at to avoid stepping on sensitive yet powerfull toes but everything else is pointing to it as being a factor) and given the huge lobby (political) power behind 'super-DMCA' it'll be a matter of time before non-US parties are "motivated" to comply in one way or another. Which in turn can indirectly lead to huge (legal) risks. Do you want to risk getting your servers impounded? Do you want to risk that your customers personal and private data ends up on the desk of some US investigator? Do you want to risk having to allocate massive amounts of business resources because some overseas political force wants to set an example? Not to mention prolonged troubleshooting efforts because some troublesome embedded black-box hits a support brick wall.
It's your choice ofcourse but do remember to make your customers fully and completely aware of the risks they might endure. Because if enough non US customers end up feeling hurt somehow they'll likely go after the middle man.
Summing up. The US "war on terror" looks more and more to boil down to: "the greed of the few outweigh the needs of the many".
At which point will non US politicians step in and say: "you're entitled to your own private party but don't trouble your neighbours with it"?
Unfortunately Mr. Arthur, every computer on the planet is a potential vessel for these changes because they can house the software, and said software can be silently changed without any warning in advance to it's users - you'll see sections in EULA documents that state changes can be made without prior notice. So what you thought was OK to do can literally become life threatening the next day.
Here in Europe we are already waiting for the Software Patents tsunami to hit us full force and decimate innovation all around us. It is very similar to the changes mentioned in the above article, and carries similar threats. It's just one of the current threats looming over our heads here. We also have the Data Retention Act moving in for the kill - Data centers are already being built and filled with our personal details, it's just a matter of time before the bomb explodes under our very own doormats.
I see no good in so many restrictions. Next thing we know we'll have to file official permission requests to some major corporate controlling force for every little thing we want to do in our lives.
This reeks of DRM, but to a far deeper legal extent that will go right past every citizen who can't understand the first thing of it and will probably never hear about it until it is too late.