Not much in the case of Sony’s latest clumsy attempt at copy protection. The Register links to a report at Sysinternals that investigates the sketchy things that Sony does to prevent you from making too many copies of its CDs:
The Sony CD creates a hidden directory and installs several of its own device drivers, and then reroutes Windows systems calls to its own routines. It intercepts kernel-level APIs, but then attempts to disguise its presence, using a crude cloaking technique. Disingenuously, the copy restriction binaries were labelled “Essential System Tools”. But the most disturbing part of the tale came when Russinovich ran his standard rootkit-removal tool on the post-Sony PC. “Users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files,” he writes.
So here’s my question, in all seriousness: how would the DMCA apply to this case? Poorly-written device drivers can be a threat to your computer’s stability and security–not to mention that it apparently slows down your computer even when you’re not playing a CD. But maybe removing it would constitute circumvention of a copy-protection scheme? Maybe I can remove it when the CD is not in the computer, but I have to allow it to be re-installed when I’m playing the CD? Would an anti-virus program that prevents it from being installed constitute a circumvention device? What if I disable the “autorun” feature in Windows? Is that circumvention?
The DMCA debate often proceeds as though “circumvention” is a clearly defined, obvious concept. But I think this example shows that it ain’t so. I assume that disabling auto-run (which requires changing one value in the registry isn’t illegal, but then where do you draw the line? Does “circumvention” require a minimum amount of technological sophistication? Or does the law simply require that I keep badly written device drivers on my system forever if they were put there as part of a DRM scheme?