February 2006

Having read the Perfect 10 v. Google decision, I agree with Fred von Lohmann’s analysis of it: this is a basically solid decision that goes off the rails because Judge Martz didn’t seem clear on the relationship between Google Image Search and AdSense.

Here’s how those two products work: Google Image Search is a search engine for images. It does not serve ads. AdSense is a third-party ad program whereby any website on the Internet can allow Google to place ads on their site in exchange for a cut of the revenues. The relationship between these programs is… well, there isn’t really a relationship, except they’re both Google products. Sometimes users find infringing pages using Google Image Search that have AdSense ads on them. The court decided this was evidence that Google Image Search was profiting off of infringement.

But that’s ridiculous. Google Image Search doesn’t give any particular preference to web sites that serve up AdSense ads. And AdSense serves up ads regardless of what search engine brought the user to the site. If Google cancelled Google Image Search altogether, there’s little reason to think AdSense would suffer financially–users would likely find the same pages using other search engines.

If this standard is to be taken seriously, search engine companies are going to have to divest themselves of all other online services that might involve infringing copyrights. Yahoo! will have to sell off GeoCities. Microsoft will have to stop selling IIS, its web server.

Google Image Search and AdSense are unrelated products. It makes no sense to consider them as a single product for the purposes of fair use analysis. That should be obvious to anyone with substantial experience using the web. It seems like a reasonable assumption that Judge Matz isn’t the most Internet-savvy guy around.

Update: Oops! It looks like I imagined an “r” in Judge Matz’s name. Sorry!

Video Security Blanket

by on February 23, 2006 · 8 comments

Via the Commons Music blog, I see this in-depth article about the fact that hardly any graphics cards you buy today will be compatible with the forthcoming HDCP copy-protection standard:

HDCP stands for High-bandwidth Digital Content Protection and is an Intel-initiated program that was developed with Silicon Image. This content protection system is mandatory for high-definition playback of HD-DVD or Blu-Ray discs. If you want to watch movies at 1980×1080, your system will need to support HDCP. If you don’t have HDCP support, you’ll only get a quarter of the resolution.

As part of the Windows-Vista Ready Monitor article, I was going to publish a list of all of the graphics cards that currently support HDCP. I mean, I remember GPUs dating as far back as the Radeon 8500 that had boasted of HDCP support.

Turns out, we were all deceived.

Although ATI has had “HDCP support” in their GPUs since the Radeon 8500, and NVIDIA has had “HDCP support” in their GPUs since the GeForce FX5700, it turns out that things are more complicated–just because the GPU itself supports HDCP doesn’t mean that the graphics card can output a DVI/HDCP compliant stream. There needs to be additional support at the board level, which includes licensing the HDCP decoding keys from the Digital Content Protection, LLC (a spin-off corporation within the walls of Intel).

The more I read about these kinds of enterprises, the more I’m struck by how brittle they are. Each and every component in the HDCP content stream–the optical drive, the operating system, the graphics card, and the monitor, and numerous small components, must be specifically reviewed and approved by the HDCP consortium to make sure that they follow the rules. The millions of drives, computers, graphics cards, and monitors that were designed prior to the release of the HDCP spec (i.e. virtually all the video hardware in use today–even hardware that’s physically capable of playing high-resolution video) will have to be thrown out if consumers want to view Blue-Ray or HD-DVD content. This is a tremendous cost in time, money, and consumer inconvenience.

Yet if a vulnerability is found in even one of those components (something that history and theory say is inevitable), the entire exercise becomes pointless. Somebody will exploit the vulnerability to decode the file and upload it to a P2P networks. At that point, all the DRM in the world won’t stop someone from downloading an unprotected copy.

The HDCP effort is akin to adding a third deadbolt to your front door when the back door doesn’t even have a lock. It might make some of us feel better, but it’s not going to do much to stop the bad guys.

Well, it appears my fun with telemarketers is over. The Direct Marketing Association (DMA) has created a “Deceased Do Not Contact” list to give family members the ability to remove the names of deceased loved ones from mass-marketing efforts.

I was a little sad to hear this for reasons that you might find somewhat disturbing. You see, back in the days before the “Do Not Call” list went into effect and my wife decided to put our number on it, I use to have fun toying with telemarketers by pretending I was dead. Just so you know, I’m not one of these people–and I know there are a lot of you out there–who get evangelical about the supposed evils of telemarketing. Frankly, I never saw what the big deal was. If you didn’t want to hear someone’s sales pitch, just hang up the phone! For God’s sake, they’re just trying to sell you something and you always have the right to say “NO!” and slam the phone down.

Nonetheless, I sometimes got as annoyed as the next guy when the calls came in, especially during the dinner hour. So, to get the really pesky ones out of my life, I use to have a little fun with them. When they called for the umpteenth time and I’ve finally had it, the conversation would go something like this:

Continue reading →

Mistrust-based DRM

by on February 22, 2006 · 2 comments

Last week, Randy Picker wrote about an idea for “mistrust based” digital rights management technology:

Watermarks are a form of identity-based DRM. The embedded watermark would allow a content owner to scan p2p networks in search of available content. Having found the content and the associated identity, the content owner would be able to respond to the illegal distribution. But respond how and won’t the anti-DRM software just strip the watermark anyhow? This is where mistrust comes in. In embedding identity into content, we may also need to embed access to something valuable, a hostage or mini-bond as it were. Consider a couple of versions of this. If access to content brought with it full-access to a customer’s account, customers would be quite careful about sharing access to the content.

Today, Ed Felten reacts to the proposal:

In the more traditional system, the watermark is secret–it can be read only by the copyright owner or its agents–and users fear being sued for infringement if their files end up on P2P. In Randy’s system, the watermark is public–anybody can read it–and users fear being victimized by fraud if their files end up on P2P. I’ll call these two alternatives “secret-watermark” and “public-watermark”.

How do they compare? For starters, a secret watermark is much harder for an adversary to find and remove. If a watermark is public, everybody knows exactly where in the music it is stored. Common sense, and experience too, says that if you know where in a file information is stored, you can modify that part of the file and obliterate the information. But if the watermark is secret, then an adversary isn’t told where to look for it or how to change the file to remove it. Robustness of the watermark is an important issue that has been the downfall of past watermark systems.

A bigger problem with the public-watermark design, I think, are the forces unleashed when your design principle is to enable fraud. For example, the system will lose its force if unrelated anti-fraud measures become more effective, or if the financial system acts to protect users from fraud. Today, a consumer’s liability for fraudulent credit card transactions is capped at $50, and credit card companies often forgive even that $50. (You could use some other account information instead of the credit card number, but similar issues would still apply.) Copyright owners would be the only online merchants who wanted a higher level of fraud on the Net.

I think Felten has the better argument here. Like most DRM proposals, Picker’s idea is great in theory but is likely to fall short when it comes to implementation. It’s much easier to imagine a watermark scheme with the characteristics Picker describes than to build one. Both Picker’s and Felten’s posts are worth reading in full.

Yesterday the New York Times had an editorial about network neutrality. They employed a great analogy: “When someone calls your home, the telephone company puts through the call without regard to who is calling. In the same way, Internet service providers let Web sites operated by eBay, CNN or any other company send information to you on an equal footing.” They conclude, however, that Congress should enact net neutrality legislation to ensure that “equal footing.”

Here’s what I want to know: Given competition, how many consumers would stand for a phone company that didn’t put through everyone that called them unless the caller paid extra? The key here is competition. The NYT seems to understand this because it says that “Most Americans have little or no choice of broadband I.S.P.’s, so they would have few options if those providers shifted away from neutrality.” That’s debatable. But even if it weren’t, wouldn’t seeking more competition be the ultimate solution?

Here’s a few thoughts on Jim Harper’s splendid post of a few days ago on the nature and origins of IP as compared to physical property. I can’t find much to disagree with in it, but apparently I was expected to? So I will clarify where I think points of controversy might arise starting off from there.

A) One of the assertions that seems to be made with some frequency about the enterprise at IPcentral of which I am a part is that we think that IP and physical property are just the same. As far as I know, neither myself nor any of my colleagues think that (I don’t speak for them ordinarily but I think I can safely venture to do so on this point). But we’ll tend to emphasize the similarities rather than the differences when we think the differences are not as relevant as they are sometimes thought to be:

An example: It is sometimes pointed out that the marginal cost of sharing IP is zero or nearly zero. This is sometimes taken as an argument by people who know a little economics (and no Austrian economics) that this is what the price of IP should be as well–zero or nearly zero. But the argument proves too much; it turns into an attack on physical property as well. The marginal cost of an alarming amount of *phsyical property* is nearly zero as well (stamping out another pill once the drug has been researched and is in production, for example, or another silicon chip, or what have you). Furthermore as the physical property economy evolves and production becomes more efficient, we should expect the production of more and more physical property to near marginal cost–if you are in the business of producing physical property, one of your aims is quite likely to be to drive the cost of production lower and lower. Furthermore in order to sustain incentives for production both IP and physical property need to be priced above marginal cost, especially when marginal cost is zero or near zero. (I need to add a link here to the conference a few years back on marginal costs, but I can’t find it now. Ah, here it is.).

What I just said, in a nutshell: I think the differences between physical property and IP are extremely significant, but not necessarily in the ways that IP critics commonly think they are (here’s an article I wrote on the significance of some differences a while back). For the most part my colleagues at IPcentral think along similar lines. We might use physical property examples as analogies, but an analogy is well, an analogy, not intended to be taken too literally.

If it makes IP critics happier, I could call “intellectual property” something else. Say, “intellectual schmoperty,” or more seriously, as I experimented with a few years back, a set of special default rules for contract (that happen not to require privity). But whether one calls it property or not, the substance of the debate about its merits remains the same, and one can still make analogies.

B) The second point where I suspect we ultimately differ is in the nature of the fences that Jim talks about and the sort of fences that I would describe. Fences are definitely important. Physical fences are the most basic, and then there are also legal fences, either contractual or statutory. But did Jim mean there could be only physical fences? (I don’t think he meant that, that would be Hobbes not Locke).

Either way, fences have costs; keeping the costs of the fences low is important. Physical ones are nice because they are relatively self-enforcing and therefore cheaper–even after development costs (which are internalized by the fencer and so kept in check). For legal bounds, they can’t usually be self-enforcing, but it is better if they are somehow enforceable. Contracts that make a simple trade are best; you give me money, pretty much simultaneously I give you an apple, done. Then comes contracts that involve relations that are more remote in time in place… they get awfully complicated. And then finally comes statutes, which are the most complicated of all, and start involving rent-seeking risks and a load of other stuff. Last-resort rules and last-resort enforcement institutions that have not evolved nearly as fast the private economy (a government failure, if you would, rather than a market failure).

So what do we do in an environment where fences of any kind have suddenly become almost impossible to maintain? We could just . . . let it go. But I think that this ends up in a world that is a little too close to Hobbes for my taste, or for investor’s tastes. So where I ultimately differ with Jim is in thinking that it is all right to tinker a bit at the margins with the substantive ground rules to help the fences take shape and maintain some semblance of integrity. Nor do I think the burden of bearing the costs of the fencing needs to be entirely on the owners of the property being fenced, just so long as most of it is.

But it is really a small difference. To make an analogy, Jim (Harper) would not like, I take it, legal rules restricting the proliferation of specialized tools for opening locked car doors. I think that such rules are preferable to the alternative. But note that for me this is essentially an empirical question about the circumstances under which everyone is better off!!!! A very hard call to make on the basis of a priori arguments. Which is why I have booted IP into my mental category of hard problems.

Jim, go ahead and make your argument now about malum prohibitum, etc., if you want, I thought you were going to make that and I wanted to respond to that, too.

DRM in Action

by on February 21, 2006 · 2 comments

I’ve just finished reading Felten and Halderman’s excellent paper on the XCP and MediaMax copy-protection schemes adopted by Sony BMG. It’s well worth the read if you’re interested in getting a glimpse at the real-world implementation details faced by DRM designers.

What I found most striking was how unsophisticated most of the security mechanisms in these programs were. Felten and Halderman found several ways that a moderately technically sophisticated user could defeat the controls (that’s not counting “hold down the shift key” and “get a Mac”). It’s not clear to me what Sony BMG was trying to accomplish with this software, but it clearly wasn’t to keep determined users from getting unscrambled copies of their music.

A couple of weeks ago, in comments, I got a tongue-lashing from Solveig Singleton for my suggestion that DRM was a legal, rather than a purely private, enforcement mechanism:

The DMCA is certainly a legal barrier. And to some extent, effective DRM, or some of it, relies indirectly in turn on some kind of backup by the DMCA, enough to stop the commercial proliferation of cracking tools. But DRM and the DMCA are not the same thing!!! DRM is a private mechanism. Its basic operation is physical. Like a lock on a door. The fact that a policeman will bust you if you break a lock doesn’t make the lock any less a private mechanism. It has costs, but these are quite different from the costs of a legal mechanism as such.

But it appears that her colleague, James DeLong, disagrees with her:

Continue reading →

Mea Culpa on GoodMail

by on February 18, 2006 · 4 comments

I haven’t checked Declan’s site in a few days, but I see that he’s posted a couple of insightful emails about the Yahoo/AOL/Goodmail pay-for-email program I last week:

Imagine that you are an online service that needs to ensure that a customer order confirmation, or an equivalent critical transaction message, is delivered to the customer. Then imagine that you are offered a means of safely and reliably identifying this specific class
of mail, so that it receives differential handling. The incentives for a company to pay to ensure that delivery are substantial.

And that is what the recent announcement is about. It concerns a means of ensuring delivery of “transactional” mail. This is quite different from “marketing” mail and it is not in the least controversial.

This makes a lot more sense to me, and it makes me think my previous comments criticizing the program were too hasty. I thought it was a bad idea because much of the media coverage suggested that AOL’s long-term goal was to make all commercial bulk emailers pay postage if they wanted to reach AOL users. But it sounds like the purpose is rather different: it guarantees that high-value content like travel itineraries and bank statements will get through spam filters, while the treatment of other mail remains unchanged.

This is particularly important because many spammers do their best to emulate legitimate documents like bank statements, in the hopes of tricking users into clicking them. That makes it difficult for spam filters to tell the difference, and raises the risks of both false positives and false negatives. Not only do users benefit by getting their email expeditiously, but more importantly, the email would come with a “seal of approval” that will assure the user that the email is genuine.

If Declan’s commenter is right, this is not primarily about marketing emails, as the media reports I read implied. And it certainly isn’t targeted at bulk email in general. While companies certainly could use this service to ensure their monthly emails and such get through, many are likely to conclude it’s not worth the expense: 95% of their email likely makes it through already, and it’s probably not worth the cost to reach that final 5%. But on the other hand, when I purchase an airplane ticket, it’s pretty important that my itinerary reach my inbox. I bet Travelocity will be more than happy to kick in a quarter of a penny to make sure it reaches me.

So I take it back: this does sound like a promising concept. I should have done more digging before badmouthing it.

TechDirt points out yet another article about how the content industries are shooting themselves in the foot with overly aggressive copy protection. Next-generation video formats will only allow themselves to be viewed at full resolution on certain hardware. A lot of computer hardware being sold today doesn’t make the cut, despite the fact that they are physically capable of displaying the content at full quality. The result: you buy a shiny new computer with a Blu-Ray drive, and find that it plays Blu-Ray movies at lower quality than your old computer played DVDs. That will really get users excited about adopting the new format!

Why is Hollywood going out of their way to piss off their own customers?

The copy-protection muddle stems from Hollywood studios’ desire to avoid the film piracy that was born when tools for unlocking the encryption technology on today’s DVDs began spreading online in late 1999.

But that completely misunderstands why the DVD’s copy protection system failed. Hackers didn’t use the “analog hole” to record unprotected copies of DVD content. Rather, they reverse-engineered the encryption itself, allowing them to decode DVDs directly. All the “analog hole” countermeasures in the world won’t do a bit of good once the content itself has been decrypted.

This wouldn’t be the first time Hollywood has done its best to strangle a promising technology in its cradle by treating its customers like criminals.

Update: Ars highlights another way that copy protection on next-gen video formats is likely to irritate customers: because the copy-protection specs are still being negotiated with barely a month to go before release, the first batch of HD-DVD players will probably require a firmware upgrade before they’ll be able to actually play videos.