It’s a few weeks old, but be sure to check out Cory Doctorow’s excellent explanation for why copy protection can never work:
[Encryption] works brilliantly. You can download an email privacy program that uses standard, public encryption algorithms to scramble your email so that only its intended recipients can read them. You know that messages can only be read by the authorised sender and the authorised receiver because you are the only ones who know have the key.
It’s great for email, but it can never work for movies, TV shows or music, because in the case of “copy protection” the receiver is also the person that the system is meant to guard itself against.
Say I sell you an encrypted DVD: the encryption on the DVD is supposed to stop you (the DVD’s owner) from copying it. In order to do that, it tries to stop you from decrypting the DVD.
Except it has to let you decrypt the DVD some of the time. If you can’t decrypt the DVD, you can’t watch it. If you can’t watch it, you won’t buy it. So your DVD player is entrusted with the keys necessary to decrypt the DVD, and the film’s creator must trust that your DVD player is so well-designed that no one will ever be able to work out the key.
This is a fool’s errand. Because the DVD player has the key, it’s always possible that it can be extracted by academics, hardened hackers – or just kids who are in it for the glory.
Doctorow makes an analogy to the speed of light, but I think a better analogy is that DRM systems are to computer science what perpetual motion machines are to physics. Anyone who says he’s got an unbreakable DRM scheme is either clueless or lying. Yet DRM snake-oil salesmen, like the charlatans who periodically claim to have invented a perpetual motion machine (or infinite compression algorithms), are perpetually coming up with clever new ways to obfuscate the fundamental impossibility of what they’re trying to accomplish. If you make a system complicated enough, it can be difficult to explain its flaws in laymen’s terms. But that doesn’t mean it doesn’t have them, or that they aren’t fatal.
This is just appalling. You cannot win a PR battle from a defensive crouch.
A top Democratic leader opened the door Tuesday to granting U.S. telecommunications companies retroactive legal immunity for helping the government conduct electronic surveillance without court orders, but said the Bush administration must first detail what those companies did.
House Majority Leader Steny Hoyer, D-Md., said providing the immunity will likely be the price of getting President Bush to sign into law new legislation extending the government’s surveillance authority. About 40 pending lawsuits name telecommunications companies for alleged violations of wiretapping laws. Democrats introduced a draft version of the new law Tuesday without the immunity language.
If Congress passes legislation giving the president expanded wiretapping authority, and he vetoes it because it doesn’t include a get out of jail card for AT&T, that should be a PR disaster for the Republicans. The Democrats should be thrilled to go on the campaign trail saying “Mr. President, we passed legislation giving you the authority you requested. It’s not our fault you chose to put the interests of your friends in the telecom industry ahead of protecting American lives.”
Yet for some reason, the Democratic leadership seems to have chosen a strategy of preemptive surrender, where they announce in advance that they’re so terrified of a veto that they’ll give the president basically whatever he wants as long as he promises to sign it. Under those circumstances, the president obviously isn’t going to budge an inch.
The text of the RESTORE Act is here. It’s not quite as bad as I’d feared from media reports, but it still has some serious flaws. The most frustrating thing about it is that it starts off really well. The first substantive provision is:
Notwithstanding any other provision of this Act, a court order is not required for the acquisition of the contents of any communication between persons that are not United States persons and are not located within the United States for the purpose of collecting foreign intelligence information, without respect to whether the communication passes through the United States or the surveillance device is located within the United States.
In my opinion, they should have just cut the bill off there. The whole thing would have been 3 pages long, it would have taken away the White House’s most potent talking point, and it would have gotten the enthusiastic endorsement of people like me.
Instead, it goes on to create this elaborate, cumbersome, and arguably unconstitutional “blanket warrant” process for eavesdropping on calls between an American and a non-American. I have yet to see any coherent explanation for why such a provision is necessary.
A significant amount of the bill is devoted to detailing a variety of reports and audits that various parts of the executive branch are required to submit about the government’s surveillance activities. While more oversight is rarely a bad thing, I’m frankly not that enthusiastic about these provisions because I’m worried they’ll be perceived as a substitute for individualized warrants. Moreover, I think there’s a good argument to be made that genuinely foreign surveillance activities shouldn’t be subject to the same level of scrutiny as domestic surveillance. So to the extent that all these reporting requirements blur the line between domestic and foreign surveillance, I think that could be a bad thing.
I continue to be baffled by the politics of all this. I imagine the Democratic leadership thinks they’re going to buy peace with the White House by compromising and giving them some of what they want. But that’s not how this administration works. They’ve never shown any willingness to meet critics halfway. (See, for example, Max Cleland) If the Democrats give the president anything less than everything on his wish list, they’ll be loudly denounced as soft on terrorism. So if they’re going to get attacked anyway, they might as well at least make their base happy by passing a bill that’s strongly supportive of civil liberties.
This is not that bill. The ACLU is endorsing Rush Holt’s alternative legislation, so perhaps that’s the legislation advocates of civil liberties should be demanding.
I find it amazing that people would make an argument like this with a straight face:
Brian Darling, director of Senate relations at the conservative Heritage Foundation, told Cybercast News Service that he expects “the White House will threaten to veto this.”
“Some elements are problematic for anti-terrorism,” he said, particularly the lack of a provision that would grant retroactive immunity for telecommunications companies that provided information to the government and may have done so illegally.
“It should be retroactive,” said Darling. “These companies are getting sued because they were trying to be helpful … to hunt down people who are abusing our telecommunications system to carry out acts in the United States.”
This sounds like a marvelous legal principle: firms can ignore the law and compromise their customers’ civil liberties with impunity, as long as they were “trying to be helpful.” Come to think of it, why do we need warrants at all? Instead, let’s just have the FBI and the NSA issue “certificates of helpfulness” in exchange for their customers’ private information. I mean, the nice man from the NSA would never ask for information he wasn’t allowed to have, would he?
The Restore Act is generating a lot of media interest. I just finished an interview with WTOP in DC. Tomorrow, I’ll be speaking with KMOX in Saint Louis at 8:40 AM (Central), WLAP in Lexington, Kentucky at 10:35 (Eastern), and on WABC in New York City at 11:10 (Eastern). All of them appear to have live Internet feeds (albeit in irritating proprietary formats) in case any TLF readers want to listen in.
Geoffrey Stone has a great review of Jack Goldsmith’s book that makes it crystal clear that we’re dealing with an administration that has nothing but contempt for the rule of law and the separation of powers:
As it implemented its “go-it-alone” conception of executive authority, the administration “rejected any binding legal constraints” on the president’s power. Whenever anyone suggested consulting Congress on such matters as detention, interrogation, habeas corpus, military commissions, or surveillance, Addington’s invariable response was, ” ‘Why are you trying to give away the President’s power?’ ”
The most critical issue Goldsmith encountered involved the “torture memos,” which purported to provide a “legal basis for what President Bush later confirmed were ‘alternative interrogation procedures used at secret locations.’ ” Consistent with the administration’s extreme view of presidential authority, the memos argued that the Torture Act of 1994 — which made it unlawful for government officials to engage in torture — violated the president’s inherent constitutional power as commander in chief to authorize torture. According to Goldsmith, CIA interrogators viewed these memos as a ” ‘golden shield’ ” that would insulate them against criminal liability.
Although no head of the Office of Legal Counsel had ever overturned an opinion issued by the office in the same administration, Goldsmith concluded that the extreme assertion of presidential authority in the torture memos had “no foundation” in any “source of law.” They rested entirely on “one-sided legal arguments” and were nothing more than unreasoned assertions of “sheer power.” Goldsmith decided he had a legal and constitutional responsibility to withdraw the torture opinions.
At the same time he informed Atty. Gen. Ashcroft that he was withdrawing the opinions (Ashcroft, by the way, was “supportive” of Goldsmith’s conclusion), he also submitted his resignation, in part “to ensure that my withdrawal” of the torture memos “would stick.” The timing, he believed, “would make it hard for the White House to reverse my decision without making it seem like I had resigned in protest.” He was right, and it worked.
Goldsmith, it should be emphasized, has described himself as not being especially concerned with civil liberties. Yet he found it necessary to resign after only 10 months on the job. The same story can be told of other officials—Jim Comey, John Ashcroft himself—who were hardly left-wingers, but who ultimately were unable to stomach the Bush administration’s cavalier disregard for the constitution. The only people who are still in the White House at this point are people who weren’t disturbed by the president’s theory that he can pretty much do whatever he wants regardless of what Congress or the Supreme Court say. Why on Earth would Congress want to encourage this kind of behavior by giving the executive branch even more power to spy on Americans without court oversight?
I think I’ve made this point before, but it’s worth making again:
Two months after insisting that they would roll back broad eavesdropping powers won by the Bush administration, Democrats in Congress appear ready to make concessions that could extend some crucial powers given to the National Security Agency.
Administration officials say they are confident they will win approval of the broadened authority that they secured temporarily in August as Congress rushed toward recess. Some Democratic officials concede that they may not come up with enough votes to stop approval.
This isn’t how Congress works, and a reporter from the New York Times should know better. If the leadership of the majority party in Congress doesn’t want a particular piece of legislation to come to the floor, it’s extraordinarily difficult for other members of Congress to bring it to the floor. As I understand it, the primary mechanism in the House is a discharge petition, which requires the signatures of the majority of members of Congress. According to Wikipedia, only 47 piece of legislation have received the required majority in the last 70 years, and only two of those have become law. In other words, by and large if the leadership doesn’t want a piece of legislation to move, it doesn’t move.
And then there’s the Senate, where in addition to the usual prerogatives of leadership, any 41 members of the Senate can stop legislation with a filibuster. I find it extraordinarily hard to believe that the Democratic leadership couldn’t find at least one of these mechanisms to stop a bad FISA bill. The more likely explanation is that the leadership simply doesn’t consider this issue important enough to risk giving Republicans a campaign issue next year. Which is fine; that’s the sort of political calculation the congressional leadership is supposed to make. But if that’s what’s going on, then reporters should call a spade a spade, and not let the leadership get away with making lame excuses.
Can someone remind me what the point of having an opposition party was supposed to be? I’m pretty sure this wasn’t it:
House Democrats plan to introduce a bill this week that would let a secret court issue one-year “umbrella” warrants to allow the government to intercept e-mails and phone calls of foreign targets and would not require that surveillance of each person be approved individually…
“Some conservatives want no judicial oversight, and some liberals oppose any notion of a blanket order,” said James X. Dempsey, Center for Democracy and Technology policy director. “So the challenge of the Democratic leadership is to strike a balance, one that gives the National Security Agency the flexibility to select its targets overseas but that keeps the court involved to protect the private communications of innocent Americans.”
Continue reading →
TLF contributor Jerry Brito and his colleague Jerry Ellig, both of the Mercatus Center at George Mason University, recently released a comprehensive new paper on the law and economics of network neutrality regulation. In a wide-ranging discussion, we explore the economic arguments for network neutrality regulation, discuss how economic theory applies to the issue, and Jerry Brito fills us in on the legal status of the FCC and FTC’s various pronouncements.
I generally try to have podcasts up within 24 hours of recording them, but this one was recorded last Wednesday. My apologies for the delay.
There are several ways to listen to the TLF Podcast. You can press play on the player below to listen right now, or download the MP3 file. You can also subscribe to the podcast by clicking on the button for your preferred service. And do us a favor, Digg this podcast!
Continue reading →
Here’s a great talk by Yahoo’s Ian Rogers:
Eight years later, Amazon’s finally done what was clearly the right solution in 1999. Music in the format that people actually want it in, with a Web-based experience that’s simple and works with any device. I bought tracks from Amazon (Kevin Drew and No Age), downloaded them, sync’d them to my new iPod Nano, and had them playing in my home audio system (Control 4) in less than five minutes. PRAISE JESUS. It only took 8 years.
8 years. How much opportunity have we lost in those 8 years? How much naivety and hubris did we have when we said, “if we build it they will come”? What did we spend? And what did we gain? We certainly didn’t gain mass user adoption or trust, two prerequisites to success on the Internet.
Inconvenient experiences don’t have Web-scale potential, and platforms which monetize the gigantic scale of the Web is the only way to compete with the control you’ve lost, the only way to reclaim value in the music industry. If your consultants are telling you anything else, they are wrong.
Yahoo! Music demonstrates this scale discrepancy perfectly. Yahoo! is the world’s #1 Internet destination. Hundreds of millions of people visit Yahoo! each month. Yahoo! Music is the #1 Music site on the Web, with tens of millions of monthly visitors. Between 10 and 20 million people watch music videos on Yahoo! Music every month. Between 5 and 10 million people listen to radio on Yahoo! Music every month. But the ENTIRE subscription music market (including Rhapsody, Napster, and Yahoo!) is in the low millions (sorry, we don’t release subscriber numbers, but the aggregate number proves the point), even after years of marketing by all three companies. When you compare the experiences on Yahoo! Music, the order of magnitude difference in opportunity shouldn’t be a surprise: Want radio? No problem. Click play, get radio. Want video? Awesome. Click play, get video. Want a track on-demand? Oh have we got a deal for you! If you’re on Windows XP or Vista, and you’re in North America, just download this 20MB application, go through these seven install screens, reboot your computer, go through these five setup screens, these six credit card screens, give us $160 dollars and POW! Now you can hear that song you wanted to hear…if you’re still with us. Yahoo! didn’t want to go through all these steps. The licensing dictated it. It’s a slippery slope from “a little control” to consumer unfriendliness and non-Web-scale products and services.
I’m frankly not as optimistic as Rogers that the labels will be able to pull out of the tailspin they’ve gotten themselves into. The music labels have decades of inertia pushing them in the wrong direction, and large, bureaucratic institutions rarely show the kind of agility needed to negotiate new technologies in any event. So while it’s great that they’ve finally started to realize what was obvious to some of us years ago, my guess is that they’re going to continue to be five years behind the curve for the foreseeable future, always playing catch-up to other firms who are pioneering new ways of distributing and promoting music.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.