My Own Private ACTA

As we lurch into the second decade of the post-Napster era, I am struck by how many similarities there are between the problems that the creative community has online and the problems that we are asking our government to protect us from.

Given fundamental flaws in the Internet’s initial architecture, the lack of authentication and basic identification gives rise to cross-border identity theft and law enforcement issues not to mention nastier forms of commercial spying and outright espionage. This plays a key role in the relations between the U.S. and its trading partners and competitors, especially China. As James Mulvenon, director of the Defense Group’s Center for Intelligence Research and Analysis, has noted, the reason that there is no meaningful security baked into the network is because those who were around for dARPAnet node No. 1 (such as Steve Lukasik) did not think the network would ever be used for malicious purposes and thought that putting security in the stack would make it less efficient.

Boy, was he wrong.

However much the continued cyberattacks are symptomatic of commercial and espionage challenges that countries with valuable digital properties (often intellectual property or classified materials), the more serious of these attacks are aimed largely at the intellectual property economy. Mulvenon puts it succinctly: “Remember the halcyon days when we were worried about Taiwanese hackers putting “Hello Kitty” logos on Chinese web pages? Given our dependence on the network and given our vulnerability, we are now racing toward a future in which we are frantically trying to repair the car while we are driving 70 miles an hour down the freeway.”

Members of the creative community have to find all this rather amusing in a sick kind of way. We have been robbed blind online for a decade, but–typically–now that it’s Google who is falling victim to cyber commercial espionage—now America has to worry about what’s happening to a multinational corporation.

Market Rules One Substitute for Network Security

The lack of security and authentication at the network level means that it is highly unlikely that there will be a fix anytime soon—if ever. Discussions about dealing with the massive theft and other moral hazard issues online often center around filtering at the network level. I just don’t believe this can happen without starting over again on the Internet’s architecture which is highly unlikely to happen.

Given that re-architecting the network is not a realistic possibility, it is critically important that alternatives be developed that can make up for the extraordinary lack of foresight of the network designers. “Geeking around” these problems of the nation state is not a perfect solution and certainly would have its flaws and inefficiencies. But it’s better than nothing and is certainly better than self-help alternatives.

One solution might be to have an internationally recognized law enforcement solution that many countries would negotiate in line with other international treaties and their representative governments and that would offer at least a framework to create additional commercial security online and in line with international law.

In addition to these interlocking agreements, intellectual property owners can take advantage of digital rights management solutions that they think will advantage them in line with market reaction by consumers. Examples of DRM applications include video games, books and movies, as well as some music retailers such as the highly successful iTunes (which offers a DRM and, increasingly, a non-DRM solution) and the non-DRM files available at Amazon. Another tool to compensate for the lack of security built into the network. (I’ve been banging the table about allowing the market to find a non-DRM solution for a good five years.)

If these options are not available as law enforcement solutions to governments or commercial solutions to the creative community, the file stealing operators such as Limewire and Isohunt will be able to unilaterally impose their own “rules” on the governments of the world in stark defiance of international law.

Wait—there is such a framework agreement called the Anticounterfeiting Trade Agreement, or ACTA. Nowhere is there more venom directed at ACTA than from Michael Geist (aka “he who shall not be named,” according to a prominent Canadian artist. Geist is advisor to the U.S.-backed Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic, the Alcan of intellectual property, with its American advisory board, and the paid consultant to Industry Canada. SGCIPPIC‘s external advisory board includes Lessig, the EFF legal director, the director of EPIC, and Pamela Samuelson, who is also a board member of EPIC and the EFF. Very cozy.)

So what does Geist want? I mean in addition to attention.

His Own Private ACTA

Geist has something of an obsession with DRM or what he calls “digital locks”. Given his apparently close relationship with modchip makers (modchips are used to crack the DRM on videogames), this is not surprising. Modchip makers (such as the Canadian Coalition for Electronic Rights, a grandiose moniker if ever there was one) clearly want to stop any laws that prohibit them from selling their warez–directly affected by anticircumvention rules.

The new legislation to reform Canada’s copyright laws protects the right the IP owners enjoy under the laws of many countries (including the United States) to use DRM solutions. The legitimate purpose of DRM is to further the purposes of copyright and allows a copyright holder what is essentially a protection against serial copying from an authorized source to an unauthorized source. The self-defined-copyright crowd is has been wringing their hands about DRM for years—as has Geist. The argument about DRM boils down to whether the government can dictate to a copyright owner whether they can use DRM on copies of works of copyright. It is frequently positioned by self-appointed consumer advocates like Geist that the mere presence of DRM is itself harmful to consumers.

What is always omitted from arguments against DRM is the fact that the market will tell the copyright holder whether DRM works. Meaning that consumers—not consumer advocates—are the best judges of what they want to buy. If DRM is too restrictive, it will fail. If not, it will succeed.Meaning that in order to know whether DRM works, there must be at least a somewhat orderly market so that copyright owners can tell how much DRM is commercially successful—or maybe have no DRM.

Witness the music industry’s gradual adoption of mp3 as a sales format. I encouraged the industry to adopt mp3 as a format starting around 2001. I remember having a conversation with a sales executive around that time in which I asked if they had a problem with not having an offering in a format that accounted for 1 billion downloads a month. (A bit of a fudge for dramatic effect, but you get the idea.) The reaction I got was like a dog on a mirror.

After a decade of worrying about DRM in the face of massive theft of their property (and after having missed the boat on putting serial copy protection in devices as was done with cassette players), it suddenly dawned on everyone that they needed to quit making it difficult for fans to buy rather than steal the music that would play on the players they were most likely to have.

iTunes found an excellent balance of DRM controls that was obviously successful with consumers.

So why is it that Geist pounds the table about DRM? It appears to be because he believes that the only way to protect consumer interests is to do the thinking for the consumer before the consumer gets a chance to choose between a DRM work and a DRM-free work. This would also have the benefit of denying copyright holders the right to protect their works.

And of course it would make life much easier for consumer electronics companies who want to free ride on works that owners choose to protect. Wouldn’t it be a much more decisive consumer message to have the DRM goods rejected in an orderly market?

My Private WIPO

Where do these anti-circumvention statutes come from? The WIPO Copyright Treaty—which Canada has agreed to—among other places. Geist takes an absurdly narrow view for which he has been deservedly criticized, including by Dr. Mihály Ficsor, the former Assistant Director of WIPO (See
Legends and reality about the 1996 WIPO Treaties in the light of certain comments on Bill C-32” an academic paper directly challenging Geist’s lightweight interpretation of the digital rights management provisions of the WIPO Copyright Treaty).

So when you add all this up, what Geist seems to want is to impose his own version of reality on the international creative community—not just Canadians. If Canadians decided to live in the Geist universe as applied to Canadian content in Canada, fine. (Which is the case the Canadian orphan works regime.) But that territorial restriction seems to get left out, and is highly unlikely to happen in a networked world. Surely Geist knows this. We live in a networked world and this is a prime example of why we have treaties and why there are international trade agreements–a topic of considerable interest this week due to the G-20 meetings.

The effective result of what Geist wants to do is the imposition of his own private ACTA on the creators of the world—rules not negotiated by Canada’s trading partners, but rules to be imposed by Geist, modchip warez makers and consumer electronics industries, under the watchful eye of “AceLessig, the EFF and the Samuelson-Glushko triangulation).

Sorry—I don’t think that was why Canada negotiated and signed the WIPO Copyright Treaty.

2 thoughts on “My Own Private ACTA

  1. I think it's a bit harsh to suggest that the ARPAnet designers had an "extraordinary lack of foresight". They never expected that the network they designed would be used in an uncontrolled manner by anyone in the world; they assumed that the vast majority of the nodes would be at military or high-security installations, with a few stations at critical civilian locations. In that latter concept, the lack of authentication doesn't matter as much, because anyone who can get to a terminal is inherently authorized to use it.Not that this solves the problem, but your language gives the impression that it's a flaw rather than a deliberate and at-the-time logical design choice.


  2. That's a fair point. I don't quite agree that it's not a flaw (which will come as no surprise!) but maybe it would be better to say it was a mistake. I do think that someone at some point somewhere before, during or after could have raised their hand and said let's not have commercial applications until we get this sorted. Admittedly a bit of revisionist history, but only a bit.


Comments are closed.