mskala's home page : lawpoli : copyright

Toronto consultation meeting (26 March 2002)



This is a description of my trip to the Industry Canada/Heritage Canada (IC/HC) copyright consultation meeting in Toronto on 26 March 2002.  This report was first posted on 28 March.  Most readers are probably most interested in what actually went on during the five sessions of the meeting, so I'll cover that first; then I'll give some additional comments on my suggested strategy for future meetings and activities, and other notes not necessarily related to the copyright meeting.  If you haven't read my previous commentaries on these meetings and issues, those are linked (along with similar stuff from other people) on my DMCA de Canada page.

The day was divided up into five sessions, with breaks in between.  During the sessions we all sat at little tables in a big hotel conference room, typically about four people to a table.  I'd estimate a total of 60 delegates, maybe a little more.  [Correction:  Ms. Hendela of IPPD told me in Ottawa that actually, it was more like 100.] Each session started with a brief presentation during which the representatives from IC/HC presented the questions they'd like to have answered, and then followed a long comment period in which the delegates took turns making short speeches about their own interests, seldom if ever addressing the questions actually asked.  There was a microphone on each table and a pretty good effort made to see that the time was allocated fairly to everyone who wanted to talk.

I started out trying to write down all the names of people who commented, and summaries of what they said, but I got bogged down after the first session because I found it difficult to listen, summarize, and also outline my own remarks at the same time; and I had to outline on the fly because the nature of the discussion was rapidly changing with the points different people brought up.  I also don't have the right spellings for most of the people's names, and so will avoid using names except where I'm sure.  I'm paraphrasing a lot of people here, and hope I don't misrepresent anyone's positions.  If I do, I guess they can sue me.  Ha ha.  I'm pretty sure I got all the main interesting points and directions of discussion in the report below.

"Making available" privilege

Topic for the first session:  should we create a "making available" privilege?  My position going into the meeting was that it's just a different way of splitting the existing bundle; we can say that making a file available on the Internet is a separate activity from copying it (which is covered by the "reproduction" privilege), or that those are the same thing.  Both are covered by copyright but if they're split into separate privileges then the contracts we might write to transfer copyright can become more flexible; either way it doesn't affect me much, which is one reason I kept my mouth shut during this session and just listened to the comments to see if I could gain some insight as to how the different parties were staking out the territory.

There were some indications during the session, and Loris Mirella from Heritage clarified this for me during the break afterwards, that that's not really what the "making available" debate is all about.  The more significant issue is that at present, writers have an exclusive privilege of "communication to the public", which is being taken to include things like putting documents on the Web - so the writer can say "you can't post this on the Web".  The question is, should performers and "producers of phonograms" have a similar privilege?  The WIPO treaty says they should, but Canadian copyright law doesn't currently allow for that; so there's an issue of extending the existing law to cover performers and producers as well.  I'd be willing to agree with that as far as it goes.  There is also room for argument about how the privilege of "authorizing communication to the public" relates to the privilege of "making available", but that's less interesting.

That said, the "making available" session didn't really address the questions as described above; it was mostly a chance for lots of groups to flag whatever they thought would be important issues later in the day.  We started with someone from CHUM-TV, who made a lot of general feel-good remarks about what a wonderful comment process this comment process is, and so on, and then said he thought the two most important issues we faced were "competitiveness", especially with the U.S.A., and "piracy".  He seemed to assume that we were all there to represent constituencies of privilege holders of various kinds.

Graydon Hoare of RedHat immediately disproved that by expressing the techie view:  he said that as far as he was concerned, there was no way for the technology to treat "making available" as different from "reproduction"; copying and transmission are fundamentally the same.  We can legislate all we want, but we can't expect the machines to separate those two privileges.  Mr.  Hoare seemed to be generally considered as speaking on behalf of his company, although (as he later tried to make clear) he only intended to be representing himself.  Someone from the council of provincial ministers of education (I'll call it CoMoE, although I think the official abbreviation may be something else) brought up that a making available privilege could have an effect on education, and that should be taken into account; I'd class that as basically in the "staking out a claim" category.

Next up was David Basskin, executive director of the Canadian Music Publisher's Association (CMPA).  This is a character we should watch.  My judgment was that he was the smartest speaker on what I think of as the other side of the issues from myself; during the day he said a lot of things I disagreed strongly with, but interestingly enough, a few things I agreed with.  His remarks at the start of the "making available" session were ones I basically agreed with:  stressing the importance of technological neutrality.  I suspect that his motives for supporting technological neutrality may be quite different from my own.  When we get a new wrinkle on an existing technology, his organization may want to be able to crush it quickly on the litigation plane, without needing to wait for legislation; if the law is too specific to particular technologies, then anything new will be outside the law.  Our side simply doesn't want to be tied into antiquated technology - for instance, with per-megabyte taxes on things that are not sensibly measured in megabytes anymore.

Sean Rooney of Coldstream Associates used his time to say that the SSSCA is an incredibly bad idea and, if passed, will result in the total annihilation of the U.S. high-tech industry.

Next was someone from the Director's Guild, who was more on-topic:  she said that the making available right should be the same for "performances" and "works"; I'd interpret that as saying (in answer to the question) that yes, it should be extended from authors to performers and producers of phonograms.  A Writer's Union representative then commented that it should cover authors, which (under my current analysis) it already does.

Next we heard someone from the photographer's organization, who wanted A. a making available privilege for photographers, and B. copyright for photographers at all.  He described how at present in Canada, copyright for photographs made by commercial photographers goes to whoever paid for them automatically, instead of to the photographer, and this is a way in which we're different from everywhere else, and something they've been fighting for 25 years already.  (This sounds like it may be related to the "work for hire" concept, but I don't know the details.) June Callwood, who is a Canadian writer famous enough that I recognized the name although I don't know that I've read anything she wrote, then spoke up in support of the photographers.

We had someone from one of the recording industry groups, maybe the Canadian Recording Industries Association (CRIA, the RIAA equivalent), who said that all kinds of horrible things will happen if we don't ratify the WIPO treaties yesterday.  Then we had someone from CANCOPY, who made random comments in every direction without any noteworthy content, followed by another photographer who echoed what the earlier one said.

Jarius Pryor, who identified himself as representing "digital artists", objected to the repeated use of the word "theft", claiming that copyright infringement should be called copyright infringement, and is not automatically comparable to theft of physical property that deprives the original holder of the property.  Next, we had a lawyer from the recording industry, who insisted that we must ratify the WIPO treaties as soon as possible, and create a making available privilege.

A lawyer from some broadcasting group spoke against a new making available privilege, apparently because it would make the royalties they pay both bigger and more complicated; she also said that when we talk about striking a "balance", it should be a balance between privilege holders and users, not a balance among the different kinds of privilege holders.  Good point.

Next were someone from an organization of intellectual property lawyers, who said we must ratify the treaties; someone from CRIA who said that interactivity is what invokes "making available"; and Graydon Hoare again, who said that any attempt to track who had interactively obtained a work, would necessitate massive privacy invasion.  After that, we heard from Dr. Samuel Trosow of UWO, who said that it's important to remember what copyright is for - it's not an end in itself, but it exists to promote the goal of having lots of creative work available.

The woman from CANCOPY then shocked me by saying that we shouldn't have a balance, balance is inappropriate, it should all be about privilege holders and the consumers should be happy with whatever the privilege holders deign to sell them, dammit!  Her actual words, which I didn't write down, really were almost as inflammatory as that paraphrase.

The CoMoE representative spoke in favour of having a balance, and for the rights of libraries.  Someone from a copyright-licensing group (didn't record which one) spoke in favour of "collective licensing" (i.e.  the sort of thing that CANCOPY ought to have been talking about) and for the importance of limiting educators.  Can't have those educators infringing on the rights of privilege holders, dammit!

Kyle Lahnakoski, from Arcavia, spoke next, objecting to the use of the word "piracy" because it implies violence, emphasizing that privileges and rights are not the same thing, and stating that the WIPO treaties cannot override the Constitution.  (And I didn't write his speech for him, honest!) Then a writer called Bill Freeman said that the realities of his craft are that he wants to make money and commercialize his work as much as possible, without anybody making exceptions to his ability to do that.

A representative from the Canadian Association of Research Libraries (CARL) spoke to the issues of electronic publication; would a making available privilege put the libraries out of business?  David Basskin spoke next, saying again that technological neutrality is important, then bringing in the linking issues out of the blue.  He apparently wants ISPs to be liable for hosting pages with links to infringing material.  He also suggested that it would be nice if we had some actual proposed legislation to discuss instead of these wishy-washy (my term) discussion papers.  That much I agree with.

Fergal Warde spoke (representing himself) to say that he didn't like the way the word "exploit" was being used, as the goal and right of privilege holders; he doesn't want to be exploited; and also to amplify the earlier remarks about the SSSCA driving technology away from the U.S.A. Unfortunately, and I'm not sure how it happened, I think he managed to cast himself as a wide-eyed uninformed kid, and that haunted him for the rest of the day - speakers on the other side treated him pretty condescendingly.  (I know he'll read this, so would be interested in how he perceived that.  I myself am hypersensitive to age-based condescension, and I may have seen it as worse than it was.) Anyway, the next speaker was the man from Coldstream, who amplified the earlier remarks about privacy being a concern.

Then the publishers spoke again, to (hem hem) correct the unfortunate inaccuracy of Mr.  Warde's belief that they might want to exploit somebody just because they were using the word "exploit" all over the place, and the man from CHUM TV wrapped up the session by saying that even after listening to the whole thing he didn't understand why a making available privilege was necessary, but in the mean time, we should remember to be nice to broadcasters, and keep step with the U.S.A.!

Technological protection measures

The second session was on legislative protection of "technological protection measures" (TPMs).  Should it be illegal to circumvent the technologies privilege holders use to enforce their wishes?  Should it be illegal to publish instructions, software, or hardware for circumvention?  If these things are illegal, should they be civil or criminal matters?  Bruce Schneier has pointed out that trying to make bits uncopyable is like trying to make water not wet; so the TPM question is, when we're all neck-deep in the flood, will we be allowed to swim?

The first speaker was a UofT student who pointed out that the current copyright law doesn't have a privilege of restricting access (as opposed to copying), and that's the privilege that TPMs protect.  Also, that we should preserve the right to create general-purpose software tools, even if they happen to have some infringing uses.  Sean Rooney was next, explaining that his business as a security consultant requires him to test security systems, often to the point of breaking them, and he can't help his clients secure their businesses without being allowed to break security systems.

David Basskin from CMPA pointed out that fair dealing is a defense for alleged infringers, with no obligation on privilege holders to assist in fair dealing.  That is a point I addressed in my third reply submission.  Jarius Pryor told how copy protection breaks compatibility, with resulting nasty effects.  A sysadmin from UofT said that protection of technological measures was unnecessary, breaking it down into several cases (if it works, it'll be too intrusive, if it doesn't work, it'll be pointless, etc.) and talked about how there might be both strong and weak forms of TPM, which maybe should not all be protected.  It wouldn't be right for privilege holders to gain all the power of criminal law just by putting a token TPM on the works for which they hold privileges.  He didn't bring up the ebook/ROT13 story, but talked about similar concepts in simpler words.

Someone from the "interoperable systems" organization (sorry, don't remember their official name) spoke about the need for balance (that CANCOPY remark was obviously still echoing around the room) and said that intent is important - someone who circumvented for a good reason shouldn't be treated the same as someone who was circumventing for the purposes of large-scale commercial infringement.  Then Graydon Hoare of RedHat spoke about how TPMs seemed to represent an attempt by privilege holders to tie their products into contracts, so that they could use the contracts to enforce terms they would not be able to enforce under classic copyright law.

I spoke next.  I identified myself as a graduate student at the University of Waterloo, and said that any discussion of copyright had to begin with the freedom of expression guarantee in section 2 of the Charter of Rights and Freedoms; we have freedom of expression in Canada, but unlike our friends South of the border, we do not have recognition of intellectual property privileges in our Constitution.  Thus, if it comes to a balance between those two things, freedom of expression has to carry a lot of weight.

I said that one significant reason I'm a student at UW is because of the existence of the DMCA in the States, and the comments of Sean from Coldstream about a mass exodus to Canada were very apt.  A couple years ago when I was looking at possible places to do graduate work, there were a lot of universities in the U.S.A. which would otherwise have looked pretty attractive, and although I can't claim that the DMCA was the only reason I didn't go there, it's certainly true that they looked a whole lot less attractive when I realised that there would be entire categories of research I'd be unable to do if I were living in the U.S.A. I was especially concerned about what had happened with Dr. Edward Felten and his research team at Princeton, who had been threatened quite explicitly and definitely by lawyers from the RIAA when they proposed to publish their research results on TPMs applied to digital music.

Next I talked about what exactly TPMs would and could do; I pointed out that to the extent they work at all, they enforce the wishes of the privilege holders, whether those are in line with the law or not.  But from my point of view, that is irrelevant anyway, because it is fundamentally impossible for TPMs to work.  If I can see it, I can record it, and if I can hear it, I can record it, and no amount of technology will ever change that.  There are of course some subtleties of computer science behind those questions, but there is nothing in the theory that can override the common-sense analysis; TPMs cannot work.  I also pointed out (and this may have caused some problems later, although I couldn't have foreseen them) that TPMs may harm values besides fair use, for instance accessibility for the disabled.  In particular, I brought up the Adobe eBook "this book may not be read out loud" restriction and its impact on blind users; that's an example of a privilege holder's wish, enforced by the software, which is not a wish enforceable by law.

The representative from CoMoE spoke next, noting that there are many legitimate reasons why libraries may need to circumvent TPMs, that we should maintain the existing exceptions that benefit libraries, and that interoperability is important.  Sean Rooney then said some scary things about identity theft, and claimed that the more we quash security research, the worse the identity theft problem will become.

A woman from the Publisher's Council then spoke, saying the publishers are actually not evil and shouldn't be so mistrusted.  She was followed by someone whose name and affiliation I didn't catch, repeating the usual anti-TPM sentiments.  Then Dr. Samuel Trosow spoke, suggesting that we look at the actual text of the WIPO treaties, and claiming that very little, if anything, actually needs to be done to our existing laws to bring us into compliance with the treaties.  We should look carefully at the proposals for TPM protection; he suggested that they may be a roundabout attempt to create strong database protection in Canada, something which we don't currently have and shouldn't in the future.

Someone from CANCOPY spoke next.  I can't tell from my scribbled notes whether it was a man or a woman, but anyway it was not the same woman from before.  The summary of the person's remarks in my notes is one word long, and insulting.  I was under a lot of stress at that point.

Someone from the Intellectual Property Institute of Canada (IPIC) spoke, demanding criminal as opposed to civil sanctions.  Then Fergal Warde spoke, highlighting the problems of what the UCITA protesters call "self help" - DMCA-style TPM protection would allow privilege holders to do whatever they wanted to users' computers in retaliation for suspected infringement.  He also said that TPMs essentially treat customers as criminals, and that just doesn't make business sense.  Jarius Pryor followed by reminding us again that copyright infringement is not the same thing as theft.  Two more people spoke in rapid succession, calling for protection of the right to build software tools, and making general anti-DMCA remarks.

Another independent delegate said that prohibition of "devices" gives the "copyright industries" a veto over any new technologies that come along, and past history (in particular, the introduction of consumer audio and video recording and associated litigation) has solidly established that they will use that veto to kill everything new.  A lawyer suggested that we should be focusing on the use of tools (to break TPMs), not the existence of general-purpose tools.

Bill Freeman of the Writer's Union spoke, reiterating that he doesn't care, he just wants to make money and expects his right to do that to be protected, or else he'll go do something else for a living.  A woman from the periodical writer's association spoke, continuing that thread to demand that the privileges of freelancers be respected.  We've heard of several cases involving those issues recently, visiting the issues of what happens when an article that was sold to a print publication then goes into an online database.

The next speaker was from some sort of organization for people with perceptual disabilities, and I wish I'd gotten that down more precisely because her speech was mostly a reaction to my own.  She said her organization supports CANCOPY, CANCOPY supports the blind, they aren't upset about things like the Adobe "no read-aloud" limitation, and she took exception to my use of the word "privilege" to describe the right of copyright, because it is not just a privilege, it's a right, not a privilege, dammit!  Well, it's nice that someone noticed, anyway.

The next speaker, whose affiliation I didn't get but it was one of the publisher-type groups, reiterated that we have to meet the WIPO treaty requirements.  David Basskin spoke next, demanding concessions (unfortunately, I didn't write down which concessions - I was busy outlining my own remarks); then someone else from the recording industry spoke, bringing up Universal v.  Reimerdes as an example of why they need TPM protections.

That is the point at which I stopped trying to list every speaker because it just wasn't working - I had my hands full keeping on top of the present moment.  The debate continued, basically with the two clearly-identifiable sides getting more and more entrenched.  We've probably all already heard most of the arguments on both sides.  Several people on both sides referred back to my speech, so I know I was heard.

I had a second chance to speak, near the end of the discussion period.  I started by saying that although several people had identified me as "the gentleman from the University of Waterloo", I wanted to emphasize that I was not representing the University in any official capacity, and I was primarily here to represent myself, Matthew Skala.  I recognized that not everyone liked my use of the word "privilege" to describe copyright, but I'd thought it over and with all respect to the woman who'd taken issue with it, I would like to continue describing copyright that way.  (I didn't say, but should have, that there's an entire section about this in my written submission.)

Freedom of expression is a right.  It's in the Charter of Rights and Freedoms.  Copyright isn't there; it is a limit on freedom of expression and as such it has much less status.  We all more or less agree that copyright can exist because it's a reasonable limit and good for Canada, but it still exists only as a legislatively-granted privilege.  I suggested that if there were people who objected to my use of the word "privilege", then maybe there were also people who should stop using the words "piracy" and "theft".  I had the impression that that sound bite hit the audience pretty hard.

Anthony DeBoer from Onramp, who was sitting at the same table with me, said to me later that if the government were to end up invoking the Notwithstanding Clause in order to pass TPM-protection legislation, it would be my fault for trotting out the Charter every time I opened my mouth.  But at least if that happened, it would mean they'd have to admit that the legislation was a violation of the Charter, and that would set the stage for a legal challenge.  Invoking the Notwithstanding Clause is a big deal, and very dangerous to the people who do it.  Mere mortals were not meant to meddle with such energies...

Anyway, I said that I'm a privilege holder myself - I create a lot of work including English-language writings and computer programs.  In particular, I wrote a novel which is on my Web site.  Anyone at all can download it for free.  I don't consider that theft or piracy; it's more of a gift.  I'm sure most writers would love to be able to do that with the results of their work.  I can afford to give away the results of my own work because I have a very good "day job" as a computer scientist, but what I'd been hearing in the discussion sounded like attempts to take that away from me.  I flagged Bill Freeman's comments about how writers need protection in order to be able to participate in a vibrant "intellectual debate"; I'd certainly agree with the idea of an intellectual debate because hey, in academia that's what we're all about!  But if we're going to continue to exist, we need protection too - and in particular, we need to be able to discuss and publish our results in the security field without fear of legal threats.

At this point I have three points in my notes and I don't think I covered all of them.  The one I'm most sure I covered was to repeat that TPMs enforce the privilege holder's wishes, not the law, and may go far beyond the law.  The other two points (which I don't think I actually covered in my speech - I was re-prioritizing and editing on the fly) were 1.  that TPMs claim to control copying, but since that is impossible, they at best control access and try to indirectly control copying that way; and 2.  to dispute the privilege of movie studios to region-encode DVDs, as a privilege that has never been in copyright law before and shouldn't be added.  Either I or someone else did bring up that DVD region-encoding issue, because there were attempts to rebut it in the next session, after lunch.

Rights management information

The after-lunch session was about "rights management information" (RMI).  There's been some confusion about what that actually means, and I've even heard a lot of people on our side referring to this topic as "digital rights management" (DRM), which really (from my point of view) is more like a synonym for TPM. As I understand it, RMI is about the actual marks that are added to media to say who holds the privileges.  That could include things like watermarks, but usually it's even less sophisticated than that and just means things like the copy-control bits that already exist on CDs.  Hey, you know how when you run cdrdao(1) you can specify "COPY" or "NO COPY", and an "ISRC" number, in the config file?  That's RMI.

As you will know if you have run cdrdao(1) in any serious way, it doesn't really matter what you fill in in those sections of the config file, because everything still works the same way anyway.  If you look at commercial CDs with the appropriate tools, while those tools are still legal, you'll see that some discs are marked up properly with that information, some have apparently random values, some have none at all, and you are unlikely to find any reason to care.  That is one reason why I'm not too worried about anything under the RMI heading.

I am worried about any hint of RMI being tied into TPMs; as soon as you have a "no copy" bit on a file and law against changing it, there will be a strong temptation to outlaw any tools that ignore, or have the capacity to change, the "no copy" bit.  So any protection of RMI automatically looks like it could be turned into protection of TPMs, and all the arguments of the previous session apply here.  But in the Toronto meeting, the moderators were pretty zealous about short-circuiting any talk of TPMs in the RMI session; they wanted to hear specifically about RMI, as such, in isolation from TPMs, and RMI by itself just isn't a very scary topic.  This session actually ran faster than scheduled because there wasn't much to say, leaving extra time for the next one.

One concern raised in the session was about accuracy of RMI. If the publishers lie about the privileges attached to a media file (for instance, if there's public domain data flagged as "no copies allowed") then someone might have to "tamper" with the RMI in order to make perfectly legal use of the data, and that should not be illegal.  Also, if we have the right to translate formats, that could implicitly have the effect of removing RMI even without that being the main goal.  For instance, an "eBook" translated into flat text will necessarily lose all its machine-readable restriction tags because those just don't exist in flat text; and lossy compression may easily destroy watermarks in audio.

Several recording-industry speakers talked about an idea of adding ID numbers to music - so that the restrictions wouldn't be tied to the file, but could be stored in a central database.  That way, if the status of a file changed, there'd be no need to go replace all the copies.  I have to give them credit for this suggestion; it does address many of the practical objections to the use of RMI. For instance, there's no need to predict in advance the death of the author so that a correct copyright expiry date can be tagged onto the file.  One speaker, a television producer, described an existing industry initiative (I think called ISAVN - "international standard audio-visual number" or something like that) which involves a 16-digit number that can then be looked up in a central database.

A central database of all media files, checked every time one is played, is of course an unheard-of privacy invasion, but as long as TPMs are not protected that doesn't really matter much to me - nothing is forcing you to use a player that will bother to check the central database.  People could even build alternate central databases and use them in interesting, cool ways.  The ID number by itself is no big deal.  We haven't been hurt too much by UPC codes on consumer products, ISBNs on books, or ISSNs on magazines.  A lot of people got upset about Intel CPUIDs, but they were misinformed about which components of the system had which consequences, and the actual numbers themselves were basically harmless.  The ISAVN need not be any worse than those examples.

From a technical point of view, I think I'd be even happier with some kind of a robust hash, that would compute an ID number from the actual media content itself.  That could be much harder to tamper with; it's also a technically interesting idea, just because exotic hash functions are a research interest of mine.  See, for instance, my blind substring paper from 1998 - I published a clever way for a censorware program to resist attack, and then a couple years later I became known for attacking a censorware program.  You can't say I didn't give Cyber Patrol a head start.

If I were designing a rights management database I'd go in the direction of a "fingerprint" that is observed instead of applied and can't be changed without changing the content.  That would be better for the industry's interests than an ID number that any idiot can modify; mathematics is a stronger protection than the law.  But I'm not about to design such a system for them for free.  We who are doing academic research on this sort of thing are already working on ideas far more sophisticated than what the industry's actually using, but since they're doing their damnedest to have us as enemies, I expect that gap to grow before it shrinks.  (These two paragraphs are my latter-day musing; the robust hash material wasn't covered at the meeting.)

One representative from a techie company spoke to push for his company's technology, which is based on "metering".  The idea is a little like the blank media levy; instead of restricting copying, we all agree that okay, copying stuff is just okay.  But we also all pay a royalty on top of our ISP bills, and all copyright content is tagged with a very simple "this is copyright content with privileges held by so-and-so" tag.  We deploy network taps all over the place and count how many "this is copyright" tags go past the taps and figure out whose content is most popular.  Then the money goes to someone like CANCOPY, and they divide it up among the privilege holders.

I had the chance to chat with this fellow during one of the breaks earlier in the day, and I think his company is sincere, and their product is technically interesting.  But I just am not convinced that it could work.  It depends on everybody buying in and playing nice, and it's too vulnerable to things like VPNs which are, face it, really really easy to deploy.  Anything with the ability to transfer encrypted files would have to either cooperate or drop off the radar; it is true that the effect then would be to skew the distribution rather than relieve anyone from paying the levy, but any skew in the distribution makes it that much harder to sell the public on the idea that we should all have to pay.  I'm also worried about creating a global network-tapping infrastructure because there are certain other people who are very keen on the existence of such an infrastructure, and I don't want to make those people's task any easier.

Some people brought up DVD region coding in this session, and there was a bit of back-and-forth debate on whether it is or isn't legitimate.  You can imagine who thought what about that.  Non-electronic analogies were thrown around a lot.  Some people said that region coding consists of enforcement of a privilege that is not traditionally part of copyright, and should not be created now.  Others said that no no, it's perfectly traditional for publishers to geographically segment the market; consider for instance that they could publish a book in English and in Hungarian.  The response to that was that sure, they do that, but if you go to Hungary and buy the Hungarian book, it does not magically become unreadable if you bring it into Canada.  It's certainly true that publishers have always wanted and attempted to geographically segment the market; I think the interesting question is whether the law should enforce their ability to do that.  As I wrote in an earlier response submission, privilege holders "need[] to learn that the ability to restrict access, through the use of DRM technology, is not synonymous with the right to restrict access."

I made one speech during this session.  One of the earlier speakers had brought up what copyright law calls "moral rights", which basically mean the privileges to be identified as the author of a piece of work, to not have it tampered with, etc.  If you carve a statue, then other people aren't allowed to go around saying that someone else carved it; nor can they dress the statue in silly clothing or anything like that without your permission; and you retain those privileges even if all your other copyright privileges are transferred.  Moral rights cannot be transferred, although they can be waived.  Protection of RMI obviously connects to protection of moral rights.  Anyway, I started by saying that I'm all for moral rights, and I don't mind calling them "rights" (thus, of course, implicitly reiterating my claim about other copyright privileges not being rights) because moral rights derive directly from the right to freedom of expression.

I went on to make what I think was a tactical error.  Someone a little earlier had asked a question and the moderators asked whether it was intended for response or just as a rhetorical question, and they discouraged people from asking non-rhetorical questions because this was not intended as a party-to-party debate.  So, I asked a question and said that it was meant only rhetorically:  I said, supposing I go into the garage with an electric guitar and record a track, where exactly do I sign up for my 16-digit ISAVN? The way the business works it seems likely that in order to get one, I'd have to actually be a legitimate commercial act; which means that in practice they will be handed out easily to people like Celine Dion, who have people to deal with such things, and the little players like my hypothetical garage band will be left out.  At the very least, we'd have to pay to get registered, and that automatically puts a crimp in our ability to be non-commercial.

I also told the story of the MS Office GUID scandal.  Office puts an ID number in every document it creates, and as a result Office documents can be traced back to their authors.  That might ordinarily be thought of as a good thing because it could serve as RMI; but it could also be a problem for anyone who wanted to be anonymous.  For instance, there was a scandal in which a new piece of European legislation on software patents was released as a Word document, and it was discovered that the document had actually been written by a lawyer for a major corporation.  If my documents are going to have RMI on them, I want the ability to turn it off, because sometimes I don't want to claim my own copyright privileges even on the level of "moral rights".

After I finished speaking, despite my saying that I hadn't been looking for a direct answer to the garage-band question, the moderators went around the room looking for answers to it, and David Basskin had the chance to bluster a bit.  He said that he didn't know where this idea came from that his organization was out to get the little guys (gee, that is a mystery, isn't it?) and they were willing to deal with anybody with any amount of creative work on any scale, whether it was one track or a thousand tracks.  Don't worry, trust us, we'll take care of you.  I think the end result was that he got to sound like the sensible voice of reason, and I sounded like I was sour-grapesing the whole thing, just randomly being unwilling to work within the established order.  Maybe I should have kept my mouth shut in this session, because really, as long as they're separated from TPM protection, the RMI issues are just not important to me.  But maybe I deserved the response I got, and at the very least, having given the other side this point reduced any tendency I might have had to pull my punches in the next session, on ISP liability.

Internet service provider liability

The fourth session's topic was Internet service provider (ISP) liability.  I discussed this with Loris Mirella from Heritage during one of the breaks earlier in the day, and he suggested that there wasn't much percentage in an absolute position against any ISP liability at all, which I must admit is the position I'd instinctively take.  I think that ISPs should, as a general rule, just not be liable.  They should have to do something significant in order to put themselves in the way of liability.  I'd call that positive-option liability.  That's the position I took in my written submission.  Mr. Mirella told me that it was basically a non-starter; all other jurisdictions that have addressed these questions have negative-option liability, where ISPs are liable by default and obliged to do something to get out of being liable.  It's sort of mandated by the WIPO treaties, and it's pretty much inevitable here.  What's left to discuss is how much ISPs should be obliged to do.

That question was of course pretty divisive.  Privilege holders want ISPs to have a whole lot of obligations, so that they'll police the privilege holders' anti-"piracy" wishes.  ISPs don't want a lot of obligations because they'd be put out of business.  And consumers are afraid that if the ISPs have a lot of obligations to privilege holders, then the privilege holders will abuse those - as, for instance, the Church of Scientology has been doing.  A spurious "infringement" claim could easily be a convenient way to shut down critics.

One claim that was brought up was that it's always possible to track down who posted a document on the Web.  I'm sorry that there wasn't more rebuttal of that point.  It's true that as long as there's a customer/ISP relationship, we can trace that, so the bigger ISP can point the finger at the smaller ISP and the smaller ISP can point the finger at the user.  All IP addresses have owners who can be contacted.  But things like anonymous remailers make it impossible to always determine the actual source of a posting; at best, we can find someone who has the power to take it off the Web.  If the last person in the traceability chain has to take responsibility, that could make anonymity hard to find.  One person mentioned Zero Knowledge's anonymity product; I didn't point out, and should have or someone should have, that there are hundreds of other similar anonymous-posting techniques available.  Anonymous posting is not going away.

Although this discussion took a long time, there weren't that many distinct points brought up.  The privilege-holder groups insisted that they needed as much ISP liability as possible, and everyone else insisted that there should be as little as possible.  David Basskin made a speech that rather worried me about "deep linking".  He used the term in a non-standard way.  I have always taken "deep linking" to mean linking to a page that isn't the front page of a site; that's a practice that may annoy the site owner.  For instance, there was a famous case where someone was posting links to individual pages on the Ticketmaster Web site.  Ticketmaster objected, and successfully sued, claiming that although they were publishing these pages to all the world, they should be allowed to force people to only link to the top page of the site instead of to individual pages.  I think that's a travesty, although the Ticketmaster case in particular isn't so very bad because the "deep linking" thing was not the main issue in the case, and the defendants were doing a lot of things that were dishonest.  It's not clear that that case sets any precedent of people being able to control who can link to them.

Anyway, that is not how Mr. Basskin defined "deep linking".  He described it, instead, as a situation where you go to a Web page here in Canada, and it's a list of links to individual MP3 files on Web sites elsewhere, so you can click on a link and (much indignation here) the file is immediately downloaded to your hard disk! His position was that in that case, the user who posted the page of links, and the ISP hosting the page, should be liable for copyright infringement, even though the actual files were hosted by an unrelated third party.  So his gripe with his definition of "deep linking" is that linking should count as distribution.

I was surprised that we didn't hear more response to that speech, so I was sure to mention it when my turn came up.  I started by saying (and this is true) that I had addressed the ISP liability issues in considerable detail in my written submission, and since we were starting to run out of time, I'd avoid repeating myself here.  I said I did want to flag the entire question of linking, because I thought it was important and hadn't been addressed much yet.  My Web site contains hundreds of links to other sites.  There's no reasonable way I can be held responsible for the content of all those sites, which are all being changed all the time.  If one of those sites happens to put up an infringing file, it's incredible that it should be my fault, let alone my ISP's.  What if I link to a site that is not illegal but which links to another site that is illegal?  How many steps does the liability transfer through?

For my last comment of the day I brought out what I thought of as the heavy artillery:  Bill C-15A. Clause 7 of that bill is the new child pornography law, which (I believed at the time, and said in the meeting) was waiting for third reading in the Senate, with only that and Royal assent needed before it becomes law.  I found out the day after the meeting that actually, the bill passed third reading on the 19th and so was even one step closer to being law.  Anyway, C-15A addresses exactly the same kind of ISP liability issues we're talking about for copyright infringement, and it creates what's being called a "notice and notice" regime.  If there is child pornography on a Web site, the police have to go to a judge and get a court order, and the operator of the site can have a chance to show cause for leaving the site up, and that all has to happen before the content can be forced to be removed.  Privilege holders are claiming that that kind of regime is not good enough for copyright infringement; they demand the ability to have things taken down without a court order, just on the strength of a "verified complaint", DMCA style.  So in other words, they are claiming that copyright infringement is worse than child pornography.

I didn't get quite as big a gasp from that as I'd hoped for, and nobody else mentioned it in the following speeches, but I'm pretty sure it did have an effect.  I think the C-15A argument should be a show-stopper on the ISP liability question; it should be unthinkable for us to implement a stricter regime against copyright infringement than against child pornography.  But unfortunately, my idea of what's unthinkable doesn't automatically count for anything.

David Basskin spoke after I did and responded to my point about linking.  He tried to draw a distinction between "deep linking" and the kinds of links on my Web site, based on the idea that the "deep links" are direct.  (I wonder if he's actually read my Web site?  His staff sure will now, anyway.) Apparently, he wants more liability to accrue if the links cause the viewer's browser to automatically download a file without further intervention.  That seems to me to be a very dangerous criterion to use, because it's entirely a function of how the viewer's browser works, and not under the control of the person doing the linking.  I'd rather see, if we must have a liability for linking at all, some kind of intent criterion; but I think any linking liability is both unnecessary and extremely harmful.

Extra session

After the four sessions with set topics, there was one additional "catch-all" session.  Academics would call it a "rump session", although that term might have unfortunate connotations for anyone else.  This was the chance for each group to bring up its own pet peeves again, and also for last-minute attempts to slip in additional subjects.

One interesting speech was made by one of the photographers' representatives.  He said that existing law makes an inappropriate distinction between "photographs" and other "images"; copyright applies in different ways to the two.  He held up some samples, illustrating the spectrum and the difficulty of drawing a firm line:  a conventional film photograph, a photograph taken with a digital camera, a direct scan made by putting an object in a computer scanner, a piece of art created by heavily editing scanned photos, a piece of art created completely from scratch, and so on.  It was very much like some of the things people in our camp have been cooking up to test the boundaries of the DMCA "circumvention devices" prohibition.

The writers' group made a carefully scripted series of speeches in which they brought up a whole lot of worrying things.  First and worst, they demanded that we implement the Sonny Bono Copyright Term Extension Act (life+70) here in Canada, claiming it as a treaty requirement.  (I'm pretty sure it isn't, and even if it were...) I was really sorry that we never heard any significant rebuttal to this point; it's a really worrying idea.  Several of the other privilege holder groups spoke in favour of this, and there was little opposition presented.

Another thing one of the writers said was that aboriginal groups should have privileges over "traditional knowledge".  That's a nice liberal-sounding idea, but could have horrifying consequences.  I remember using an old Czech folk tale for a chapter I wrote; would I have to go get permission from, and send a cheque to, some group in Eastern Europe just because their ancestors were telling that story generations ago?  It happens that I'm of half Czech ancestry myself; does that make it all right after all?  To suggest that what I'm allowed to write about depends on where my ancestors came from, is fundamentally racist.

The writers did say one thing I strongly agreed with, which was that they didn't like the current trend for publishers to demand "all-rights" contracts, where the authors are forced to hand over all the copyright privileges including any yet-to-be-defined future digital privileges.  That's something we've been fighting about in academia for years.

The database copyright issue was brought up again; the TV producer raised a question about the process, saying that it might not be ideal to have both Industry and Heritage in charge of this because they could end up on opposite sides; Fergal Warde pointed out that we're not the U.S.A. and shouldn't necessarily follow them; and Graydon Hoare said flatly that if RMI is mandatory, it screws his company's business model.  No way they could keep track of, and attach, all the right tags for a product like the Linux kernel with hundreds of authors who all have valid copyright claims.  The last item in my notes is some discussion of burglary tools as an analogy for circumvention devices (both sides of that debate) and whether it should make a difference whether circumvention is the only use, a major use, or just an incidental use of a device, the "intent" question for the creators, possessors, and users of such devices, and so on.

Strategy notes

Here are just some random thoughts on what we (meaning me and anyone who agrees with me) should do to further our cause.

I think we should court the photographers as allies.  Their interests don't intersect with ours much, but we are substantially opposing the same people, and that makes us on the same side by default.  I had a good conversation with one of their delegates during one of the breaks; he seemed clueful and sympathetic, and I think it would be a Good Thing if the photographers and techies supported each other.

My priorities are pretty much discussed in the above comments.  I see the "technological protection measures" and "ISP liability" headings as the most important ones.  Rights management information is worrying, but mostly because of its connection to TPMs, and at least in Toronto, IC/HC seemed to be trimming that heading down to only the parts that don't worry me much.  The making available right, even with my revised idea of what it's all about, just doesn't engage my interest much.  Some of the "extra" topics that were brought up in Toronto are important, most notably the life+70 issue.  There are also other "extra" topics we could bring up; shrink-wrap license would be my favourite.

On TPMs, I think the "DMCA will drive away innovation; lack of DMCA will attract innovation" argument is one of our strongest.  My frame of reference is all based on freedom of expression and thought.  My biggest personal objection to TPM protection is quasi-religious, in that I believe in the human power of creation as a divine gift that should not be limited just because I might create something that can defeat TPMs.  I don't expect to be able to convince anyone with that argument; the cold hard dollars they will lose if I decide to take my skills elsewhere, count for a lot more.

The fundamental impossibility of building working TPMs is possibly a strong point too, although the problem there is that our opponents will try to say that because TPMs are so easy to defeat, that's exactly why they need legal protection.  The point that TPMs are impossible could be amplified a lot more; I had the impression that it was ignored after I brought it up.  Sean from Coldstream endorsed all my remarks from that speech in a blanket sort of way, and some others on our side made vague references to token measures, but the general discussion seemed to maintain the assumption that it's basically possible for strong TPMs to exist.

On ISP liability, I think the C-15A child pornography argument, notwithstanding that I've heard some people express disdain for anyone who uses such an emotionally charged argument ("How could they stoop so low as to mention this?") is a strong one.  Distributors of child pornography get a chance to be heard in court before their sites can be removed; surely a suspected copyright infringer deserves all the rights of a child pornographer at the very least.  It would be kinda cool if a lot of people all said, "Hey, how dare you claim that copyright infringement is worse than child pornography?" in their speeches; we shouldn't let anyone forget the absurdity of the other side's position on this.  As I said, this argument ought to be a show-stopper.

I would also like to hear a lot more about liability for linking, because (especially after hearing Mr. Basskin's speech against "deep linking"), I think that's an issue that is going to make us quite unhappy if it isn't addressed; and up to this point I think it's been mostly ignored by our side.  I don't know if Mr. Mirella is right that the idea of positive-option liability is a dead issue, but we should be prepared for the possibility that he may be right, and ready to fight for no further compromise.  If the linking issue could be sorted out I wouldn't be too horrified by a "notice and notice" negative-option regime modelled on C-15A for copyright infringement; but that is absolutely the biggest compromise I think we can accept, and I'll be arguing for positive-option all the way down.

I would suggest digging up some material from Eldred v.  Ashcroft and Golan v.  Ashcroft, the U.S. copyright term extension cases.  I don't think term extension is really on the table right now, but if they're going to bring it up, we had better be ready for it.  The traditional knowledge thing caught me by surprise; I don't know that there's much danger of it being implemented in the current round of amendments, but the possibility does frighten me.

Bring business cards.  If you don't have cards already, go spend a few dollars on those inkjet or laser microperforated cards and run them off on your printer.  I used Corel Wordperfect for Linux (which is available free, although I have the pay version) to design mine; it has a built-in template for the Avery cards I got from my local office supply story.  Design your card with care to express what kind of role you want to fill; mine says I do "Mathematics/Computer stuff/Tarot" and has my GnuPG key fingerprint on it.  Hand them out zealously.

Pay attention to the clothing you wear and all other aspects of your image; think of what kind of person you want people to think you are, and then in all ways, be that person.  I see attending one of these meetings as almost like acting in a play:  you're creating a character and trying to have an effect on an audience.  I wore a nice white button-down shirt and a tie with black jeans:  a serious student, dressed up more than he would be for class, but secure enough not to go to any extreme.  I carried my heavy, scary-looking aluminum briefcase, and kept a deck of Tarot cards on the table in front of me.  Every so often I'd draw a card and look at it intelligently, so impressionable viewers could frighten themselves with the idea that I might have the power to read their minds.  I'm not necessarily recommending that particular gimmick to others; my point is that you should do whatever it takes to project power and competence in your own way.

Make sure you get a good night's sleep and a good breakfast before any meeting you attend.  I didn't, and should have.  I got up at 0330 on Tuesday, and all morning I was mostly running on adrenaline and caffeine.  I couldn't sit still in my chair, and I know it had a negative effect on my performance.  The other side is sleeping and eating right; we should too.

After any meeting you attend, write a report and let me know where it is so I can link it from my page of links.

Other notes

This final section is for some comments that are not directly relevant to the subject matter of the meeting.  I have to find some excuse to use the word "pigfuckers", just to contribute to general Edification and bearing in mind that freedom of expression is one of my fundamental motivating values.  I also have a few personal-type comments.

I started getting ready for the meeting several days before - setting my alarm earlier each morning so I could be up at 0330 on the day of.  I figured to catch the Greyhound bus from Kitchener to Toronto at 0535; I calculated to arrive at the terminal about a half hour early (0500), as recommended on the Greyhound Web site, one hour for walking time from my home to the bus terminal (0400), and half an hour to get up, fed, and dressed (0330).

It turned out that the walk was only a half hour instead of an hour, and that the bus terminal didn't open until 0530, notwithstanding the first bus being just five minutes after that.  Greyhound doesn't sell advance tickets other than larger-scale "passes", at least not on that route, but it turned out and I guess they already knew that at 0530 there are so few passengers it's no problem for everyone to get a ticket before the bus leaves.  So anyway, I ended up stranded on the streets of downtown Kitchener.  There are more "happening" places one can be than the streets of downtown Kitchener at 0430 on a Tuesday.  I walked unsuccessfully looking for a place I could get some better breakfast than the toast and jam I'd scarfed at home, then eventually went back to the terminal and waited until they opened.

The "Haitai" brand (not "hentai"!) ginseng-flavoured chewing gum my mother gave me turned out to be pretty good stuff.  Maybe I should write those people a testimonial.  I didn't have a chance to test it for aphrodisiac properties, though.

I brought my camera in case there were good photo opportunities, but honestly, I was so twitchy all morning that I couldn't trust myself to take any non-blurry photos, and there weren't really any good opportunities anyway.  I was too busy listening, taking notes, networking, and making my own remarks.  I brought my Edifying Fellowship hat (the tall cone-shaped purple velvet one with stars and planets on it in gold) and I had scripted a little routine for using it if an appropriate moment came:  I could say that although I was a member of many organizations, for most of my remarks I wasn't representing anyone but myself.  However, for the next few moments, I'd like to put on my Edifying Fellowship hat and speak for them...  and then of course, I'd whip out the hat and put it on, to the laughter and admiration of all.  But no moments occurred where I felt that was the right thing to do, so I didn't do it.

Although I did register, I was not on the list of registrants.  I think I may have actually registered too early; I sent my form in on the afternoon of the 3rd, before the official announcement was even posted on the Government Web site, because someone sent me a batch of Wordperfect documents that morning.

I don't know whether I will attend the Ottawa meeting.  My original intent was to attend both Toronto and Ottawa if they'd let me, and although I haven't heard any comment either way, it sure looks like I'd be welcome to show up in Ottawa.  I certainly want to do whatever I can to help.  But the Ottawa meeting comes at a bad time for me with respect to school, I found the Toronto meeting to be incredibly draining on my personal energy despite its obvious value, and I'm thinking I might just skip it.  Industry and Heritage certainly know who I am and how to contact me.  I think the Ottawa meeting will be the one most likely to get dirty; on the one hand that may be a reason to go, because I think I'm good at this, but on the other hand, it may be a reason to stay away and let someone else take the heat.  I'm going to Ottawa this Summer anyway for OLS (or as much of OLS as I can fit into my school schedule), so anyone in Ottawa who wants to meet me can do that then.

Les, before you ask:  yes, I'll write you an article eventually, but I probably won't do so until after I decide about whether to go to Ottawa, and if I decide to go, I'll wait until after that meeting.

Hail Pele, fire of creation.


This page has been released to the public domain by its author, Matthew Skala
Updates to this entire site: [RSS syndication file]
Updates to this category (copyright) only: [RSS syndication file]
Site search: