Tuesday, July 27, 2010

Court: breaking DRM for a "fair use" is legal

By Matthew Lasar | Tuesday, July 27, 2010 | Ars Technica

A federal appeals court has just ruled that breaking through a digital security system to access software doesn't trigger the "anti-circumvention" provisions of the Digital Millennium Copyright Act. Any other interpretation of the DMCA, declared the United States Court of Appeals for the Fifth Circuit, would permit infringement liability for tapping into a work simply to "view it or to use it within the purview of 'fair use' permitted under the Copyright Act."

The ruling is already being hailed as another victory for fair use, following Monday's Library of Congress decision giving wide approval to iPhone jailbreaking and DVD CSS circumvention on similar grounds.

Dongle this

MGE UPS Inc. manufactures power backup devices for various medical systems and other devices. Company technicians use software to calibrate these systems automatically, but the code searches for an external security "dongle" attached to the laptop. No dongle with updated hardware key, no software launch.

Hackers, however, figured out how to bypass this dongle system. Then, an employee of PMI, which subcontracted to MGE to run the software, obtained the MGE software "from an unknown source," as the court put it.

When MGE learned about this circumvention, it sued PMI, which had been bought out by General Electric in 2001. MGE charged PMI with copyright infringement, misappropriation of trade secrets, unfair competition, conversion, and DMCA violations. A district court jury awarded MGE $4,624,000 in various damages, but the judge dismissed the DMCA claim. MGE took the case to the Fifth Circuit Court of Appeals.

Where's the infringement?

But this court's reading of the DMCA found MGE's appeal to be "too broad," noting Section 1201(a) of the US Code.

"No person shall circumvent a technological measure that effectively controls access to a work protected under this title," the law says (we added the italics). The "under this title" refers to Title 17—the entirety of US copyright law.

In other words, just circumventing the technology isn't enough to get into trouble with the DMCA. The circumvention must lead to some violation of copyright.

"MGE advocates too broad a definition of 'access'," the Fifth Circuit explained. "Their interpretation would permit liability under § 1201(a) for accessing a work simply to view it or to use it within the purview of 'fair use' permitted under the Copyright Act. Merely bypassing a technological protection that restricts a user from viewing or using a work is insufficient to trigger the DMCA's anti-circumvention provision. The DMCA prohibits only forms of access that would violate or impinge on the protections that the Copyright Act otherwise affords copyright owners."

Besides, the court added, even if the dongle were in use, it would not prevent infringement—as in a legit user copying the code and distributing it in illegal ways—since there was no encryption present. And besides, MGE never presented evidence that PMI actually circumvented the software, simply that it used already-hacked code.

"Because the DMCA does not apply to mere use of a copyrighted work, and because MGE has not shown that GE/PMI circumvented MGE's software protections in violation of the DMCA," the district court "did not err" in dismissing MGE's DMCA claim, the Fifth Circuit concluded.

StealDVD

So the bottom line here appears to be that if a consumer breaks through the DRM on some software, what they do after that is the crucial determinant of whether they've run afoul of the DMCA.

At least one observer is already suggesting that this ruling potentially re-legalizes software like RealDVD. That software transferred DVD content to your hard drive for playback, complete with CSS encryption. But even this was too much for the Motion Picture Association of America, which renamed the product "StealDVD" and took the product's owner RealNetworks to court.

Last August the US District Court for Northern California sided with MPAA in the form of a temporary injunction against RealNetworks.

As for fair use, it "is not a defense to trafficking in products used to circumvent effective technological measures that prevent unauthorized access to, or unauthorized copying of, a copyrighted work," judge Marylin Patel wrote. "[F]air use can never be an affirmative defense to the act of gaining unauthorized access." Eventually RealNetworks gave up on an appeal of the injunction, settled with the MPAA, and reigned in the product.

Now, however, we have a very different interpretation of the matter. We contacted MGE to find out whether they'll appeal this ruling to the Supreme Court, but did not receive a reply as we went to press.

No comments:

Post a Comment