Before the summer of 2003, there appeared to be little chance that
the five major record companies and their trade group, the Recording
Industry Association of America ("RIAA"), would sue any more
than the most egregious copyright infringers among the millions of file
sharers in the United States and abroad. A campaign of mass litigation
would be an unfeasible undertaking. For one, there were countless
infringers. Furthermore, it was, and still is, impossible to know
exactly which file sharer performed the act of downloading, as only the
IP address is obtainable and identifiable. Moreover, the record
companies would not want to alienate a nation of music lovers, the same
people who, presumably, continue to legitimately purchase albums in
stores.
Thus, it appeared that the record companies would resort solely to
technological means to stop widespread file sharing and copyright
infringement, evidenced by Congress's attempts to legislate these
copyright-protective self-help tactics. Of course, things have changed.
The initial premise, that the record companies would not and could not
sue, is wrong.
How successful is this current campaign? According to
Nielsen//NetRatings, the number of users of KaZaA, the current standard
for file sharing, is down forty-one percent since the lawsuits began.
(1) This equates to 2.6 million users abandoning the software within a
two-month period. (2) There are of course still 3.9 million undeterred
file sharers in the KaZaA networks, with many millions more using other
file sharing software programs. Moreover, a recent study by the Gallup
Poll organization found that eighty-three percent of American teenagers
found free file sharing to be morally acceptable. (3) Of the 261 users
sued on September 8, 2003 by the RIAA, only fifty-two had settled by
October 1, 2003. (4) When and if the remaining suits go to trial, the
RIAA will need to win every case to ensure an exaggerated deterrent
effect of suing only .004 percent of all U.S. infringers. If the suits
fail, file sharing traffic will resume to normal astronomical levels,
and copyright owners will resort to technological methods of protection.
As long as there are technological ways of obtaining free music,
there must be technological means of combating infringement. Thus, the
suits of September 2003 are likely to be only a time-saving device for
the record companies to develop effective anti-infringement technology
and for Congress to craft law that allows for copyright justice inside
the networks and outside of the courts.
ABSTRACT
Copyright owners have begun to develop and utilize technologies to
prevent the infringement that has occurred in peer-to-peer file transfer
networks. The legislature and courts, largely ineffective in their
efforts to stop the widespread copy and transfer, have been vocal about
the owners' self-help campaign. There are a number of bills in
Congress that would allow anything from decoy MP3 swarming, to albums
that crash computers, to permission for a regulatory body to enter the
hard drives of personal computers and delete questionable files. Other
bills, however, are attempting to outline a new, digital consumer's
bill of rights. Traditionally, there has been little support for
self-help in the American legal paradigm. These new technologies are
forcing a re-evaluation of self-help, and seem to propose that
technological problems require technological solutions. This note argues
that legislative allowances for self-help copyright protection must
reflect a balance between the obligation to end rampant piracy and
jurisprudence that makes the process of law the foundation of societal
harmony. Bills of rights are too weakly written, fair notice is but a
beginning to the protections deserved by fair users, and free license to
copyright owners would cultivate a brutally crippling digital war that
our legal system would be unable to contain.
PREFACE
The Apple iPod is a portable hard drive, initially available in
five, ten, and twenty-gigabyte storage capacities. It is about the size
of a wallet. It is like a walkman, in that it includes a single program
(5) that plays MP3 music files. (6) Five gigabytes can store anywhere
between 1000 and 1500 songs, so the twenty gigabyte iPod owner would be
able to listen to music for about two and a half weeks straight without
hearing the same song twice. Out of the box, there is a protective
sticker on the iPod screen that reads, "Don't steal
music."
This warning is not intended to be sarcastic, because there is a
completely legitimate, non-copyright-infringing manner in which one can
use the iPod. One simply needs two and a half weeks worth of
store-purchased albums (7) and the patience to convert all the songs to
MP3 format. It is entirely possible that an iPod owner would do this. It
is not likely, however, considering how easy it is to steal music today.
How easy is it? The process is quite simple. Starting with a
personal computer ("PC"), an Internet connection, and a single
store-bought compact disc ("CD"), the user uploads music to
her hard drive. With MP3 encoding software, (8) which ships with most
operating systems, she compresses a song from the CD to about one-tenth
of its original size. (9) However, the sound quality is not nearly
divided to such a degree. This is because MP3 encoding involves a
process by which certain sound frequencies, inaudible to the human ear,
are extracted, reducing the file size. (10) Psychoacoustically, the
listener hears little to no difference. (11) Moreover, the drastic file
size reduction frees up space on the hard drive and makes Internet
transfer ten times faster. Enter the Napsters (12) and Gnutellas, (13)
which are peer-to-peer ("P2P") file transfer systems that
allow one user to copy an MP3 file from another user's hard drive,
and free music is suddenly everywhere.
Napster was ultimately enjoined from continuing business. (14)
However, Napster was a legally vulnerable company, with a centralized
mainframe that controlled the transfers. (15) Thus, a court could shut
it down. (16) However, the new Gnutella technology appears immune from
similar legal action. (17) Gnutella is as effective as Napster was in
allowing for file searches and transfers, but it is not a company, and
has no centralized mainframe to estop. (18) Gnutella is a piece of
software that, once widely disseminated, allows users to connect with
one another through freely formed, agile, largely impregnable networks.
(19) Moreover, Gnutella was written in open-source code, which enables
any software author to copy it, improve it, and create new versions.
(20) Most, if not all of these clones can interact with one another.
(21) The result is a world wide web of free music seekers operating
independently in localized cells.
Copyright owners are livid, and the current means of legal recourse
are sluggish and ineffective. Simply put, the law is slower than the
technology, and smaller than its users. In turn, copyright owners have
begun to develop their own technology to battle infringement, and the
law may be applauding these efforts.
Consequently, this note will examine the new copyright protection
technologies, their varying degrees of effectiveness in preventing or
punishing infringement, and the legislative reaction to copyright owners
employing certain aggressive technologies. Seeking a balance between the
impetus to protect copyrighted works from infringement and the societal
need to prohibit digital vigilantism, this note will conclude with a
proposal for an administrative body that properly and fairly weighs both
interests.
I. SELF-HELP COPYRIGHT PROTECTION TECHNOLOGIES
To date, any single self-help, anti-infringement technology can
have one of three possible points of attack, each target being one step
in the process of illicit copying and file transfer. (22) The three
infringement subprocesses that the technologies seek to foil are 1) the
uploading of store-bought CD songs onto a PC, (23) 2) the encoding of
these songs into the MP3 file format, (24) and 3) the transfer of MP3
files between PCs via P2P networks. (25) Frustrating any one of these
subprocesses would defeat illicit copy and transfer nearly in entirety.
A. Compact Disc Technology
Currently, the most widely used self-help copyright protection has
come in the form of a specially protected CD. (26) There are a number of
companies developing disc-embedded protection mechanisms, resulting in a
wide variety of effectiveness and collateral difficulty. Generally,
these protected discs will either not play in a PC, (27) prevent
attempts to upload onto a PC, or in some cases, will even crash a PC.
(28) There is little doubt that the albums that have been released with
internal copyright protection technology have been prone to illicit
copying, however. (29) Moreover, one particular album resulted in a suit
against the releasing record company. (30) The litigation eventually
settled, with the plaintiff getting nearly everything she requested.
(31) The high degree of controversy surrounding disc-embedded protection
may be attributed to its potential for wreaking havoc against fair
users. (32) A major problem with this particular technology is its
tendency to damage the PCs of listeners who never encode or download
illicit copies of songs, and, most importantly, have purchased the music
fairly. (33) Critics contend that disc-embedded protection is overbroad
and severe in its method of copyright protection. (34)
1. SunnComm and Charley Pride
Charley Pride's "A Tribute to Jim Reeves" CD was
released with MediaCloQ, (35) a disc-embedded copyright protection
developed by SunnComm. When the CD was inserted into a PC's CD-ROM
drive, it failed to play. Instead, a window appeared, directing the user
to register the album online and download replacement files in an
encrypted format. (36) This was problematic for three reasons. One,
there was no indication of this requirement on the external packaging of
the CD. (37) Two, a user who had no Internet connection would not be
able to listen to the album on her PC. (38) Three, the registration site
required that the user produce personal information to receive the
encrypted replacement files. (39)
One purchaser, Karen DeLise, sued the releasing record company,
Farenheit Entertainment, and its label, Music City Records. (40) The
action alleged breach of California consumer protection law, false
advertising, and invasion of privacy. (41) The suit settled, and thus
did not set legal precedent. The settlement agreement, (42) however,
signaled that this particular mode of copyright protection is bounded by
contract and tort law. The settlement included, among other provisions,
that 1) the external packaging would display clear warnings, (43) 2) no
personal information would be required, (44) 3) the user could download
any song up to six times, (45) 4) second-hand purchasers would be
allowed to download, (46) and 5) the company would refund or replace the
CDs of any purchasers who are unable to download the encrypted versions
via the Internet. (47) These complications rendered the MediaCloQ type
of copyright protection inefficient and ineffective.
2. Macrovision's SafeAudio
Regular CD players, like car stereos and boom boxes, have
error-correction mechanisms, so that minor scratches on a CD will not
render the disc useless. (48) Audio frequencies affected by the
scratches are fabricated by the error-correction, which restores the
sonic quality to normal. (49) A PC's CD-ROM drive, however, must
read non-audio CDs, such as software installation CDs. Thus, the
error-correction mechanism in a CD-ROM drive is different from those
found in regular CD players in that it leaves the task of
audio-corrective frequency fabrication to the audio-playing software
application. (50) Capitalizing on this disparity between CD-ROM's
and regular CD players, Macrovision developed SafeAudio, (51) which
corrupts distinct blocks of audio on the CD. (52) It is, in effect,
intentional scratching. A regular CD player can handle the corruption,
but a CD-ROM either rejects the CD altogether, or plays the songs with
grating pops, hisses, and skips. (53)
Once again, this technology disrupts the good faith user who wants
to listen to her store-purchased music on her PC. More importantly, a CD
created with intentional corruption will have lower sound quality,
fidelity, and reliability over time. (54) Thus, a purchaser who does not
even own a computer will inevitably have to repurchase the album.
3. Midbar Cactus Data Shield
Another disc-embedded protection is an evolved version of the
SafeAudio style. Midbar's (55) Cactus Data Shield, or CDS, (56)
also exploits the difference in error-correction circuitry between
regular CD players and CD-ROM drives. (57) Unlike SafeAudio's
simplistic audio corruption, however, the Cactus Data Shield will
"embed[] annoying pops and jumps in audio content," "hide
the CD-Audio tracks on a PC," "or use other CD format changing
methods that prevent CD-burning software from working." (58) One
method of CDS protection is a highly compressed audio data block
attached at the end of the CD. (59) This data block is a poor-sounding
version of the entire album, and a program embedded in the disc
overrides the PC audio software, forcing the user to listen to the
highly compressed audio. (60) This added data can produce an array of
odd results, such as the inability to play on a Macintosh, or the
inability to play the first song of the album. (61)
The Cactus Data Shield has not arrived in the U.S., but has been
reportedly released on millions of albums in Europe. (62) It is utilized
by four of the five major record labels. (63)
The Cactus Data Shield may hold the greatest potential for
development. It appears that the embedded data could, if designed in
such a way, be completely harmless to the fair user. For example, the
code could allow the user to listen to the CD on her PC at the highest
quality, but refuse to permit her to encode the songs in high-quality
MP3 format. This would tread lightly on the good faith user's
rights. The best copyright-protective code, it seems, would allow the
user to encode the songs in MP3 format, so that she could listen to them
on her iPod, but contain some type of signal that would corrupt the
audio file if transferred from one PC to another.
4. General Problems with Disc-embedded Protection
CDs encoded with copyright protection pose three problems for fair
users and three problems for copyright owners. For the fair user, there
has been 1) a lack of notice on the packaging, (64) 2) reduced audio
quality, sonic fidelity, and disc construction, (65) and 3) the
potential for severe PC damage. (66) Clearly, record labels must begin
to place some kind of warning on the packaging of these CDs. The Charley
Pride settlement indicates that a failure to do so may constitute false
advertising. (67) While warning labels may imperil sales, once
disc-embedded protection becomes standard practice, these sales would
likely return to normal.
While it would seem that the problem of audio quality loss would
have to succumb to a fair compromise in the digital copyright dilemma,
there is an extenuating development that would render this difficulty
moot. Audio CDs, since their inception, have stored digital music in
sixteen bits and 44,100 samples. (68) These numbers determine the
capacity for sonic quality of the music. Very soon, however, the
standard CD will be released in twenty-four bits and 48,000 or 96,000
samples, reflecting the evolving capabilities of digitally recorded
music. (69) For music lovers, this boost should make up for the data
lost to copyright-protective control blocks.
The potential for severe PC damage depends on the evolution of the
Cactus Data Shield. (70) There is little question that the technology
can be devised so that it is harmless to a PC. However, it is also
fairly certain that a particularly draconian type could enter viral code
in its control blocks, ruining a PC as viruses have done for years. This
particular problem is one that requires great attention from the legal
community. If the legislature gives license to copyright owners to do
whatever is necessary to prevent infringement, an overzealous
application might give rise to tort to chattel actions.
Another development that threatens the viability of disc-embedded
copyright protection is the noticeably partisan voting in Congress. (71)
Republicans have won a number of recent battles, favoring a laissez
faire approach, over Democrats who seek to make disc-embedded protection
a legal requirement for the industry. (72) There are two mutually
exclusive bills on the floor that may determine the fate of CD copyright
protection technology. (73) One bill would require that all CDs have
embedded protection. (74) The other would make covert embedded
protection illegal. (75) It is a remarkably conflicting political divide
for a relatively new, comparatively apolitical issue. The second part of
this note fully addresses these bills.
For copyright owners, the three problems with CD protection
technology are 1) the definition of a CD, (76) 2) the statutory
terminology of Fair Use and subsequent amendments, (77) and 3) magic
markers. (78) A CD embedded with copyright protection is not technically
a CD, and cannot be sold as one. (79) For example, Celine Dion's
"A New Day Has Come" was not scored with the distinct
"Compact Disc" certification mark. (80) However, this
difficulty is largely semantic. As copyright-protected albums become
more common, the standard should change, so that these discs will
receive the certification and its mark.
The treacherous terrain of Fair Use, however, is not so easily
escaped. Title seventeen of the United States Code, section 107, allows
for a purchaser of copyrighted material to make a limited number of
copies for personal use. (81) This is a critical matter, and will be
discussed in greater detail later. For now, it is important to note that
the problem of digitally infringed music is so great that section 107
needs to be amended.
Finally, there is the magic marker problem. Apparently, some clever
folks have been successful in covering up the data blocks with ink,
thereby overriding the copyright protection. (82) CDs that were
encrypted to fail in PCs have been widely copied and transferred over
P2P networks. (83) Magic markers are not quite the height of technology.
Thus, if the premier copyright protection technologies can be beaten by
a Sharpie[TM], one might wonder if software authors empathetic to the
infringement cause might already be a few steps ahead. (84) Authors of
bills in Congress have already foreseen a technology war. (85) This arms
race, so to speak, is fundamental to the impetus to create a solution
that balances the interests of both copyright owners and the general
public. (86)
B. MP3 Technology
The MP3 is arguably one of the most remarkable achievements of the
Digital Age. By itself, it is relatively unimportant; it is more or less
just a smaller file format. Give it room to move, say, on an Information
Superhighway, and it becomes the most radically controversial file
format in history.
For the most part, the MP3 is immune from self-help copyright
protection technologies. (87) This is so for a number of reasons. One
such reason is that MP3s are produced by PC users, and the abundance of
encoding software has resulted in an abundance of home-spun MP3s. (88)
Another reason is that the MP3 file format is simply a lump of raw data.
(89) The data-only file format, such as GIF for digital images (90) or
DOC for word processor files, (91) cannot execute code or issue commands
outside of the program that reads the data. (92) In other words, it
cannot do anything. An email can bear a virus because it is not simple
raw data; it may contain an attachment of executable code that devours a
PC. (93) MP3s themselves, containing no such codes, are incapable of
protecting copyright. The data-only aspect of the MP3 file format,
however, does give protection technology developers some room to work
with. MP3 watermarking has been created so that illicit MP3s can be
recognized by P2P networks and MP3-playing software. (94)
1. Secure Digital Music Initiative
A watermark, for the purposes of MP3, is a song-specific numerical
encryption within the data of an audio file. (95) It is the most
advanced technological achievement of the Secure Digital Music
Initiative ("SDMI"), an ambitious consortium of recording
industry leaders, digital technology developers, and Internet service
providers, created in 1998. (96) The watermark was designed so that
transfer channels, such as P2P networks, and MP3-playing programs, could
identify copyrighted songs. (97) Once the watermarking device is
incorporated into the programs, encoding CD songs into MP3 format, the
transfer channels and MP3 players would refuse illicit copies. (98) SDMI
intended to revamp the system so that all players, encoders, and
transfer systems would comply with the watermarking standard by
incorporating SDMI's technology. (99)
It seemed like an excellent self-help strategy, with little to no
impact on the fair user of digital music. Unfortunately, SDMI's
confidence was premature. By way of a $10,000 bet, the group challenged
that no one could "'remove the watermark or defeat the other
technology on our proposed copyright protection system.'"
(100) In the end, SDMI lost the $10,000 and their high hopes for
watermarking. (101) Adding insult to injury, the cryptologist who broke
the code filed suit against SDMI. (102) Ed Felten, (103) an Associate
Professor at Princeton University, brought an action in a New Jersey
federal court so that he could publish the results of his research at an
academic security symposium. (104) SDMI, the RIAA, and Attorney General
John Ashcroft were named as defendants. (105) The suit was the first
challenge to the Digital Millennium Copyright Act of 1998's
("DMCA") criminal provisions, such as a fine of up to $500,000
and up to five years in prison, that the SDMI had promised Felten if he
were to disclose his findings. (106) Felten's challenge to the
criminal provisions was dismissed, but he chose not to appeal the
dismissal, "[c]iting assurances from the government, the recording
industry, and a federal court that the threats against his research team
were ill-conceived and will not be repeated." (107)
2. Speculative and Nascent MP3 Technologies
a. The Viral MP3
Currently, it is impossible to create a viral MP3. (108) The
"Bloat" hoax, among others, reveal the darkest fears of the
free file-transfer community. (109) The Bloat warning came in the form
of a mass email from the Internet Western Associates company: Bloat was
supposedly an executable string that attached itself to all files with
an .mp3 extension, and would fill up the user's hard drive with
nonsensical data once the song was played. (110) It would terminally
affect all MP3 files and players. (111)
Another hoax, entitled MusicPanel, warned that the secret virus
would ruin computers that had obtained any of the 500 most popular songs
through Napster or Gnutella. (112) This message was placed in Internet
newsgroups and identified disgruntled musicians as the creators of the
virus. (113) The virus was supposed t