The Internet. It’s a simple concept — connect computing machines to each other with copper, radio waves, microwaves, fibre optics, lasers, and satellites; give them a method of discovering each other and exchanging information and just look at what happens.
If your works can be either created or transformed into digital objects, the Internet lowers the distribution cost effectively to zero. Why? Because the architecture allows for one copy to be replicated and consumed multiple times. The only real constraint is bandwidth, the speed and volume of information that can be squirted from point A to points BCDEFG and on.
The Internet is a universal digital copying machine. That’s how it gets to be so fault-tolerant (that being one of its design principles). So we couple this scalar distribution machine up to machines that themselves are built around the very fundamental concepts of digital copying (the never ending flux of bits swirling between ROM, RAM, and storage), and we train ourselves to CTRL-C and CTRL-V without really thinking too hard about it. Copying digital objects is ridiculously simple when compared to the tricky business of copying physical objects (all those jigs and templates and machines and tolerances and tools and raw materials). So we copy things, regardless of whether we actually have the rights to do so. Technically speaking, nobody in the UK has the right to format shift their CD collection to any sort of digital playback device. A prosecution has never been brought and will not be because, bluntly, everybody does it. The UK government is proposing to legalise this form of copyright infringement.
And so to piracy. Traditionally, this has been the practise of unauthorised manufacture and distribution of works for commercial gain. The idea that this might happen without commercial intent is a by-product of the digital age — no one in their right mind would bear the costs of physical piracy for free. Piracy isn’t theft as it does not deprive the owner of their property. In a digital context, for it to be theft, the pirate would have to be the sole possessor of the digital property in question. Of course, they can steal media that holds the digital item, in which case they would be guilty of the theft of the media.
The Internet has changed the whole business of piracy. What it gives with one hand (frictionless distribution) it takes away with the other (frictionless copying). Humans are a social species. The sharing of culture is seemingly hard wired into our biology. We share stories, songs, images — all the rich panoply of cultural objects. What has changed is the vanishing of the transaction costs of sharing. It’s hard to think about the consequences of illicit sharing when the process is so frictionless; CTRL-C, CTRL-V. Compare and contrast with the whole palaver of, say, the construction of a well crafted compilation tape:
Step 1) Choose tracks
Step 2) Set recording level for each track
Step 3) Cue the needle or the CD
Step 4) Repeat
It’s time-consuming and not without cost; tapes were not free. We didn’t mass share videos back in the day, VCR tape was too expensive. These things acted as a brake to non-commercial illicit copying. In fact, home audio and video technology drove two massive new markets for content and, in the case of video, got people back into the cinema as well.
Anyway, piracy control revolved around locating commercial pirate manufacturing and distribution centers, and shutting them down, seizing assets and throwing the scurvy wastrels into jail . . . after going through due process, of course. There were, and indeed are, very good laws for this. But even back in the days of physical copying, media companies did try to reach into the non-commercial home use cases and stop the copying. I’m talking of course about Sony v. Universal, which went to the Supreme court in the US in 1984.
Sony won. The legitimate non-infringing uses for Sony’s VCR technology, allied to the decision that time-shifting constituted fair use, outweighed the concern that yes, the technology could be used for explicit acts of copyright infringement. Although it was a US case, Sony v. Universal was a guide for courts around the world, transforming what users could do in terms of legal copying of works, and smearing the perception of what was OK and what wasn’t. Remember that format shifting is illegal, yet everybody does it.
In Sony v. Universal, we can see some very important principles when trying to draft or test laws that revolve around the subject of cultural property rights:
- Would the restriction or limitation work? In the case of Sony v. Universal, the proposal was to ban the sale of VCRs, and it would have worked.
- If the answer to 1 is yes, what are the additional consequences of the proposed solution; do any of these outweigh the benefit that is being sought? In the case of Sony v. Universal, non-infringing use would have been prevented, and crucially, time-shifting was seen to be a legitimate activity.
So how are we doing when it comes to digital copying control? Really really badly. So far, none of the approaches or laws proposed (and in some cases passed into law) has passed the first test, let alone the second. DRM doesn’t work, and never will so long as the decryption key needs to reside on the computer (which is always, in case you were wondering). Of course, there are laws to make reverse engineering of DRM illegal, and they don’t work either. The evidence is just a torrent away.
And so to SOPA and its relative, PIPA.
(If you are familiar with the basics of these two proposed laws, you can skip the next paragraph)
SOPA is the Stop Online Piracy Act (The Wikipedia entry is an excellent place to keep up to date by the way. I particularly recommend the discusion section). It is currently making its way through the House of Representatives. SOPA is intended somewhat as a rewrite of PIPA, the Protect IP Act, which is a separate bill making its way through the US Senate. SOPA isn’t just about digital goods. It aims to stop the sale of counterfeit medicines online, for example. I think it’s fair to say that the bits that are (really!) controversial mostly revolve around digital property and the proposals to stop alleged illicit copies thereof, making it into the computers of the USA. Note I talked about stuff making it into the USA. SOPA and PIPA are aimed at foreign Internet sites that are currently outside the jurisdiction of the US government. SOPA and PIPA also use the term “theft,” which is interesting. Both bills look to block access to foreign sites that are determined to be largely dedicated to facilitating copyright breaches. This is to be achieved by requiring US-based Domain Name Servers to block Internet domains or portions thereof. Both bills allow accusations of copyright infringement to be levelled at target sites and require response and refutation to occur within a short period of time. There are penalties if the target site does not respond according to the time scale. Both approaches are drawing a volley of criticism about the approaches being taken. (Update: as of the 15th January 2012, it looks as though SOPA may not be coming back to the house in it’s current form. PIPA is still scheduled for debate on the 24th January).
If you’ve been following the “debate” about these two acts, you’ll have no doubt been assaulted by a barrage of claim and counter-claim about what the bills do or do not enable. There’s been a sadly all too common pattern to the articles that have been written, with too many of the arguments resorting to the same mudslinging techniques. Furthermore, the adversarial nature of the legal and legislative debate seems to make such discussions a game of “s/he who can make the best arguments, wins,” which isn’t quite the same as an evidence-based approach. That’s quite a problem because we are not actually discussing the nuances of what copyright is or isn’t, or whether lawmakers should legislate for one business model over another. This is actually a discussion about what the Internet is or isn’t.
So let’s try to take a look at what is proposed using the rules I described above. First up, will the bills’ approaches work?
No. The main approach is to block users in the US from accessing foreign sites by preventing browser access to those sites. If you happen to know the numerical address of the site, you can still get there. Blocking access doesn’t result in the foreign sites ceasing to exist. This means that any infringing content is still available, just not to US citizens resident in, and accessing the Internet from, the USA. Of course there is the route of requiring the sites to be taken offline, but pirate sites just tend to pop back into existence a very short while later to continue their piratical ways. In fact, the futile game of pirate site whack-a-mole is one of the arguments used to support the SOPA/PIPA proposals. There are also issues with the blocking itself. You may have heard a number of arguments about the threat to the architecture of the internet from the DNS blocking approach. With all the incoming debate rhetoric detonating overhead, it can be very hard to determine what is hyperbole, and what isn’t. I like to listen to what proper experts have to say. Steve Crocker, Dan Kaminsky, Paul Vixie, and David Dagon are all true experts in the very serious, very technical deep level architecture of the Internet. They wrote a (quite readable) document (note: link is to pdf) in response to the proposed PIPA legislation, detailing the very serious knock-on consequences to the proposals put forward to try and block access to an infringing site. Their conclusion? Site blocking does not work. Here in the UK in 2010, the government passed a somewhat similar act, the Digital Economy Act, which also contained website blocking proposals. This legislation was subsequently the subject of a detailed review of the website blocking proposals by OFCOM, a UK regulatory authority. Their conclusion was that the website blocking proposals detailed in the UK act were not technically feasible (which was also the position of just about every ISP here in the UK).
If you’ve read the document above and you think the experts’ opinions merit very serious consideration, then considering the unintended consequences of implementing site blocking is moot (in the American sense). But let’s do it anyway, because the debate about what to do about piracy isn’t going to end any time soon. If site blocking were to be implemented, what would the consequences be? Well, given that we rely on online data transactions in much the same way as we rely on water, fuel, and electricity supplies, we should look at this from the point of security. One of the fundamental engineering principles of the Internet is that no matter where you are in the democratic world, no matter what computer you are using, a URL gets to to exactly the same site, every single time. The principle is called universality, and it’s what the DNS keep checking on all the time. If it ceases to be, then inevitably there will be gaps and differences around the world, and that’s a security problem. If you can’t be certain that the site you are visiting is in fact the the site you want to visit, then it will be increasingly difficult to determine which sites are legitimate, and which are not. You want to be be very certain that information you are sending to a party is not ending up somewhere entirely different. Which leads us to a second security issue: How to tell the difference between information that has gone astray and has arrived at an unintended location and information being deliberately targeted to a location in order to bring it down. I’m talking here about denial of service attacks, which are a very nasty and effective technique for bringing down a domain, anything from a website to an entire country’s internet infrastructure. It’s going to be extremely challenging (to put it mildly) to spot such attacks in a world where there are different lists of sites, depending on where you are coming from. Again, I’m paraphrasing the considered knowledge of experts here. There appear to be very serious security consequences to what is proposed. I’d suggest SOPA and PIPA fail the second part of the test as well.
I’ve been the victim of theft. I very carefully restored a classic motorbike. It cost me time, money, and a fair amount of skinned knuckles and blood. And some thieving bastards nicked it. It feels horrible. Now, whilst copyright infringement isn’t technically theft, it sure as hell feels like it when you are staring at a site wantonly showing links to your creative toils. Tim O’Reilly may have a point when he talks about authors having more to fear from obscurity than copyright infringement, but that’s cold comfort when dealing with the visceral feelings of seeing your works exchanged illegally. But visceral emotions are not a good starting point for useful debate. I’d like to see real numbers. I’d like a detailed evidence-based assessment of what digital piracy actually is, what the pirate environment actually looks like for different business sectors, whether pirates become paying customers, and what the true effect is on businesses as a result of the ease of copying. I’d like it to be independently run, free of think tanks, special interest groups, and the rest. I’d like to see this study repeated at scale. I’d like to get the data here. Because then we might be better able to determine what exactly we should do about digital piracy, what the proportionate response actually is, what the pirates actually are, and what’s the best way to manage them.