[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dvd-discuss] Are CSS licensees still under confidentialityrestrictions?

The language make my head hurt just reading it....Suppose somebody builds 
a complete DVD player REed squeeky clean, doesn't infringe upon any 
patents (you can't patent what something does only how it does it) and 
THEN offered it for sale. Are THEY selling circumvention devices too? You 
buy the DVD and play it on their machine just the same as anybody elses 

Let's take this one step further on the RE keys. 

Suppose I had a program that ran through the keys entering them into the 

Enter valid DVD key-0000001-Bad Key
Enter valid DVD key-0000002-Bad Key

and several butcher's aprons

Enter valid DVD key -24532464-Good key

If this is done with a computer then presumably THAT program becomes a 
circumvention device. But what of your list of REe'd keys. I can punch in 
one of those can't I? Does that file become a circumvention device too 
merely because it holds data? What of my editor that allows me to read 
that file? So I write a shell script to call up the editor on that file 
automatically or do a dialog "what kind of DVD player do you want to be 
today?""natsushita 3424xprt","the key is 4534534535". All of this is 
circumvention right? But what if the key has been revoked for my player? 
Would somebody who makes players that plays cds issued after a key has 
been revoked be creating a circumvention device? I have the authority of 
the copyright holder only to play a DVD on machines made with the 
authority of the copyright holder who has decided that he doesn't want to 
give the the authority to play new DVDs on my old machine. enough 
blathering on......

What's making my head hurt even more now is wondering "What's a 
circumvention device?"

"John Zulauf" <johnzu@ia.nsc.com>
Sent by: owner-dvd-discuss@lweb.law.harvard.edu
12/07/01 02:47 PM
Please respond to dvd-discuss

        To:     dvd-discuss@lweb.law.harvard.edu
        Subject:        [dvd-discuss] Are CSS licensees still under confidentiality restrictions?

Looking at the DVD-CCA license agreement, the following caught my eye:


(h) Confidentiality Exceptions. The confidentiality restrictions
contained in Sections 5.2(a), (b) and (c) herein shall not apply to
information that Licensee can demonstrate: (i) is either Confidential or
Highly Confidential Information which is or becomes generally known to
the public through no breach of Licensee's obligations owed to [Blank]
hereunder and which [Blank] failed to remove from public availability or
to enjoin such public disclosure within ninety (90) days after the date
such information is or becomes generally known as set forth above; or
(ii) is or has been developed by Licensee's employees (whether
independently or jointly with others) without having access (whether
directly or through any intermediaries) to any such Confidential
Information or Highly Confidential Information (or any translation,
derivation or abstractions of Confidential Information or Highly
Confidential Information) and without any breach of Licensee's
obligations to [Blank] , provided that the confidentiality restrictions
shall continue to apply to DVD Keys provided to Licensee. 


(1) Continuing confidentiallity requirements?
The key phrase is "failed to remove from public availability or to
enjoin such public disclosure within ninety (90) days after the date
such information is or becomes generally known".  Does the word "enjoin"
mean to obtain an injunction of, or to seek an injunction the release of
the information.  Clearly this information has been available for far
more than 90 days, and with the recent court decision, it's not going

IANAL -- those who are, are the CSS licensee's still under
confidentiallity constraints.

(2) doesn't (h) (ii) leave open the door for a licensee to do a clean
room CSS decoder, or in fact use DeCSS, as long as they don't release
the keys?  Or is it saying, once a clean room CSS is developed, the
confidentiality is dead?

How does this play against Kaplan's argument about DeCSS as bad and CSS
good simply because of their authorization?  Kaplan referred to the used
of unauthorized "keys" as key.  Thus if a DeCSS implementation didn't
include the key's it wouldn't be banned?  So adding a dialog, "please
enter authorized DVD key" would turn DeCSS from sinner to saint?

Here's the *really* *wierd* *part*

<blockquote> (5.2) (b) (ii) (3)
Notwithstanding any contrary provision, Licensee shall under no
circumstances disseminate any DVD Keys (as defined in CSS
Specifications) to more than three (3) Authorized Employees 

This would seem to say that even if keys become common knowledge, the
licensee's are still required to keep them secret.  Is that
enforceable?  What makes the keys different from the CSS algorithm or
other DVD-CCA license agreement elements.  If I read on the web an RE'd
list of all of the DVD player keys (has anyone posted them?) I still
must honor the secrecy of these keys... hmmm.