Re: [dvd-discuss] A TPM without use limitations -- thoughts?

["John Zulauf" <johnzu(at)ia.nsc.com>]

daw@mozart.cs.berkeley.edu wrote:
> 
> John Zulauf wrote:
> > [ If you don't know who did the ripping & stripping, how do you sue them? ]
> >
> >The point isn't who stripped it, but that are a particular individual is
> >publicly sharing stripped content.  [...]  The stripping
> >itself wouldn't be a crime, but publicly sharing stripped content
> >certain would indicate "intent to infringe" and thus work against any
> >"fair use" defense.
> 
> Does this help?  Publicly sharing unstripped, copyrighted content --
> e.g., on Napster or Gnutella -- is probably already an infringement.

It is.  A fingerprint raises the confidence of the copyright holder that
they can find and eliminate commercially significant unauthorized copies
and copying.  This reduces the perceived need for use limiting
DRM/TPM's, both from the copyright holders perspective and from priority
in the public policy debate.  (BTW, according to BayTSP, they know where
all the sharing is done TODAY, which is the real reason the MPAA et. al.
do not want the EFF to have full discovery re: what do the copyright
holder <em>really</em> think about the risk of internet copies).

> I doubt there is any plausible "fair use" defense for publicly sharing
> the lattest Brittany album.  What's different about publicly sharing
> stripped, copyrighted content?

The difference is how it is handled.  The non-fingerprint-removing P2P
user is shutdown by a quick "safe harbor" letter to the ISP which can by
checking the fingerprint directly verify the claim a fire off a "you
have NNN days to comply" note with none of the embarrassing book report,
and Harrison family photos.  Those who remove the fingerprint, when they
are inevitably found ("a city set on a hill cannot be hidden", "a warez
site open to the public can always be fingered"), end up with a federal
case crashing down on their heads as the fingerprint removal is then
"burglary tools, with intent, at the open window..." in terms of
infringement and trafficking.

We are then left with two groups, Johnny Mallcore Slacker getting his
Limp Bizkit fix for free by playing chicken with his ISP (and eventually
losing, and giving up) and the serious warez 133T, who end up as
DrinkOrDie's roommates.  A few examples of the J M Slacker losing his
access to fR33 pr0n -- "hey, dude, (heh-heh) that sux!" and a few more
high profile warez busts and the blush goes off the public P2P rose.  At
the end of the day P2P ends up a private, digital replacement for "hey,
can you tape that for me" of an earlier (and gentler) age -- not a huge
issue for the RIAA/MPAA (regarding of their whining).

> 
> If the record companies don't consider it a workable solution to sue
> users who share unstripped, copyrighted content, 

don't need to the fingerprint makes the "safe harbor" ISP letter
completely effective. With direct, definitive, repeatable and automated
proof the "violate terms of service" letter is a no brainer from the
point of view of the ISP.  The ISP could even automate the process, by
having a form "Enter copyright holder name and fingerprint.... click
here to claim under penalty of perjury...".  

Potentially a web based clearing house for a fingerprint and it's
current "rights profile" (holder, expiration, compulsory licensing
status, royalty schedule etc.) could be established, s.t. all that the
form need do is ID the IP address and fingerprint, with the rest
verified through the clearing house.  What makes this last concept
interesting is that a copyright holder could set a "sharing friendly"
"rights profile."  If one wanted to promote an album, then a profile for
a loss-leader single (or B-side) could be labeled "public sharing
allowed," further reducing the false positives (BTW, these restriction
would HAVE to function as one-way rachets).

> would they really
> consider it an attractive solution to sue users who share stripped,
> copyrighted content?  Maybe there's a difference, but I'm not sure
> I see it.  I don't see how this helps record companies very much;

With the efficacy of the C&D approaching 100% and their effort
approaching 0 (both for the rights holder and the ISP) they only have to
sue (and call the feds) on this smaller, latter group.  This is a
reduction of effort compared to chasing every fR33 5wAg slacker

Finally, fingerprint is a huge public relations coup over DRM's and
copy-broken CD's (hanging iMac's was very bad for the record companies
image).  Reducing false positive, reducing friction with ISP's (by
making the process easy and objectively verifiable, and not requiring
user info disclosure), and limiting heavy handed busts to networks of
"production level" infringing copy operations.  These all look better to
the public than the current path of "P2P hacking" and "DRM in every
device"

I see this as win-win -- if only the RIAA could be expected to meet a
"reasonable man" test (or "reasonable person test " -- which is
currently correct?)

Best Regards,

.002