Date: Sun, 22 Oct 95 12:54:25 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V7#032 Computer Privacy Digest Sun, 22 Oct 95 Volume 7 : Issue: 032 Today's Topics: Moderator: Leonard P. Levine Can you Sue if Credit is Denied for Lack of SSN? Nov '95 PC World - good article! Usenet Posters' Profiles Available to Anyone with WWW Browser Copying Driver's Licenses Email Addresses for Sale by Direct Marketing Agency Re: Junk Sales Calls Unprivacy in Britain Call Blocking PARTY! Nov. 18th, sponsored by Community ConneXion Re: GE Capital Offer of Personal Information Re: Copyright Notice Re: Copyright Notice State Phone Policies Survey The Computer Law Report [long] Info on CPD [new] ---------------------------------------------------------------------- From: straurig@mailgw.sanders.lockheed.com (Scott Traurig) Date: 18 Oct 1995 14:57:06 -0400 Subject: Can you Sue if Credit is Denied for Lack of SSN? Organization: Lockheed Martin M & S, Sunnyvale, CA Can you sue a financial institution that denies you credit solely on the basis that you refused to supply a social security number? All other information would be happily provided, e.g. bank balances and account numbers, etc. Please reply via email. -- Scott Traurig straurig@mailgw.sanders.lockheed.com ------------------------------ From: malamb@ix.netcom.com (Michael Lamb ) Date: 18 Oct 1995 19:51:34 GMT Subject: Nov '95 PC World - good article! Organization: Netcom Today I received the Nov issue of PC world and it contains an excellent article by Jeffrey Rothfeder entitled "Invasions of Privacy". While it contains nothing surprising to us, it may bring these abuses and the need for tighter regulation to the attention of thousands of others. ------------------------------ From: dzubint@freenet.vancouver.bc.ca (Thomas Dzubin) Date: 18 Oct 1995 20:06:20 GMT Subject: Usenet Posters' Profiles Available to Anyone with WWW Browser Organization: Vancouver Regional FreeNet Here's a bit of scaryness with some privacy implications. If you've got the Netscape browser running on your micro, click on "Net Search"...one of the items is called "Deja News" which will basically search through the dejanews Usenet archives for a certain search string. the URL is "http://www.dejanews.com" and it works from all browsers...even lynx (text browser). The search will return a list of articles and who posted them. You can "click" on the article to see the actual article posted ...OR... You can "click" on the poster of the article and the dejanews server will give you an "Author profile" which lists how many articles you post to which news groups! I look at my profile and I can see that I am a VMS/DEC person with interest in SNMP, network management, and privacy (from my previous posts to comp.society.privacy). I also probably have some cisco equipment at my site due to one post in comp.sys.cisco. This is very scary...For example If I were to start posting to alt.i.kill.puppies.support, this can be called up by anyone and I could potentially be harassed for posting to that newsgroup. (by the way: for the Humour impared: I like puppies...I don't kill them). ...I think I'll be looking into anonymous posting services now... RISKS? Standard risks for any information being automatically collected...I wonder if I were forge a post under another person's name if it will show up in their future profile? This has a great potential as a marketing tool...or as a harrasment tool....or even as a job screening tool? Will someone in the future not hire me because I post to rec.whatever? Pretty scary potential. I also looked up my Ex-wife's profile just for fun and found out that she is now into winemaking...that's news to me! -- Thomas Dzubin Vancouver, B.C. CANADA ------------------------------ From: Maryjo Bruce Date: 18 Oct 1995 20:15:43 -0700 (PDT) Subject: Copying Driver's Licenses I withdrew money from my savings account (over 10K) yesterday, and the bank copied my driver's license before they would let me have the money. Do they have the right to do that? Who can copy it? Who cannot? Whom can I call to find out....accurately? What are they going to do with the copy? -- Mary Jo Bruce, M.S., M.L.S. Sunshine@netcom.com ------------------------------ From: richmsr@niia.net (rich markwart) Date: 19 Oct 95 03:27:50 GMT Subject: Email Addresses for Sale by Direct Marketing Agency Organization: rich According to DM(Direct Marketing) News 10-16-95, Marketry, Inc. of Bellevue, WA offerred a list of 250,000 Internet addresses to attendees of the 1995 Direct Marketing Association (DMA) convention in Dallas. The list of e-mail addresses was gathered from newsgroups, chat groups and Web sites. The list is available for rental at $50/1,000 names. Marketry is a list rental agency. In violation of DMA ethics rules, the owner of the list was not revealed. The list is available with selections in adult, computer, sports, science, education, news, investor, games, entertainment, religion and pets. New selection areas will be coming soon according to a Marketry spokesperson. The spokesperson admited that users did not realize that their addresses were being captured, compiled and sold. The Direct Marketing Association can be reached at 212-768-7277 or 212-790-1400. -- rich markwart chesterton, in ------------------------------ From: ahipc1j.dpeer01@eds.com (Don Peer) Date: 19 Oct 1995 17:16:53 GMT Subject: Re: Junk Sales Calls Organization: EDS/National Car Rental Bill said... ...make NOT transmitting ID be the default behavior in all cases.. Let phone companies sell the option of having Caller-ID-blocked calls automatically rerouted to a message saying that you do not accept Caller-ID-blocked calls. Anyone want to start a pool on the odds of phone companies ever voluntarily offering such a scheme? Although it was probably not voluntary, that is precisely the service that US West offers! My default is to NOT transmit. When we get the recording 'this number is not accepting calls from blocked numbers', we redial with *67 in front. With this service (which was free), I learn about who wants unknown calls and who doesn't. You could even argue that people who don't subscribe to caller ID blocking are implicitly agreeing to accept telephone solicitations. ------------------------------ From: Rich Schroeppel Date: 19 Oct 1995 13:33:25 -0500 (CDT) Subject: Unprivacy in Britain I was in Borders over the weekend and read the Sunday London Times (probably a week old). The top story on page 1 was that the guy who did a movie of executions was just finishing up a movie of excerpts from those public-area-surveillance cameras that are proliferating in Britain. Supposedly contains footage of people having sex, etc. It's apparently legal for the govt to sell the video recordings. I suppose it's no surprise that Orwell was British. ------------------------------ From: Aaron Zaugg Date: 19 Oct 1995 15:34:09 -0700 (MST) Subject: Call Blocking This anonymous call blocking problem everyone is talking about can be immediately solved by purchasing a Caller ID box (not from phone co.) which has that ability built in. I paid about 79$ for one from a computer (junk mail) catalog. I think the place was called PCZone. If your local phone company won't sell you the box that will eliminate blocked calls just find one that will. You may also want to try various Spy Shots. ------------------------------ From: sameer@c2.org (sameer) Date: 19 Oct 1995 20:36:20 -0700 Subject: PARTY! Nov. 18th, sponsored by Community ConneXion Organization: Community ConneXion: The NEXUS-Berkeley 510-549-1383 Community ConneXion: the Internet Privacy Provider is having a party! We're partying to celebrate the spread of privacy on the net, through the increased security of internet products, as well as the growth of our services. (Many new services and new features on existing services will likely be announced before the party. Stay tuned.) We're inviting all our customers and other potentially interested parties, which includes you, if you've received this note. So please join us, and send a copy of this invitation to anyone else you may know who would be interested in attending. Where: Icon Byte Bar & Grill 299 9th Street (at Folsom) SF CA 94103 When: Sat. Nov. 18 1995 7:00 PM This is a good chance to meet and network with the people who are making privacy on the internet a reality. Find out more about the HackNetscape and HackMicrosoft contests. Learn about our specialized web services, found nowhere else but at Community ConneXion. Hear about the anonymous and psuedonymous servers here and what we're doing to improve them. There will be catered snacks and a no-host bar. -- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org ------------------------------ From: tye@metronet.com (Tye McQueen) Date: 21 Oct 1995 22:19:37 -0500 Subject: Re: GE Capital Offer of Personal Information Organization: Texas Metronet, Inc (login info (214/705-2901 - 817/571-0400)) "Michael O'Donnell" writes: My mortgage is held by GE Capital Mortgage Services. [...] I recently received an offer from them whereby I'd pay $5 a month for the "privilege" of getting allegedly current reports on our credit, driving, Social Security and medical histories, including the ability to correct errors and discrepancies. [...] Can it be that the $5 a month is really all they're after? What are the risks in my subscribing to this service? For them to be able to do this you'd have to sign something giving them the right to collect such personal information. Perhaps that is what they are really after, a signature from you that tells all sorts of agencies to give GECMS lots of personal information about you. They probably don't promise to not sell this info to anyone who wants to buy it either. -- Tye McQueen tye@metronet.com || tye@doober.usu.edu Nothing is obvious unless you are overlooking something http://www.metronet.com/~tye/ (scripts, links, nothing fancy) ------------------------------ From: chris@ivanova.punk.net (Christopher Ambler) Date: 18 Oct 95 15:28:46 PDT Subject: Re: Copyright Notice Two points on the copyright issue that I seem to have started (honest, I didn't mean to! :-)) First, it does seem to be a can of worms. My question becomes one of how I can keep a copyright when I want one, and release it when I don't. This list, for example, may have full rights to whatever I send to it. Telecom Digest, likewise (as an aside, to my knowledge, Pat has never rejected a single item I've sent him intended for publication to Telecom, for whatever reason.) I would love to have a copyright on all Usenet postings specifically prohibiting them to be included in any compilation CD Rom sold for a profit. I'd also love to be able to prohibit MSN from carrying them just because I feel ornerey this week. I don't expect to be able to do either, and a discussion on that topic would probably be out of the scope of this list. Second, I am still under the impression that a submission to a mailing list is granting that list the right to redistrubution simply by virtue of the act itself. I am not a lawyer (I don't even play one on TV), so I have no idea if this is truely the case... but I thought it was. Can anyone confirm or deny this? Sorry to have created a point of contention. Please note no sig right now for this message :-) ------------------------------ From: "M. Otto" Date: 19 Oct 1995 12:53:00 -0500 Subject: Re: Copyright Notice Original-author: brad@clari.net (Brad Templeton) Archive-name: law/copyright/myths/part1 Last-change: 28 Apr 1995 by brad@clari.net (Brad Templeton) Changes-posted-to: news.misc,news.answers 10 Big Myths about copyright explained By Brad Templeton 1) "If it doesn't have a copyright notice, it's not copyrighted." This was true in the past, but today almost all major nations follow the Berne copyright convention. For example, in the USA, almost everything created privately after April 1, 1989 is copyrighted and protected whether it has a notice or not. The default you should assume for other people's works is that they are copyrighted and may not be copied unless you *know* otherwise. There are some old works that lost protection without notice, but frankly you should not risk it unless you know for sure. It is true that a notice strengthens the protection, by warning people, and by allowing one to get more and different damages, but it is not necessary. If it looks copyrighted, you should assume it is. This applies to pictures, too. You may not scan pictures from magazines and post them to the net, and if you come upon something unknown, you shouldn't post that either. The correct form for a notice is: "Copyright by " You can use C in a circle instead of "Copyright" but "(C)" has never been given legal force. The phrase "All Rights Reserved" used to be required in some nations but is now not needed. 2) "If I don't charge for it, it's not a violation." False. Whether you charge can affect the damages awarded in court, but that's essentially the only difference. It's still a violation if you give it away -- and there can still be heavy damages if you hurt the commercial value of the property. 3) "If it's posted to Usenet it's in the public domain." False. Nothing is in the public domain anymore unless the owner explicitly puts it in the public domain(*). Explicitly, as in you have a note from the author/owner saying, "I grant this to the public domain." Those exact words or words very much like them. Some argue that posting to Usenet implicitly grants permission to everybody to copy the posting within fairly wide bounds, and others feel that Usenet is an automatic store and forward network where all the thousands of copies made are done at the command (rather than the consent) of the poster. This is a matter of some debate, but even if the former is true (and in this writer's opinion we should all pray it isn't true) it simply would suggest posters are implicitly granting permissions "for the sort of copying one might expect when one posts to Usenet" and in no case is this a placement of material into the public domain. Furthermore it is very difficult for an implicit licence to supersede an explicitly stated licence that the copier was aware of. Note that all this assumes the poster had the right to post the item in the first place. If the poster didn't, then all the copies are pirate, and no implied licence or theoretical reduction of the copyright can take place. (*) Copyrights can expire after a long time, putting someting into the public domain, and there are some fine points on this issue regarder older copyright law versions. However, none of this applies to an original article posted to USENET. Note that granting something to the public domain is a complete abandonment of all rights. You can't make something "PD for non-commercial use." If your work is PD, other people can even modify one byte and put their name on it. 4) "My posting was just fair use!" See other notes on fair use for a detailed answer, but bear the following in mind: The "fair use" exemption to copyright law was created to allow things such as commentary, parody, news reporting, research and education about copyrighted works without the permission of the author. Intent, and damage to the commercial value of the work are important considerations. Are you reproducing an article from the New York Times because you needed to in order to criticise the quality of the New York Times, or because you couldn't find time to write your own story, or didn't want your readers to have to pay to log onto the online services with the story or buy a copy of the paper? The former is probably fair use, the latter probably aren't. Fair use is almost always a short excerpt and almost always attributed. (One should not use more of the work than is necessary to make the commentary.) It should not harm the commercial value of the work (which is another reason why reproduction of the entire work is generally forbidden.) Note that most inclusion of text in Usenet followups is for commentary and reply, and it doesn't damage the commercial value of the original posting (if it has any) and as such it is fair use. Fair use isn't an exact doctrine, either. The court decides if the right to comment overrides the copyright on an indidvidual basis in each case. There have been cases that go beyond the bounds of what I say above, but in general they don't apply to the typical net misclaim of fair use. It's a risky defence to attempt. 5) "If you don't defend your copyright you lose it." False. Copyright is effectively never lost these days, unless explicitly given away. You may be thinking of trade marks, which can be weakened or lost if not defended. 6) "Somebody has that name copyrighted!" You can't "copyright a name," or anything short like that. Titles usually don't qualify -- but I doubt you may write a song entitled "Everybody's got something to hide except for me and my monkey." (J.Lennon/P.McCartney) You can't copyright words, but you can trademark them, generally by using them to refer to your brand of a generic type of product or service. Like an "Apple" computer. Apple Computer "owns" that word applied to computers, even though it is also an ordinary word. Apple Records owns it when applied to music. Neither owns the word on its own, only in context, and owning a mark doesn't mean complete control -- see a more detailed treatise on this law for details. You can't use somebody else's trademark in a way that would unfairly hurt the value of the mark, or in a way that might make people confuse you with the real owner of the mark, or which might allow you to profit from the mark's good name. For example, if I were giving advice on music videos, I would be very wary of trying to label my works with a name like "mtv." :-) 7) "They can't get me, defendants in court have powerful rights!" Copyright law is mostly civil law. If you violate copyright you would usually get sued, not charged with a crime. "Innocent until proven guilty" is a principle of criminal law, as is "proof beyond a reasonable doubt." Sorry, but in copyright suits, these don't apply the same way or at all. It's mostly which side and set of evidence the judge or jury accepts or believes more, though the rules vary based on the type of infringement. In civil cases you can even be made to testify against your own interests. 8) "Oh, so copyright violation isn't a crime or anything?" Actually, recently in the USA commercial copyright violation involving more than 10 copies and value over $2500 was made a felony. So watch out. (At least you get the protections of criminal law.) On the other hand, don't think you're going to get people thrown in jail for posting your E-mail. The courts have much better things to do than that. This is a fairly new, untested statute. 9) "It doesn't hurt anybody -- in fact it's free advertising." It's up to the owner to decide if they want the free ads or not. If they want them, they will be sure to contact you. Don't rationalize whether it hurts the owner or not, *ask* them. Usually that's not too hard to do. Time past, ClariNet published the very funny Dave Barry column to a large and appreciative Usenet audience for a fee, but some person didn't ask, and forwarded it to a mailing list, got caught, and the newspaper chain that employs Dave Barry pulled the column from the net, pissing off everybody who enjoyed it. Even if you can't think of how the author or owner gets hurt, think about the fact that piracy on the net hurts everybody who wants a chance to use this wonderful new technology to do more than read other people's flamewars. 10) "They e-mailed me a copy, so I can post it." To have a copy is not to have the copyright. All the E-mail you write is copyrighted. However, E-mail is not, unless previously agreed, secret. So you can certainly *report* on what E-mail you are sent, and reveal what it says. You can even quote parts of it to demonstrate. Frankly, somebody who sues over an ordinary message might well get no damages, because the message has no commercial value, but if you want to stay strictly in the law, you should ask first. On the other hand, don't go nuts if somebody posts your E-mail. If it was an ordinary non-secret personal letter of minimal commercial value with no copyright notice (like 99.9% of all E-mail), you probably won't get any damages if you sue them. ----------------- In Summary --------------------------- These days, almost all things are copyrighted the moment they are written, and no copyright notice is required. Copyright is still violated whether you charged money or not, only damages are affected by that. Postings to the net are not granted to the public domain, and don't grant you any permission to do further copying except *perhaps* the sort of copying the poster might have expected in the ordinary flow of the net. Fair use is a complex doctrine meant to allow certain valuable social purposes. Ask yourself why you are republishing what you are posting and why you couldn't have just rewritten it in your own words. Copyright is not lost because you don't defend it; that's a concept from trademark law. The ownership of names is also from trademark law, so don't say somebody has a name copyrighted. Copyright law is mostly civil law where the special rights of criminal defendants you hear so much about don't apply. Watch out, however, as new laws are moving copyright violation into the criminal realm. Don't rationalize that you are helping the copyright holder; often it's not that hard to ask permission. Posting E-mail is technically a violation, but revealing facts from E-mail isn't, and for almost all typical E-mail, nobody could wring any damages from you for posting it. ----------------------------------------------------------- Permission is granted to freely copy this document in electronic form, or to print for personal use. If you had not seen a notice like this on the document, you would have to assume you did not have permission to copy it. This document is still protected by you-know- what even though it has no copyright notice. It should be noted that the author, as publisher of an electronic newspaper on the net, makes his living by publishing copyrighted material in electronic form and has the associated biases. However, DO NOT E-MAIL HIM FOR LEGAL ADVICE; for that use other resources or consult a lawyer. Also note that while most of these principles are universal in Berne copyright signatory nations, some are derived from Canadian and U.S. law. This document is provided to clear up some common misconceptions about intellectual property law that are often seen on the net. It is not intended to be a complete treatise on all the nuances of the subject. A more detailed copyright FAQ, covering other issues including compilation copyright and more intricacies of fair use is available in the same places you found this note, or for FTP on rtfm.mit.edu in pub/usenet-by-group/comp.answers/law/Copyright-FAQ. Also consider gopher://marvel.loc.gov/11/copyright for actual statutes. Another useful document is http://www.eff.org/pub/CAF/ This FAQ can be found at http://www.clari.net/brad/copymyths.html ------------------------------ From: catalyst@pacifier.com (John M. Gear) Date: 22 Oct 1995 05:55:29 GMT Subject: State Phone Policies Survey Organization: Pacifier Internet Server (206) 693-0325 Question in brief (long version below): Does your state allow or forbid the phone company from charging you extra for privacy (unpublished/unlisted #s)? If charges are allowed, how much? Why? Please send your responses by e-mail to catalyst@pacifier.com I will post a summary. Question at length: I live in Washington State where the Utilities and Transportation Commission UTC allows the local telephone providers (US West and GTE to my knowledge, perhaps there are others) to charge customers for not violating their privacy. I refer to the *monthly* charges for unlisted and unpublished numbers (one doesn't appear in the book but can be obtained from information; the other can't even be obtained from the information operator). I can find no rationale for permitting a common carrier to force citizens to pay extra not to have their privacy violated. The telephone is a vital public service, explicitly required in many jobs and a de facto requirement of most others. Access to emergency services depends on access to telephone services. Thus, we're not talking about a subscription list being sold by a private company. You don't have any choice but to deal with the local phone company if you want telephone service. The Washington UTC appears to recognize that the telephone company doesn't own the right to make you give your name and number away--phone service providers here are required to offer free "line block" to defeat Caller ID. So why does the UTC allow the phone company to charge you extra, each month, not to give your name and number away to, literally, millions of people? I believe this is wrong and should be changed. I have testified before the UTC at a US West rate increase hearing and got a sympathetic response from virtually everyone I spoke to, although I don't know how the commissioners felt. What I would like to know is if this system is forbidden in any country, state or province? Does your state require the phone company to let you out of the phone book without making you pay for the privilege? Please send e-mail on this to me at catalyst@pacifier.com I will post a summary of responses. ------------------------------ From: "Prof. L. P. Levine" Date: 22 Oct 1995 13:55:25 -0500 (CDT) Subject: The Computer Law Report [long] Organization: University of Wisconsin-Milwaukee This was sent me by the author, who has given me permission to post it. lpl From: Galkin@aol.com Date: 20 Oct 1995 11:57:07 -0400 *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ THE COMPUTER LAW REPORT *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ October 20, 1995 [#12] ===================================== GENERAL INFO: The Computer Law Report is distributed (usually) weekly for free and is prepared by William S. Galkin, Esq. The Report is designed specifically for the non-lawyer. To subscribe, send e-mail to galkin@aol.com. All information contained in The Computer Law Report is for the benefit of the recipients, and should not be relied on or considered as legal advice. Copyright 1995 by William S. Galkin. ===================================== ABOUT THE AUTHOR: Mr. Galkin is an attorney in private practice in Owings Mills, Maryland (which is a suburb of Baltimore), and he is also an adjunct professor of Computer Law at the University of Maryland School of Law. Mr. Galkin has concentrated his private practice in the Computer Law area since 1986. He represents small startup, midsized and large companies, across the U.S. and internationally, dealing with a wide range of legal issues associated with computers and technology, such as developing, marketing and protecting software, purchasing and selling complex computer systems, and launching and operating a variety of online business ventures. He also enjoys writing about computer law issues! ===> Mr. Galkin is available for consultation with individuals and companies, wherever located, and can be reached as follows: E-MAIL: galkin@aol.com/TELEPHONE: 410-356-8853/FAX: 410-356-8804/MAIL: 10451 Mill Run Circle, Suite 400, Owings Mills, Maryland 21117 ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^ Articles in The Report are available to be published as columns in both print and electronic publications. Please contact Mr. Galkin for the terms of such usage. ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^ *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ EXTINCTION OF THE DIGITAL LOCK PICKER? *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ [This is the second of a series of articles discussing recommendations made in the report issued September 5, 1995 by President Clinton's Information Infrastructure Task Force. The report is entitled "Intellectual Property and the National Information Infrastructure," and is commonly referred to as the White Paper. The previous article was entitled "Stopping the Altruistic Infringer" and dealt with recommendations for criminalizing infringement activities where there is no profit motive.] Infringement is the mortal enemy of the Information Highway. A "highway" robber, a blood-thirsty terrorist, lying in wait to pillage an unsuspecting victim vulnerable to unauthorized duplication and mass distribution. However, the destructive infringer is a relatively new concern on the Internet. A robber can thrive only where there is something of value to be stolen. In the "old" days of the Internet, there was nothing of "value". Most information was there for the taking - the more taking, the merrier everyone was. Not any more. The future of much of the Internet is as a free enterprise zone. Commercial enterprise cannot develop if the environment is not secured from theft. Enter the White Paper, and its recommendation to prohibit devices that are designed to break through technological security systems. The White Paper recommends that a new chapter be added to the U.S. Copyright Act which would "prohibit the importation, manufacture or distribution of any device, product or component incorporated into a device or product, or the provision of any service, the primary purpose or effect of which is to avoid, bypass, remove, deactivate, or otherwise circumvent, without authority of the copyright owner or the law, any process, treatment, mechanism or system which prevents or inhibits the violation of any of the exclusive rights under [the Copyright Act]." Under the current law, established by several prominent cases, a company is free to develop a device which can be used to infringe another's copyright as long as the device has a substantial legitimate use. In one case (Vault Corp. v Quaid Software, Ltd.), a company developed a software program (RAMKEY) specifically designed to break through copy protection software. The court held that this did not constitute contributory infringement (that is, assisting others to unlawfully duplicate software), because this software has a lawful purpose. Under the copyright law, a person is permitted to make one backup copy of software, which is to be used only if the original copy is destroyed or damaged. Therefore, the lawful use of this lock-breaking program is to assist others to make backup copies. The court in Vault was not bothered by the fact that RAMKEY's primary purpose may have been to indeed assist others in producing unlawful copies. The Supreme Court in Sony Corp. of America v. Universal City Studios, Inc. reached a similar result. The owners of motion picture and television programs sued Sony claiming that production of VCR's was an unlawful act of contributory infringement. They claimed consumers used VCR's to make infringing copies of the programs. The court held that as long as the device is capable of substantial noninfringing uses, then the manufacturer has no liability, even if the primary use is one of infringement. Therefore, VCR's can be marketed since VCR's can be used in homes in a permitted way (for example, taping a show to watch later). How bleak would the world be today if the Supreme Court ruled otherwise, and there were no VCR's? The White Paper points out some other areas where prohibitions similar to the one suggested are already in effect. For example, Congress enacted the Audio Home Recording Act of 1992, which combined legal and technological protection for sound recordings. The Audio Home Recording Act requires a serial copy management system in all digital audio recording devices and digital audio interface devices imported, manufactured or distributed in the United States. Such a system allows unlimited first generation digital copying of sound recordings, but prevents the making of digital copies from copies. The Act prohibits the importation, manufacture or distribution of any device, or the offering or performance of any service, the primary purpose of which is to circumvent any program or circuit which implements a serial copy management system. However, it is disingenuous to compare the proposed prohibitions with the Audio Home Recording Act. The proposed prohibitions are potentially very broad in scope and application, whereas the prohibition of disabling a specific device (a serial copy management system), which is only found in digital sound duplicating devices, is extremely narrow and well-defined. Some commentators feel that the White Paper's recommendation is dangerously vague. Perhaps, under its terms, merely having a conversation about decryption algorithms would be illegal. What about decryption by police for the purpose of arresting criminals? How are manufacturers and distributors to determine what the primary purpose of the device is, where is it used for both illegitimate and legitimate purposes. What if the primary use changes over time? Accordingly, the direction that this proposal should take in order to address this vagueness is to focus on the purpose of the decryption, as opposed to the decryption itself. Concern has also been expressed that this provision would inhibit fair use, because activities that would qualify as fair use could be blocked by anti-access devices for which there is no available breaking device available. The same concerns would apply to the inability of accessing copy-protected works which are in the public domain, and therefore, not protected by the copyright laws at all. Additionally, reverse engineering, which in many cases is permissible, and which significantly contributes to the development of technology, could be severely inhibited.The White Paper answers these concerns by stating that (1) copyright owners have no obligation to allow for fair use and (2) if a device is primarily used for lawful purposes, then it would be available for use. In summary, the White Paper is correct that technological security protections are necessary and should be bolstered by legal consequences. Nevertheless, the proposal as currently formulated needs to be reconsidered because it could have the extremely negative result of limiting access to valuable information that should be freely accessed. -- END -- ------------------------------ From: "Prof. L. P. Levine" Date: 18 Oct 1995 13:55:25 -0500 (CDT) Subject: Info on CPD [new] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. [new: Ordinary copyrighted material should not be submitted. If a] [copyright owner wishes to make material available for electronic] [distribution then a message such as "Copyright 1988 John Doe.] [Permission to distribute free electronic copies is hereby granted but] [printed copy or copy distributed for financial gain is forbidden" would] [be appropriate.] Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V7 #032 ****************************** .