[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: One last round: RIAA replies to congressional source




------- Forwarded message follows -------
Date sent:      	Thu, 1 Nov 2001 06:50:52 -0800 (PST)
From:           	Declan McCullagh <declan@well.com>
To:             	politech@politechbot.com
Copies to:      	JCabrera@riaa.com
Subject:        	FC: One last round: RIAA replies to congressional source on hacking
Send reply to:  	declan@well.com

Response to:

"Congressional source replies to RIAA's we-don't-want-to-hack denial"
http://www.politechbot.com/p-02717.html

---------- Forwarded message ----------
Date: Thu, 1 Nov 2001 09:31:29 -0500
From: JCabrera@riaa.com
To: Declan McCullagh <declan@well.com>, declan@wired.com
Subject: RIAA Point by Point Rebuttal


(1) "The RIAA does not assert that the language they provided staff
would not have permitted this sort of conduct [hacking, planting
viruses, destroying MP3 files,  etc.]"


     RIAA RESPONSE:  WRONG!  The language we provided staff would NOT
     have
permitted this sort of conduct:
     First, the language would have applied ONLY to actions that do no
     more
than "impair the availability" of data, a program, or a computer. 
Section 1030 refers both to the "integrity" and "availability" of
data, but the language addressed only "availability."  Thus, if any
action had the effect of deleting, altering or destroying data, a
program or a computer (i.e. impacting "integrity") -- even
unintentionally -- that would still be defined as "damage" under the
Computer Fraud and Abuse Act and the copyright holder would have been
subject to suit.
     Second, the initial language would only have protected
     "reasonable"
measures.  Actions (such as hacking or deleting files) that caused
damage to a computer or data would generally not be considered
"reasonable," would likewise subject the copyright holder to suit.


     Finally, the language provided NO immunity from criminal
     prosecution.
Thus, any actions taken by a copyright holder to protect its works
would be at risk of criminal liability, a substantial guarantee that
any measures would be responsible.


     All of this confirms that the language was not to give copyright
owners broader enforcement powers, but only to limit the availability
of "strike suits" or nuisance suits that would preclude the use of
reasonable technical measures.





(2) "What they may have "meant" to do does not explain their
"extremely irresponsible" (at best) drafting."


     RIAA RESPONSE:  WRONG AGAIN.  What we "meant" to do is reflected
     in
the drafting.  It's the "reading" of the language out of context
that's irresponsible





(3) "According to the RIAA, the drafting of the Senate bill was done
"privately" and would have had "unintended effects" on the law.  But
what Hilary Rosen fails to note is that their solution ? offered in
the vacuum of private negotiations ? would have done what EFF and
other copyright scholars NOT on the RIAA payroll say it would have
done: it wouldve [sic] created a license to hack.  I suppose the RIAA
position must be that private negotiations involving the RIAA cannot
possibly result in similarly "unintended effects."


     RIAA RESPONSE:  WRONG AGAIN, for the reasons described above. We
recognize that a perfectly reasonable human being ? when shown this
language without any context ? could think that it would allow any
number of things, including hacking.  But in fact, as described above,
that is not the case.  Anonymous ought to read the language carefully,
in context as an amendment to an amendment to an existing statute (a
very long and complex statute).  It is clear that Anonymous has not
done this, but feels free to make irresponsible comments about what
the language means anyway.





(4) "Perhaps the RIAA will tell us who they met with at DOJ about this
amendment?  Did they show their proposed language to anyone from the
Executive Branch negotiating the bill?  If so, whom?


     RIAA RESPONSE:  Funny how Anonymous believes it's okay to be
commenting without disclosing his or her identity, but wants everyone
else to disclose their identities.  Sorry.  We do not believe it is
appropriate or necessary to name the specific individuals with whom we
have met regarding this legislation.  Suffice it to say, however, that
we brought the issue to the attention of officials at DOJ as soon as
we discovered that the proposed language inadvertently would have
prevented us from using technical measures to protect copyrighted
works.  We also raised this issue with the Senate staff working on the
bill, as well as other industry groups before any proposal was sent.





(5) "[RIAA claims that a copyright holder using any technical measures
to protect its works could do so only at risk of criminal liability, a
substantial guarantee that any such actions would be conducted
responsibly.]  This is simply false! . . . [The RIAA made two initial
proposals.]  Both proposals would have prohibited any civil cause of
action for actions by a copyright owner for the "impairment of the
availability of data. . . Yes the RIAA could still have been
prosecuted ? which one must assume is how they are able to argue that
their conduct resulting in damage would be "actionable."  But no civil
actions could have been brought!  So victims could not have sued. 
Period.  This is the sort of verbal parsing and misleading statement
that the heads of the major record labels should instruct their staff
at the RIAA to put a stop to once and for all."


     RIAA RESPONSE:  WRONG.  The proposals submitted by creators (to
     fix
the unintentional effect the anti-terrorism bill would have had on
antipiracy efforts) still would have allowed civil suits against
creators on several new grounds.  First, the proposals included a new
"reasonableness" standard that would have permitted lawsuits against
creators for the use of any technical measures deemed unreasonable. 
This new standard, when combined with the loosening of the damage
requirement contained in the amendments proposed by the Department of
Justice, would have provided greater flexibility to the judge or jury
than the strictly monetary threshold that was previously in effect,
and is the typical standard of almost all cases tried on a theory of
negligence in this country.  Second, both proposals maintained civil
liability if the relevant work was not being put to an infringing use
(as when a defendant is engaging in "fair use").  As such, content
owners would have borne the risk of a lawsuit if it turned out that
the use was not infringing  Third, the limited civil exemption of both
proposals applied only to technical measures that impaired the
"availability of data, a program or system," and not to technical
measures that affected the integrity of data.  Thus, if any action
taken to protect copyrights had the effect of deleting, altering or
destroying data, a program or a computer (i.e. impacting "integrity")
? the very type of activity raised by Anonymous ? that would still be
subject to civil liability under section 1030.



     (6) "Previously the definition of "damage" under the act required
     that
there be $5,000 in damage or loss to a victim.  Accordingly, absent
some narrow exceptions, if a person hacked into a private network or
computer and caused less than $5,000 in damage, he or she would not
have broken the law. . .if you change the law to make it easier for
the government to prosecute hackers by dropping the $5,000 threshold
then you are also making it easier for victims of hackers to bring a
private civil lawsuit.  The RIAA's proposed solution ? above ? would
have given them a complete carve out from the civil actions ? Not just
acts [stet] those resulting in less than $5,000 in damage but any
amount of damage so long as they were trying to stop "unauthorized"
(note, not necessarily illegal) copying."


     RIAA RESPONSE:  It is exactly because the bill changed the
     calculation
of the threshold (as Anonymous points out), opening creators up to new
lawsuits that could not have been brought previously, that a new
solution was needed in order to preserve the intent of current law. 
This solution, which Anonymous once again glosses over, was the
requirement of "reasonableness."  In response to the new threshold
requirements, the proposal recommended that any exemption must be
denied if a court or jury finds the measures taken by the copyright
owner to be unreasonable.  Thus, the "complete carve out from civil
actions" described above is simply wrong.





(7) "Yes there were a myriad of organizations concerned about the
effects of the change on current law, but the RIAA's proposed
amendment was not supported by those groups, was it?  Did eBay, the
Net Coalition, SIAA support their draft.  No.  Not even AOL ? a member
of RIAA ? was happy with the original amendment offered by Mr.
Glazier.  Yes, they all supported the final version ? the version that
was worked out AFTER the RIAA was caught."


     RIAA RESPONSE:  WRONG.  The database producers mentioned by
     Anonymous
had no objection to the original proposal.  Different companies and
industries bring differing concerns to the table.  eBay's concerns had
nothing to do with copyright, for example.  Our point was not that
other industry groups wanted to solve a copyright problem, but that
multiple industry groups recognized that the Senate provision had
inadvertent adverse effects ON THEM as well, unrelated to copyright,
and needed to be fixed.  And we mention that only to disprove the
canard that we were attempting to take advantage of the anti-terrorism
legislation.  To the contrary, we were responding to a problem CAUSED
by the anti-terrorism bill, just like the other industries did when
they learned of it.





     This is our last posting on this issue.  We've said our piece,
     here
and lots of other places, a number of times.  We've even responded to
anonymous critics that don't have the courtesy (or the confidence in
their criticism) to disclose their identities.


     The legislation has passed.  People will think what they think. 
     It's
time to move on.











----------------------------------------------------------------------
--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. Declan McCullagh's photographs are at
http://www.mccullagh.org/ To subscribe to Politech:
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/
----------------------------------------------------------------------
---

------- End of forwarded message -------

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de