[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: Why Dmitry Sklyarov belongs in jail, by inside.com's R. Parloff (resend)




------- Forwarded message follows -------
Date sent:      	Tue, 07 Aug 2001 10:47:20 -0400
To:             	politech@politechbot.com
From:           	Declan McCullagh <declan@well.com>
Subject:        	FC: Why Dmitry Sklyarov belongs in jail, by inside.com's R.
 	Parloff (resend)
Copies to:      	rparloff@inside.com
Send reply to:  	declan@well.com

[The inside.com link I sent out last week has since moved behind the
subscription firewall. Roger and inside.com have graciously allowed me
to redistribute his article in full. --Declan]

---

Free Dmitry? Spare Me.: Why the FBI Was Right to Arrest the Internet's
Latest Martyr Civil liberties advocates, programmers and
cryptographers are up in arms about the arrest of a Russian programmer
for distributing software that strips Adobe eBook Reader of its
copy-protection. They shouldn't be, Inside's legal editor argues. by
Roger Parloff

Wednesday, August 01, 2001
A hacker has allegedly violated the Digital Millennium Copyright Act
-- so you know the drill. It's time for extremely smart people to
espouse extremely unpersuasive arguments for why the hacker must
swiftly be exonerated and the law struck down as unconstitutional.

This time around the hacker (and I'm trying to use that term in the
positive sense) is Dmitry Sklyarov, a 27-year-old Russian computer
programmer who was arrested in Las Vegas on July 16. If you get your
news from any of the numerous news sources that cater to computer
programmers and software enthusiasts -- the online wire services or
listserv e-mails from digital civil liberties advocates or
cryptographers -- you are doubtless familiar with the outlines of the
case, or at least think you are. You have read how Sklyarov was
arrested the day after he delivered a lecture at the Def Con 9
convention in Las Vegas -- the ninth annual gathering of what is
described on the group's official Web site as "computer underground
party for hackers" -- about the flaws in the copy-protection system
for the Adobe eBook Reader.

Maybe you have been alerted to the message posted on the Web by Bruce
Schneier, the chief technology officer of Counterpane Internet
Security and one of the nation's foremost experts on cryptography and
computer systems security, who has expressed his outrage that "the FBI
arrested (Sklyarov) because he presented a paper on the strengths and
weaknesses of software used to protect electronic books." You have
probably been told how Alan Cox, an eminent British open-source
programmer, resigned his membership in an American-based society of
computer engineers as a result of Sklyarov's arrest, explaining: "With
the arrest of Dmitry Sklyarov, it has become apparent that it is not
safe for non-U.S. software engineers to visit the United States." You
may also agree with Sklyarov's defenders that it is deeply ironic that
federal prosecutors are trying to punish Sklyarov at Adobe's behest,
when Adobe should really be thanking Sklyarov for having -- in the
long and fine tradition of hackers (again in the positive sense of
that term) -- pointed out flaws in its copy-control system, which
might have done far greater damage had they first been discovered by
someone malevolent.

Then again, if you've learned about the case from more mainstream news
sources, you probably already realize that Sklyarov's arrest doesn't
really have anything to do with the presentation he gave in Las Vegas.
(The conference, which listed Sklyarov as a scheduled speaker, was
just the event that alerted authorities to the fact that he would be
in the United States, enabling them to seize him.) It relates to some
software that Sklyarov wrote and that his employer distributed.

But even so, you may still be outraged by his arrest. As Stanford Law
School professor Lawrence Lessig recently pointed out in his New York
Times op-ed piece urging Sklyarov's release, Sklyarov's software was
perfectly lawful in Russia, where he wrote it. Adobe just downloaded
it off the Internet, and then asked our government to punish Sklyarov
for violating U.S. law. That poses all sorts of very troubling,
international jurisdictional issues, doesn't it?

In addition, Professor Lessig stresses, neither Sklyarov nor his
employer have even been charged with infringing anyone's copyrights!
Sklyarov simply made software that removes certain security
protections from the Adobe eBook Reader, enabling people to engage in
numberless, marvelous, invaluable, noninfringing uses. "A blind
person," for instance, could use it to activate Adobe's "read-aloud
function" in order "to listen to a book," even if Adobe had, at a
publisher's instructions, disabled that function for a particular
title. Alas, has helping the blind to read become a crime in our
country? Sklyarov's wonderful creation also enables people to make
back-up copies of e-books, explains the Electronic Frontier
Foundation's Web site. It also enables them to transfer an e-book from
an old computer to a new one. Best of all, Sklyarov's software only
works on lawfully purchased e-books. So what in the world could the
prosecutors and Adobe and the Association of American Publishers --
which has applauded the prosecution -- possibly be so upset about?


ON THE WEB, IT ONLY TAKES A SINGLE UNPROTECTED COPY ...

Now let's visit Planet Earth. Dmitry Sklyarov works for ElcomSoft Co.
Ltd., a Moscow-based company that sells, among other things, the
Advanced eBook Processor. That product converts e-books formatted for
viewing through the Adobe eBook Reader into ordinary, unsecured PDF
files. Once in that form, the file is in the free and clear, and can
be distributed by anyone to anyone throughout the globe via numerous
file-sharing programs like Gnutella, KaZaA, iMesh or Freenet, not to
mention by e-mail attachment, or by Aimster-style instant-messaging
attachment, or by posting on evanescent pirate Web sites, and probably
via several other mechanisms that were invented so recently that you
and I haven't heard of them yet.

The point is: it only takes a single unprotected copy to have the
material spread. The cat is then out of the bag and any attempt to
bring a copyright infringement charge against the individual who
originally uploaded it becomes laughably futile, even assuming it were
possible to identify that individual, which it usually isn't.
Accordingly, Congress has tried to protect copyrights in the digital
world by prohibiting the distribution of "devices" -- like Elcomsoft's
Advanced eBook Processor -- that are "primarily designed" to
circumvent copy-control technologies that copyright holders have
implemented in an effort to protect their intellectual property. (The
DMCA is designed to effectuate two World Intellectual Property
Organization copyright treaties that were signed in Geneva in December
1996.)

Most of the people coming to Sklyarov's defense fully appreciate that
some sort of anti-circumvention legislation like the DMCA is crucial
to maintaining meaningful copyright protection in the digital world.
But they simply don't want such protection maintained. They believe
that the digital world is fundamentally hostile to copyright law as we
have known it and that the copyright laws have grown too protective in
any event (which might be true), and they are therefore eager to enter
a brave new world in which creators of intellectual property will be
effectively forced to turn to unspecified "new business models" in an
effort to get paid for their creations. Most of the new business
models that have been proposed so far, however -- like having
consumers voluntarily donate fees to creators whose works they have
downloaded for free -- very closely resemble begging.

In any event, there is little question that ElcomSoft has been
knowingly and intentionally violating U.S. law and that the FBI has
ample jurisdiction over Sklyarov. Until Sklyarov's arrest -- when
ElcomSoft finally discontinued distributing these circumvention
products -- ElcomSoft made a demonstration model of its Adobe-targeted
circumvention software available on its (English-language) Web site
for free. But that demo tantalizingly unlocked only the first 10
percent of an Adobe e-book, according to the ElcomSoft site (which was
quoted in the July 10 affidavit of an FBI agent filed in support of
the criminal complaint against Sklyarov). If a customer wanted to
unlock the whole Adobe e-book, ElcomSoft directed that person to send
$99 -- that's U.S. dollars -- to ElcomSoft's U.S.-based billing agent,
Register Now, which is based in Issaquah, Wash. Upon verifying that
payment had been made, ElcomSoft would then e-mail the customer --
including U.S. customers -- a key that would fully activate the
software, enabling the customer to unlock and copy entire
Adobe-formatted e-books. (By the way, if Sklyarov's or ElcomSoft's
goal had been to alert Adobe to potential flaws in its software, the
demo version would have fully accomplished that purpose. Evidently,
that wasn't the goal.)

Nor should Sklyarov's July 16 arrest have come as a surprise to either
ElcomSoft or Sklyarov, unless ElcomSoft was cruelly keeping Sklyarov
in the dark about Adobe's dissatisfaction with ElcomSoft's business
operations. On June 25, Adobe's anti-piracy unit warned ElcomSoft that
its product was illegal and demanded that the product be removed from
its Web site. ElcomSoft refused. On June 25, Adobe also demanded that
ElcomSoft's Internet Service Provider, Verio Inc., terminate
ElcomSoft's service if ElcomSoft did not take down the Adobe
circumvention software. After Verio told ElcomSoft of the demand,
ElcomSoft switched ISPs, managing to keep its site afloat, though
Verio cut off service by June 27. On June 28, Adobe demanded that
Register Now stop serving as ElcomSoft's billing agent, prompting
ElcomSoft to advise Register Now that it had better protect itself by
honoring Adobe's demand. It is unclear whether ElcomSoft planned to
arrange a substitute method of payment.


WHY CHARGE DMITRY, AND NOT THE COMPANY?

In sum, then, the FBI alleges that ElcomSoft had been marketing
software to Americans from an English-language Web site, soliciting
payment in American money through an American billing agent, and then
sending Americans a key that would enable Americans to defeat the
security protections built into an American-made product. So while
some may be outraged that the U.S. government would attempt to impose
its laws upon a Russian company under these circumstances, I am
unmoved.

In fairness, however, the government hasn't charged ElcomSoft with a
crime, it has charged its employee, Sklyarov. Why him? An FBI agent
noticed that when he called up Elcomsoft's circumvention software on a
computer, the software displayed a title page indicating that the
software had been copyrighted in the name of Dmitry Sklyarov. (Yes,
ElcomSoft's officials evidently believe in protections for some
intellectual property -- their own.) That led the agent to conclude
that Sklyarov had created the circumvention software that his employer
was distributing in the United States. Though the Electronic Frontier
Foundation and ElcomSoft's president and owner, Alexander Katalov, are
now both suggesting that maybe Sklyarov played only a bit role in
creating the Advanced eBook Processor, Sklyarov in a post-arrest
interview with a local television new reporter acknowledged having
written it. (A video clip of this interview is still available on the
Electronic Frontier Foundation's Web site.) Similarly, an explanatory
Web page about the case provided by ElcomSoft asserts that Sklyarov
"wrote" the program.

On July 2, the same FBI agent who made the Sklyarov connection visited
the Def Con 9 Web site and saw that Sklyarov was scheduled to appear
at the convention in Las Vegas on July 13-15. When Sklyarov in fact
appeared, he was arrested on a criminal complaint from the Northern
District of California, the district that includes San Jose, where
Adobe Systems is headquartered. If ElcomSoft president Katalov is now
willing to subject himself to U.S. jurisdiction, it would certainly
seem preferable to arrest him and release Sklyarov, but in the
meantime the FBI seems to have an ample basis for exercising
jurisdiction over Sklyarov, and for accusing him of helping to
distribute illegal circumvention software in the United States.
Whether prosecutors can ultimately prove beyond a reasonable doubt
that Sklyarov -- as opposed to ElcomSoft -- "manufactured, imported,
offered to the public, provided, or otherwise trafficked" in that
software is a question that depends on facts and evidence which
neither I nor any other commentator is currently in a position to
evaluate.

But what about the fate of all those blind people who now won't be
able to read e-books because Adobe will have disabled the read-aloud
feature at some publisher's request? Typically, publishers ask Adobe
to disable that feature when they fear it might violate their
contracts relating to an existing audio version of the same book. But
when you think about it, in those circumstances it might actually make
more sense for a blind person to pay $15 to buy the audio book -- a
tape of a professional actor or the author of the work reading the
book aloud -- rather than pay $8 for an e-book and $99 for
circumvention software, in order to hear voice-simulation software
articulating the words in a robotic monotone.


THE EFFECT OF BOYCOTT THREATS

But what will everyone now do when they need to make backup copies?
Well, again, since most e-books cost somewhere between nothing and $8,
it might be more sensible to buy a new copy of the book than the $99
circumvention software required to make a backup. If you save some
proof of purchase, you might even be able to talk Amazon.com or the
publisher into sending you a new e-book for free. It's a brand new
industry, and if it is not yet possible to insure yourself against
loss from a crashed system, the exigencies of the market guarantee
that it soon will be. It would be surprising if the only possible
solution to this minor inconvenience was to legalize the distribution
of circumvention software, thereby guaranteeing the demise of
copyright protection as we know it.

On July 23, after meeting with representatives of the Electronic
Frontier Foundation -- and faced with imminent protests and commercial
boycotts organized by geek activists -- Adobe issued a carefully
worded statement recommending release of Sklyarov and withdrawing its
support for the government's complaint. "We strongly support the DMCA
and the enforcement of the copyright protection of digital content,"
said Colleen Pouliot, Adobe's senior vice president and general
counsel, in the statement. "However, the prosecution of this
individual in this particular case is not conducive to the best
interests of any of the parties involved or the industry. ElcomSoft's
Advanced eBook Processor software is no longer available in the United
States, and from that perspective the DMCA worked."

The government has so far declined to drop the case, however. Given
that the government's interest in enforcing the nation's laws are
always broader than any individual complainant's -- and given the
circumstances under which this particular complainant was mau-maued
into backing away from a case it had initiated -- the government is
probably doing the right thing.

While we can all applaud the Electronic Frontier Society and its
allies for their dogged and vigilant commitment to free speech, every
once in awhile it would be refreshing to see those advocates show a
comparable commitment to candid speech.




----------------------------------------------------------------------
--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. To subscribe, visit
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/
----------------------------------------------------------------------
---

------- End of forwarded message -------