[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: Congressional source replies to RIAA's we-don't-want-to-hack denial




------- Forwarded message follows -------
Date sent:      	Fri, 26 Oct 2001 11:10:50 -0400
To:             	politech@politechbot.com
From:           	Declan McCullagh <declan@well.com>
Subject:        	FC: Congressional source replies to RIAA's we-don't-want-to-hack
 	denial
Send reply to:  	declan@well.com

[This is a letter provided by a congressional source on condition of
anonymity. It's a little hard to parse, but Anonymous' comments have
">>" prepended to them. I invite RIAA to reply. --Declan]

Some background:
http://www.politechbot.com/cgi-bin/politech.cgi?name=riaa

---

Response to Billboard Article on Anti-Terrorism Bill
Billboard's issue of October 27 contained an article, "RIAA Criticized
Over Effort to Change Anti-Terrorism Bill," that is so patently false
that we are driven to respond immediately.

Dear Editor:
It is hard to believe that Billboard would print stories as offensive
and irresponsible as your recent articles attacking RIAA's work on the
anti-terrorism bill. The baseless rumors that we took advantage of
this important piece of legislation to gain rights to hack into
personal computers were debunked before the article was even written;
yet Billboard perpetuates the malicious myths without regard for even
the most basic of journalistic standards.

Let's be clear: RIAA never lobbied Congress to give us the ability to
hack into PCs, plant viruses, destroy MP3 files on people's computers,
or anything resembling such actions. These assertions are not only
completely false, but also incredibly offensive and extremely
irresponsible.

 >> The RIAA does not assert that the language they provided staff
 would 
not have permitted this sort of conduct.
Had your reporter bothered to call even one of the Senate staffers
involved in the legislation, or consulted with even one lawyer who
could explain the meaning of the proposed amendments, he would have
learned that he was unfairly maligning the RIAA and our industry.

 >> What they may have "meant" to do does not explain their "extremely
 
irresponsible" (at best) drafting.
The true story here is that the Senate drafted its anti-terrorism bill
privately. When it was made public on October 5th it was discovered
that one of the provisions would have had an unintended effect on
anti-piracy measures that are lawful under current law. This
inadvertent mistake would have negatively impacted not just copyright
owners, but also ISPs, telecom providers and many other high-tech
businesses, such as the companies of the NetCoalition. As written, the
measure would unintentionally have subjected such businesses to
lawsuits for activities that should be and are currently allowed under
law to protect the integrity of their products and networks.

 >>According to the RIAA, the drafting of the Senate bill was done
"privately" and would have had "unintended effects" on the law.  But
what Hillary Rosen fails to note is that their solution -- offered in
the vacuum of private  negotiations --  would have done what EFF and
other copyright scholars NOT on the RIAA payroll say it would have
done: it wouldve created a license to hack. I suppose the RIAA
position must be that private negotiations involving the RIAA cannot
possibly result in similarly "unintended effects."

When we became aware of this inadvertent consequence in the draft
legislation, we notified the Department of Justice, the Senate, and
other industry groups; the proponents of the bill acknowledged that
the draft legislation created an unintended, negative side effect. We
were asked to propose language to avoid the unintended effects on our
industry. We did so - based on suggestions from the Department of
Justice and Senate staff.

 >> Perhaps the RIAA will tell us who they met with at DOJ about this
amendment? Did they show their proposed language to anyone from the
Executive Branch negotiating the bill? If so, whom?

And none of those drafts - we repeat, none - would have permitted the
use of viruses or anything else that could damage a user's computer or
data in any way. Contrary to the assertions in Billboard, measures
that cause damage to a computer or anyone's data would be actionable.
Nor did the article mention that the language provided no immunity
from criminal investigation or prosecution. Thus a copyright holder
using any technical measures to protect its works could do so only at
risk of criminal liability, a substantial guarantee that any such
actions would be conducted responsibly.

 >> This is simply false! The bill itself defines damage as "any
 impairment 
to the integrity or availability of data, a program, a system or
information" The The RIAA proposed 2 versions of a proposed amendment
and asked that it be added to the end of the civil cause of action
section (section 1030(g)): "No action may be brought under this
subsection arising out of any impairment of the availability of data,
a program, a system or information, resulting from measures taken by
an owner of copyright in a work of authorship, or a person authorized
by such owner to act on its behalf, that are reasonably intended to
impede or prevent the infringement of copyright in such work by wire
or electronic communication; provided that the use of the work that
the owner is intending to impede or prevent is an infringing use." OR
"No action may be brought under this subsection arising out of any
impairment of the availability of data, a program. a system, or
information, resulting from measures taken by an owner of copyright in
a work or authorship, or any person authorized by such owner to act on
it behalf, that are reasonably intended to impede or prevent the
unauthorized transmission of such work by wire or electronic
communication if such transmission would infringe the rights of the
copyright owner." Both proposals would have prohibited any civil cause
of action for actions by a copyright owners for the "impairment of the
availability of data, a program, a system or information" [ which the
LAW and the terrorism bill define as "damage"] for actions they take
that are 'reasonably intended' to impede or prevent infringement of
copyright or an unauthorized copy. Yes, the RIAA could still have been
prosecuted - which one must assume is how they are able to argue that
their conduct resulting in damage would be "actionable". But no civil
actions could have been brought! So victims could not have sued.
Period. This is the sort of verbal parsing and misleading statement
that the heads of the major record labels should instruct their staff
at the RIAA to put a stop to once and for all.

A person unfamiliar with the complex terminology of the Computer Fraud
and Abuse Act might not grasp these points from a quick reading of the
proposed amendments, which is why it is all the more important that
anyone writing on this subject check the facts and consult with
informed sources. But the writer of the article apparently made no
efforts to contact the Senate staff who actually handled this issue or
to consult with anyone knowledgeable about the facts or the law.

 >> No, the folks who are concerned about this mess grasped the
 points. The 
entire focus of the original section of the bill that amended section
1030 was hackers. Previously, the definition of "damage" under the act
required that there be $5,000 in damages or loss to a victim.
Accordingly, absent some narrow exceptions, if a person hacked into a
private network or computer and caused less than $5,000 in damage, he
or she would not have broken the law. The law also provides victims of
section 1030 with the right to bring a civil cause of action - a
lawsuit - against the hacker. But the $5,000 damage threshold also
applied to these victim lawsuits. Hence, the problem that others but
the recording industry (NetCoalition, eBay, AOL, e.g.) was trying to
solve was: if you change to law to make it easier to for the
government to prosecute hackers by dropping the $5,000 threshold then
you are also making it easier for victims of hackers to bring a
private civil lawsuit. The RIAA's proposed solution - above - would
have given them a complete carve out from the civil actions - Not just
acts those resulting in less than $5000 in damage but any amount of
damage so long as they were trying to stop "unauthorized" (note, not
necessarily illegal) copying.

Incredibly, the only person cited in the article is a lawyer for the
Electronic Frontier Foundation in San Francisco, who had nothing to do
with the legislation and knew nothing about what happened. But she was
more than happy to criticize RIAA for actions that the reporter
described to her. And Billboard was delighted to highlight her
unfounded criticisms in large, bold type.

The article also failed to mention that multiple industry groups and
companies likewise saw the need to fix the inadvertent error in the
Senate provision. Ultimately, the Senate staff decided to re-draft
their original amendment to avoid the problems it had caused, thus
obviating the need for an industry-specific solution. As finally
drafted, the new provision is supported by eBay, the NetCoalition,
MPAA, RIAA and SIIA, among others.

 >> Yes there were a myriad of organizations concerned about the
 effects of 
the change on current law, but the RIAA's proposed amendment was not
supported by those groups, was it? Did eBay, the Net Coaltion, SIAA
support their draft. No. Not even AOL -- a member of RIAA -- was happy
withthe original amendment offered by Mr. Glazier. Yes, they all
supported the final version - the version that was worked out AFTER
the RIAA was caught.

The damage done by these irresponsible acts continues to spread. On
October 24, the Billboard Bulletin featured a story that a Member of
Congress "decries RIAA's tactics on legislation." The quotations
attributed to the Congressman make it clear that he had no idea what
had actually transpired - but having read Billboard's article, it's
only natural that he would be critical.

Let's be honest: the not-so-subtle message implicit in Billboard's
articles is that we were trying to "slip" something into the
legislation, an act that would be downright unpatriotic at this time
of national crisis. And that's what makes Billboard's articles so
incredibly insulting - manufacturing a story that makes us look
underhanded and impugns our patriotism at the same time. In fact, we
became involved in the anti-terrorism bill only because an inadvertent
error in its drafting would have negatively impacted legitimate
businesses engaged in legitimate means of protecting their products
and networks; we proposed amendments only because we were specifically
asked to do so by Senate staff; and the proposals we made were in fact
narrow and responsible.

It's time for Billboard to start honoring some editorial standards.
It's not responsible to write articles without researching any facts,
consulting with any informed sources, or checking with the staffers
actually involved. It's time to start printing stories that are
factually accurate, not malicious gossip masquerading as news.

Billboard owes their readers, and the RIAA, an apology.




----------------------------------------------------------------------
--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. Declan McCullagh's photographs are at
http://www.mccullagh.org/ To subscribe to Politech:
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/
----------------------------------------------------------------------
---

------- End of forwarded message -------

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de