The Little Hacker's Room

There are many good reasons to promote a free software project, but perhaps the biggest is to attract more users and contributors; it's difficult to do anything with an application that you don't know about. But many projects fail to effectively get the word out about their work, which means that it's less likely a community will spring up around it. At both a href=http://www.socallinuxexpo.org/scale8x/SCALE 8x/a and a href=http://guadec.org/index.php/guadec/indexGUADEC 2010/a, I have had the opportunity to talk about ways that projects can improve their promotional activities and present an organized, interesting look to the rest of the free software world. Hopefully, a summary of the ideas presented will be helpful to the wider community.

It has been more than four years since LWN first a href=http://lwn.net/Articles/181508/reported on the AppArmor security module/a and the opposition to its addition to the mainline. Over that time, there has been much discussion of pathname-based security, the value of having multiple security modules, and more; meanwhile, AppArmor has mostly faded from view. Canonical developer John Johansen has picked up this module, though, and has been working toward its inclusion. The latest what's coming post from security maintainer James Morris (click below) now shows that AppArmor has been queued for the next merge window (the YAMA security module from Canonical is also queued). Unless some last-minute opposition turns up, this should be the end of a long-running story.

The GNOME and KDE projects have a href=http://www.kdenews.org/2010/07/30/desktop-summit-2011-announcedannounced/a that they will be holding a joint desktop summit in Berlin in August, 2011. spanThe 2011 Desktop Summit will build on the first Summit's success. More than 1,000 contributors from more than 50 countries are expected to attend the 2011 event in Berlin. In addition to members of the GNOME and KDE development community, the conference will also attract many participants in the overall FLOSS community from local projects, organizations, and companies./span

bDebian/b has updated a href=http://lwn.net/Articles/398167/openldap/a (denial of service). p bFedora/b has updated bkvirc/b (a href=http://lwn.net/Articles/398168/F13/a, a href=http://lwn.net/Articles/398169/F12/a: remote command execution) and a href=http://lwn.net/Articles/398170/F12: pidgin/a (denial of service). p bRed Hat/b has updated a href=http://lwn.net/Articles/398166/java/a (multiple vulnerabilities) and bfreetype/b (a href=http://lwn.net/Articles/398176/RHEL 3/a, a href=http://lwn.net/Articles/398177/RHEL 4amp;5/a: multiple vulnerabilities). p bSUSE/b has updated a href=http://lwn.net/Articles/398172/firefox, thunderbird, seamonkey/a (multiple vulnerabilities).

Jono Bacon a href=http://www.jonobacon.org/2010/07/30/red-hat-canonical-and-gnome-contributions/responds to the GNOME census/a and the criticisms of Canonical which have followed. spanWhat the report doesn’t take into account are upstream contributions that are built on the GNOME platform but (a) not part of official GNOME modules, and (b) hosted and developed elsewhere, such as Launchpad. As such, while the report is accurate for showing code and contributions accepted into GNOME, there are also many projects built on GNOME technology that are not taken into account due to non-inclusion in GNOME modules or being developed outside of GNOME infrastructure./span

p meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" title/title While the parties have not formally disclosed it, the immediate ACTA schedule now appears to include discussions between the U.S. and the EU next month in Washington followed by a full round of talks (Round Ten) in Japan in September.nbsp; Some have criticized the exclusion of the remaining ACTA countries in the August discussions, but as I posted earlier, the ACTA text has really come down to a a href="http://www.michaelgeist.ca/content/view/5199/125/" mce_href="content/view/5199/125/"U.S. vs. EU document/a with the remaining countries picking a side.nbsp; The sticking point in Washington will undoubtedly be scope of the treaty, with the EU pushing for inclusion of geographical indications and the U.S. making it clear they are willing to cave on almost anything that does not involve changes to domestic law.nbsp; Geographical indications would require change, however, which is what led to my a href="http://www.michaelgeist.ca/content/view/5224/125/" mce_href="content/view/5224/125/"post/a speculating about the possibility of an ACTA without Europe.nbsp; /ppLast week I posted a a href="http://www.michaelgeist.ca/content/view/5222/125/" mce_href="content/view/5222/125/"scorecard/a on the major areas of disagreement. This final chart highlights the key changes from the April meeting in New Zealand to the June meeting in Lucerne, with many changes the result of a shift in U.S. position. br //p br /pbr / /ptable style="text-align: left; width: 100%;" border="1" cellpadding="2" cellspacing="2" tbody tr td style="vertical-align: top; font-weight: bold;"Articlebr / /td td style="vertical-align: top; font-weight: bold;"April 2010 Draftbr / /td td style="vertical-align: top; font-weight: bold;"July 2010 Draftbr / /td /tr tr td style="vertical-align: top;"Article 1.4: Privacy and disclosure of informationbr / /td td style="vertical-align: top;"There was a placeholder stating an article needed to be drafted.br / /td td style="vertical-align: top;"There is now text of the article.br / /td /tr tr td style="vertical-align: top;"Article 1.X: (General Principles)br / /td td style="vertical-align: top;"No such article.br / /td td style="vertical-align: top;"Aus/NZ/Sing/Can are proposing a generic set of principles for enforcement of IP, including social/economic welfare, transfer of technology etc.br / /td /tr tr td style="vertical-align: top;"Article 2.X.1: General Obligations with respect to enforcementbr / /td td style="vertical-align: top;"No such paragraph.br / /td td style="vertical-align: top;"General statement regarding effective and expeditious action, and may not create barrier to trade.nbsp; The text is copied from article 41.1 of TRIPS.br / /td /tr tr td style="vertical-align: top;"Article 2.X.4: General obligations with respect to enforcementbr / /td td style="vertical-align: top;"Place holder for government exceptions/liability.br / /td td style="vertical-align: top;"US has proposed text allowing for exemptions for governments based on fair compensation.br / /td /tr tr td style="vertical-align: top;"Article 2.X.6: General obligations (rights of the defendant and third parties)br / /td td style="vertical-align: top;"Obligation to ensure the protection of the rights of the defendant and third parties appeared only under the criminal enforcement section.br / /td td style="vertical-align: top;"This obligation has been moved to general obligationsbr / /td /tr tr td style="vertical-align: top;"Article 2.2.1: Damagesbr / /td td style="vertical-align: top;"A more rigid calculation of damages as: compensatory to injury caused to right holder OR accounting of profits.br / /td td style="vertical-align: top;"More flexible approach to how damages are calculated based on taking into account a number of factors.br / /td /tr tr td style="vertical-align: top;"Article 2.2.3: Damages (April 2010 draft)br / /td td style="vertical-align: top;"Even unknowing infringers could be liable for accounting of profits or damages, and these could be statutory amounts. (Based on the January 2010 leak this was an EU proposal)br / /td td style="vertical-align: top;"Removed.br / /td /tr tr td style="vertical-align: top;"Article 2.2.5: Damages (legal fees)br / /td td style="vertical-align: top;"There were a 2 options proposed (which was a streamlining from the Jan 2010 leak).br / /td td style="vertical-align: top;"A single clear statement that attorney and court fees can be ordered payable.br / /td /tr tr td style="vertical-align: top;"Article 2.6: Application by rights holderbr / /td td style="vertical-align: top;"Formerly 2 options for the scope of border measures on application by rights holder.br / /td td style="vertical-align: top;"One of the few areas where another option has been put on the table.nbsp; The US/J/NZ/Can/Sing/Aus/CH/Mex have proposed a 3rd option (option #2 in the July draft) which clearly makes in-transit measures optional.nbsp; br / /td /tr tr td style="vertical-align: top;"Article 2.14.1: Criminal Enforcementbr / /td td style="vertical-align: top;"Broader definition of what constitutes a “commercial scale”.br / /td td style="vertical-align: top;"Specific wording suggested that would exclude (EU) or allow to benbsp; excluded (US) end users from being involved in “commercial scale” operations.br / /td /tr tr td style="vertical-align: top;"Article 2.18.3, 3bis amp; 3ter: Enforcement Procedures in the Digital Environment (ISP safe harbour provisions)br / /td td style="vertical-align: top;"br / /td td style="vertical-align: top;"A lot of progress was made, with ISPs qualifying for safe harbour more easily.br / /td /tr tr td style="vertical-align: top;"2.18.3(a): Obligations of ISP non-liabilitybr / /td td style="vertical-align: top;"ISP non-liability seemed optional for certain routine actions or those outside their control.br / /td td style="vertical-align: top;"Everyone (except CH) now agrees that ISPs will not be liable at least for some routine actions or those outside their control (the details of which are mostly similar from the April to July draft).br / /td /tr tr td style="vertical-align: top;"2.18.3(b) Conditions for ISP non-liability in cases of temporary storage br / /td td style="vertical-align: top;"The wording describing this temporary storage scenario was more vague in the April draft, was presented in several options and had more conditions associated with it.br / /td td style="vertical-align: top;"Temporary storage is only conditioned on the ISP removing the material after notice that the offending material has been removed from the originating site.br / /td /tr tr td style="vertical-align: top;"2.18.3(c) Conditions for ISP non-liability in cases of linking users to offending materialbr / /td td style="vertical-align: top;"As in the case of temporary storage above, in the April draft these conditions were presented in several options and had more conditions associated with it.br / /td td style="vertical-align: top;"When linking an ISP will not be liable so long as they fulfill conditions:br / 1) ISP must not get direct financial gainbr / 2) ISP must remove access to material once they get notice of alleging infringing material and there is no refutation from subscriber who posted the material br / 3) ISP must not have actual knowledge of the infringementbr / br / /td /tr tr td style="vertical-align: top;"Article 2.18.4: Enforcement Procedures in the Digital Environment (Anti-circumvention provisions)br / /td td style="vertical-align: top;"Unauthorized circumvention was prohibitedbr / /td td style="vertical-align: top;"Substantially less circumvention is prohibited in the July draft:br / -Only unauthorized circumvention which is carried out knowingly (or with reasonable grounds to know) is prohibitedbr / - “unauthorized circumvention of copy control” (per footnote 56)nbsp; need not be prohibitedbr / br / /td /tr tr td style="vertical-align: top;"Article 2.18.X: Exceptionsbr / /td td style="vertical-align: top;"Formerly 2 options regarding exceptions, the second of which was broader and did not contain a limitation precluding impairing legal adequacy.br / /td td style="vertical-align: top;"ACTA parties have largely agreed on this wording to allow for exceptions which don't impair adequacy/effectiveness of protection.br / /td /tr /tbody /table br / br / br /img src="http://feeds.feedburner.com/~r/MichaelGeistsBlog/~4/gE85-uxn8dM" height="1" width="1"/

Reddit has posted a href=http://blog.reddit.com/2010/07/rms-ama.htmlan extensive interview with Richard Stallman/a. spanThe main shortcoming of Linux is at the level of device support. The obstacle there isn't a lack of ability among Linux developers, but rather the use of devices whose specs are secret. Finishing the HURD would not advance us at all in supporting these devices. The work that is needed is at the driver and firmware level. That's why our high priority task list includes items relating to free drivers, but not the HURD./span

The PTO has just a href=http://www.uspto.gov/news/pr/2010/10_35.jspissued/a new guidance for their examiners on i Bilski/i, a href=http:// inventivestep.files.wordpress.com/2010/07/ 75fr43922.pdfInterim Guidance for Determining Subject Matter Eligibility for Process Claims in View of Bilski v. Kappos/a [PDF] -- on how to follow what they think iBilski/i held as to what is and isn't patentable subject matter under 35 U.S.C. § 101. P A claim to an abstract idea is not a patent-eligible process, iBilski/i holds, they point out, but exactly where is the line? How do you know an abstract idea when you see it? So the USPTO is asking for public comment on what they came up with for their understanding. They want to hear from the public by September 27, and they provide some specific questions and a list of factors examiners are to consider when evaluating an application. P You know pro-patent companies' lawyers in droves will be telling them that their clients should be able to patent God's method and process for creating the heavens and the earth, so you may wish to comment yourself and let them know politely where you think the line should be drawn on the abstract idea exception to subject matter eligibility as set forth in iBilski/i, if this is a topic you care about. Otherwise, I can see it now, their report: We got 3,201 comments saying X and only 3 saying Y, so X carries the day.

When Dave Neary announced his GNOME Census report, he stated that the full report would only be available to paid customers until October, when it would be released under the CC Attribution-Sharealike license. Things have changed, though, and a href=http://www.neary-consulting.com/index.php/2010/07/29/gnome-census-report-now-available-as-free-download/the full report is now available to all/a. spanWhy the change of heart? My intention was never to make a fortune with the report, my main priority was covering my costs and time spent. And after 24 hours, I've achieved that. I have had several press requests for the full report, and requests from clients to be allowed to use the report both with press and with their clients./span The report may be downloaded via a href=http://www.neary-consulting.com/index.php/services/gnome-census/this page/a.

I dashed off a piece for CNET today on the Copyright Office’s cell phone “jailbreaking” rulemaking earlier this week.  Though there has already been extensive coverage (including solid pieces in The Washington Post, a New York Times editorial, CNET, and Techdirt), there were a few interesting aspects to the decision I thought were worth highlighting.

Most notably, I was interested that no one had discussed the possibility and process by which Apple or other service providers could appeal the rulemaking.  Ordinarily, parties who object to rules enrolled by administrative agencies can file suit in federal district court under the Administrative Procedures Act.  Such suits are difficult to win, as courts give deference to administrative determinations and review them only for errors of law.  But a win for the agency is by no means guaranteed.

The Appeals Process

What I found in interviewing several leading high tech law scholars and practitioners is that no one was really clear how or even if that process applied to the Copyright Office.  In the twelve years that the Register of Copyrights has been reviewing requests for exemptions, there are no reported cases of efforts to challenge those rules and have them overturned.

With the help of Fred von Lohmann, I was able to obtain copies of briefs in a 2006 lawsuit filed by TracFone Wireless that challenged an exemption (modified and extended in Monday’s rulemaking) allowing cell phone users to unlock their phones from an authorized network in hopes of moving to a different network.  TracFone sued the Register in a Florida federal district court, claiming that both the process and substance of the exemption violated the APA and TracFone’s due process rights under the Fifth Amendment.

But the Justice Department, in defending the Copyright Office, made some interesting arguments.  They claimed, for example, that until TracFone suffered a particular injury as a result of the rulemaking, the company had no standing to sue.  Moreover, the government argued that the Copyright Office is not subject to the APA at all, since it is an organ of Congress and not a regulatory agency.  The briefs hinted at the prospect that rulemakings from the Copyright Office are not subject to judicial review of any kind, even one subject to the highly limited standard of “arbitrary and capricious.”

There was, however, no published opinion in the TracFone case, and EFF’s Jennifer Granick told me yesterday she believes the company simply abandoned the suit.  No opinion means the judge never ruled on any of these arguments, and so there is still no precedent for how a challenge to a DMCA rulemaking would proceed and under what legal standards and jurisdictional requirements.

Should Apple decide to pursue an appeal (an Apple spokesperson “declined to comment” on whether the company was considering such an action, and read me the brief statement the company has given to all journalists this week), it would be plowing virgin fields in federal jurisdiction.  That, as we know, can often lead to surprising results—including, just as an example, a challenge to the Copyright Office’s institutional ability to perform rulemakings of any kind.

The Copyright Office Moves the Fair Use Needle…a Little

A few thoughts on the substance of the rulemaking, especially as it shines light on growing problems in applying copyright law in the digital age.

Since the passage of the 1998 revisions to the Copyright Act known as the Digital Millennium Copyright Act, the Register of Copyrights is required every three years to review requests to create specific classes of exemptions to some of the key provisions of the law, notably the parts that prohibit circumvention of security technologies such as DRM or other forms of copy protection.

The authors of the DMCA with some foresight recognized that the anti-circumvention provisions rode on the delicate and sharp edge where static law meets rapidly-evolving technology and new business innovation.  Congress wanted to make sure there was a process that ensured the anti-circumvention provisions did not lead to unintended consequences that hindered rather than encouraged technological innovation.  So the Copyright Office reviews requests for exemptions with that goal in mind.

In the rulemaking completed on Monday, of course, one important exemption approved by the Register was one proposed by the Electronic Frontier Foundation, which asked for an exemption for “jailbreaking” cell phones, especially iPhones.

Jailbreaking allows the customer to override security features of the iPhone’s firmware that limits which third party applications can be added to the phone.  Apple strictly controls which third party apps can be downloaded to the phone through the App Store, and has used that control to ban apps with, for example, political or sexual content.  Of course the review process also ensures that the apps work are technically compatible with the phone’s other software, don’t unduly harm performance, and aren’t duplicative of other apps already approved.

Jailbreaking the phone allows the customer to add whatever apps they want, including those rejected by or simply never submitted to Apple in the first place, for whatever reason.

In approving the exemption, the Copyright Office noted that jailbreaking probably does involve copyright infringement.  The firmware must be altered as part of the process, and that alteration violates Apple’s legal monopoly on derivative or adapted works.  But the Register found that such alteration was de minimis and approved the exemption based on the concept of “fair use.”

Fair use, codified in Section 107 of the Copyright Act, holds that certain uses of a copyrighted work that would otherwise be reserved to the rights holder are not considered infringement.  These include uses that have positive social benefits but which the rights holder as a monopolist might be averse to permitting under any terms, such as quotations in a potentially-negative review.

EFF had argued initially that jailbreaking was not infringement at all, but the Register rejected that argument.  Fair use is a much weaker rationale, as it begins by acknowledging a violation, though one excused by law.  The law of fair use, as I note in the piece, has also been in considerable disarray since the 1980’s, when courts began to focus almost exclusively on whether the use (technically, fair use is an affirmative defense to a claim of infringement) harmed the potential commercial prospects for the work.

Courts are notoriously bad at evaluating product markets, let alone future markets.  So copyright holders now simply argue that future markets, thanks to changing technology, could include anything, and that therefore any use has the potential to harm the commercial prospects of their work.  So even noncommercial uses by people who have no intention of “competing” with the market for the work are found to have infringed, fair use notwithstanding.

But in granting the jailbreaking exemption, the Copyright Office made the interesting and important distinction between the market for the work and the market for the product or service in which the work is embedded.

Jailbreaking, of course, has the potential to seriously undermine the business strategy Apple has carefully designed for the iPhone and, indeed, for all of its products, which is to tightly control the ecosystem of uses for that product.

This ensures product quality, on the one hand, but it also means Apple is there to extract fees and tolls from pretty much any third party they want to, on technical and economic terms they can dictate.  Despite its hip reputation, Apple’s technical environment is more “closed” than Microsoft’s.  (The open source world of Linux being on the other end of the spectrum.)

In granting the exemption, the Copyright Office rejected Apple’s claim that jailbreaking harmed the market for the iPhone.  The fair use analysis, the Register said, focuses on the market for the protected work, which in this case is the iPhone’s firmware.  Since the modifications needed to jailbreak the firmware don’t harm the market for the firmware itself, the infringing use is fair and legally excused.   It doesn’t matter, in other words, that jailbreaking has a potentially big commercial impact on the iPhone service.

That distinction is the notable feature of this decision in terms of copyright law.  Courts, and now the Copyright Office, are well aware that technology companies try to leverage the monopoly rights granted by copyright to create legal monopolies on uses of their products or services.  In essence, they build technical controls into the copyrighted work that limits who and how the product or service can be used, than claim their intentional incompatibilities are protected by law.

A line of cases involving video game consoles, printer cartridges and software applications generally has been understandably skeptical of efforts to use copyright in this manner, which quickly begins to smell of antitrust.  Copyright is a monopoly—that is, a trust.  So it’s not surprising that its application can leak into concerns over antitrust.  The law strives to balance the need for the undesirable monopoly (incentives for authors) with the risks to related markets (restraint of trade).

As Anthony Falzone put it in a blog post at the Stanford Center for Internet and Society, “The Library went on to conclude there is no basis for Apple to use copyright law to ‘protect[] its restrictive business model’ and the concerns Apple articulated about the integrity of the iPhone’s ‘ecosystem’ are simply not harms that would tilt the fair use analysis Apple’s way.”

The exemption granted this week follows the theory that protecting the work itself is what matters, not the controlled market that ownership of the work allows the rights holder to create.

The bottom line here:  messing with the firmware is a fair use because it doesn’t damage the market for the firmware, regardless of (or perhaps especially because of) its impact on the market for the iPhone service as Apple has designed it.  That decision is largely consistent with case law evaluating other forms of technical lockout devices.

The net result is that it becomes harder for companies to use copyright as a legal mechanism to fend off third parties who offer replacement parts, add-ons, or other features that require jailbreaking to ensure compatibility.

Which is not to say that Apple or anyone else trying to control the environment around copyright-protected software is out of luck.  As I note in the CNET piece, the DMCA is just one, and perhaps the weakest arrow in Apple’s quiver here.  Just because jailbreaking has now been deemed a fair use does not mean Apple is forced to accommodate any third party app.  Not by a long shot.

Jailbreaking the iPhone remains a breach of the user agreement for both the device and the service.  It still voids the warranty and still exposes the customer to action, including cancelling the service or early termination penalties, that Apple can legally take to enforce the agreement.  Apple can also still take technical measures, such as refusing to update or upgrade jailbroken phones, to keep out unapproved apps.

Contrary to what many comments have said in some of the articles noted above, the DMCA exemption does not constitute a “get out of jail free” card for users.

It’s true that Apple can no longer rely on the DMCA (and the possibility of criminal enforcement by the government) to protect the closed environment of the iPhone.  But consumers can still waive legal rights—including the right to fair use—in agreeing to a contract, license agreement, or service agreement.  (In some sense that’s what a contract is, after all—agreement by two parties to waive various rights in the interest of a mutual bargain.)

Ownership Rights to Software Remain a Mystery

A third interesting aspect to the Copyright Office’s rulemaking has to do with the highly-confused question of software ownership. For largely technical reasons, software has moved from intangible programs that must of necessity be copied to physical media (tapes, disks, cartridges) in order to be distributed to intangible programs distributed electronically (software as a service, cloud computing, etc.).  That technical evolution has made the tricky problem of ownership has gotten even trickier.

Under copyright law, the owner of a “copy” of a work has certain rights, including the right to resell their copy.  The so-called “first sale doctrine” makes legal the secondary market for copies, including used book and record stores, and much of what gets interesting on Antiques Roadshow.

But the right to resell a copy of the work does not affect the rights holders’ ability to limit the creation of new copies, or of derivative or adapted works based on the original.  For example, I own several pages of original artwork used in 1960’s comic books drawn by Jack Kirby, Steve Ditko, and Gene Colan.

While Marvel still owns the copyright to the pages, I own the artifacts—the pages themselves.  I can resell the pages or otherwise display the artifact, but I have no right until copyright expires to use the art to produce and sell copies or adaptations, any more than the owner of a licensed Mickey Mouse t-shirt can make Mickey Mouse cartoons.

(Mike Masnick the other day had an interesting post about a man who claims to have found unpublished lost negatives made by famed photographer Ansel Adams.  Assuming the negatives are authentic and there’s no evidence they were stolen at some point, the owner has the right to sell the negatives.  But copyright may still prohibit him from using the negatives to make or sell prints of any kind.)

Software manufacturers and distributors are increasingly trying to make the case that their customers no longer receive copies of software but rather licenses to use software owned by the companies.  A license is a limited right to make use of someone else’s property, such as a seat in a movie theater or permission to drive a car.

As software is increasingly disconnected from embodiment in physical media, the legal argument for license versus sale gets stronger, and it may be over time that this debate will be settled in favor of the license model, which comes with different and more limited rights for the licensee than the sale of a copy.  (There is no “first sale” doctrine for licenses.  They can be canceled under terms agreed to in advance by the parties.)

For now, however, debate rages as to whether and under what conditions the use of software constitutes the sale of a copy versus a license to use.  That issue was raised in this week’s rulemaking several times, notably in a second exemption dealing with unlocking phones from a particular network.

Under Section 117 of the Copyright Act, the “owner of a copy” of a computer program has certain special rights, including the right to make a copy of the software (e.g. for backup purposes, or to move it from inert media to RAM) or modify it when doing so is “essential” to make use of the copy.

Unlocking a phone to move it to another network, particularly a used phone being recycled, necessarily requires at least minor modification, and the question becomes whether the recycler or anyone lawfully in possession of a cell phone “owns a copy” of the firmware.

Though this issue gave the Copyright Office great pause and lots of pages of analysis, ultimately they sensibly hedged on the question of copy versus license.  The Register did note, however, that Apple’s license agreement was “not a model of clarity.”

In the interests of time, let me just say here that this is an issue that will continue to plague the software industry for some time to come.  It is a great example of how innovation continues to outpace law, with unhappy and unintended consequences.  For more on that subject, see Law Seven (copyright) and Law Nine (software) of “The Laws of Disruption.”

The Digital Millenium Copyright Act makes it a crime to circumvent digital rights management technologies but allows the Librarian of Congress to exempt certain classes of works from this prohibition.

The Copyright Office just released a new rulemaking on this issue in which it allows people to “unlock” their cell phones so they can be used on other networks and “jailbreak” closed mobile phone operating systems like the iOS operating system on Apple’s iPhones so that they will run unapproved third-party software.

This is arguably good news for consumers: Those willing to void their warranties so they can teach their phone some new tricks no longer have to fear having their phone confiscated, being sued, or being imprisoned. (The civil and criminal penalties are described in 17 USC 1203 and 17 USC 1204.) Although the new exemption does not protect those who distribute unlocking and/or jailbreaking software (which would be classified under 17 USC 1201(b), and thus outside the exemption of 17 USC 1201(a)), the cases discussed below could mean that jailbreaking phones simply falls outside of the scope of all of the DMCA’s anti-circumvention provisions.

Apple opposed this idea when it was initially proposed by the Electronic Frontier Foundation, arguing that legalizing jailbreaking constituted a forced restructuring of its business model that would result in “significant functional problems” for consumers that could include “security holes and malware, as well as possible physical damage.” But who beyond a small number of geeks brave enough to give up their warranties and risk bricking their devices, is really going to attempt jailbreaking? One survey found that only 10% of iPhone users have jailbroken their phones, and the majority are in China, where the iPhone was not available legally until recently. Is it really likely that giving the tinkering minority the legal right to void their product warranties would cause any harm to the non-tinkering majority that will likely choose to instead remain within a manufacturer’s “walled garden“? I don’t think so. If, as a result of this ruling, large numbers of consumers jailbreak their phones and install pirated software, the Copyright Office can easily reconsider the exemption in its next Triennial Rulemaking.

While the ruling is heartening, it is not surprising. In Chamberlain Group, Inc. v. Skylink Techs., Inc.,  the United States Court of Appeals for the Federal Circuit held that trafficking in a circumvention device violates Section 1201(a)(2) only if the circumvention enables access that “infringes or facilitates infringing a right protected by the Copyright Act.” The Chamberlain case involved unlicensed third-party garage door opener remotes. The Sixth Circuit came to a similar decision in Lexmark International, Inc. v. Static Control Components, Inc., a case involving a software “handshake” between Lexmark printers and Lexmark-branded toner cartridges meant to keep third-party replacement toner cartridges off the market. The Copyright Office’s ruling is just another example of policymakers recognizing that Copyright law exists only to protect copyrighted works, not business models based on excluding access.

But self-help is a two-way street: Companies are, and should be, free to continue using their own “self-help” technical protection measures to prevent (or merely discourage) customers from reverse-engineering their products. This highlights what Larry Lessig describes as the distinction between East Coast Code (laws) and West Coast Code (software). It makes perfect sense for companies to avail themselves of all possible methods (software *and* laws) to protect their revenue streams, but lawbreakers, by definition, don’t respect laws. Although most technical protection measures have been woefully inadequate to date (see, e.g., 1, 2, 3, 4, 5, to name a few), cryptographically-secure code is much more likely to be effective in the long-term than laws.

While this decision probably doesn’t matter much for the average, non-tinkering consumer, tinkerers will be comforted by the fact that their hobby is no longer a crime, and without the threat of criminal sanctions, there should be more publicization of what the new mobile phones are really capable of. That, in turn, should put additional pressure on phone manufacturers to take off the training wheels and be a bit more open about what apps they allow on their devices.

While Apple is correct in pointing out that some users with jailbroken phones still call Apple’s technical support lines, it is quite impossible to accidentally jailbreak your phone and all of the websites with instructions on how to do so have extensive disclaimers warning about the possible consequences. At some point, consumers should be responsible for their own actions. The Librarian of Congress is willing to give them that responsibility. And whether they want to or not, phone manufacturers will to.

bCentOS/b has updated blvm2-cluster/b (a href=http://lwn.net/Articles/397933/C5/a: local privilege escalation). p bMandriva/b has updated a href=http://lwn.net/Articles/397928/openldap/a (denial of service, possible code execution). p bopenSUSE/b has updated a href=http://lwn.net/Articles/397931/firefox/a (update to 3.6.8).

Two privacy bills are already up for consideration. And at yesterday’s Senate Commerce hearing on Consumer Online Privacy, we heard Senator Kerry announce that he will be working on new legislation to regulate online privacy.  While we wait to see what Kerry will offer, NetChoice has concerns over the bills we do know about:  Rep. Rush’s “Best Practices Act” and the Boucher/Stearns Discussion Draft. Our side-by-side comparison identifies four concerns:

• Both proposals would regulate small websites that don’t even collect PII. Boucher-Stearns would regulate a tiny online startup that is adding just 100 users a week, even where its users provide only a made-up user name and password. As defined, “covered information” would overly restrict the flow of useful information and harm the development of ad-supported content and services.
• Safe harbor? Hardly! A company could be torpedoed with lawsuits from enterprising trial lawyers just for sending marketing emails that were later found to be outside of the safe harbor, up to $1,000 per violation and uncapped punitive damages.
• Marketing and advertising have legitimate operational purposes. Additional consent should not be required when a business uses covered information to do follow-up marketing to customers with whom it has already established a business relationship. Congress has recognized this consumer expectation in past legislation, which is why it built important exceptions in the CAN-SPAM Act for “relationship messages” to contact customers in an existing business relationship.
• The FTC should enforce laws against unfair or deceptive practices, not micromanage self-regulatory efforts. As the overseer of the safe harbor program, the FTC will have broad powers to dictate the details of self-regulatory programs, effectively transforming the FTC into the port authority of the Internet.

We’re also worried about the Rush bill mandate requiring access to information. It broadly applies to covered or sensitive information about individuals “that may be used for purposes that could result in an adverse decision about an individual….”

More analysis to come.

This week on the podcast, Perry Chen, co-founder and CEO of Kickstarter, an online platform for funding creative projects, discusses the enterprise.  Chen talks about the inspiration behind Kickstarter and its business model, how project creators convince backers (not investors) to fund them, funding success rates, and the most interesting projects funded so far.

Related Readings

• How to Use Kickstarter to Launch a Business, at Inc.com
• The Kickstarter Effect: Fundraising as Game Theory, at documentary.org
• At Play: Kickstarter is a Web site for the starving artist, at the Washington Post
• The Kickstarter Blog

Do check out the interview, and consider subscribing to the show on iTunes. Past guests have included Clay Shirky on cognitive surplus, Nick Carr on what the internet is doing to our brains, Gina Trapani and Anil Dash on crowdsourcing, James Grimmelman on online harassment and the Google Books case, Michael Geist on ACTA, Tom Hazlett on spectrum reform, and Tyler Cowen on just about everything.

So what are you waiting for? Subscribe!

Here's a href=http://www.itnews.com.au/News/221051%2coracle-shuts-down-open-source-test-servers.aspxa report on iTnews/a saying that Oracle has abruptly shut down a set of servers used to perform quality assurance on PostgreSQL releases. spanSun Microsystems - and for a short time its new owner Oracle - had provided three member servers to ensure PostgreSQL was stable on the Solaris operating system. The development of PostgreSQL had been supported by Sun - which contributed DTrace support, amongst other features to the database platform. At the start of July, Oracle shut down its three PostgreSQL build farm servers without warning, leaving the PostgreSQL community rushing to find replacements./span

The first of a regular series of Rakudo Star releases has been a href=http://rakudo.org/node/75announced/a. spanRakudo Star is aimed at 'early adopters' of Perl 6. We know that it still has some bugs, it is far slower than it ought to be, and there are some advanced pieces of the Perl 6 language specification that aren't implemented yet. But Rakudo Perl 6 in its current form is also proving to be viable (and fun) for developing applications and exploring a great new language. These 'Star' releases are intended to make Perl 6 more widely available to programmers, grow the Perl 6 codebase, and gain additional end-user feedback about the Perl 6 language and Rakudo's implementation of it./span It's built on the Rakudo Perlnbsp;6 compiler, the Parrot virtual machine, and an initial set of library modules.

meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" title/title In just over one year, Canada is scheduled to complete the digital television transition, as stations switch from analog to digital broadcasts. While cable and satellite subscribers will not notice the change, over one million Canadians that rely on over-the-air signals will be affected.nbsp; Despite the experience in other countries that left many consumers without digital converter boxes staring at blank screens, my weekly technology law column (a href="http://www.thestar.com/news/sciencetech/technology/lawbytes/article/838950--geist-digital-tv-transition-could-lead-to-new-divide#article" mce_href="http://www.thestar.com/news/sciencetech/technology/lawbytes/article/838950--geist-digital-tv-transition-could-lead-to-new-divide#article"Toronto Star version/a, a href="http://www.michaelgeist.ca/content/view/5234/159/" mce_href="content/view/5234/159/"homepage version/a) argues the Canadian government seems content to leave the switch to the private sector, implausibly a href="http://www.marketwire.com/press-release/Statement-Honourable-James-Moore-Minister-Canadian-Heritage-Official-Languages-on-Transition-1291649.htmRT" mce_href="http://www.marketwire.com/press-release/Statement-Honourable-James-Moore-Minister-Canadian-Heritage-Official-Languages-on-Transition-1291649.htmRT"claiming/a "industry-led solutions will ensure a smooth transition for consumers."br / br /br /The basic notion of the transition is fairly straightforward.nbsp; For decades, Canadian broadcasters have used spectrum to transmit over-the-air analog broadcast signals.nbsp; Before the widespread use of cable and satellite, many Canadians used antennae - "rabbit ears"- to access those broadcast signals. nbsp;br / br / On August 31, 2011, Canadian broadcasters will switch from analog to digital broadcasts. The shift to digital brings several advantages including better image and sound quality as well as more efficient use of spectrum that will open the door to new telecom services.nbsp; It also requires those relying on over-the-air signals to have a television with a digital tuner or obtain a digital converter box to convert the digital signal back to analog.br / br / Contrary to popular belief, many Canadians still rely on over-the-air signals.nbsp; In its a href="http://www.crtc.gc.ca/eng/com100/2010/r100716.htm" mce_href="http://www.crtc.gc.ca/eng/com100/2010/r100716.htm"latest update/a on the transition, the Canadian Radio-television and Telecommunications Commission estimated that up to 857,000 households in larger markets do not subscribe to either cable or satellite.nbsp; On top of those households, tens of thousands of rural households also depend upon over-the-air signals.br / br / The CRTC has opened the door to a satellite alternative for rural communities, but households that rely on over-the-air signals in larger markets will need a digital converter box in order to continue to watch programs on their existing televisions. In the United States, the government subsidized the cost of the transition, establishing a coupon program that ultimately cost over $1 billion and forced a six-month delay of the transition when politicians feared that too many consumers were not ready.br / br / Unlike the U.S., there will not be a Canadian subsidy program.nbsp; While the additional costs could affect lower income Canadians, who are also more likely to rely on the over-the-air signals rather than cable or satellite services, Canadian Heritage Minister James Moore has firmly rejected a similar approach. br / br / A successful transition also depends upon educating Canadians about the changes. For example, the United Kingdom has established Digital UK, an independent, not-for-profit organization to the lead its process.nbsp; The organization is funded by the country’s private broadcasters and was established at the request of the government.nbsp; It maintains a comprehensive website and has launched a nationwide advertising campaign. br / br / By contrast, other than the occasional CRTC release - Chair Konrad von Finckenstein has been sounding the alarm bells on the digital transition for months - the issue has attracted virtually no public attention in Canada. Moore has told Canada’s broadcasters that Canadians had "fair notice" about the transition and that the broadcasters should be prepared to complete the switch on schedule, emphasizing the transition "must remain on track."br / br / But most Canadian broadcasters see little value in investing in a public education campaign without government support, particularly since they are already spending millions on digital transmitters. In fact, the mandatory deadlines for the transition were only established after it became apparent the broadcasters would not make the switch voluntarily.br / br / The CRTC has tried to push the issue onto the public agenda, but has thus far faced government opposition and broadcaster indifference. As a result, when Canada’s broadcasters flip the switch next summer, hundreds of thousands of Canadians may find themselves on the wrong side of a new digital divide.img src="http://feeds.feedburner.com/~r/MichaelGeistsBlog/~4/LZL948-ycc8" height="1" width="1"/

Civil society groups have a href="http://www.ip-watch.org/weblog/wp-content/uploads/2010/07/Open-letter-to-DG-Trade-Commissioner-de-Gucht.pdf"written/a to the European Commission warning about the impact of ACTA on access to medicines. The letter cites numerous concerns based on the July leaked text.nbsp; The next meeting will be a private meeting in August between the EU and the US as they attempt to sort out their differences on the scope of the treaty. The next round is scheduled for September in Japan. br /img src="http://feeds.feedburner.com/~r/MichaelGeistsBlog/~4/tyKZfDn5p14" height="1" width="1"/

The LWN.net Weekly Edition for July 29, 2010 is available.

The openSUSE project has announced that Jos Poortvliet will be its new community manager. spanJos commented, 'The opportunity to become part of the international openSUSE community is very exciting. There are a great number of interesting developments going on in the free software world, and openSUSE plays a major role in many of them. I look forward to working with the community on these, helping it grow, finding new directions and ways of developing, and delivering its innovative technologies to users and developers around the world.'/span