As reported elsewhere, the Electronic Frontiers Foundation (EFF) have issued the latest update of their ‘Unintended Consequences’ paper. This one is version 4, and entitled ‘Unintended Consequences: Seven Years under the DMCA. (Version 3, issued September 2003, reflected the stories from 5 years). The paper is the output of an ongoing project of the EFF, which:

collects a number of reported cases where the anti-circumvention provisions of the DMCA are been invoked not against pirates, but against consumers, scientists, and legitimate competitors.

The paper was cited in a number of submissions in Australia’s own inquiry into TPM laws and exceptions, and in the final report of the House of Reps Standing Committee on Legal and Constitutional Affairs that did the inquiry.

The report of course details all the well-known stories of use and abuse of the DMCA: the Ed Felten ‘squishing research’ story, the Sklyarov arrest, Lexmark printer cartridges. But more important and more interesting is what’s new, in the last approx 2.5 years?

Looking through, these are the new stories:

  1. A story about how the DMCA delayed revelation of the Sony Rootkit-caused security vulnerabilities, by computer science grad student J Alex Halderman, Edward Felten’s student and fellow blogger on Freedom-to-Tinker and co-author of a paper with Felten on the Sony Rootkit fiasco and what it tells us about implementation and incentives in digital rights management schemes. Halderman apparently sought legal advice, and delayed publication of the discovery for several weeks. The story was in the end broken by another researcher, thereafter many gory details came out…
  2. A story about SunnComm’s earlier (2003) threat against J Alex Halderman (gee, no wonder he sought legal advice re the Sony issue!) as a result of Halderman’s publication of a report documenting weaknesses in a CD copy-protection technology (Halderman revealed that holding down the shift key on a Windows PC would render the technology ineffective). The company retreated from its threats after some press attention;
  3. A threat (cease and desist letter) by GameSpy against an Italian author who published details about security vulnerabilities in GameSpy’s online services. Strange invocation against the Italian researcher given that he lives in Italy…
  4. The story of the Sony Rootkit Fiasco – the EFF noting that while no DMCA threats were issued in the case, a company issuing ‘repair kits’ for such problems might be breaching the DMCA;
  5. Stories about mobile telephony carriers using the DMCA to make threats against companies and people offering to ‘unlock’ mobile phones sold to consumers ‘locked’ to a particular network;
  6. The story of Apple’s threats against RealNetworks, when RealNetworks created ‘Harmony’, technology designed to allow RealNetwork DRM-protected downloads to play on Apple iPods (Real eventually gave up on trying to do this);
  7. Tecmo’s DMCA claims against websites offering alternative ‘skins’ for Tecmo games;
  8. A story that Nikon cameras had started to encrypt certain portions of the RAW image files geneated by its professional-grade digital cameras – with the result that the files would not be compatible with Adobe Photoshop or similar software unless the developers first took licenses from Nikon (Nikon and Adobe eventually negotiated an agreement);
  9. Hewlett-Packard’s use of embedded software in printers and toner cartridges to enforce region-coding restrictions (no DMCA threats yet, but the potential is noted);
  10. StorageTek’s lawsuit under the DMCA to prevent Custom Hardware from offering services to repair StorageTek hardware (the lawsuit failed, by the way).

So there’s a few new stories in the relevant period, which is interesting in itself.

But notice anything about the nature of the stories coming up here? Notably, they mostly come under the heading of ‘DMCA use to block platform or software interoperability’ – ie uses which threaten aftermarket competition. A troubling trend.

More positive, on the other hand, is the fact that in 6 of these 10 new stories, either there has been no DMCA threat, or the threat failed/was withdrawn/led to settlement.