It’s time, in this series of posts on the Copyright Amendment Bill, to turn back to my usual obsession: anti-circumvention law.

This is one area in the Bill has changed as compared to the Exposure Draft which I previously analysed. Some not insignificant changes have been made here, requiring some new thought. I’ve been asked what my views are on the way the Bill deals with things like region-coding and ‘the Lexmark/Skylink garage door openers/printer cartridge’ issue.

I’m afraid I have to differ somewhat with Brian Fitzgerald here. Brian has condemned the change to the law:

When the Exposure Draft of the proposed amendments was circulated three weeks ago it retained the important notion that a TPM is a device that prevents or inhibits copyright infringement. However when the legislation was introduced to parliament last week that requirement had disappeared. Now any technology used by a copyright owner “in connection with the exercise of copyright” will be protected – even if it does nothing to stop infringement.

This has enormous consequences for Australian consumers. What the High Court decided in Stevens v Sony was that copyright owners should not be able to invoke copyright law to enforce TPMs that control the “use” of lawfully acquired copyrighted material in ways that do not amount to copyright infringement. In doing so the High Court highlighted the importance of ensuring Australians have the liberty to use their legally acquired property as they wished.

In three short weeks the Stevens v Sony principle has gone from pedestal to garbage dump. The law as currently drafted will give copyright owners wide-ranging powers to restrict the use of copyright materials as they see fit.

I’m not so sure. It all depends on how the provision ends up being interpreted. Here are my summary (tentative) conclusions:

  1. The law will be successful in preventing the printer cartridge/garage door opener cases, at least as we are currently seeing them.
  2. The law will allow a court to make a sensible judgment about whether a TPM really is being used in connection with copyright. In doing so, an Australian court could draw on the reasoning in Stevens v Sony and the US cases on what doesn’t fall within the DMCA.
  3. It is not clear how much this law will be a problem if you wish to make competing, unauthorised devices which play or render DRM-protected media formats, such as DVDs, or iTunes songs – regardless of whether your device facilitates copyright infringement or not. It might be a problem. It might not.
  4. To do them credit, the government appears to have fixed a big problem I pointed out with the interoperability provisions (not claiming credit, just noting that the issue has been solved) (although there is a drafting error needing fixing).
  5. This law does nothing for the person who wishes to make ‘fair dealings’ of copyright-protected and DRM-protected material. If you wish to ‘splice’ protected stuff in, even if it is a fair dealing, you will have to find unprotected formats, however you can. This last, however, was probably inevitable.
  6. Particularly in relation to the latter issue, much will also depend on the attitude that the Department takes in exercising their power to make ad hoc exceptions to the access circumvention ban. If they take an approach protective of user rights, the availability of ad hoc exceptions is the potential dark horse of these laws in Australia.

Over the fold, the detail that supports these summary conclusions. As always, I’m open to being corrected on any of the conclusiosn below.

Changes to the definition of ACTPM and TPM

One core part (arguably, the core part, given the way governments are drafting these laws) of any anti-circumvention DMCA-type law is the scope of the technologies which are protected by the law. What, in other words, is it illegal to ‘hack’? This all depends on the definition of ‘technological protection measure’ (TPM). Particularly controversial is protection for measures that aren’t there to prevent copying, but rather, to limit access to (and use of) a work.

Regular readers would recall that definition of what technologies are protected was the most controversial part of the Exposure Draft on TPMs. This was the definition from the Exposure Draft:

Access control technological protection measure means a device, product or component (including a computer program) that:
(a) is used by, with the permission of, or on behalf of, the owner or the exclusive licensee of the copyright in a work or other subject-matter; and
(b) is designed, in the normal course of its operation, to prevent or inhibit the doing of an act:
(i) that is comprised in the copyright; and
(ii) that would infringe the copyright;
by preventing those who do not have the permission of the owner or exclusive licensee from gaining access to the work or other subject matter.

This definition also came with a legislative note, designed to exclude region-coding technologies:

To avoid doubt, a device, product, or component (including a computer program) that is solely designed to control market segmentation is not an access control technological protection measure

The Exposure Draft was a serious effort by the Department to limit the bad potential effects of an OzDMCA. But there were were a number of problems with this draft version:

  1. The focus on a subsequent act of infringement is problematic. The problem is that so many acts of use and access generate infringements under our law now, post FTA – in particular, all copies, no matter how temporary, no matter how inaccessible, might infringe (because of the way that the definition of ‘material form’ was amended. Let’s leave to one side for the moment the fact that this is one area where Australian law is harsher than US law, shall we?). Take the facts in Sony itself. The High Court was able to hold that the measures did not physically prevent or inhibit infringement, because there was no act of infringement subsequent to gaining access. Under the new law, it is at least arguable that there is infringement of the computer program copied to the RAM of the PlayStation player. In short, the specific wording, which requires the measure to prevent infringement, encourages those seeking the protection of the law to make sure that at least one, temporary copy is made somewhere, subsequent to access
  2. The ‘legislative note’ was likely to be ineffective, because few region-coding technologies are designed solely to prevent extra-region playing
  3. It was questionable whether all of the garage door opener type cases would be excluded from protection. Once again, all you need is one infringement, of a copyright work – one temporary copy made without permission – and the device might be protected.
  4. there were other technical problems too: for one, it was not clear how a technology could prevent acts which are both comprised in the copyright, and infringe copyright. what did these two requirements mean?

The new version is quite different:

Access control technological protection measure means a device, product, technology or component (including a computer program) that:
(a) is used in Australia or a qualifying country:
(i) by, with the permission of, or on behalf of, the owner or the exclusive licensee of the copyright in a work or other subject-matter; and
(ii) in connection with the exercise of the copyright; and
(b) in the normal course of its operation, controls access to the work or other subject-matter;
but does not include such a device, product, technology or component to the extent that it:
(c) if the work or other subject-matter is a cinematograph film or computer program (including a computer game) – controls geographic market segmentation by preventing the playback in Australia of a non-infringing copy of the work or other subject-matter acquired outside Australia; or
(d) if the work is a computer program that is embodied in a machine or device – restricts the use of goods (other than the work) or services in relation to the machine or device.

The first thing you will notice here is that the concept of ‘preventing or inhibiting an act of infringement’ is gone. To be protected, a technical measure should now (a) control access and (b) be used in connection with the exercise of a copyright owner’s rights.

Disaster? Maybe. Brian certainly thinks so. I think it depends on how the courts end up interpreting this concept of ‘in connection with the exercise of rights’. And importantly, that language is open-textured. Unlike the Exposure Draft, it’s not enough to show that ‘here is an infringement (temporary reproduction though it is), now my technology is protected’. The copyright owner will have to show that the technology really is connected with the exercise of their copyright rights. The rights granted under the Act.

We don’t know how courts will approach this important concept of a ‘connection’, but remember that the Stevens v Sony approach might be important here. The High Court in that case accepted a view that these ‘paracopyright’ or ‘ubercopyright’ provisions should not be interpreted in such a way as to expand a copyright owners’ rights. Thus, there is precedent requiring a careful approach. Another guide is in the comments in the Explanatory Memorandum. Let’s see what that says. According to the EM, the measure must:

‘have been applied in circumstances where the copyright owner or exclusive licensee is exercising an exclusive right. The term ‘connection’ is used to reflect the need for this link. Eg the link would be established when a measure is applied to a work by a copyright owner where they are communicating the work to the public or where a copyright owner is making copies of other subject-matter.
The fact that a measure is applied to a work or other subject-matter in which copyright subsists would not be sufficient, in and of itself, to establish the link. The use of the measure must be connected to the exercise of an exclusive right by the owner of the copyright in that work or other subject-matter.’

Now, I could be wrong. But this language – statute and EM – I think does pretty clearly exclude the garage door opener cases and printer cartridge cases. I think it gives some room for a court to make a sensible judgment about whether a technology really is being used for protection of copyright or not. in doing so, they will be able to look to the US cases on what does and does not fall within the DMCA.

There is a problem though, if you come from, say, an open source kind of persuasion. It is not clear that you can, for example, make the O/S DVD player – even one that does no more than play legitimately acquired DVDs. That is because the encryption on DVDs arguably is put there ‘in connection with the exercise of the copyright owner’s rights’ (it is there to stop unauthorised disks playing on authorised devices). Much here will depend on how a number of terms end up being interpreted: ‘connection’, ‘circumvent’, and the interoperability provisions.

What does the Bill mean for region-coding?

The big consumer issue in the TPM laws is region-coding. One of the problems with the Exposure Draft, as I noted earlier in this post, was the fact that it attempted to exclude region-coding technologies (a) via a legislative note – which does not have the force of statute, but only aids interpretation, and (b) it only excluded technology that was solely designed to prevent region-coding.

On this point, I do think the Bill is at least a slight improvement, because region-coding technologies are excluded specifically and by legislation. They also do not have to be designed solely to effect region-coding. Interesting that the EM specifically notes that geo-identification technologies – like those used to prevent Australians downloading those free versions of US TV shows – aren’t excluded from protection. Geographic segmentation of some kinds remains protected.

[Update: Interesting, though, isn’t it, that the government is only excluding technologies used to region-code computer games and movies? What? So region-coding electronic books is ok? Why? This is particularly ironic given that films are one area where parallel importation bans have not been relaxed.

And what’s with the ‘acquired outside Australia‘ condition – do you actually have to purchase the movie or game outside Australia? Or are you allowed to buy it here? What if you order it here, but from an overseas site?]

The key issue will be the effect of this phrase – ‘to the extent that‘. What this may mean is that you are allowed to circumvent the technology only to evade region-coding. Imagine that a particular component in a technology does two things: it makes sure unauthorised people don’t have access, and it does region-coding. In this case, it would seem:

  1. A technology that circumvents only the region-coding bit is ok, but
  2. A technology that circumvents the whole thing – with the purpose of evading region-coding, but with the effect of circumventing all the controls – is not.

See the problem? If it is not physically possible to fall in the first category, you’re still stuffed. I don’t know how important this is, but my gut tells me it might be.

[And here’s another update. A reader has pointed out to me that in many cases, region codes sit behind other layers of copyright protection related access controls. In almost all instances you cannot possibly bypass a region code without first circumventing some other of these access controls. What happens then? Interesting thought. Arguably, though, the other access code has the effect of enforcing region-coding, and is not protected to the extent that it does. Which might mean you could circumvent it to circumvent the region-code, although not for any other reason… I’m not sure.]

The interoperability provisions

One thing I was very concerned about in a previous post was the interoperability provisions. I pointed out, at some length, that the interoperability provisions in the Exposure Draft were not as generous as those in the US law, chiefly because they did not seem to allow, in any way, the circulation of a product which circumvents a TPM in order to interoperate. As I said then:

Imagine this situation. What if you do all this, and you write the interoperable program. But what if, to interoperate, your independently created program needs to perform some kind of ‘secret handshake’, or authentication sequence, in order to work with the program. That, you would think, involves a circumvention, right? Your independently created interoperable program might be a circumvention device, right? But look back at the interoperability exceptions in the Exposure Draft. It doesn’t go that far, does it? It doesn’t do anything to say – and once you’ve written the program, you can distribute it.

As I pointed out then – the US law is broader on this score. The reason for the problem was the language in the interoperability exceptions, which allowed circumvention devices where they enabled a person to do an act:

for the sole purpose of obtaining information necessary to achieve interoperability of an independently created computer program with the original program or any other program.

This language has changed. Now, you can manufacture/sell etc a circumvention device which enables the doing of an act which:

will be done for the sole purpose of achieving interoperability of an independently created computer program with the original program or any other program.

This is an improvement, and it may well fix the problem, I think (although there is a weird drafting error – as someone put it to me, there is an ‘orphaned subsection (c)’ which looks like a hangover from the previous drafting. That needs to be removed).

The EM supports this view, noting that:

This exception will apply to a manufacturer etc of a circumvention device, person X, where the circumvention device is used by another person, person Y, to circumvent for achieving interoperability of an independently created program with the original program.

I might be wrong, but this looks good.

The fair dealing issue

Brian rightly points out that the law does nothing for the critics, the masher-uppers, the people who want to splice protected material into their creative new stuff. Correct. i think given the FTA this was pretty inevitable however.

I remain of the view that the dark horse of all of this will be the Departmental view on ad hoc exceptions. You see, imagine you are a potential masher-upper. You are, for example, an educational institution running a course in video editing techniques. You propose to use a particular technology to circumvent. It will be highly controlled in your institution: it has to be done on-site, for example. There is scope, in this legislation, to seek an ad hoc exception for your proposed method. That will be sought of the AG’s Department. [This couldn’t happen, by the way, in the US, where they have a once-in-3-years-extravaganza]. If the Department (say, with the support of DEST) are protective of user rights, you might be successful, or you might through this means be able to broker a deal with copyright owners. It wouldn’t have to be an earth-shattering exception. I guess we’ll have to see how serious the government is about education and creativity. But there is potential.