Post on 07-Jun-2018
digital copyright reform &
the piracy of personal information
ian kerrcanada research chair
in ethics, law & technology
université d’ ottawa university of ottawafaculté de droit faculty of law
two tensions
freedom versus control
t1
t2
information wants to be free
information wants to expensive
the whole story…
information wants to be free. information also wants to be expensive. information wants to be free because it has become so cheap to distribute, copy, and recombine too cheap to meter. it wants to be expensive because it can be immeasurably valuable to the recipient. that tension will not go away. it leads to endless wrenching debate about price, copyright, 'intellectual property', the moral rightness of casual distribution, because each round of new devices makes the tension worse, not better.
stewart brand, the media lab
old law, new bottles
digital copyright challenging the economics of ip
how to maintain artificial scarcity? (a packaging problem)
its all about the bottles…
what kind of bottles will the new law drink from?
fanning’s free beer chug-a-lug
valenti’s pricey wine-by-the-sip
wipo copyright treaty
Article 11
Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention and that restricts Acts, in respect of their works, which are not authorized by the authors concerned or permitted by law.
bill c-60
1. act of circumvention for infringing purpose2. providing circumvention services3. dealing with circumvented works
– and –
4. act of removing or altering RMI5. dealing with works with RMI removed
tpm // drm
drm > ©
drm
(i) a licensing arrangement which establishes the terms of use for the underlying work
(ii) a database containing information identifyingthe content and rights holders of a work
(iii) surveillance technologies that monitor and meter customers’ use of its products
drm (the license)
one concern is that drms exploit contract law to create rights for content owners not afforded by copyright law[ie, it uses private law to reallocate public goods…]
the same concern applies to the privacy/data protection realm…[ie, the contract can be used to manufacture consent to what would otherwise be a limit on the collection, use and disclosure of personal information]
drm (the database)
the database stores:the contents of a particular work subject to copyrightnames of the various rights holders associated with the workinformation about individual usersinformation about an individual’s use
drm (the surveillance technologies)
the database utilizes surveillance technologiesto identify/monitor activities of:
individual consumers who seek to access or use a workthe consumer’s computer(s) and associated software
drm - Digital Routine Monitoring??
if tpm is a virtual fence, drm is a virtual surveillance system
surveillance features are crucial to the technological enforcement of the licensing component (without surveillance, drm is just a souped-up standard form contract)
drms enable automated collection and exchange of various kinds of information
about particular userstheir habitstheir particular uses of the digital material
IP phone home …(greenleaf)
no privacy protection
bill c-60 provides special protection to new surveillance technologies but with no balancing provisions when it comes to privacy. why?
not b/c of existing data protection laws… (PIPEDA)
why silence will not do:public policy considerations
(i) anonymity [PIPEDA’s appropriate purposes doctrine 5(3)]the ability to disconnect one’s identity from one’s actions is of tremendous instrumental value to intellectual development and intellectual achievement
(ii) individual access to one’s own personal information “every digital lock without a key needs a legal locksmith”
(iii) one-sided drm licences “EULAs are becoming the rule and content providers the rule makers”
freedom from contract
dan solove
the law currently does not provide meaningful ability to refuse to consent to relinquish information.
.… giving people property rights or default contract rules is not sufficient to remedy the problem because it does not address the underlying power inequalities that govern information transactions. unless these are addressed, any privacy protections will merely be “contracted” around, in ways not meaningful either to the problem or to the contract notions supposedly justifying such a solution. people will be given consent forms with vague fine--print discussions of the contractual default privacy rules that they are waiving, and they will sign them without thought.
PIPEDA consent ≠ contractual consent
PIPEDA consent > contractual consent
PIPEDA
appropriate purpose
higher threshold for consent
refusal to deal
hacking@privacy
drm allows content owners to circumvent PIPEDA
recommendations
(i) an express provision permitting the circumvention of tpm/drm for personal information protection purposes
(ii) an express provision stipulating that a drm licenceis voidable when it violates privacy law
(iii) an express provision prohibiting the circumvention of privacy by tpm/drm, notwithstanding licence provisions to the contrary
If Left to Their Own Devices… How DRM and Anti-Circumvention Laws Can Be Used to Hack Privacy
Ian Kerr
Deflating the Michelin Man: Protecting User Rights in the Canadian Copyright Reform Process
Jane Bailey
anonequity.org
anonequity.org
digital copyright reform &
the piracy of personal information
ian kerrcanada research chair
in ethics, law & technology
université d’ ottawa university of ottawafaculté de droit faculty of law