logo

Features - Should We Trust "Trusted Systems?"

By Tobe Leibert, Published on May 20, 2000

Tobe Liebert is Director of Public Services at the Tarlton Law Library at the University of Texas at Austin.

A high-tech solution to the problem of protecting intellectual property on the Internet is quickly becoming reality. And it’s a reality that libraries may not like.

Several companies are busy developing “trusted systems” designed to bring an unprecedented level of security to information exchange on the Internet. Trusted systems are combinations of software and hardware that will not only prevent unauthorized access to content, but introduce a management and tracking model not yet available on the Internet. The term "digital rights management" is also commonly used to describe such systems.

The motivation for developing trusted systems is clear. Now that text, images, video and audio can be digitized and easily distributed over the Internet, producers of such content have rightfully been concerned about the ease with which a single copy can be endlessly replicated. Indeed, many thinkers in what now is sometimes referred to as the "first generation" of Web theorists believed that traditional copyright protection was impossible in the digital world, and thus our whole system of intellectual property rights would have to be re-examined1. Trusted systems, however, could tip the balance dramatically in favor of the content providers. This could result in an environment where digitized content can be securely “locked up” and libraries and other users of information could find themselves struggling to maintain their traditional methods of building their collection and serving their patrons.

To come into being, this new era of information distribution depends on the convergence of: several events.

First, the new technology embodied in “trusted systems” must be perfected and proven to be secure. This is a major challenge and these products have not yet been tested in the marketplace.

Second, legislation must be passed that encourages the use of trusted systems. Thanks to Congress' passage of the Digital Millennium Copyright Act (“DMCA”), this condition has been achieved.

Finally, as a supplement to the first two events, the law must recognize contractual arrangements that allow content to be accessed and distributed on terms set by the content provider. This last event is important because of the existence of copyright principles such as "fair use" and the "first sale" doctrine that currently give users broad rights to use copyrighted material for specific purposes. For, even if a perfect trusted system is developed and fully protected under law, there is the outstanding issue of if the courts (or legislatures) could require the "unlocking" of protection systems because of concerns about the effect on traditional rights held by the public under copyright law. This is where the fate of the proposed Uniform Computer Information Transaction Act (“UCITA”) becomes critical. This proposed Act makes no provision for non-infringing uses of copyrighted material that is licensed to users.

If these events occur, access to content could, in effect, have a double-layer of protection: (1) physical distribution controlled through a trusted system, (2) under a license agreement fully recognized by the UCITA.

The Digital Millennium Copyright Act

The first step in creating an environment where content providers can securely (and profitably) distribute content over the web is to create the necessary background statutory landscape. The recently enacted Digital Millenium Copyright Act ("DMCA") was the necessary first step. The DMCA is federal legislation protecting "copyright protection and management systems." Essentially, it recognizes content provider's right to create trusted systems, and provides civil and criminal penalties against those who would attempt to circumvent these systems.

Title I of the DMCA contains provisions that prohibit the circumvention of a "technological measure" that protects access to copyrighted material. This provision was codified at 17 U.S.C. sec. 1201. Essentially, it is a violation of the law to attempt to circumvent protective measures such as digital rights management systems. Sections 1203 and 1204 provide for both civil and criminal remedies for violation of this law. The DMCA therefore recognizes that no system of protection can ever be made to be immune from the efforts of hackers; the civil and criminal penalties are designed as a deterrent if ways are found to bypass the protections of trusted systems.

With the passage of the DMCA, Congress has explicitly encouraged the use of trusted systems. This sets in place the “architecture” (as articulated by Harvard Law Professor Lawrence Lessig) of complete control, from a hardware viewpoint, over access to information.2

In the debates proceeding the passage of the DMCA, Congress did recognize the fact that technological protection could work so well that it could shut out all use of copyrighted material, even uses now protected by "fair use." The Act therefore calls upon the Library of Congress to solicit comments on the impact that anti-circumvention technology has on "criticism, comment, news reporting, teaching, scholarship or research." See 17 U.S.C. section 1201. The Act provides that the Library of Congress can publish any copyrighted material it determines to have been effectively kept from the public through copyright protection systems.

The Library of Congress has a website describing this rulemaking procedure at http://www.loc.gov/copyright/1201/anticirc.html.

The Association of Research Libraries created a webpage specifically to help solicit comments on these issues.

The passage of the DMCA was a big victory for content providers. It is an open question as to whether the provision allowing the Library of Congress to monitor the effect of copyright protection systems on non-infringing uses will offer any real benefit to the public.

Further Reading on the DMCA:

Arnold P. Lutzker, Primer on the Digital Millennium: What the Digital Millenium Copyright Act and the Copyright Term Extension Act Mean for the Library Community. Available at: http://www.arl.org/info/frn/copy/primer.html