Home | The Centre | Events | Publications | Site Map | Contact Us

 You are here: Home >> Events >> 2002 >> DRMS Transcript

 

Symposium:

Digital Rights Management Systems and Public Interests

 

The Baker & McKenzie Cyberspace Law and Policy Centre

University of New South Wales

 

Date: Monday 18 March 2002, 4Ė10 pm

 

Venue: Baker & McKenzie Board Room, AMP Tower, 50 Bridge Street, Sydney

 

 

Transcript of proceedings

 

Introduction Ė Dr Lee Bygrave, Co-Director, Baker & McKenzie Cyberspace Law

and Policy Centre

 

Welcome to the inaugural event of a series of symposia in which we shall investigate aspects of cyberspace in light of various public interests. An aim of these symposia is to largely dispense with the usual conference-style format, where we have prepared and lengthy speeches, and where real discussion tends to get sidelined if not eliminated. With these symposia we want to facilitate open-ended, wide-ranging discussion of issues that are of interest to experts in the field, and to disseminate the results of the discussions to the broader public. Accordingly, we shall be recording most of what is said, with a view to making this initially available Ė in a slightly edited format Ė over the Web. Further down the track, we hope to publish a series of books in which the respective symposium proceedings are included, together with related papers, articles and the like. In order to encourage participants to freely express their views, we shall anonymise their identities when publishing the transcripts of proceedings.

 

Before I introduce the themes of the present symposium, Iíd like to make some brief remarks about the Baker & McKenzie Cyberspace Law and Policy Centre. The Centre has been up and running for about 2 years. It is attached to the Law Faculty of the University of New South Wales (UNSW). We are generously supported financially by Baker & McKenzie, from which we derive the bulk of our funding. Bakers supports the Centre in other ways, such as allowing us to use its facilities for events like the one this afternoon. I should emphasise though that we are otherwise independent of Bakers; we are not a loudspeaker for the views of the firm; we are free to pursue our own academic and public policy interests.

 

The Centre runs a variety of events in addition to this sort of symposium. For instance, it arranges conferences under the framework of the Continuing Legal Education (CLE) program of UNSW. The Centre has a relatively small secretariat; its activities are driven mainly by a relatively large group of research associates, several of whom are here this afternoon.

 

In addition to these Centre associates, we are fortunate to have participating at the symposium a considerable number of persons from a broad range of sectors Ė government, industry, academia, the legal profession and public interest groups. Fortunately too we have a nice mix of Ďtechnologistsí and lawyers. So we should get some interesting cross-cultural and cross-organisational exchanges. I for one, being primarily a lawyer, have only a rather superficial and slippery grasp of what Digital Rights Management Systems (DRMS) really involve in practice, and I look forward to hearing more from the technologists about what is actually going on behind the hype that we often are fed about such systems.

 

The first part of the symposium will begin with a presentation by Professor Bernt Hugenholtz from the University of Amsterdam who will focus mainly on the way in which DRMS are provided for under the recently adopted EU Directive on harmonisation of copyright. The second part of the symposium will be kick-started by presentations from Peter Higgs and Dr Renato Ianella, both from IPR Systems. Peter will talk about the interest-balancing involved in developing DRMS, while Renato will talk about recent initiatives aimed at ensuring that DRMS respect public interests. The third part of the symposium will consist of relatively free-ranging discussion.

 

This symposium is aimed at discussing the implications of DRMS Ė and the new legal protections accorded them Ė for the interests of all parties concerned: most notably, both information creators and information consumers. What do we mean by ĎDigital Rights Management Systemsí? This is the fairly new nomenclature for what up until a year or so ago were commonly termed ĎElectronic Copyright Management Systemsí. Basically, these systems attempt to enforce the rights of copyright holders in an online environment by use of technological and, to some extent, organisational mechanisms with the following overlapping functions: namely, controlling access to information products; preventing their unauthorised copying; accurately identifying the products and those who own copyright in them; and ensuring that these identification data remain authentic. A variety of technologies support these functions, including Ďdigital watermarkingí and other forms of stenography, encryption software, and electronic agents.

 

The emergence of DRMS is being lent a helping hand through the recent trend by legislators around the world to introduce strong statutory protection for copyright-protective technologies, particularly in the wake of the WIPO Copyright Treaty of 1996. Taken together, DRMS and the attendant legal reforms are leading to a profound change in the way in which intellectual property rights are enforced. It is a change that many people claim is affecting the fragile interest balances inherent in traditional copyright law. There is little doubt that DRMS and attendant legal reforms have considerable potential to enlarge the scope of intellectual property in hitherto unseen ways. There is also little doubt that this potential has serious implications for a variety of public interests including the privacy and autonomy of information consumers, the extent of the Ďpublic domainí and Ďdigital diversityí, and the long-term status of copyright law particularly with respect to contract law.

 

Hopefully, the symposium will be able to cast a penetrating light on these implications.

 

I now give the podium to Professor Bernt Hugenholtz.

 

Professor Bernt Hugenholtz

 

What is on todayís agenda, at least as far as Iím concerned? Iíd like to take a look at the protection of Digital Rights Management Systems, with a particular focus on user freedoms and protecting those freedoms. This is a very difficult subject involving a whole mix of legal and not so legal considerations. I will tackle it primarily from a European perspective, partly because Iím European and partly because the EU Directive on copyright adopted less than a year ago provides an interesting albeit not uncontroversial input to the issue. My agenda for the next 40 minutes or so will involve, first, giving an example of a very rudimentary DRMS which illustrates the kind of difficulties we will be facing and the inherent threat of any DRMS to do away with freedoms that users, end users or intermediaries have enjoyed under traditional copyright law. This very rudimentary, almost abstract management system that I will show you soon definitely does not exist, nor does it illustrate in any way that I have even the slightest knowledge of the technology behind it Ė Iím just here as a lawyer; the technologists will be speaking later on. Next, I will look at how difficult the issue of protecting user freedoms is, particularly since there is a variety of legal regimes applying to content delivered over DRMS. Then I will focus on the European Copyright Directive, the way it treats user freedoms and the way it does not treat one of the most essential questions posed here: the problem of reconciling copyright exemptions with the freedom of contract. The final part of the presentation will deal with the legal protection of technological measures pursuant to the legal regimes coming out of the WIPO treaties, particularly as implemented in the European Directive, and look at how users might be protected against this Ďonslaughtí.

 

Thatís my agenda.

 

First, what is a simple example of a DRMS. Take an online digital bookstore. You can buy a book or letís say a chapter of a book or letís say a scientific article Ė perhaps that is a more realistic example in fact. Using Digital Rights Management tools it will be possible and in fact it is already possible to price discriminate while licensing users to various degrees. If you pay a small licence fee, you get to read the article or the book only once, and nothing else Ė no right to copy, no right to quote, no right to distribute. If you pay more, you may get an unlimited right to read the book but still no right to copy. If you pay more than that, you may have the right to make copies, only once, and even a right to quote from the book in digital form. If you pay a lot of money, you get a site licence Ė like the kind of licence that universities have negotiated with scientific publishers Ė which allows unlimited uses within a limited designated amount of terminals. And if you pay a whole lot, you may get the right of super-distribution, meaning a right to re-exploit the work in any way you see fit. The example shows you how DRMS can override existing user freedoms in a way that is not congruent with how copyright laws, as we know them today, are written. Iím not saying thatís bad; what Iím trying to show here is that there may be a problem. [Ö]

 

Of course, no presentation on Digital Rights Management is complete without the obligatory reference to Professor Larry Lessig Ė formerly from Harvard, now at Stanford Ė who has written the ultimate book about the gradual replacement of the law by software-based rules or Ďcodeí. ĎIn the well implemented systemí, Lessig warns us, Ďthere is no civil disobedience, law as code is as stark to the perfect technology of justice.í The problem here is, of course, that a well implemented system may not know what the law is, or in fact that it may overwrite the law.

 

So what about user freedom? That is the basic question I will be discussing with you today and one that I would really like to raise, because I certainly do not know the answer.

 

The problem is Digital Rights Management Systems enjoy an increasingly and increasingly enjoy and benefit from a multiplicity of protection regimes, regimes that deal with protecting content and respecting user freedoms in a variety of ways that that are not necessarily compatible with each other. In fact they are totally incompatible.

 

The first layer, the deepest layer on top of the content itself, is the Intellectual Property layer consisting of copyrights, neighbouring or so-called related rights, rights neighbouring the copyrights such as rights of phonograph producers that in most countries are not considered copyrights; database rights, you donít have them in Australia but they may come to you sooner than you would like them to come to you. Those are rights in collections of non-original, non-copyrightable collections of data that have been recognised in Europe as a consequent of the European database directive, and that are now being discussed in United States and elsewhere in the world.

 

So there is quite a sizeable amount of intellectual property that protects the content delivered over the DRMS. On top of that there is a contractual layer, the contractual layer that basically restricts or allows certain users or uses under the terms of user licence agreement often imposed by content providers upon end users in the form of standard form contracts.

 

Then thereís the technological layer, which by itself already provides for quite a sizeable amount of protection. We have technological measures that serve different functions, including controlling access to an online database for instance, protecting against serial copying, enforcing regional marketing strategies that basically undermine parallel imports, the so-called regional coding that you see nowadays in DVDs and Sony Playstation software, and technological measures aimed at monitoring use, at watermarking the digital content as a form of evidence of further control, as a means of evidence of further control.

 

And then on top of all this there is this new regime, the legal protection of technological measures protecting copyright protected works, article 11 of the WIPO copyright treaty.

 

The problem is how to reconcile all these different regimes with each other and how to maintain the so-called delicate balance between the protection on the one side, protection that is necessary to ensure exploitation of copyright protected works, and at the same time respecting user freedoms, user freedoms that may have their basis in very fundamental legal principles, free speech for instance.

 

How does the European copyright directive deal with user freedoms?The copyright directive merits in itself a whole afternoon and perhaps a whole year of discussion, we will not enter into that, I will limit myself to discussing the user freedom, the limitation part of the directive.

 

The directive has been adopted on the 22nd of May last year in attempt to harmonise horizontally a whole bundle of copyright and copyright related issues including the scope of protection, including for instance a definition of what constitutes reproduction, what constitutes communication with the public, and others.

 

The largest part of the directive, which of course still has to be transposed to the law of the member states, deals with user freedoms and limitations. It is a rather loose form of harmonisation of copyright limitations that includes just one mandatory limitation Ė a limitation that is obligatory on all the member states which allows for certain amounts of caching and browsing without rightholderís permission, a limitation that basically allows for normal digital transmission of normal copyright works without entailing necessary liabilities under copyright law. This would allow Internet providers for instance to use proxy caching tech to speed up the delivery of digital content without paying royalties.

 

The largest part of that article 5 dealing with user freedoms is however devoted to a extremely very long list of permitted optional limitations, limitations that members states may have to transpose into their national laws, or in many cases, maintain in their national laws.The original idea of the European commission was in this increasingly global information market, it is a bit awkward to have limitations/exemptions varying wildly from one European country to the next. This would make it very difficult for content providers and for users to know what their rights are from one country to the next.So the original idea was make it a very short list, basically do away with most limitations because in a digital environment at least according to the European commission, who really needs limitations in the first place? Digital Rights Management: pay per use Ė that is the future.

 

This plan, however, has failed miserably. In the process of negotiations between the Member States and the European Commission, the list of permitted limitations became longer and longer. Basically, every European country managed to include its own favourite limitation. We from the Netherlands, for instance, included a right to sing songs Ė copyright-protected songs Ė in church, and Germany managed to include a right to play copyright-protected movies on televisions in retail stores just to demonstrate that these televisions actually really worked. But still, the list does not include, and I think that is the bad news from a user perspective, any general fair use or fair dealing type of provision. That means that if the technology and new business models develop, thereís a new need for exemptions not known today, not realised today, the copyright directive and subsequently the national member statesí law, has to be changed time and time again. So it is not really a flexible system at all. In some cases (Iíll show you what the limitations are on the next slide) fair compensation is required. For instance, in the case of private copying exemptions, fair compensation meaning compensation to the right owners. Already in 12 of the 15 member states we have so-called levy systems in place providing a right to remuneration originating from the manufacturer or the distributor of analogue media, audio and video tapes, for instance, or in some countries for instance the manufacturer or importer of equipment primarily intended for copying purposes. In Germany, thereís a levy, a copyright tax on photocopying equipment, and in most countries blank audio and video tape.

 

Thereís a tendency, an understandable tendency, for these levy schemes to proliferate into the digital area as well and in fact particularly in Germany and also in France, the colleting societies have been making a strong argument for extending the levy schemes to cover CD burners, PCs, mobile phone with mp3 playing capability. In fact, just about anything digital that you can imagine and that has storage capabilities.

 

The European copyright directive promotes that model by providing for a right to fair compensation in case of private copying. However at the same time (and this exemplifies the problems the drafters of the directive have experienced) the directive embraces the model of Digital Rights Management which of course points in a totally different direction, and does not fit in well at all with a levy scheme where payment is made on a collective forfeitary basis. The idea behind Digital Rights Management Systems of course is that every single use is paid for, every act of private copying even on minor scale, well at least theoretically, will be paid for.

 

So levies and Digital Rights Management Systems donít work very well together.And the directive realises that by referring to the use of technological measures in article 5(2)b and in recital 35, where in calculating the level of fair compensation, account should be taken of the degree of use of technological measuresÖ

 

In other words in those markets where DRMSs are in place, fair compensation would obviously not be required because there wouldnít be any copying in the first place, and if there were copying it would be illegal.So that may be one of the points of discussion later on today. What vision of the future of copyright do you have? A Digital Rights Management vision where every individual act of usage is controlled or a more open oriented model perhaps offset with a levy system such as the levy system existing today with analogue in Europe.

 

All these limitations mentioned in the copyright directive are subject, but we will not have time to discuss that today, to the famous or infamous 3 step test in the TRIPS agreement article 13. The 22 special cases mentioned in the directive only apply, if they do not conflict with the normal expectation of the work and only if they do not unreasonably prejudice the interests of the rightholders. So thatís an extra safety measure from the rightholderís perspective.

 

Whatís on the list? Iíve tried to squeeze them all on the one slide. Weíre not going to discuss all these limitations. These are the kinds of limitations under the directive as you can see there is lots there you are familiar with from an Australian viewpoint, and there are also some very weird limitations you may not know. For instance, the parody limitation. Arguably this is not that weird, and itís a very good idea, but most countries deal with that issue without expressly codifying a parody defence. Spain, France and Belgium already have a parody limitation, thatís why itís in the list, presumably other countries will now follow in Europe.

 

The asterisk denote fair compensation rules that means for photocopying, for private copying, for so-called prison taping, making copies of football matches for prisoners who have to go to bed very early, fair compensation is required. The rest may need a levy scheme.

 

Now how does the directive deal with the interplay that I would like to focus on next between limitations and contract? As we saw before contract user licences can basically override any existing limitations making this extremely long list of copyright directive completely devoid of any practical implications if contract rules: who cares about limitations

 

Hereís an example of a rather radical, a rather over-the-top example of a user licence that actually does away with just about any limitation imaginable. Iím not so sure this is not a hoax but itís pretty funny anyway. This is an opening screen from an e-book published by volume 1 and itís an e-book which is Alice in Wonderland. What it says in the blue part is permissions on Aliceís adventures in Wonderland where permission is slightly ironical

 

Copy: no text or selections can be copied from this book to the clipboard.

Print: no printing is permitted on this book

Lent: this book cannot be lent or given to someone else

Give: this book cannot be given to someone eels

Read aloud: (you guessed it right) this book cannot be read aloud.

 

In fact you canít do anything with it but read it, silently that is. What this demonstrates it is a radical example and the more I look at it the more I am sure that it is actually a hoax. But itís one of those nice Internet hoaxes that we enjoy. What this illustrates is that user freedoms may be seriously jeopardised even if they are codified.

 

How does the directive deal with that problem? Well, the answer is disappointing: it does not deal with it. In article 9 of the directive it expressly states that rules of the directive are without prejudice to a whole range of legal areas including access to government information and what have you and also the law of contract. It doesnít say that the law of contract or freedom of contract always wins but it simply doesnít deal with it.It doesnít exclude solutions under national law either including solutions we all know from Belgium where limitations have been declared, all copyright limitations have been declared mandatory, non-overridable, 3 or 4 years ago already. This is a unique situation, I know of no other country in the world where the lawmaker has expressly codified such a rule and we know that in the software and database directives of 1991 and 1994, already a number of mandatory user freedoms were included such as a right which is non-overridable which you cannot do away with under a licence to decompile a work, a computer program, that is to reverse engineer it, a right to make backup copies et cetera.Itís a bit disappointing in view of these earlier European directives that the present copyright directives do not deal with this issue. On the other hand it is understandable, this is a difficult problem and the Belgium solution certainly is oversimplifying. If Iím not mistaken, this is a problem that the Australian Copyright Committees, or the Australian Copyright Councils currently, is dealing and struggling with but maybe the Australian experts here can tell more about that later on in discussion. I know they have big problems dealing with it.


How could you deal with it? Weíre now stepping outside the directive and just thinking about the problem out loud. These are possible approaches reflected in the book that I promoted earlier to great length. You could apply general doctrines, the first one actually would be a bit difficult for an Australian audience, the application fundamental human rights but in continental Europe that might work very well. There are certain rights so fundamental that you cannot dispose of them by contract in the first place such as your own right to privacy, another problem in Australia.But other doctrines might solve at least in part the problem raised here of reconciling user freedoms with freedom of contract.The doctrine of unconscionability for instance or doctrine of misuse (I donít know if it exists in Australia, it does exist in many other countries), misuse of copyright in this case. What you could also do, the Australia example, is designate mandatory limitations in your copyright act. Then again, you could approach the problem from a contractual perspective and for instance include a chapter on user licences in your own civil code if you have one. That has actually happened in respect of many other types of sector specific contracts so why not in information user licensing regulation in contract law?

 

What you can also do is extend existing law on unfair terms to extend to the information licences. In fact there are many different approaches and the copyright paradigm is definitively not the only way to deal with it.This is a matter for discussion later on.

 

But having solved, presumably even if we could, the problem of making copyright limitations respect user freedoms in the light of increasing online licensing, you would still have the problem of overbroad protection by technology to deal with. And thatís the last part of my presentation Ė how to create this equilibrium between the legal protection of technological measures and respect for user freedoms. It is a very difficult one, much more difficult than the contractual issue I just dealt with, and itís made particularly difficult since national legislatures are compelled under article 11 of the WIPO copyright treaty to provide an additional layer of legal protection to existing technological measures. According to the WIPO copyright treaty ďcompanies and parties shall provide adequate legal protectionÖÖ.A rather loosely formulated instruction that many contracting parties are in the process or have already dealt with in different ways. In fact every country I know of has its own approach of interpreting article 11 of the WIPO copyright treaty as well as protecting user freedoms. We will see that later on.

 

How does the directive deal with this? Well, it has taken article 11 very seriously and in fact it has protected more than what is really necessary. Under the WIPO rule the circumvention of technological measures requires adequate legal protection. The European Directive however also prevents the manufacture, the trade, the sale, the advertising and what have you, of devices that enable circumvention. I believe thatís the only thing that the Australian law prohibits. Europe we have both circumvention and trade in circumvention enabling devices prohibited. The device rule of course, immediately triggers the question of how to distinguish between devices that enable circumvention and general purpose devices such as PCs that can do just about anything you like including circumvention. For that the directive develops a primary purpose test, if the primary purpose of the device is to circumvent then it is prohibited. So called dual use technologies are allowed. The definition of effective technological measures is rather broad and it includes presumably both access control and copy control mechanisms.

 

How does it deal with limitations? The WIPO copyright treaty prohibits acts of circumvention that restrict acts that are authorised by the rights holders or permitted by law. Look at article 11 last couple of words.

 

So thereís a relationship in the copyright treaty between the scope of copyright and the scope of this new legal protection regime. Acts that are permitted by law, in other words, that are covered by existing copyright exemptions therefore remain outside the scope of this legal protection regime. You might hack your way into a protected Digital Rights Management system to enable you to exercise your user freedoms. Professor Ginsberg from Columbia University has termed this Ďa right to fair hackingí Ė a regime that follows the contours of copyrighting. That is what the WIPO copyright treaty in fact demands, but then again the copyright directive, the Europeanís have gone one step further. By providing in article 6(3) that the acts that are protected by the new regime (restrict) are not authorised by the rights-holder. What you see here is that words Ďpermitted by lawí have disappeared and that in fact, any unauthorised act, whether or not they constitute copyright infringement, that are enabled by the act of circumvention become prohibited. What that means is that this new legal regime, this extra legal layer, does not respect copyright limitation in anyway. There is under the European system no right to fair hacking. You are not allowed as a bona fide librarian for instance to remove technological protection measures even if it is simply to invoke your rights as a fair as a bona fide user. The only small exception to this no limitation approach is that there is a reference in recital 50 (15?) that clarifies that circumvention to decompile a computer program to enable inter-operability is permitted. But for the rest, even if you are the most bona fide user in the world you can never circumvent. Thatís a much further reaching approach, which in fact might lead to the conclusion that this new legal regime has lost its relationship to copyright in the first place Ė it is in fact a new property right in the encryption layer if you look at it differently.

 

So how to preserve user-freedoms in this world of Digital Rights Management?

The copyright directive, having recognised that there are at least 22 types of user freedoms that are important does deal with the question, but in a very different way. What is says in Article 6(4) is that member states if content providers fail to apply voluntary measures, that member states must take so-called Ďappropriate measuresí to protect qualified users from being excluded. This is the entire, well not quite the entire rule, but almost the entire rule. In the absence of voluntary measures Ö.., member-states shall take appropriate measures to ensure that right-holders make available to the beneficiary of an exception or limitation. Note that this does not apply to all exceptions or limitations, only a limited number including limitations enabling classroom copying, scientific uses, certain library and archival functions and what have you. But not the whole lot, not the whole packet of 22. What are the qualified uses? I mentioned them already, library use, archival use, educational use, broadcasting, hospitals, etc etc. 6, 7 in all Ė not 22.

 

But what are these appropriate measures, or what are the voluntary measures that should be taken in the first place. The directive doesnít tell us. The recitals donít tell us. There is no way of knowing what the European legislators had in mind so these are just lucky guesses. One measure could be, and is being contemplated in national implementing legislation as we speak, obligations on content providers to provide not technologically protected copies in, for instance, the national library where bona fide users can go and make their fair use copies - a deposit requirement in other words. Another similar option is a [key-ask role] approach, where there would be a trusted 3rd party (possibly again the national library) where content providers must deposit their encryption keys and where bona fide users, qualified users may go to receive a copy of the key to enable certain fair users. And then thereís the third possibility of providing unprotected copies on demand by the same qualified users. Three possibilities Ė there may be others that might be the end result of this rather complicated rule of the copyright directive. What makes it even more complicated is that the final part of Article 6(4) is not, compromised within article 6(4), excludes all the previous solutions in case of online services provided on demand on agreed contractual terms. In other words, at least thatís the way I read this, if content providers and users have negotiated an agreement providing the terms of user-licence - in that case, there is no obligation on the part of the content owners to provide unprotected access. That may do away with a lot of the appropriate measures previously required.

 

There are of course other ways to reconcile Digital Rights Management and the possibility of encroaching user freedoms by using Digital Rights Management systems and user freedoms on the other hand. The first one we will be talking about later on which is basically, building the freedoms into the system. But from a legal perspective there are of course other remedies outside the right to fair hacking approach, which I personally think is not a very realistic one. Even if hacking were permitted, you must still be able to hack. The idea of having professional hackers employed by librarians and universities just to hack their way into protected content simply does not appeal to me. There are other legal ways to look at it as well. One would be if a consumer law approach does not solve all the problems, but certainly, the problems that consumers are encountering nowadays when in Europe they are buying copy protected CDs that are in fact inherently defective. Very rudimentary protected CDs that are basically full of digital mistakes. Such a way that CD burners will not be able to play them, CD players and PCs will not be able to play them but that normal CD players will because they are, letís say, less critical of the digital content that they get delivered. More and more consumers are getting very angry with these CDs, and perhaps sooner or later consumer groups will start waking up and demanding that these kinds of inherently defective CDs are to be banned from the market. Perhaps consumers should simply not buy them in the first place. This solution would definitely make Phillips, the inventor of the CD format, very happy. Phillips has complained recently and rather loudly of this tendency to corrupt the CD format to produce CDs that donít work on PCs and that donít work on Phillips produced CD burners either.

 

Thereís another approach which is evident in a proposal that is not yet really tabled but is on its way to the US Congress by Congressman Bouche, who is also fed up with these CDs that disable forms of fair use that he considers to be so crucial that they cannot be, should not be, disabled. Simply prohibit the use of technological measures that do away with user freedoms.

 

And then thereís a third approach that is also interesting which is already evident in an existing piece of legislation in fact the European television directive of 1989 already provides for it. It prohibits the exclusive exploitation in a conditional access system, pay television service, of certain sort of important events. Every country of the European Union has now in its legislation a list of important events that should always remain in the clear that may not be monopolised by providers of encrypted pay television services. What kind of important events are these? Well, in the Netherlands of course, 30 April, Queens Birthday, but you can bet on it that 90% of these lists constitutes sporting events. Highest on the list Ė football. Real football that is, not Aussie Rules.

 

Thank you very much.

 

L: I might start the discussion by making the comment that you (Bernt) didnít deal with Rights Management Information. Although RMI, as itís often known, is a fairly central part of DRMS and there is specific provision for it in much of the digital agenda legislation, including the EU Directive on copyright. Is the omission of consideration of RMI on your part because you donít see it impacting so much on user freedoms as do the other elements of DRMS?

 

B: Yes, Iíve left that discussion out partly because I know that I already have a tendency to speak too long Ė as I have demonstrated Ė and partly because I donít think the problem of reconciling protection and respecting user freedoms really comes up that much in the context of RMI. But maybe Iím wrong and maybe this is an area that needs more exploring.

 

L: I myself think that RMI does raise problems from a user freedom perspective, but itís primarily in relation to privacy. We can perhaps return to that issue later on in the symposium.

 

B: I was going to raise the Alice in Wonderland example. It is in fact not a hoax, but misunderstood. It was released by Adobe and a commercial publisher as a showcase for the technology. What ďnot read aloudĒ refers to is that thereís a feature in the e-book technology which allows the text to be turned into electronic speech that has been switched off in this case. So it doesnít purport to refer to the human voice box, which a lot of people think it does, but it does demonstrate the range of permissions that can be switched off by the e-book technology and apparently was switched off as result of an error, they claim. So it was intended to be public domain, it was not intended to be used as a commercial work, but it did have that effect.

 

N: Itís real, did you know.

 

B: So itís real. Is that good or bad?

 

L: It certainly got a lot of praise.

 

I: I tend to look at these things from a sort of market or competition perspective but I am taken by the Belgium example because what you donít get in this debate most of the time is any sense of the counterfactual.Whatís interesting about Belgium is Ė has anyone ever done any empirical research as to rightsholders fleeing Belgium in large numbers? Do licences cost more there?

 

B: Would be interesting. I think rightholders donít even know that this rule exists. Itís a small country and itís where the European Commission resides but for the rest, itís not that much of a market. But your point of course is well taken. What youíre saying is that what we want to know is the law and economic side of this coin.

 

I: Would the sky fall if some of these things were not done?

 

B: Yes, and implicit in your question is, would the users really be worse off in their situation in their limitations and in their freedoms. There is of course the perennial point made particularly by content owners that itís actually better for the consumers because the systems of digital rights management allow for price discrimination and that means youíre not subsidising, as an end user, your neighbourís mega-use at the same time. Unfortunately thereís hardly any empirical research at all about the economic side of price discrimination, even the basic economics of the copyright system in the first place, it remains underexplored, so I donít really have an answer to that. But Belgium could be an interesting example.

 

I: Coming from another small country, thereís something to be said for keeping more open regimes as a kind of game preserve which you could do as a private study, perhaps.

 

B: Maybe you could abolish copyright in New Zealand.

 

FP: Bernt, I was wondering whether you could go and shape how the final text of article 6(4) is arrived at, given itís quite different from the Commissionís original proposal in terms of the definition of ethical measures. I know the parliament has different views the current text basically treats the limitations in a different way from what we originally put forward.

 

B: Well thereís not much transparency in the European legislative process unfortunately. This only exists with official documents, including the various proposals, the amendments by the European parliament, and the final thing. If you follow the debates closely, you also get plenty of these non-papers that do not exist, but take up a lot of space in your cupboards. I think it becomes clear that the Europeans originally wanted to follow the WIPO model and the contours of the copyright model, but in the very late stages of negotiations, dropped the final strand connecting the protection of technological measures with copyright. They dropped the ďor permitted by lawĒ words, and some members states started to protest. These states started to see that user freedoms were really being disposed of, so in the very final stages of the negotiations, it was recognised that there were certain user freedoms that should be dealt with. But thereís simply no language in the directive which refers to it and all those non papers arenít worth the paper theyíre written on. You cannot go before a court and say ďlook at these non papers that meant that and thatĒ.So the historyís very small.

 

Lee: Was there a fair amount of lobbying, between the initial proposal and the final version from certain industry sectors?

 

B: Yes

 

L: And was that along the lines of the lobbying that went on in the states?

 

B: Yes, well it took longer for the user groups to wake up in Europe and in fact they havenít totally woken up yet. For instance the consumers are still totally absent from the debate in Europe, which I think is a big mistake. The Consumer union in Europe still think that whatís really important is buying washing machines. Information products of course are increasingly seen as important from a consumer law perspective.The initial lobbying was mostly done by the content providers, collecting societies, and in particular the photographic industry. The first user groups that woke up were the libraries; they became quite active and successful. The telecommunications industries were also relatively active, particularly in pushing for the caching and browsing exception, although they couldnít care less about the other exceptions. Some member states became more active and aware of the fact that the directive had the tendency to distort the balance between protection and limitations. This is where the 22 limitations arose. However it is still not anywhere close to the United States situation, where user groups are really very powerful.

 

LB: I have a question about the UK fair dealing exceptions, which I feel is not specifically referred to in the directive.Where do they fit in under the 22 exemptions and is there any application of the fair dealing provisions that might be put by the exception and uses, which have been free, but may now be subject to fair compensation?

 

B: Yes. Dealing with the last part of the question first.There has been lots of hesitation on the part of the United Kingdom to agree to an obligatory remuneration for private copying and the way fair remuneration has been phrased in the directive recital, does allow for situations where fair equals zero. That is an example of the kind of compromises that you will find in the directive. There is also some language in the statements accompanying the agreement between the member states and the commission. The common position is that some of the existing fair dealing exemptions may not necessarily lead to fair remuneration. For the rest, many of the fair dealing exemptions have to be divided up and categorised into one of these 22 allowed categories. If they fit in there then itís okay, if not they have to be disposed of, with one exception. If these are pure analogue exemptions that already exist and have no internal market effects, which is where the economic effects remain limited to one member state, then the directive doesnít care, and you can keep them.

 

R: How would any circumvention measures allow for researchers, for example those who are studying the adequacies of the measures?


B: Thatís the question of whether cryptography research is not unduly restricted by this new regime.Well, if you only look at article 6 of the directive, cryptography research would probably not be allowed since there is a no limitations rule there. However in the final stage of the negotiations, the directive recital, which does have legal status, was added to the directive and refers to cryptography research.It says in recital 48 that legal protection should respect proportionality. It then goes on to say that in particular, this protection should not hinder research into cryptography. So although thereís no express recognition of a right to circumvent for that purpose, it would presumably be allowed in respect of the recital.In the United States however, there are express rules allowing cryptography research.In my opinion, it is not really dealt with in the directive in a clean way.

 

RM: Bernt, in our debates here in Australia, we donít have a general fair dealing exception to the circumvention provisions. It was put that this would create a very large loophole and could open the floodgates in Australia. Have you seen in Europe or in the States, ways of putting a general exemption that will deal with that owner concern?

 

B: Well in Europe we have never had any. We have always been used to very limited exceptions in fact (when I say Europe I mean Continental Europe). The continental European approach to copyright exceptions has always been very minimalistic. This follows the authorís rights approach towards copyright, which basically sees limitations as exceptions to a rule, the rule of maximum protection. If you look at the directive, you will also see that limitations are in fact described as exceptions, not described as exemptions. So weíve always had this very limited number of exceptions, the fact that the directive has in the end resulted in such a long list has to do with cultural diversity more than anything else.Many countries have a limited number of exceptions, but if you add them all up you will come to 22 or possibly even more.The only exception to this situation was in the United Kingdom, where there is really a long list of limitations and that is because here, user freedoms have always been more prominent.

 

In the Netherlands weíve tried to introduce a general fair use rule. In fact the ministry of justice endorsed the idea. We wanted to have a flexible American style fair use provision, which obviates all these specific exemptions and which defies technological development. However, halfway during the process, the directive came out and it has not allowed for this exception. The initiative has now been taken care of. Iím not sure if this answers your question

 

RM: Iím just wondering in our exception, to allow for the library licences, the educational statutory licence are exceptions for the benefit of perhaps an institution so that they can manage perhaps the exposure to the copyright owner to leaks and widespread infringement as a broad fair useful.Whatever your fair dealing rules are, once you have fair dealing exception, the concerns you ventilated is that this lets the cat out of the bag, the manufacturer can set a circumvention device to a member of the public who says ďI need that to exercise my fair dealing rightĒ. Thatís rather different than giving a right to a library or a whatever, but I just wonder whether youíve seen models that try to deal with that Ďletting the cat out of the bagí type of argument that seems to drive the narrowness of the exception.

 

B: Well Iíve definitely seen from the rightholderís perspective attempts to simply do away with all exemptions with exactly the Ďcat out of the bagí argument.And thereís some validity to it, I must admit.But letting the cat out of the bag, it doesnít really matter how big the bag is, if itís out of the bag in the context of the small exception, itís out of the bag too. So itís not that good an argument in fact. What really would be a good argument is, look, weíre now in the digital environment, in the digital age, and any legitimate copying will result in serial illegitimate copying and therefore no limitations at all would be allowed. I would be very against that approach but from the Ďcat out of the bagí argument that would be the correct approach. Itís very difficult to reconcile the existence of limitations. I think it cannot be done, and I think all these attempts at reconciling these various regimes are doomed to fail, it doesnít work. In other words, we have to accept leakage if we want to respect user freedoms. If we envision a world where the marketplace functions perfectly according to DRMS lines then we donít.

 

S: I might just make a comment in relation to approaches that are doomed to failure.The government and I think all governments which are trying to implement the WIPO treaties obviously donít take that approach, and thatís why they are trying to implement these copyright systems. I mean, itís always very difficult in this online world especially where youíve got business models evolving to determine exactly how youíre going to try and legislate, to determine a balance between copyright owners and users. In relation to the permitted purpose exceptions, to the technological protection measures which we have in the Australian legislation as RM said when the government was looking at that issue, it wanted to strike a balance but at the same time it didnít want to create an exemption which would allow too much use of circumvention devices or too much manufacture and dealing, and one of the areas where the government thought it couldnít allow the supply and manufacture of circumvention devices was in relation to fair dealing because fair dealing in itself is quite a broad exception. So for instance fair dealing for purposes of research or study, if you allowed someone to supply or manufacture a circumvention device simply on the request of the consumer or the user saying itís for their research and study purposes, then that would apply to a very large group of people with the potential for further dissemination. So thatís one of the reasons why the government took the approach in having very specific exceptions, identifying qualified persons where the risk of that further dissemination was thought to be significantly lower than, say, a person asking for a circumvention device for their research and study. So thatís why the government specifically identified qualified persons who come from library and archive institutions, educational institutions, officers of the crown and persons undertaking decompilation for security testing, interoperability and error correction. So I just thought Iíd add those comments.

 

I: Just one comment on the Netherlands position. What I find slightly alarming is that when you have these systems of legally propping up Digital Right Management, it doesnít just affect digital rights, it affects the whole letter of copyright.What happens is youíre locked into a particular kind of fair dealing regime which you canít then easily re-examine in copyright in general. I mean thereís an argument from a civil law perspective, Australia and New Zealand look as though they have very generous fair dealing rules. From an American perspective our fair dealing rules are weak and timid things. What I would worry about in this exercise is putting it out of your control to actually re-examine the width of a fair dealing defence. Arguably that happened in Australia but perhaps not for this reason.

 

S: In terms of actually the width of the fair dealing defence, itís interesting you raise that because the Copyright Law Review Committee actually looked at that issue in the Simplification Report which the government is responding to and in its recommendation it stated that Australia should have an open-ended fair dealing exception similar to the fair use system as you have in the US where you donít have it limited to certain exclusive purposes as we do here?

 

L: Iíve got a more general question which follows on I think from what has just been said, and that is to what extent is Australian law with the digital agenda amendments following the existing contours of copyright law? Is there for example a right to fair hacking in Australian law? It seems to be that there isnít, from a reading of the new provisions, but maybe other people can cast light on that question. Iím sure people have their own interpretations.

 

S: Under the Australian approach we donít specifically go to prohibit use of circumvention devices, we prohibit the high end, the manufacture and commercial dealing in devices and services. What we try to do is we want to provide strong protection measures, so we want to allow copyright owners to exploit online markets.

At the same time we want to facilitate the operation of the exceptions so in doing that as Iíve said a bit earlier we allow permitted purposes, specific purpose exemptions to facilitate specific exceptions where you allow the manufacture and supply of a circumvention device or service to a qualified person on the provision of a signed declaration. So if the use of a device is for a specified exception and it is within the operation of that exception then you are permitted under the law to use a circumvention device or service for that purpose.

 

LB: Perhaps thereís a right of fair hacking. But you have to either make the device or service yourself, or get it from outside Australia. If you can get hold of it, then you can use it.

 

I: Is there a big policy reason for that distinction, getting it from outside the country or making it yourself?

 

S: Only in terms of regulating jurisdictions outside of Australia.This is one of the reasons why thereís an approach of implementing the WIPO treaties where you need all countries to meet a minimum set of standards because as an Australian Government, we canít legislate for other countries.

 

I: But it wouldnít be happening in another country would it?

 

S: Why couldnít it be happening in another country? Those sorts of issues of how jurisdiction applies across international boundaries in internet cases is quite a grey area and I donít think many people are confident as to say how the law of one country would apply to another country in an internet law related case.

 

B: May I ask a question about Australian Law? Every country has its own approach to reconciling technological measures and user freedoms. The Australian approach is Ďyouíre allowed to sell this stuff, the circumventing device to certain good guysí. My question is to qualified users / qualified persons; has this ever happened already or is the law already in place? [general agreement] Is there anyone selling these devices to bona fide users?

 

S: The law is subject to a review where weíre looking at these practical issues but in relation to the decompilation exceptions where youíve got at least the manufacture of devices for security testing and those types of issues I think you will now actually have people undertaking activities under the permitted purpose exemptions. In relation to the other exceptions the governmentís looking with interest at the way copyright owners and users use these devices and services and seeing how that fits in with the scheme itís set up. The purpose of the review is to look at how the Digital Agenda amendments operate against their primary objectives, and these objectives basically are to facilitate creation and provide incentives to produce, and also to allow reasonable access. So I mean in looking at how it works in the real world, at the end of the review it will allow the government to see whether or not any changes are needed, not in terms of reassessment of the basic policy objectives but in terms of whether the original objectives have been properly implemented.

 

BF: I would like to make a number of points. Some of them flow out of Berntís presentation and some of them are more general. The points are fairly disjointed but I want to broaden the discussion a bit and move a little bit away from circumvention law.

 

The first point that I think should be made is that the distribution of information, and generally the distribution of information under DRMS, is a constitutional issue as well. And Bernt you gave us a list of layers: IP law, contract, technology, and to that list I would add constitutional values or constitutional law, at the very least in Australia, the US and Canada for example. A major part of IP law emanates from the enumerated IP power under our federating constitutions and IP legislation has to be checked, if you like, against the constitution, at least in enactment. In the United States, the First Amendment has been raised in recent litigation in relation to the distribution of information and an interesting question was raised at a copyright conference late last year about whether constitutional law, particularly free speech rights, actually can restrain contract. Contract being a private right, and constitutional law sometimes thought of as being a public right. And Bernt, I know you have written on this idea of whatís called Ďhorizontal constitutionalismí which is the concept that a private obligation can be subject to a constitutional value. Many people categorise contract as a form of private legislation especially when it acts in a mass-market manner and when it imposes terms with little negotiation. So there is a very interesting and I think unrecognised, perhaps undeveloped issue there as to the level which constitutional law and contract intersect.In this country itís pretty hard to see because our entrenched constitutional rights are very limited, the implied right to free political speech which obviously is one of them, but in the United States I think weíll see that issue raised more strongly before too long. It was raised briefly in Bunner, the Californian DVD case.

 

The second point Iíd like to make and move on to is the notion of code as market segmentation.

 

Bernt made this point fairly clearly and itís one we really need to stress. We need to look more closely at this area more broadly, and I think this is an issue that should interest competition lawyers. What weíre seeing, and the Sony Playstation case is a good example, is notion that the segmentation of markets throughout the world is becoming much more an issue of contract and technology, and perhaps less an issue of legislative restriction on parallel importation. So we need to understand that technology or code is now a primary method of market segmentation and that raises very interesting issues of competition law.

 

The third point that I would like to make is to do with contractual licences and distribution of information. DRMS are founded upon the notion of contract and technology Ė the contract weíre talking about is the licensing of information. Licensing creates an elliptical form of property in the sense that it keeps recurring; itís very hard to see sometimes whatís actually being divested in a licence of informational goods. In a broad sense itís hard to see whether thereís been a first sale of anything, and I think when we talk about DRMS we have to look at the whole notion of contractual licences very closely. We need to consider whether they legitimate, do they stand up in relation to competition law, are they the kinds and forms of informational contracts and distribution methods that we want to support? Theyíre very much entrenched at the moment and the issue of critique and questioning certainly has not progressed too far.The CLRCís issues paper on Contract and Copyrightdraws some of these issues to the fore. And I think we shouldnít forget the fact that we sometimes donít start with copyright, sometimes itís the licence that actually creates and commodifies the informational right that weíre considering. And the example about the Alice in Wonderland Ďpublic domainí work creating the informational property right either through technology or contract is something that we need to be mindful of.

 

Now a couple of final points that I suppose coalesce in the case Sony v Stevens which is currently before the Australian Federal Court but I donít think that we should forget Larry Lessigís slogan that comes out of his second book thatďweíre at risk of content controlling technological innovationĒ and what we should be mindful of in any discussion of DRMS is the notion that copyright and content do not necessarily control the way we manufacture and distribute communication technologies from now into the future and thatís very much the subject of his second book ďThe Future of IdeasĒ.

 

Building on this is my last formal point, which is this notion of culture and it relates very much to the Sony v Stevens case.The Sony v Stevens case is the simple fact scenario that Sony put out a Playstation that will only play games that are coded according to their geographical regional coding. If I want to go into a computer store and want to buy what is called a modification-chip, is the person who sells me that chip at risk of breaching the law in some manner. Now the interesting issue in this case which is currently before the courts is that Sony will argue that the distributor, Stevens, is distributing a circumvention device under the s116A of the Copyright Act. Stevens, I havenít seen his submissions, but I have seen the submissions of the intervening party which is the ACCC, and they will argue that the geographical or regional coding is not a technological protection measure and therefore the selling of the mod chip is not actually dealing in a circumvention device.The legal niceties of this case will be very interesting to follow. What comes out of this case is that we now have a generation of information users, and Justice Laddie made this point at a conference late last year, that we now have a generation of information users that find the whole notion of intellectual property a little hard to fathom. And when I look in the Saturday newspapers in the advertisements to buy a computer, I see the advertised package now comes with a scanner and a CD burner. So we have bred a generation, grown on Napster, weaned on the internet, that think that the commodification and I suppose the legal commodification enforcement of intellectual property rights is a hard thing to stomach, and to some extent interferes with the way they want to live their lives.So I know we think that that attitude is a little too naÔve, but I donít think weíve really fully understood that we now have a generation of information users that want access, and good access, as opposed to locking up information through digital architecture. I think we have a long way to go.

 

I thought this may add to some of the discussion, but also draw on some of the points made in Berntís presentation.

 

---BREAK---

 

 

L: I have great pleasure in introducing Mr Peter Higgs, who is the chief executive officer of IPR systems. Peter is not a lawyer, he is a marketer with many years of experience in marketing in distribution strategies. He is a developer of multimedia, who is known to me primarily for his involvement with the Ďpropagateí project, which led on in a way from European commission funded project which went by the name of imprimatur. He is now involved with IPR systems and he is going to talk to us today about some of the interest balancing that goes on in DRMS systems development.

 

Peter Higgs: Just very quickly a bit of context so you know where I am coming from and where Renato is going to follow. I will give you the marketing bits and Renatoís going to be taking you deeper into the technology from a strategic point of view. IPR systems is a continuation of the Propagate project, which came out of two co-operative multimedia centres. It was a project where 10 universities, the NSW department of education, TAFE and various people working within libraries dealt with the issue of copyright management and multimedia. We did a lot of work in consensus forums and also technical modelling. At the completion of that project at the end of 1999, we started IPR systems to commercialise that work. IPR systems is a privately held, privately funded Australian Company, and indirectly has 10 universities as shareholders. One of the very first things we did was engage with the Australian Society of Authors to develop a service called OzAuthors to manage and trade the intellectual property of authors.

 

Some of the lessons that weíve brought in to this is that rights management is an ecosystem, itís about how do you create a fertile ground for creators to get their rewards, for end users to be able to attain the material and the rights to the material that they need.

 

The traditional approach to IP in the past has been what we call the creation waterfall, this is where a creator creates a work, trades it and then moves it onto an end user. The creator obviously has this great big amorphous mass of rights they can control, and they pass on a subset of those rights to a trader, and then that trader passes on a tiny sliver of rights to the end user.

 

So in this movement from the creator to the trader to the end user, the rights get more finely attained. One of the issues now in moving into the digital environment, where you have the possibility of digital files and everything else moving, is that copyright protection is applied at the stages of when it moves into trading, you apply a bit of protection with a key, when it moves from the trader to the user, someone else locks it even more. So youíve got increasing copyright enforcement.

 

We would actually challenge that creation waterfall because we think the market is going much more, particularly in some areas, to what we prefer to think of as a creation life cycle. There is less and less a passive consumer sitting on the end. The point was made before about audio CDs, both my sons sit on the web all the time listening to MP3s but youíve never seen such a stack of purchased audio CDs and yes they recut those CDs into different mixes and take them to parties and bring them back and whatever else. So theyíre not settling for the passive consumption of a mix as the record companies are doling it out, but theyíre also buying an awful lot of content.

 

Weíre seeing this happen so much more in the education markets where a university will acquire some content, add to it, manage it, deliver it to users within the university confines and then exchange and pass it on in whatís called a learning object down to another university then mixes it with some other content that theyíve acquired from stuff that theyíve built themselves, deliver it to their own students internally and then trade it off to another university. You end up - and weíre involved in the standards associations that are dealing with these learning objects Ė you are now in the next 5 years going to be having massive trading of an exchange of learning objects, and these learning objects will contain bits of books, chapters of books, images, voice, scientific diagrams, simulations, and anything that can impact on learning. But the cost of creating this material is so great that you have to share it, you actually have to be able to get credits with other providers of it so that you develop accounting 101 and they develop accounting 102 and swap it. There is no point in 38 universities in the Australia all delivering and developing accounting 101 courses.

Now in this creationís life cycle, creation cycle as we like to call it, where creators are also users they are also re-creators, and the trading becomes small. In this creation life cycle, you actually have to manage the upstream rights and the downstream rights Ė what was referred to before as rights management information. And at only some of the sectors do you apply, I mean, you donít even have to do it all the time, but apply a copyright enforcement technology. For instance, if you have a user who is off-campus and not constrained by the local land of the university, you may put a copyright enforcement technology, it could be watermarking, it could be needing of a key-server that will use it, it could be proper full-blown fairly intrusive copyright enforcement technology such as intertrust.

 

We therefore come up with a broader definition of DRM. DRM traditionally has been what really should be called DR enforcement. Itís about locking up usage so that only those people that have a particular key can use it. Rather, DRM involves description, identification, trading, protection, monitoring, tracking of all forms of rights usages over both tangible and intangible assets including the management of the rightsholders relationships. Itís really about rights management information, ease of providing the correct deal and the delivery of the material, the content, in the right format, at the right time, at the right price. You have to manage both the upstream rights Ė what have we got, what are the rights that we possess - and the downstream rights Ė what am I licensing to this person under these circumstances to do? And of course the downstream rights that weíre licensing are someone elseís upstream rights but thatís beside the point.

 

If we have an eco-system where youíve got multiple parties and moving things across from one to the other, you actually have to find a way of communicating the rights management information in a structured way that computers can understand. Now in the past you havenít needed that. You had a rights language called a lawyer that used to go and talk to you and give you a contract but itís very difficult to get a computer to execute a legal contract. Itís not structured the right way. The first generation of rights management sites were all about single points so that the computer system of the web-sites were interacting with someone else, a human being on the other end and they could interpret the text. They didnít actually have to understand Ė the computer of the other people didnít have to understand too much. They werenít passing it onto another computer, so it was very much just point to point. But a rights management language is a way of communicating between computer systems, structured information that can be used by for instance by e-book, e-video, e-commerce servers on one hand and online learning delivery devices. It should be understood this has been the situation back for the last 2000 years, youíre embedding copyright in the physical production process. If I own the production process I can control the usage of the copyright. Coming into the digital world, you have all these side channels, back channels every other way of going through it and if the owner/manufacturer doesnít produce the goods to the market at the right time and the right price, the market goes around it. So, itís a threat, which is why the record companies, the film production companies and the movie studios are quite nervous at the moment.

 

This diagram illustrates the creation cycle which is happening now in the universities environment. Itís a complex life cycle of uni trading with another uni, creating additional content themselves, using it internally, trading it to another university and only sometimes and most likely the last possible moment, applying copyright enforcement technology, identification or tracking.

 

A rights management language also has to be understood by non-computer devices for instance, printers, mobile phones, PDAs, digital home video recorders, things like the home digital TV recorder or Sonic Blueís Replay that are causing such concern in the US market. It might be there saying, ďoh ok well, you have a right to use this material 25 times, youíve purchased 25 players, letís put a tick on the counter every so often.Ē That is a form of rights management, including counting, reporting and necessarily respecting anonymity and privacy. Rights languages are inherently based on XML, extensible mark-up language almost lingua franca now of computers. Theyíre going through everything. Legal XML, e-commerce XML, library XML and now, rights management XML. But you can make small tight implementations in XML and one of the core characteristics of a rights language is that you shouldnít have a rights language thatís ten times the size of a media asset you want to be sending out to someone. And thereís no point in putting ten acres of exclusions and everything else that are mandatory if all you wanted to do was say that you can play this and do whatever you want with it. So you should be able to send out a little subset of a long rights language to allow the sorts of things you need to do. So donít use a sledgehammer if all you need is a little nutcracker.

 

Interestingly enough, the prime point that we got out of all the research with Propagate, and the engagement with the European IMPRIMATUR project was that rights languages have to be business model neutral. The market cannot establish a standard on the basis that all content is locked, that every purchase is for a fee and that all content is passively consumed because all of those assumptions are absolutely false.

 

Yet, most copyright enforcement technologies and the other rights language that we now know about assumes that all things are free, all things should be locked and everyoneís a passive consumer then youíre going to end up with some massive horrible distortions down the line.

 

One of the other characteristics we see for a rights language is that it actually has to be open source and free. If the language you are using to describe the usage and ownership of content is patented, proprietary and not free then itís very, very difficult for content delivered over the top of that to be free, open source or freely available because your very foundations are proprietary and locked up. This is one of the debates that the MPEG 21 community is going to have now that theyíve decided to go after much beating up with content guide which requires a licence for usage of their language, their XML language.

 

Rights management, to echo the point that both Bernt and Brian were making, is a complex interaction between Ė we see four competing/complimentary biases:

-         social Ė fair dealing, give a gift, social norms;

-         business governed by accounting practices, transfer of dollars, making a deal at the right price at the right availability for the value that customer, the market sees as fair;

-         legal Ė obviously laws of copyright, contract, privacy, and thatís governed variously by jurisdiction; and

-         techies Ė you actually shouldnít ever let the techies decide on those other things as well because youíll end up with some great distortions, and just because you can do something technically, doesnít necessarily mean you should do it, but technical boundaries are:

o       can it be done in a combination of programming, applying various technical techniques, XML descriptions, whatever else, and there are probably lots of things that you can do, some things you canít do, and some things you shouldnít do.

 

Apologies to some of people who have seen these next few slides. This is just a little bit of a summary of how weíve divided up the concepts of copyright into something that a computer can understand. And weíve been talking a little bit about upstream rights and there are 3 concepts in upstream rights:

1.      degree of evolution of the work;

2.      degree of granularity; and

3.      layers of rightsholders.

 

Degree of evolution is based on the library model.IFLA is the internationalfederation of library associations, and they categorise works into the concept, the expression, the manifestation and the instance. Media asset management systems deal in moving around manifestations and instances. A concept is think of War and Peace Ė the story, the characterisations, the plot development, the names of the characters. Then you have the expression which is the novel or the screenplay or the movie or the play. You then have a manifestation which could be the Novels hardcover first edition, then you could have the first edition that I hold in my hand, which is the instance. You have different contributors at each of those levels and different characteristics.

 

Degree of granularity is a lot easier. This is components within components within components. I mentioned before about IMS (the Instructional Management Specification) for education. This is where you have photos put inside containers of code, in this case, itís a zip file, with a manifest. Itís a bit of XML expression that describes whatís in that container, and you can open up that zip file and thereís a text file that says, ďhere, Iím a book, Iím chapter 10, I can be used for this for this sort of education or used in here and here are my rightsĒ. So when youíre bundling together a dozen different learning objects into a bigger learning object you get all of this nesting. So granularity is really nesting of objects within objects within objects. And if you had an object with 25 components, one from a library, one from a museum, one from a commercial developer, one from Channel 9, you cannot take easily an aggregated approach, you actually have to build up the understanding of the works and the rights from the components, other wise you end up with nonsense.

 

The third concept of upstream rights is layers of rights-holders. This is where you can split the revenue or levels of ownership but you canít actually disaggregate it into various components. So when youíre baking a cake, you canít go back to the flour and the eggs but you can say ďyouíve got a slice, Iíve got a sliceĒ. This approach can help solve problems within universities where they can say, ďwell okay, weíll share the revenue in the digital publishing right, weíll share the revenue in the pre publishing right but the commercialisation right is owned by the university.In the case of the layers of rightsholders in the OzAuthors service weíve implemented digital book exchange weíve got various parties that can split the revenue, and in fact we have one case where we have 30 rightsholders specified and when the average price of a book is 8 dollars you could have some very small splits between rightsholders.But thatís fine, thatís what computers are for.

 

Downstream (and this is most relevant to digital rights management): we conceptualise this as looking at 3 axes:

-         type of user;

-         type of usage; and

-         the degree of trust of type of user and type of usage.

 

For instance, type of user could be: is it a student, is it a scientist, is it Joe Citizen.Type of usage: is it research, is it passive consumption, is it for study.

Degree of trust: is it an authenticated user with a smartcard so that I know absolutely that itís this student is in his role as student? And that could also be anonymous.

Is the type of usage constrained by the fact that itís on the university campus, or within a library where you have no printers and thereís no email going out so you can let them do anything within there because their environment is constrained? So degree of user trust or degree of usage trust can be applied in various different technologies.


The difficulty of rights languages - weíve got this shift. Graham Greenleaf and I had a very long argument one evening over a bottle of red about the shift in copyright. It traditionally, he asserts, and Iíve got no reason to doubt him, that everything was permitted except that which is expressly prohibited. A bit like the Swiss laws. And with that comes the potential for compensation for the act of publishing. But currently copyright is this uneasy balance between commercial ďpropertyĒ and fair use: Social growth versus rewarding creators. Itís interesting though, most of the outrage over MP3 is not from the creators, itís from the channel owners.

 

The easiest approach to solving this problem in a computer sense is Ďlock everything, and Iíll dole out the keys to unlock it, really, really carefullyí. This is not letting the cat out of the bag. Unfortunately thatís not really a very practical way of reaching the marketplace. And itís very interesting that in the US, youíve got the other debate going on in congress with the Security System Standard Certification Act. My assertion is that it wonít work. It may work in the States but youíre going to find it very popular with computer systems sellers, operating systems developers and applications developers from every other country in the world . This is something that you cannot damp down, you cannot stop, you have to solve it with a combination of approaches, not just technological and not just legal. Marketing is actually quite useful.

 

A reasonable approach is to manage the content with the right assertions attached. You lock the content or apply some sort of technology only if and when needed. Do not do it across the whole board, because if you do, you could end up with problems. And my assertion is, echoing I think Berntís comments is that you actually have to design fair dealing, fair usage, into the systems. Itís dead easy as I said to code it out and Larry Lessigís points are made in his books that the trend at the moment is that you could end up with a totally frictionless economy where there is no such thing as fair dealing. But you pay for everything.

But the origin of fair dealing, of fair usage is to overcome the friction or the inefficiencies or the gaps in market forces from traditional medias and distribution structures. This is why you have educational exceptions, because it would take you forever to try to get permissions to photocopy or reproduce 10 pages into a classroom. Some fair dealing is fundamental to a healthy, growing, thriving society both scientifically, socially and for general democracy.

 

One of the issues here is that fair dealing is very complex. It needs a lot of modelling, and when Iím talking modelling, Iím saying letís take the common scenarios of fair dealing and put those into a language that the computer can understand. But I donít think modelling fair dealing into commercial offerings is going to be cost effective for any ecommerce providers to do by themselves for the moment at all.

 

The other aspect of this is: how does society ensure a safe harbour? The preservation and access role of libraries and museums is dramatically under threat. If I was a library or museum, if I was curator, I would not allow any encrypted content into it because it is hard enough today managing encrypted content with unlocking keys, on 25 computers even 10 computers within the library, but how are you going to ensure access in 200 years? Itís impossible. And once you start letting encryption within a library, itís cuts into the heart of preservation. However, you can apply things such as watermarks, with personalised licences that ensure that there is minimal friction behind the library wall, or you apply a technology, as a work leaves the library, if itís out on interlibrary loan or loan to end users. And one of the aspects there is that fair dealing business rules should override commercial rules within a safe harbour sanctuary of a library or a museum or a research institution.

 

The best approach by far, (Iím a marketer and therefore I would say this) is to encourage efficient markets which deliver the right goods at the right price and that donít require blanket enforcement of everything to everyone.

 

After all, the world survived radio, that was deemed to kill off musicals and live performances. Radio stations survived TV, movie studios survived TVs. Business models evolve but there is a big debate at the moment about throwing out the baby with the bath water because the movie studio and the software companies, donít particularly want to shift their business models into the new markets created by the new technologies.

 

It is important to recognise, taking Larry Lessigís point, the ďcreative commonsĒ, and again itís very easy to code out the creative commons. Having commons work in a viable way is complex. We will see that working most strongly in the educational sector because there is a culture of create, trade, manage, sometimes for free, sometimes for recognition, whatever, and they are struck with declining budgets but a very very technically savvy audience, being students, who say ďI want it digitallyĒ, but the universities donít have the funds for that. And just as a little bit of a side, because we are all in software struck by this war of patents going on, how do you have a competitive edge without relying on patents? Companies are forced into having patents around their software processes or their software designs, because if they donít patent it, their competition will and theyíll be out of business. And Iíve seen some discussion about having a public trustee for patents and copyright, to keep these things effectively in the public domain and registered pre-emptively.

So where is this going? You are going to be seeing lots and lots of commercial offerings that use digital rights languages to deliver both free and fee content. There will be other applications for managing organizations upstream rights as in the IP Stocktake prototype [referring to slide]. The other screen shot is from the learning object exchange where most of the content will be free, but just because itís free doesnít mean you donít have to manage the licences to the other universities, or to the other sectors of schools.

 

You will also in the near future see the metadata travelling with the object and not in a nasty way constraining everything that I do, but rather saying, ďlook, you are perfectly licensed to use this video in your classroom, but if you want to put it up onto channel 10 TV, website of the year, then you need a little bit of additional rights, why donít you just click here and weíll organise it for youĒ, which should be dead easy to do.

 

Iím now going to pass over to Renato who is going to talk a bit more about how those languages can put that together. Renato Ianella is IPRís chief scientist, he comes to us with a worthy background in working on standards groups, heís a member of the World Wide Web Consortiums, the Advisory Board, heís a co-founder of Dublin Core Metadata initiative, sits on the working committee for AGLS and is also spending half of his week on standards committees around the world.

 

Renato:

I will now move into sort of the more technical part of the talk and how it all works. I will give you an example of what currently happens on the Internet or the web, for managing rights, then Iíll talk more about the standards efforts that are going on, and some of the studies that we have done. Iíll look in more detail about the modelling behind digital rights, and in particular the model behind the open digital rights language, and the examples of how that works. Then Iíll look at some more e-book examples within the education framework and Iíll finish off with a demo of the editor behind the learning object exchange.

 

Okay, so just to give you an idea as to what currently happens, here is an example of†† ďCartoon BankĒ where you can go onto cartoonbank.com and buy cartoons, which are images, for various purposes. After you find a cartoon, you have the option of specifying, ďwell, what do I want to do with this cartoon image?Ē I can print it, I can get it for t-shirts, for sweatshirts or for presentations. The next thing it asks you is ďwhat is the intended use of this particular cartoon?Ē Is it for a textbook, for a magazine, is it for a web site? The next questions it will ask you is depending on the previous answer but if you said magazine, it says ďwell, what is the name of that magazine, when will you issue it, whatís the subject mater, circulation, etc. In part 4 there, do you want worldwide rights, do you want electronic rights, are you a non-profit organization? If I answered I wanted the cartoon for web pages, it says, ďOkay, what is the URL of the website, whatís the number of hits on your website, how long will the cartoon be online, are you a non-profit organization?Ē So it goes through all these questions an answers and then at the end of that experience you then come up with the actual if you like, agreement or licence for use of that particular cartoon. So the top one up here, the first one is for $30 dollars you can use the presentation, the licence details are here, in a conference of the cartoon. The second example here is this other cartoon. The licence detail Ė I can use it in a textbook for print one of 25000 to 100000. I have worldwide rights, electronic rights, etc for $660 is the amount it came up with. So this is an example of what happens today and this is all very much specific for this site and once I get the actual cartoon, this information that you see in front of me is only for me just a print out, to keep it on file somewhere. So itís not a example of reusable rights, because if I now want to look at my cartoon, I might move it to another machine etc, the image itself, I have to go to my filing cabinet to find out what the rights are and try to find that etc. What weíre moving towards is the same scenario Iíve gone through but to actually capture that rights information that digital licence in the electronic format and make that persistently associated with the content. So the way to do that is for any new technology is to look at how to standardise it on a rights language. Thatís one of core Ďlow-hanging fruití if you like, of DRM. DRM is a huge problem to solve. But one of the aspects of DRM is just a rights language, that is, the expressions of rights information. So within the current standards, there are slowly emerging DRM standards. Some of these are embedded in content standards themselves. If you are familiar with the Dublin Core Metadata thereís a rights element. But thatís really just there for textual information.

 

There are other standards like Prism and DIG35 and ICE, which are publishing images and content syndication standards. And they have a bit more expressive rights. They may tell you, ok, in Prism for example; it says you can use this image on a web site for example, for a certain number of days. When you move into e-books, thereís a standards group called the ĎOpen E-Book forumí and they have been very active over the last couple of years in developing a rights language. At this stage theyíve finalised the requirements for a rights language and weíll be looking at formally developing the actual technical language later this quarter. There are other standards like the Ďinternet engineering task forceí, but they are more lower level protocol issues. Then the real key work is in rights language proposals of which ODRL, our language, is one of those. Thereís XMCL from Real Networks, XRML from Content Guard/Microsoft.MPEG-21, if youíre familiar with the audio/video standards group, MPEG-21 recently adopted XRML as its standard language. That was an unfortunate decision in our view. XRML itself is a very complex language and hardly likely to be implemented in the web internet environment, and as Peter pointed out, itís a royalty based language so you would actually have to pay fees just to write the expression language for your content, irrespective what the content is worth or what value youíve got.So all likelihood that itíd be very seldom to up take that language in MPEG-21.

 

BF: Can you tell us, is that the only open source standard or are all the rest open source languages in this area. Is that the first time we have seen a proprietary language introduced?

 

Renato: For a particular language itís probably the first case where a standards group has adopted a royalty based language. MPEG has a history of adopting technologies that are patented. So for example, in MPEG-4, which is more the video encoding level, they have technology in there which comes from a number of companies and they have asserted their rights. But even today as MPEG-4 becomes available in desktop software Ė we see companies like Apple for example refusing to pay those royalties, because they see they have a comparable technology called Quicktime which does a similar thing so why should they pay money to this group of six other companies just to use a so-called open standard?

 

Peter: Renato, the question was about the others being open source.

 

Renato: Yes, sorry, and ODRL and XMCL are totally open source languages.

 

In the mobile world, 3GPP, there is a third generation partnership program. The mobile world has just begun standardising or looking at requirements for digital rights languages, so companies like Nokia, who we deal with, are looking at how to support DRM on your handset. But recently weíve had a lot of success and interest out of the education sector and in particular the IMS standards group which Peter mentioned will probably start in next month, in fact led by our company, a Digital Rights Management working group, to look at a standard language for describing rights over educational content. As well as that the IEEE standard group has also commenced a study group looking at some of the issues of DRM languages.

 

Just for your reference, IPR systems, again in the educations area, completed a number of studies last year/early this year on how DRM and education fit together, and we did one study for DEST, which is the higher education sector, and one for the school sector, which is the Learning Federation, where we developed the system and business requirement for DRM within their architectures. The SOCCI project as mentioned there for the Learning Federation, they are actually†† building a system to implement a nationwide project. Macquarie University is also building a test bed for Digital Rights Management within, in this case, higher education, but how we manage learning objects, educational content within the university sector. The report from DEST, weíre publishing the first one in a couple of weeks, and the other URLs there you can grab.

 

So thatís a bit of a background as to where standards groups are all heading, but to take us back to the modelling of the rights, this is the core model. Itís a very simple model, but the core differentiation here is that weíve separated how we describe the content from how we describe users from how we describe the actual rights. We donít try to put them all together into one big standard. So this is a model thatís the basis of some other work index as well as IFLA (International Federation of Library Associations) work that Peter mentioned. One of the things we do recognise is that Peter talked about the modelling of content into work expression manifestation item, and for users we look at specific parties who could be rights-holders or could be specific roles or there could be groups of users who could be rights-holders as well. We try and manage that layer of abstraction within our model but what weíre keenly interested in is obviously the top box there which is the rights box, [referring to presentation] we want to explode that out and start fill in what that all means. We did this in the ODRL language. We started this language about 18 months ago when we realised there wasnít much out there for standards for rights languages, but weíve worked with Nokia and Real Networks to merge their proposals for languages into one language, so ODRL is, if you like, a joint language from ourselves, Nokia and Real, plus down the bottom there you see a lot of other supporters of the language that we deal with in promoting ODRL with these standards groups. But if you want to have a look at the language, itís an XML based language, you can download it from odrl.net, itís a totally free language to implement and we definitely welcome your feedback on the language but we are at the moment looking at other standards groups to standardise the language. As I mentioned, IMS is one and we may also go to W3C, the web consortium, in the near future.

 

But in essence the model behind ODRL is the same model I presented, where we have rights, parties and assets as separate entities. We then look at well - what does the rights box contain? Well basically it contains the permissions, these are the things you can do over the assets. The permissions themselves can also have particular constraints, so you may be able to play the video (the permission) for five times, five is a constraint, or you may be able to play the video for one year, or play the video in Australia. So these are types of constraints. The other aspect is requirements, so these are things that you must do to gain access to the permissions, so these may be things such as, you pay me one dollar every time you play the video for that one year.And finally the other part of permission are conditions. These are sort of like exceptions that must hold true, if not the whole, then youíre not allowed access to these conditions any more. An example may be on a pay per view permission, you may have to have a valid credit card for that entire period. Thatís a condition, so once your credit card is invalid, then you canít get access to your permission, your play right, for example. But there could be other conditions in there.

 

So those permission and constraint requirement conditions are all, if you like, the placeholders where more expressive terms will actually be added to the language. And Iíll give you examples of those terms in a moment. The other aspects of the model is that in essence we have two aspects to it which is, we make offers of rights over content, and these offers come from rights holders.The other aspect is that once a user sees an offer, for example, they may then enter into an agreement based on that offer for rights over particular content. So theyíre the main two aspects which we will see in a moment. Making offers over content, and actually generating the agreements, and the language does both of those in the same structure.

 

The third thing we can do is actually revoke rights. At some stage in the life cycle you may have to revoke rights that have been previously issued and we need a mechanism to do that. The final aspect of the model which is more technically based but important is that we can have information about how the assets are encrypted, and at the top here we can have a digital signature for the entire rights expression. We can then validate who made this assertion that you have these rights for via a digital signature

 

So thatís the basic core model, and thatís what we call the expression language. The actual terms to use like prepay, count to five, etc, thatís what we call the data dictionary and thatís something thatís very largeÖ thereís a core data dictionary of terms but there are also specific sectors who have their own terms they will develop and plug into the language. So here are the core terms, just to give you an example, of all the permissions and if you just look through there are things like display, print, play, modify, embed, sell, move, verify, give, lease, etc. Whatever the actual terms are for permissions, thatís part of the data dictionary terms. And other communities as I said will come along and say ďwell, we donít like those terms, we have additional terms and we want to make them availableĒ and again, because ODRL is based on XML, the language, we can add those quite easily through the extensibility mechanism.

 

So again thereís a whole heap of constraints that you can use, count constraints, date constraints, quality constraints, etc. So ODRL defines these within their current specs, these are their core ones but they can be extended.

 

So what does that all mean in software? [referring to slide] Well, here is an example from the OzAuthors website. In this screenshot here, this is an author uploading an e-book, and is now specifying the offers over his or her e-book. There are actually 3 offers displayed here. The first one is a preview, of 5 pages in gif and is for free. So you can look at the first five pages of the e-book for free. The second offer is to read only the e-book, for a particular price, and the third offer is to read and print the e-book, which is secure, which means itís encrypted for a particular fee.Now the user and the author in this case has selected this one offer here, plus the preview one they get by default anyway. So theyíve basically accepted 2 offers. So from an ODRL perspective what this looks like is the preview is simply saying you have a permission to display the e-book but you are constrained to only 5 pages, and those 5 pages, the format of it, is constrained to gif images only, and the requirement is zero dollars. Thatís how we would translate into an ODRL expression. The same for the other offers: read and print are just simply those permissions we have a CPU constraint, which means that whenever we get this e-book itís going to be constrained to your particular CPU, that is, so you canít email it to your friends because itís only going to open up, itís a PDF file, on your computer. And again thereís a requirement there.

 

So thatís all the user sees, and thatís all they should see. For those who want to see the underneath, thatís what you/the computer sees. [referring to slide] This ODRL expression is just this last offer down the bottom here. It basically in the machine language tells you what the asset is at the top there, the actual (itís almost human readable, but not always), thereís permissions here, so youíve got display and print, you have a constraint over a CPU, you have a requirement which is a prepayment and the amount is 10 Australian dollars, etc. So thatís all wrapped around an offer tag at the beginning and the end. When a consumer comes along, says ďI like that offerĒ and clicks Ďyesí and gives us their credit card details we then turn that into an agreement.And thatís very simple, we take the word Ďofferí off the top there and change it to Ďagreementí, and we add the party identifier in there as to who made this agreement, who did we make this agreement with. So thatís the extent, the ODRL language can just simply capture those offers and agreements quite easily from a computer sense.

 

Now we saw the Adobe example, which as Nick said is a real example of the Ďyou cannot read aloudí example, this is what Adobe have, from their e-book software. This is what the e-book owner would actually see when they specifying the rights over their content made available from Adobe. And down here we see, if I can just point to it, enable reading of text aloud, is turned on. So this is the other end of that screen. But it has very specific rights and very narrow rights as well, for example, there are things like copy text selections to clipboard every 120 days or print 2 pages every 120 days, so you can be very specific about the different types of business models you want to make available.

 

So this is what Adobe software looked like about a year ago, and luckily enough weíre actually working with Adobe within the open e-book forum to support ODRL as a single language to express what we saw in OzAuthors and what we see in the Adobe book reader, in a single and precise way of specifying rights. So the idea is if I get an e-book from Adobe, and an e-book from OzAuthors, my reading software which could be just a PDF reader on my laptop, I donít want two different viewers with two different systems to need to understand, I want one way of doing it.

 

So Iíll give a quick demo now of capturing the rights in the learning object exchange. So the learning object exchange is an extension of our e-book software that OzAuthors runs, but is tailored towards learning objects.This is a object that is made up of other objects, so itís a higher level of granularity, which involves capturing rights at different levels, or different parts, of content.

 

This is just the prototype of what the editor will look like when youíre capturing the rights for learning objects. You can imagine that you have a piece of content, learning object thatís made up of 6 or 7 parts and you now have to capture the rights for that particular learning object. At the top here we have a number of tabs, the first one is all parts which means these rights, or these offers, in effect apply to the learning object as a whole. We look at part 1 which is lecture 1, part 2 which is lecture 2, etc. The user can simply say, ďthe first offer Iíll make is to use the learning object or modify it. I can specify the constraints such as you can use it up to 100 times for educational/commercial purposes, in any particular place, for any particular time periodĒ. And then I can say ďwell, that will be for freeĒ, so Iíll leave that at zero. And then I can do the same thing again, and say ďwell in a commercial environment, if you use my learning object, you have to pay me $1000Ē, for example. And there I can also say $100 per use, and all sorts of things like that. That is the final level of detail of specifying an offer. In most cases these final level detail offers can actually be saved as a general template, so we have this button here that says ďsave as this templateĒ which means, I want to reuse this particular template offer and give it a name and then down the bottom here we then have a series of template offers. So in most cases the user wonít see those top part of the screen, Iím going to do ďĒ for one offer and the other offer is going to be ďABC Uni number oneĒ. So these have been predefined templates, Iíll just select them and then off I go.

 

The second part is specifying the rights-holders, that is the permissions. I can say ďwell okay, these people worked on the content, these are the roles they played, and for commercial purposes theyíll get the following percentagesĒ, which should add up to 100 eventually. I can specify the rights-holders for the learning object. Again, the same process applies for parts, so if Iím happy with those offers being for the entire learning, then thatís all I do, then Iíll say this and Iíll get some ODRL code at the end. But if, for example, I know that, tutorial 1 is a bit different because tutorial 1, someone else helped me do it, so thereís a new rights-holder in tutorial 1 which was Sue, she did some design for me so Iíd better give her 25 percent as well. Click OK, and tutorial 1 is actually a PDF file so the offer is to display it for free but the second offer is if you print it, I want you to pay me $1. That is again those levels of rights we need to capture, etc. So thatís a demo of what the screen looks like for capturing that data. And with that I will end.

 

L: A big thank you to Peter and Renato for a most informative demonstration of some of the practicalities involved.

 

Peter, I just want to ask you if Iíve got this right: what you were indicating was that itís easy and presently commercially cost effective to encode in Lessigís terminology or hard-wire in Boyleís terminology, strong copyright protections in the form of DRMS, but itís not presently commercially cost effective to do the converse, that is, encode fair dealing in DRMS. Have I understood you correctly there?

 

P: Technically you can do it. You can turn those expressions into fair dealing expressions. But the amount of logic, combination of legal and social practices and everything else you have to do, it costs the company quite a lot of time. And all theyíre really trying to do is letís get it down to market, when can we make revenue, not so much caring about, well, who do we give this away to, free. And even when you are dealing with libraries where weíve made instances of sales from OzAuthors, the joint venture, putting in different types of offers for libraries and these sorts of usages they have in there, itís not easy; it takes more imagination, it takes some legal finesse and attitude. I mean, the easy way is Iíll send you a copyright enforced thing locked up, but itís not going to meet their objectives. It takes time, it takes effort, and itís not normally the skills these guys have inside their techies.

 

I: Is it the content of the fair dealing rules that makes this technically difficult or is it the fact that youíre starting from the assumption the ownership right should be the problem?

 

P: One of the things you should be doing is delivering the content in the right format to the situation. Itís the types of usages, price and offer that people coded, if youíre making a particular offer. One of the problems though is that you may not necessarily know what the usage is going to be when you make an offer, it may end up in a circuitous route in a library. And how do you build that in and say ďwell, if this object ends up in a library, then the library didnít do all of that but it may not be the first person that purchased it.Ē You might have actually just sold one or two copies of an e-book, for instance, that itís ended up in a municipal library because itís about a local area, they love it, how do they keep it there?

 

I: Just following that technology trail. Is it easier if the fair dealing rule is specific and narrow as distinct from wide and general?

 

P: Yes and I think the only way you can do that is by various scenarios. So you actually take the common scenarios and then try and do that up as fair dealing offer 1, in fact itís an override more than an offer. And this is where Iíd love to have the philosophical legal horsepower of Berntís group in Australia, taking that on as a charter and saying that if youíve got something computers can understand and that people can write, how do you do it in such a way that makes sense, how do you do fair dealing?

 

R: Remember that the language is ODRL. Any XML language is really based on knowing the facts. I mean, you canít just give it a vague term, it has to know something, it has to know exactly what it means, so you have to be very prescriptive with the rights. If fair dealing was very narrow and you could quantify it, this is exactly what it means, then we can turn that into ďones and zerosĒ.

BF: Your system seemed to be very static. It didnít seem to mean that I could send a bot or a software agent to you and say, ďlook, I want this piece of a song or this piece of a bookĒ, and it can negotiate with your system. Your system seems to be very static in the sense that I have to go there and click all these boxes so how are we going to build intelligence into the system, so that it is actually useful in the online environment? Have we got there yet, or are we getting towards that?

 

P: Thatís probably a fuzzy logic, thatíll be the next phase or the phase after, and really the only way youíre going to solve fair dealing is with fuzzy logic. If you say ďThou shalt not copy more than 10 sets of this chapter and hand it out to your studentsĒ, some guys going to be doing 9 copies one day and 9 copies the next day and whatever else. Who knows, I mean, thatís the trouble, the law is sort of vague and has compensatory mechanisms which technology doesnít. But you canít be absolute about this either.

 

B: This is of course the stage where the lawyers become almost allergic to technology that is when information scientists start demanding that the law become implementable into computer systems. But that is of course the question. What youíre actually asking for is a second round of codification, the first round being balancing societal interests in such a way that courts and lawyers in general can understand them and apply them in a reasonable manner, but thereís lots of fuzziness there. Fair dealing I think is a good example, but even the more restrictive European exemptions in copyright are still rather vague. There is always a test of reasonableness there and thereís always a proportionality requirement. But itís probably clear enough for the average court and the average user to work with. Now what you require is basically another round of codification making these fuzzy rules into very concrete rules. In the process much of the societal interests behind these exemptions will of course eventually get lost and I wonder if itís really realistic to say that you can encode fair dealing. What I can imagine that you can encode are a very concrete residue or characterisation or abstraction, I donít know what the right word is, of fair dealing into your system, but never the rule as lawyers will perceive it.We will never have the flexibility, so you can only approximate. Therefore what I like about your presentation is the way at the beginning where you said, we should basically try to replicate business standards, or practical standards, and implement those into the system rather than try to emulate the law with all its inherent fuzziness.

 

AF: I actually know Peter and Renato from way back, from Software Engineering Australia days, and at that stage I actually really helped put in place, in terms of getting funding, for a project which is still being carried out by some guys who are the leading Australian computer experts in Artificial Intelligence. This specifically dealt with whether there was scope for the exercise of discretion when applied to legal reasoning. I donít know if youíve actually caught up in recent years with what Andrew Strenieri is doing, heís I think at Ballarat, and John Selessenkof, heís from Melbourne, but heís now actually working at a specialist centre at the University of Edinburgh, and theyíre really like acknowledged experts. The stuff that theyíve done, I have to admit, like all kind of leaders in Australia, their stuff is a little bit beyond what most people can comprehend. But it has been apparently quite well received on the international scale. They have embarked on this project to look specifically at the application of reasoning in relation to copyright, particularly in relation to the exceptions under our copyright act. I think that it may be worthwhile for people to follow up with those guys because I always understood at the time that this was the other part that you guys would need. You guys have actually gone and made a lot progress in digital rights management systems, and they have actually made some progress, at least as far as I know of, in artificial intelligence.

 

P:It is for that reasoning of course why the market is not yet ready for it yet. They are just getting over Ďeverything should be lockedí phase.

 

BF: The funny thing about that Peter, is that what weíre presented with is a system of self-executing code, where the judge is this technology. Theyíre saying we canít reason through technology to put submissions to that judge. I mean, what Iíve heard a lot from technologists lately is that, they are working hard on trying to find this fuzzy logic. Unfortunately, none of them seem to be lawyers, and theyíre trying to work on systems of intelligence built into the contractual negotiations systems.

 

P: This is my problem. If you rely on technologists, youíll end up with something where they will be asking for $30 for a presentation cartoon. Itís not the right value, and they wonder why they get piracy. If it was $5 or $3, or other combinations of the right price, the right offering, the right value, that would be different.

 

AF: This whole area in the implementation of artificial intelligence systems in relation to legal reasoning is not pie in the sky. These guys have actually got functioning in Victoria, systems that are actually used by legal aid actually for determining, who actually is going to get legal aid. Theyíve got a system that actually applies to split up of property on divorce, and so forth. And those are actually systems that are sort of beyond the prototype kind of stage.

 

L: Many people, at least in the legal field, see AI, i.e. AI in law, as something thatís sort of dying out. But maybe weíll see a renaissance of AIís application.

 

AF: No, itís not a renaissance. Itís actually stayed there all along. Legal Aid Victoria actually use this system in determining who gets legal aid. It has not died out. Itís just that there are a very small number of people that actually work in the area.

 

P: It still doesnít change the fact that you have to make the assertions of Ďhere are the ownership of the upstream rightsí and Ďhere are some licensingí. Now, how do we broker a deal, and how does the fuzzy stuff come in. Can I use this without having to go back and do all the formalities.

 

I: At the end of the day, youíre going to have to run into the simple proposition which is this - there is no way that any language can deal with this.It only means one thing, we need a good lawyer to work on it. Now, maybe thatís just naive of me but I think that all forms attempts to apply artificial intelligence to this problem are going to run up against that. But also, I have to say that if it is possible, if the fuzzy logic is difficult with fair dealing, it would seem to be difficult with defining the scope of the right. The scope of the right is not self-defined.

 

BF: But it shouldnít stop us trying.

 

I: Well maybe it shouldnít.

 

B: In that, I should just agree with, and I think thatís the point you tried to make earlier in your presentation. Perhaps we need agreement between right holders and user groups about fair practices, so that you can actually implement this in the system. So, standardise user freedoms inside the product and not try to emulate the law

 

L: I think nevertheless you still have to have lawyers involved in the standard setting process, just to make sure that it doesnít go too awry.

 

B: Yeah, and have adequate representation from all parties concerned not just libraries plus right-owners but also, real people.

 

R: The question here, I think, is one of identifying the right abstractions which will be implemented within the system. Letís take for example, whether or not youíre allowed to sing a song in a church. What counts as a church? A very fuzzy question indeed. And I think what technology needs to provide if youíre going to try to support that sort of exemption is a mechanism which is based on location information plus a prior decision on the part of some certification authority that decides what is going to count as a church for the purposes of this particular exemption. That information comes into the system and that goes to the point that actually implementing those exemptions is a very expensive proposition because you need to set up that sort of infrastructure for making that sort of information available. Moreover those sorts of decisions are going to change over time with case law.

 

P: And maybe you donít implement all of this new technology and you accept some leakage. If you try to ensure this thing has no leakage, the social cost, the visibility cost is going to be absolute. It is like perfect distribution, the cost is infinite. Copyright law is about getting a fair return, itís not about being paid for every usage.

 

I: Economically efficient return.

 

S: Iím just going to raise a couple of points then ask a question at the end. In terms of getting agreement between owners and users as to standards that apply to fair dealing or fair use, I just want to note that in the US I think they had a process called CONFU Ė Conference on Fair Use - where they did try to get agreement between owners and users as to what fell within fair use activities. In the end they couldnít actually reach agreement so that will be something which, I imagine, will be difficult to achieve in Australia as well. Under the Australian law what is a fair dealing is not, in most cases, clearly specified as fair dealing is designed to be looked at on a case by case basis where you apply a number of principles which are set out in the legislation and which are considered by the courts. To design a computer system able to do that would be a difficult thing. Iím not saying itís impossible, but the more general question I had wasÖIím not sure if thereís any copyright-owner interest who would like to comment on the aspect of building fair dealing into a DRM system. Iíd be interested in knowing what copyright owners thought about that.

 

JB: Australian Society of Authors. Our submissions to the Digital Agenda Bill debates always agree that there would be moments where the remuneration for some types of usage would be zero dollars and that would be fair depending on who was using it and in what context. So thatís always been part of our agenda.

 

LB: This is probably a bleak response. But I was actually more interested in the authentication of users issue because the model allowed for different pricing for different types of users. And how do you check whether someone actually is a non-profit organisation, or an educational institution or a library. It seems to me that if you could do that, then you could have a further qualification which says ĎIím a library who undertakes to use this material, to distribute this material to clients of the library, as allowed by the Copyright Act. Or ĎIím a educational institution who wants to distribute material as allowed by the copyright Actí and whether you deal with the issue that way. I think the issue of access by individual users for their individual fair dealing not via an institution or an intermediary is much more difficult but you may be able to solve it to some extent if you are doing it through a library or an educational institution whose status can be authenticated.

 

P: Yeah, absolutely agree. How do you use a reference work within a library that might be an ID user that has absolutely unfettered access, which could be delivered to someone on a remote campus as part of coursework? Each may have a different compensation mechanism going back to the rights holder. It may not be free to the end user but it could be a different compensation regime or reporting regime. But how do you discriminate in the making the offer by type of user or location or the role theyíre in.

 

R: I think authentication and trusted services has always been another piece of the DRMS pie that needs to be solved and thereís no elegant off the shelf solution at the moment. It has to sort of evolve as we develop bits of solutions to deal with rights languages and try and do a bit of authentication like as Bernt said, the COLIS project working with other partners to authenticate students and locations and stuff like that. I think people are trying to work on those little bits of the pie and hopefully it will all come together.

 

P: We now have the pieces, the single technologies with XML and ODRL that you can start to manage some of these so that you can work on bits of the problem and make some progress. Before that it was a bit complex.

 

LS: Renato, in your model, weíve been talking about owners versus users. I was thinking more about the tension between owners and authors in your educational model and the learning object. It is quite plain that you can divide contributions on a particular learning object, such as Ďlecture oneí or Ďtutorial twoí whatever and you had the royalties split. Thatís another question too Ė is that information available to the user? Is it a breach of privacy?

 

R: No, no. I mean, that information you can hide or show, depending on the system that implements it.

 

LS: also behind the scenes. But what about model rights? The individual contributors to a particular module or learning object. Obviously each contributor has to have their contribution attributed to them. Does the technology sheet home authorship to each and every author all the time?

 

R: The idea with the language is that it enables you to express who the contributors were to the content. So you know, outside that arrangement, if you had five people to build a learning object, then all 5 should be recorded. The system canít force you to say Ďhey, did you include Mary in this description?í Itís sort of like just there to enable you to know who the rights-holders were.

 

P: In the case of Australian authors though, whatís up there are three screens. One is the contributorsí, another is rights-holdersí and the other is disbursees, who gets paid in a particular instance. They could all be the same but they could be different. Now, someone like the author or the publisher has to put that data in. but itís the same as publishing information that goes into a book in a library. But moral rights is very much part of that recognition attribution.

 

BF: One of the things that came out of both of your presentations reinforces some of the things that I think a lot of us are hearing lately, and it goes under this broad banner of open source. Open source in the industry means specifically, open source coding of software, thatís the idea that under the GPL, General Public Licence, that will give you some code to work with. It will tell you what it is, will tell you this piece of information but if you develop better code or better information, youíve got to tell us and the whole community what that information is. Thatís become a metaphor for a broader movement, and thatís probably an old thing thatís becoming new again Ė the idea that when we create knowledge we should actually be using an open source model, which basically says that we should be sharing things and when we share that information with someone else, when they create on top of that they should be actually putting it back into some sort of community area. Now, a couple of things come up with the presentations and they seem to be in this educational context and particularly in the slide that you just showed where you sort of had boxes around things and then there was an output at the end and it seemed to me to put together three types of themes. Iíd be interested to get your thoughts on how your system might handle some of these. Peer-to-Peer, Open Source and Proprietary which it seems to become at the end. Thereís a lot of sharing going on, Peer to Peer. Thereís Open Source sort of sharing of information and feeding it back to one another. My question to you is, how you see your system developing and accommodating this current movement that weíre seeing Ė it may be short-lived, it may not be Ė that weíre moving into an open source phase of knowledge creation, knowledge sharing, knowledge management, if you like. How is that factored in? How do you see it possibly affecting this system? Which seems to start from a premise at least, to some extent, that information is locked and not necessarily shared except for that university example that you were giving.

R: The systems we are building in education, in a lot of cases, the assumption will be that the content of the object is free and what youíre doing is creating a place where the content can be accessed, the rights can be viewed and you can use that content downstream. But you still need to be able continue to honour the previous rights-holders in that further development, and that is what this is trying to enable. For example, like today if youíre in education and youíre a lecturer and you reuse content from all over the place Ė I mean you could get a Powerpoint slide from one person and invariably you lose the first slide that has got his or her name on it and itís reused without attribution to the actual rights holders.What weíre talking about in the actual IMS standards is saying well, when you get a piece of content as a learning object, packaged in there is the rights available. What youíre doing is that you canít remove that. What youíre doing is adding to it and shipping it downstream for further use. So weíre trying to tackle that at both the systems level as well as the standards level so that thereís a common format for learning objects that recognises that rights holders even if the fee is zero and is available open source so that continued reuse downstream actually recognises the previous rights-holders.

 

S: There is just a comment I thought I should add to that point when I was talking about the Australian fair dealing approach being taken on a case-by-case basis. There is a particular instance where the legislation seeks to provide certain and clarify what is a fair dealing and thatís in relation to the reasonable portion test for research and study where the legislation specifically says that if you copy 10% of a number of words, or a chapter from a book, or an article from a periodical publication and its for the purpose of research and study then itís deemed to be a fair dealing. But outside that itís on a case-by-case basis applying principles.

itís on a case-by-case basis applying principles.

 

AF: Iím just going to ask to what extent system developers or software developers considering the privacy issues in terms of ability to interact anonymously orÖ

 

P: Very strong issue. My information is my personal property. Iím a rights holder of that information. And systems whatever the systems Ė should be issuing or controlling those rights abusage. So you can use rights enforcement technology to totally do away with privacy as some of the previous cyber-law seminars have covered and one of the things that is modelled in our systems and in ODRL is Ė you can have positive authentication but total anonymity. So I can be verified as a library user but nobody knows who I am and canít track back who I am. Thatís not the easy way to do it. The easy way is that you log on with identity and roll but we actually have to get beyond that and say well, if Iím the inner library, everything I do should be confidential. It should be anonymous. The police shouldnít be able to go in and do discovery. That is basically because this is a social rule. That is one, a technical issue, two, a business model, and three itís the legal and social morals and you have to be pretty vigorous in defending it because itís dead easy to write so that you have no privacy Ė itís easier for coders.

 

-----BREAK-------

 

 

B: You know, this is a fantastic symposium, but we havenít really got to the right issue yet, which is privacy and DRMS.

 

I: Itís not the only issue, B.

 

L: I want to approach the privacy issue from a market mechanism perspective, and actually follow on from some of the comments that you made, Brian, about this generation that has grown up with a free-rider mentality, at least free-rider mentality from the copyright owners and copyright ownersí and holdersí perspective, where theyíre used to being able to access and use information pretty much at will, gratis, and I wonder then if it might mean that market mechanisms actually have a little bit more viability in their ability to uphold user freedoms because a problem that people often say that with marketplace regulation is that the strong players always dominate and they tend to be the big corporate players. And in this context it will be industries such as the recording industry. But if you have a new generation which is not really happy with the conditions that the recording studios and the recording industry would like to impose on information use and you get at the same time some companies that try to develop niche products, DRMSs for example, that do give extensive freedom to end users, then maybe youíll have consumers actually voting with their electrons or voting with their mouse clicks and actually using, going to those DRMSs that are more consumer friendly than the others, and then sidelining the DRMSs that are not so user friendly. But I think when it comes to privacy, Iím not convinced that that sort of regulation is going to work because while people often say they rate privacy as one of the values they hold most dearly, when it comes to practice, people tend not to translate that abstract concern for privacy into concrete commercial handling or concrete commercial behaviour. And thereís quite a good quote from a US congressman which is to the effect that public concern for privacy is a mile wide but an inch deep. And in light of that, Iím not that convinced by Peterís comments that oh yes, privacy is very important and weíre building privacy protection into our work, but Iím not convinced thatís going to happen in the absence of strong legislative rules to promote privacy. And not just to promote privacy in the abstract, but to actually ensure that systems development happens in a sort of system, has a sufficient systemic focus, so to ensure that people actually build into systems strong protections for anonymity and possibly pseudonymity.

 

P: Can I respond? Thereís two aspects to privacy thatís the problem. Everyone suffers from SPAM. Part of the problem with SPAM is that thereís a disconnect, you donít know whoís leaked your name, your email address. So if there was (I used to be marketing manager of American Express many years ago so I was the one who used to suffer at parties when someone said ďAh, youíre the one that sent me 2000 letters to apply!Ē). But the modern day equivalent being SPAM or whatever else, if you knew that that had been coming from this trading website, youíd get pretty upset and make your displeasure felt by voting with your feet to a site that had a much better proactive policy towards privacy. Thatís the superficial. The really important side of privacy is your buying behaviour, your health behaviour, your health records, whatever else. I mean itís one thing to be spammed, itís another thing to have the local member of parliament know that youíve been to the hospital for whatever else and send you a condolences card or someone building a profile on you, and thatís again going to need some regulation but also lots of vigilance on all members of the community and that because itís very very easy for people to amalgamate stuff, in the best of intentions, or maybe not so best of intentions.

 

B: Iím certainly not a privacy expert but I can use these comments that I fully endorse with reference to one of my favourite subjects which is human rights. There are simply some things that better not, should not be disposed of by contract or by self-regulation, and privacy I think is the prime example, and the way you shape that in legal terms is making it into a human right/fundamental right that you simply cannot dispose of.

 

LB: Privacyís unfortunate in the sense that once itís gone, itís gone.There may be legal ramifications, but your privacy has been invaded.

 

B: Yes, but itís certainly the type of right, as Lee earlier stated, that individual consumers attach so little value to that you need some kind of extra protective mechanism to ensure that these rights are Ė

 

LB: I think consumers perhaps attach little value because they donít see the cumulative effect Ė

 

B: No, exactly.

 

LB: hit by hit theyíre marked and their information collected.

 

B: This is why microeconomics doesnít work.

 

L: A very good critique of that is from Professor Michael Froomklin at the University of Miami where he talks about Ďprivacy myopiaí of consumers. And the inability then to see the long term and face then a value in a commercial transaction to that particular privacy that theyíre bargaining away.

 

BF: Lee, can I just ask though, going back to the very first words that you began with, that anything I think you write up afterwards as you were saying before has to have a definition of rights, what is digital rights management, and to some extent the privacy issue forces us to look at that again because privacy is implicated in the secondary way through the distribution of an informational product, but are these DRMS systems also designed to manage privacy? Is that part of this issue as well? I mean one issue which is a privacy concern occurs through the transaction, if you like, of information, the other one is well, are these systems also built to take into account the whole notion of managing privacy?

 

L: Well, Peter and Renato Iím sure would say that yes, there is some system development going on that does factor in privacy in a private and friendly way.

 

BF: But more than that Ė Lee I suppose my point is that to what extent are they managing privacy?

 

P: No. I mean, the approach to that is being extremely superficial. The US has a thing called HIPS, the Health Information ProceedÖwhateverÖitís about medical informatics, the patient record, then the health provider and the for instance the pharmaceutical companies when theyíre on trial. And who owns what. Weíve had on ODRL, IPR as a small company, has to focus. Organisations like Oasis, which has got access privileges and is looking for a language to describe access privileges, is looking at ODRL because it describes all permissions, constraints, all of those sorts of things that can go on to describe levels of access to a file, a folder, a computer system, or a granule of information. Now, itís one dimensional, versus rights management, which is 3-dimensional, but it is still a highly complex problem. But until youíve got legislation, market feedback/kickback, bash over the head, whatever forces and general commentration and training for the people who implement this because itís not enough for the CEO to talk about privacy. The guys who write the programs and the models, they have to understand it because they can be totally, totally blown away by the way the java program implements it. So you actually do have to have top to bottom. And thatís going to take some time. Itís going to take some embarrassing court cases.

 

I: There are two models for privacy protection. One is a kind of general tort or how personal information can be used, which is judge made and judge administered. The other is a very detailed regulation of particular sectors, when you seem to have both. But from what youíre saying, the detailed regulation model with say, the health sector, would be easier for you to cope with a judge made rule. Many lawyers feel that the detailed regulation just loses a lot of things Ė a general right enforced explained by judge made rules -

 

P: Letís take a health record. Absolutely if you do clinical trials of pharmaceutical where you are doing spells of 10, 20 people in a particular group, you want to know what are the characteristics of these people, and whether the types of drugs going be to applied to them, then you shouldnít be able to under any circumstance to be able to identify who that individual is in their health record. But you should be able, somewhere in the systems there should be a mechanism so that if something is discovered, the health provider of that individual would be notified and he can make the connection, so you have mechanisms of cutouts, so that the pharmaceutical companies are doing the trials, and the medical professional supervising it with the patients all win from their own competitions. At the moment weíre stumbling along, I know a couple of projects that are actually looking at more advanced ways of doing it. And the payoff dollars are tremendous, and the patients win.

 

BF: But Peter, thatís the issue I was raising. In the health sector weíve seen this segmented notion of privacy. Privacy has got different aspects wherever you want to use it and I suppose what I was asking, and Lee what I was asking you in particular was are we going to see these systems start to develop, to manage privacy information, in this segmented way? We havenít quite got there yet, and if we do, what sort of issues might that throw up?

 

L: When you say privacy information, what do you mean?

 

BF: Well, the Australian Law Reform Commission at the moment has got this report on genetic privacy, for instance, and I might want genetic information about me to be available to my children, my employer, the executor of my will and whatever, I donít know, but I want those different aspects managed across a system, and itís an information system. So Iím not here just talking about managing copyright information, Iím now talking about managing privacy information and I think weíre seeing this develop in the health sector, but Iím not quite sure how thatís coming through technology and legal issues.

 

L: We have to divide the discussion up a little bit here. As far as Iím aware, and this is pertinent to what I (speaker) said, if you looked at case law, really, outside the USA, thereís not much case law on privacy that is going to force systems developers to factor in privacy protection in their work in a proactive way. So then we have to look at the legislation, and in Australia we look at the privacy act, primarily, the Commonwealth one amended last year, and there are some guidelines being worked out for various sectors and of course industries are being encouraged to also develop their own privacy codes that will come in and replace the national privacy principles if theyíre approved by the Federal Privacy Commissioner. And itís still too early to say what is going to happen for DRMS specifically, the IIA code of conduct thatís in the offing doesnít seem to address DRMS at all, at least not specifically, and there doesnít seem to be a strong consumer push that system developers can feel. And then we look at legislation in other jurisdictions, and I think the best legislation from a privacy perspective is that coming out of Germany, where you have some legislation there that is very system focused, much more so than the European directive, on privacy, and saying when youíre developing any type of information system, you have to make sure that there is provision made for anonymous transactions. And if there isnít provision made for anonymous transactions there needs at least to be provisions made for pseudonymous transactions whereby people can engage with alises. But you donít find very much elsewhere. The Australian legislation comes closest to it in the new national privacy principle, I think itís number 8, which says that where practicable, there shall be provision made for anonymity when you enter into a transaction. Where practicable.

 

CC: L (Speaker), but isnít DRMS one of the best examples of where it is both practicable, and in everyoneís interests, to have an anonymous or pseudonymous transaction. For example when we were looking at constraints that you might put on an end user of content, one of the constraints was that you can only use this content from a particular CPU, so for example you couldnít email it to a friend, now itís a great example where you do not need to know the identity of the individual, you just need to know one particular attribute, and it could be for example that I am a subscriber to the Australian Financial Review, no one needs to know my name, my address, any details about me, they just need to know the subscriber number, and that I have paid and up to date, and therefore using DRMS I can download and perhaps have certain permissions to deal with that information. From a privacy point of view principle 8 of the NPP kicks in, is it practicable to give me an anonymous solution? Yes, apart from the payment system but once Iíve paid, Iím a subscriber, I get an attribute certificate, thatís it. Does everyone benefit from that? Yes, apart from the commercial interest or motive to get my information for marketing purposes, but that could be on an opt-in basis. I could opt-in and say well, Iím happy to be marketed to, my name is CC.

 

P: Good point, our original model was gone over with a fine tooth-comb by Roger Clark. You may be aware of him, most of you. He made us at point of a gun explicitly support anonymity and pseudonymity in our model. But to implement in situations where youíve got clients saying ďIíve just done a download, and I downloaded it in acrobat 4 and now Iím onto 5 and it doesnít workĒ, it means that you actually have to for customer support, have identification tag between them, because itís linked to credit cards. And yes, you could do it by just saying ďwell, someone or credit somewhere $5 and reissue a new authorisation to go on this guy.Ē Someplace, youíre going to have to know numbers. There are other roles, though, where you can support full anonymity but against credit cards itís difficult. But the default should always be anonymous, the rollback from that should be pseudonymous with disconnect and only when you absolutely have to should it be for the ID.

 

I: But you then give us the same problem L (speaker) was describing which is if people donít perceive a cumulative effect of things, then they wonít perceive thereís any advantage in using a pseudonym or being anonymous.

 

P: Exactly.

 

I: So what this requires is for you to, as a consumer, or a user, to think at the time of the transaction, ďI want to be anonymousĒ. And thatís where it falls apart, because at that time, with each little segmented transaction, most people donít think that.

 

P: And letís face it, thereís very few anonymous payment mechanisms.

 

L: Iíve been thinking, maybe there should be a system like a Swiss Bank account where thereís an institution or a country that sets itself up and people apply, and the criteria are rigid, your credit worthiness, you tax number in the countries you should pay tax, and you get a user ID which is creditable, and you can use this all over the world.

 

I: In fact you can do the business of setting up user IDs.

 

P: And the gold units is fine, I mean I can trade an e-book or an e-music for a thousandth of an ounceÖ

 

L: or you can have medical advice in Australia or whatever.

 

P: You can do it. I mean itís there.

 

I: But this has to become normal, not abnormal. It has to be the usual way of doing things, not the way a few privacy freaks get their rocks offÖ

 

P: The companies are in the business of selling to the mass market at the moment the penetration of e-gold or whatever is very low but the fact that Paypal has gone through the roof is probably a sign that the market wants some of these instruments. The fact that itís probably not fully anonymous is just an evolutionary step.

 

L: Does that mean that David Cham was a bit too early?

 

P: Which one was that?

 

L: Digicash

 

P: Ah, Iíd say so. I mean, smartcards should be anonymous, who cares who signed it, it just a matter that itís been signed. Is the dollar valid? I donít care who itís from.

 

I: The fraud squads around the world tremble at this sort of idea.

 

R: Iíd just like to pick up on one point that Chrisí remarks are very suggestive of. We could identify the person by their CPU number rather than through their name, and to check the authorisation on that basis. In fact, Intel put CPU identification into their chips and there was a massive backlash against that, so thatís an interesting example where consumers do care about that sort of privacy invasion.

 

P: But that was political. I mean, Every computer that has an Ethernet card has a Mac address. So there has been a unique ID for every computer since about 1990. Every Mac, sorry, Macintosh, has an Ethernet card built in with a unique ID. That was a storm in a teacup, and thatís part of a profile. How it is used Ė

 

R: Well this is also in the context of these numbers going into Word documents, for example.

 

P: Absolutely. How it is used, and reporting back to Microsoft that you have an unauthorised copy and youíve used it 15 times, thatís an issue.

 

I: Consumersí attitude vary according to the type of information. I mean, they regard health information rather differently from ordinary business transaction type information. And in a way these things are scandal driven. You need an event which outrages users for some protection to come into play but itís a protection thatís always limited to the scandalous events. Itís never a general protection. But lawyers should be, and certainly academic lawyers should be looking for general rules and principles to cut across all of these things, not just event driven rules that donít apply beyond the sectors which gave rise to them.

 

CC: But why does the legal response to the DRMS privacy tension have to be paternalistic, from above, why canít it just be a choice for the individual user to decide on the anonymous path or the identified path and the technology made available to them. I mean, that seems to come up again and again in Internet law, the idea that anything sort of opposed from above has the worst possible reaction in the marketplace and yet if choices are available, they sometimes will be exercised in a fairly sensible way by the consumer.

 

I: But we donít know that, and the problem with that is that if we went down that road, we wouldnít have any privacy laws because you would say ďIím always free to contractually protect my privacyĒ, which is true, but it doesnít happen in a lot of cases for a very simple reason, which is (a) Iím not aware that my privacyís at risk, and (b) my bargaining power is zero.All forms of consumer protection law are Ė

 

CC: Iím just thinking that the law could just say, you have the choiceÖ

 

I: But all forms of consumer protection law are actually paternalistic in the way youíre describing it

 

B: All laws are paternalistic in a sense, and what youíre discussing now is the need for legislation at a general level. Thatís not an Internet law related issue at all.

 

BF: But isnít he saying a fundamental value of DRMS is the choice should be this choice to be able to transact without having to identify yourself. Is that what youíre saying, CC?

 

CC: Larry Lessig would say build that choice into the code. Why donít we build it into the actual language of ODRL and itís designed Ė

 

I: Why not turn it around and say that is the law, you have to contract for identification. A lot of these issues get resolved in a particular way because of your starting point. If you start it off saying, all transactions were anonymous except those which were identified, youíd have a very different set of rules.

 

P: One of the scenarios we did in the early days was you can do this anonymous transaction, Iíll give it to you cheaper, and if you tell me a bit about yourself, Iíll give it to you even cheaper. What is the value to the customer from telling you an awful lot about themselves including possibly their ID. But I object to these sites where itís an opt-in but everythingís ticked so youíre automatically emailed, I mean itís sort of likeÖ

 

B: I think some things should not be tickable, but thatís your point too I guess. That brings me back to, I know itís a popular subject here, but: human rights. Some things are not tickable, and thatís very paternalistic, I agree, but thatís the way society works, need to work.

 

CC: That does sort of lead me to another of the big legal issues of DRMS, and thatís the anti-circumvention laws.The law on paper, I mean, I canít find too many criticisms of it, but if you want it to work in practice, there are ways and means of implementing and enforcing laws and to date all thatís happened is that an individual has been prosecuted and imprisoned, of all things, leading to sort of a martyr attitude to the person who was the first to crack, to basically develop a anti-circumvention device.And how has that helped the public interest or any of the particular parties involved along the path to managing copyright infringements online? And again I think thatís an example of a paternalistic law being applied sort of with a sledgehammer and leading to exactly the opposite result, which is instead of educating the younger internet community about the need to enter into a two way relationship when theyíre using content, and be interactive, and pay licensing, etc, itís turned that entire younger community into sort of an antagonistic approach, to all aspects of copyright online, and the effect as far as I can see it - well absolutely, thereís now competitions to be the first to crack any new sort of regional codes.

 

I: If you look at the point of view of the technology, forget about fairness and rights and everything, just look at it from the point of efficiency. The protection technologies are a race between the evolvers of the technology and the hackers or the infringers. Economics analysis would say, if you protect the owners of the technology from certain forms of hacking, then that technology would stagnate. In other words what youíre doing, by legislating legal protections for these things, youíre actually dictating Ė Iím not just talking about encryption, but all forms of protection technology Ė they will stagnate. Thatís accepted in all other areas of economic analysis, why shouldnít it hold true in this? What youíre doing is legally protecting the status quo as far as what the technology is doing. Now if you do that, the technology will stagnate, all other areas of innovation seem to bear this out would be odd, if this particular area was different. It might be so, but Iíd like some empirical evidence if that was the case.

 

B: It promotes weak schemes.

 

I: It would promote weak schemes.

 

B: Yes, absolutely.

 

P: Itís like a dinosaur, if you protected it out, all youíd be doing is preserving its life, not evolving it into the next generation.

 

I: Hackers are good for efficiency.

 

B: But there is, even outside economic analysis, there is no real good argument for creating this legal regime. If you look at from a classical IP viewpoint, there was already IP, lots of it, more and more every day. Thereís contract. Now thereís the technology on top of it, why need another extra layer? Why need legal protection of technological protection of contractual protection of IP protected stuff?

 

P: Why do we need another 20 years of copyright on Mickey Mouse?

 

B: Thatís another good question! Itís not proportional.

 

S: I certainly wonít touch the Mickey Mouse issue. But I mean youíre not legislating protection of the technology for the sake of protecting the technology itself, what weíre trying to protect is the copyright ownerís markets and the copyright material itself.

 

I: Why should you protect the markets? Isnít that very anti-competitive?

 

S: Weíre not preventing competition within the market, but we want to protect copyright owners so that they can put their material online, and have the incentives there that they will be able to have Ė

 

I: But heís doing this on the basis of a platform which is called the intellectual property right, in this case, copyright, I read recently something by someone whose name I canít remember, which suggested that you shouldnít actually allow these two systems to be combined. You can have either intellectual property protection or technology protection but you canít combine the two. Now to a competition lawyer that makes perfect sense. How does it strike IP lawyers?

 

S: Well I mean this whole discussion weíre having today is about the combination of technology and legal protection, the combination of digital rights management systems which is a technology, and thatís based upon a legal structure, which is copyright -

 

I: No itís not, because you can protect things which are not covered by copyright through this system.

 

S: But only insofar as itís in relation to the protection of copyright rights. The law has been designed to actas a mechanism for owners to be able to utilise markets and protect their material online and at the same time allow reasonable access through the operation of certain exceptions, and the governmentís always interested in a balanced approach, but perhaps copyright owners might want to come into thisÖ

 

LB: I was going to say that this debate has come out of the era when copyright was considered dead. It was alleged by John Perry Barlow that copyright has no relevance in the online environment, and we may as well forget about it. We have moved into a new paradigm, and weíve sort of moved from there to saying, well copyright will survive in the online environment, but only if thereís a technological backstop, and from there you get to this idea that you have norms about the technological protection measures in the copyright legislation which I think was a sort of seismic shift, I mean I agree with that, but I think that was sort of how it evolved, there was a sort of point in the history there where people were prepared to write copyright off altogether and say itís just not going to work in the online environment, you canít enforce it, itís just not the way to go about it, so we have to look at technological measures, and contractual measures, and then they sort of gave copyright a but of a new life because youíd have that as one level of protection, but backed up by these other means. I mean Iíve sort of heard all the arguments about copyright, but usually when somebody makes that statement, in the next statement you hear that somebodyís latest technological protection measure has just been circumvented.

B: The world is perfect -

 

I: The creative gales of destruction, some might say.

 

P: I mean, Schumpeter, we are going through this creative destruction era. The rights-holders that arenít generally creators actually have to evolve to the next model, because youíre seeing in this transition.

 

BF: Are platforms being protected by technological protection measures? Weíve seen this with the DVD case, weíre now seeing that with the Sony case. Basically the point youíre making I think is largely valid, is that people are using any circumvention legislation to protect the market advantage and their legacy technology, but doesnít that become a competition issue? Also, that becomes part of your brief.

 

I: I think I instinctively worry about any extension of an intellectual property right. If you back it up by legal restrictions on digital rights packing, if you like, then what you get is what I call a rhetorical gesture, what it enables owners to do is to hide behind the author. Everyone loves authors, authors are worthy people. Who could hate A K Rowling? But what weíre really talking about here is the extension of rights in a way which if they werenít connected with authors, everyone would actually object to. Now part of me is pessimistic about this, I think, what weíve got here is yet another extension of intellectual property rights and competition goes down the tube. The other part of me is optimistic, which says if it gets as naked as this and people can see this is just about technology transactions and itís got nothing to do with authors, that actually might be a sort of paradigm shift that Lee was talking about in his IPR article which is that the legitimation of copyright depends on the author. Take the authors out of it, what youíve got is a crude resources grab by the owners. If you take the authors away, the society would not accept the present distribution of rights.

 

P: And whatís happened in the academic publishing field?

 

I: Well, academics are in a better position to resist than some other people.

 

P: 60000 authors, academic writers, have just signed the opt-out of the Elceviewrecently, because theyíre not actually seeing the system delivering back into the ecosystem.

 

AF: Is that worldwide?

 

P: Elceview has become this sensitive new age company.

 

B: But non-scientific authorship should follow suit and should also not believe all the arguments presented by rights-ownersí lobby.

 

I: Imagine there was no copyright in the world and you were starting off asking for it, right? And you had to convince people, and these werenít authorís rights. Now if you go back to the situation before the act of Vandernees were publisherís rights. If you go back to that situation and try to justify publicly people would say this is a resources grab, which is precisely what it is. Itís a grab for resources hiding behind the virtuous and worthy author, and I think that one of the good things that might come out of this debate is that because the ownership of the technology is so crudely placed in the hands of non authors, the legitimacy of copyright may finally come into question, and that might be an opportunity to re-examine why we protecting authors, or who we have been really protecting?

 

LB: I donít think it has only ever been a battle of those. It is also supposed to be an incentive to produce and distribute as well.

 

Ian: But no one answered the question of how much protection you have to confer to get x amount of creativity.

 

LB: Well, if you tell me how to do it economically, Iíd be very interested.

 

I: Well, Iíll tell you how not to do it, which is to have a right which lasts for 70 years.

 

P: I think youíve seen a distortion from the original role of publishers of adding value and bringing stuff to market to actually being a filter and making a decision as to 1 in 100, I will take to the market because thatís the way I will maximise my profit.

 

B: In the United States, authors decide and are now realising and waking up to the idea that they are being exploited and politically and economically to such an extent, and that they are in fact large users that deserve protection under user freedoms as well. Johnathon Tessini just wrote an article I think in the Los Angeles Times where he argued against extending copyright protection by another 20 years, because authors will suffer, not because they will benefit from it. Authors build on other authors; authors are super-users, and that is also an aspect to the whole discussion that is being consistently being buried by the copyright owner law.

 

I: How many of Shakespeare plays would we have if we rigidly enforced against Shakespeare the rules of our time?

 

B: Exactly, the balance favours the author, not the intermediaries.

 

P: Well, having dealt with a lot of authors on the OzAuthors service, I know that authors need publishers.

 

B: Well they need publishers yes but they donít need a perpetual right Ė

 

P: But they need a sweep of publishing type services to bring their products to market. What they donít need is an absolute gatekeeper that tries to predict the market, let the market decide for itself what it does or doesnít like. But for efficiencies, that stuff has been gauged in the past. We now have that opening, but I think 10 years ago we predicted that record companies are going to have to perform, I havenít actually seen yet record companies justifying their role in the last 5 years. One or two are getting innovative, the rest of them are just sitting there locking up talent and doling it out bit by bit.

 

B: Without the rights, sometimes, interestingly enough. Thatís another underlying aspect of the discussion, they may not have the rights.

 

P: Well, thereís, without slandering one record company in Australia, itís very well known that he used to go and sign up all these acts and then put them on the shelf for 5 years because he had an act just like it. Itís great for his business, itís pretty piss poor for the poor talent that you get signed and locked away. With exclusive rights.

 

L: Okay, I think weíll cut the discussion of that theme there. Itís been done very well, done over very well. Now does anyone want to raise something thatís new, do we have any new voices around the table?

 

LT: Listening to the discussion the sense that I have is perhaps itís phrased too starkly as a matter of kind rather than degree. This notion for example that hackers should have ready access and we should have a perfectly efficient market and that thereís no other industry that protects the way we do in intellectual property, it seems to me that many industries historically protect infant industries. The States do it all the time, and the conception of a right as a means of protecting gatekeepers and authors is well established. So I donít think itís peculiar to a problem to intellectual property. It seems to me the issue is more one of the degree of protection. Itís a qualitative evaluation of where it should be accorded and how extensive and how expansive it should be. I think to present it starkly as let the market decide for itself on an efficiency basis is to ignore I think those historical factors as well as the fact that if hackers were allowed freely to engage at every moment, youíll never have a great deal of invention because a lot of itís destructive, itís undoing as much as itís doing. And I cannot believe that annihilation of any protective rights will produce necessarily a better world. It may be that there are people holding property rights and authorsí rights that are sitting on them and denying creativity, but I think thatís quite another argument to suggest that thereís no virtue in those rights in the first instance. So Iím taking a sort of somewhat protective position.

 

I: Thatís a plea for history, which is always useful to re-examine, but authors and markets can evolve ways of dealing with lack of protection. If you look at the 19th century serialisation of novels, authors reacted to lack of protection in the United States in a very practical way. They sort of released their novels in serial form. It worked, Dickens made quite a nice income, until he sort of trashed it by telling Americans how horrible they were as people.

 

S: And what incentive would there be to leak out serials in this world if he had no copyright protection, if they could just be disseminated online for free, or if I could just get the one copy and send it on to how many ever users I wanted, where would be the incentive to be as an author to create?

 

I: Iím not saying that you should use the serial as an example, Iím saying that people, markets evolve to deal with whatever legal constructs you have.

 

Brian: And there is an interesting example here that is not the full story, but the open source software community is a classic example of where you have people saying, (they use copyright law to enforce it) we will give out knowledge, so long as you give back knowledge. Now, S (speaker), your question is a good one, people say, why do people do this? There is a number of reasons. One reason is that people build a reputation in the hacker community, they can then go down to Silicon Valley and trade that in for real dollars, because you do get a very good reputation for programming. Alternatively, I suppose, there are other ways in which you may be rewarded, there are some companies that build their whole business model around open source software that we know of. So the fact that the comments made about there being no incentive, there certainly are models out there where people are using open or free distribution models that have been quite successful for the generation of cultural knowledge and cultural property. So it can be done, but you have to analyse it much more closely, I would imagine.

 

R: On the point of business models and serialisation thereís something that was tried by Stephen King, who came up with a model where he said, well I will keep producing new chapters of my book while people keep paying, as I recall he stopped because not enough people were paying. But that is just one example that weíve seen and Iím sure that what weíll get is other people trying such business models.

 

P: But the fact that he sold 200,000 of that, I suspect, it may be his threshold. But for a new author, selling 2,000 copies each chapter, itíd be lovely! And then one of the things we talk about with the ASA is how do you get a new author exposed to the market, building up a loyal following.

 

I: Well, itís a bit like Napster, isnít it? A new author actually has a vested interest in less restrictive protection.

 

P: Absolutely.

 

I: An established author has an interest in maximum protection. I mean, if you look at the Napster situation, vans, garage vans actually benefit from that process whereas people with any kind of reputation didnít. And it seems to me thereís a dissonance between established and non-established authors. And latent in the legal rules are designed to protect established authors.

 

B: May I say something against the Barlow model, which is the open source model, where you can make your money on the side, and you donít need the IP? Itís always rock bands that are examples apart from the software people. There are in fact composers who do not perform, and in the good old days, Frank Sinatra and so on, that was actually the norm. Itís not always possible to live off your copyrighted works on the side, so I wouldnít go that far as abolishing copyright, authorís rights. I must say, authorís rights are a good thing.

 

I: Thatís what Iíve always understood, authorís rights.

 

B: Authorís rights. Yes, we should discuss this in French, this language. Authorís rights are a good thing, and your point was well made that they are being abused and usurped by the bad guys. Thatís the bad thing.

 

BF: Are they economic, B (speaker), or not? These authorís rights, are they economic rights?

 

B: Yes, partly, and also partly moral. Partly even human rights.

 

BF: So let me get this straight. I want to publish something, so I get an authorís right. I do get an economic return, but Iíve got to pay a publisher a lot of money to publish for me. Is that just reversing the model?

 

B: Well partly, thatís a good point. In fact Iím not saying this is an ideal solution, but to get rid of part of the dominance of the intermediary that is really overpowering and itís stifling a lot of freedom of expression and innovation and etc. You could contemplate rules that have their basis in moral rights that limit the possibility of transferring your rights. I know this is against the grain of the market mechanism where all the rights should be as freely transferable as possible, but itís a bit the approach that we were just discussing in the privacy context. Such rules exist in most European countries where you can simply not dispose of your authorís rights in an unlimited fashion. Germany for instance has a total ban on assignment. They work their way around it in practice I must admit.

 

I: They get as close as you can get, but still.

 

P: One of the very big issues in my background in software was an exclusive right versus non-exclusive right. And one of the things we put into OzAuthors was: hereís a split of revenues: if you have up there the ďhere are the percentage splitsĒ, you actually can turn into a publisher. You get a deal, you get this percentage, if you donít get the deal and when it comes to this other channel you get this percentage. You actually put people on performance. I think part of the issue is that people, publishers can think that theyíre the gatekeeper. And they have god given or parliament given right to a transaction when in fact there is a chain of people before that that need to be fed and awarded. And no one has permanence in their role, in any occupation, whatever else, everyone has to defend and justify their own existence. Maybe itís a change for is it exclusivity, non-exclusivity? Publishing is now an agent, a publishing agent.

 

B: They certainly donít need all the rights. That I agree with you.

 

Peter: And Random House Rosetta Books is the classic. Why should they have all those rights if they just sit there not commercialising it? And why should I have the publishing right if Iím not going to do anything with it?

 

B: No, thatís not economical,

 

I: Which is not the reason for which the right was granted in the first place. At the risk of being called paternalistic, what weíre actually looking at here is a system of regulation described as a property right. Now any system of regulation which allows freedom of contract loose, fails. All systems of regulation require some control on freedom of contract. And intellectual property is a system of regulation and calling it property does not alter that basic fact.

 

P: Your presentation was talking about under contract: here are some basic fundamentals within acceptable non-unconscionable contract. Maybe you can start looking at some of those. I know in Australia the ASA, 7 years ago, put in some fairly enlightened clauses about digital rights which made publishers argue really hard for what am I going to do to justify taking the digital rights.

 

I: A right you may have is yours forever.

P: Exactly, and Iím just going to put it on my shelf. And Australia actually had 60% of authors in Australia own their digital rights, unlike the US where itís undefined. Actually, Iím sorry, we tend to be turning into a beating up the publishers session.

 

LB: I just want to say; in Australia publishers tend to take rights by exclusive licence. They take primary rights, which is to publish in book form, and then you have subsidiary rights.

 

B: Literary publishers are quite symbolised.

LB: Thatís right, as opposed to music publishers who tend to take rights by assignment.

 

B: Take everything, and do nothing.

 

LB: and film producers and everything.

 

I: Mind you, sometimes the assignment of rights is not meaningless. I remember once assigning the rights, film rights in a book on public law.

 

B: I think, to come back to another thing that I (speaker) said earlier, the suggestion by this anonymous scholar from America to make protection of technological measures an opt-in kind of deal. You have a choice between an intellectual property regime, and a legal protection of measures regime, you cannot have both. It could have been Pamela Sandelson who suggested that.

 

I: No, it wasnít anyone as famous as that.

 

B: A younger, brilliant mind. But I think thereís much to be said for it, particularly if you take the historic perspective, where does intellectual property come from. Patent law is the best example. You get an exclusive right, but there is a trade off, there is a price you pay, which is optimal dissemination of your knowledge, of your innovative contribution. Copyright in the old days had the same: you got your statutory copyright only if you disseminated. Now you have your copyright, you can keep your copyright and create a level of conditional access based secrecy at the same time. Thereís something wrong there certainly.

 

P: It certainly isnít the original.

 

I: Itís not the original deal.

 

B: Itís not the original deal, exactly. Itís like a trade secret law, you lose your trade secret protection if you disseminate. Here you keep your copyright and you get as an extra prize, you get for not making it publicly available you get an extra right. Thereís something wrong there.

 

BF: Well that particularly is a problem with software code, in copyright anyway.

B: Yeah, and thatís the best example.

 

AF: I think that one of the issues is in reality the way that the laws of copyright work , really donít fit with what people want to do with the material and what they are in fact doing with that material. I want to give you another example as to whatís actually happening with the use of published material in the education sector in Australia. Because this is actually an example of the use, the value thatís actually created by copyright material, not being captured by either the publishers or by the author. And that is, that what we actually have within the last 10 years in Australia weíve got, particularly within the university sector, a lot of full fee paying courses being offered, often to overseas students. Those courses are often not actually taught, and theyíre almost certainly not even offered by the person who did any research in the area or has actually ever written an article or a book in that area. Nevertheless they actually charge $1000-plus per student to actually put the course on the internet. Now Iím not saying theyíre actually infringing copyright by actually putting the entire text on the internet.

 

I: But they are in some cases.

 

AF: In some cases they probably are, but you canít actually see what theyíre doing because their sites are actually locked unless youíre actually enrolled in the course. So you can actually be in the situation where in fact the author and the publisher are actually recouping relatively little in comparison to the educational institution which really actually has no expertise whatsoever in the area, but is using the texts thatís been published to actually make at least, for a very standard course, $100,000 or $200,000 which makes like, most of the profits that would be actually gathered by the publishers, let alone the authors in Australia, theyíd turn into insignificance, maybe like in larger markets authors would actually, and publishers would actually, sort of gather a lot more sort of profit. Certainly not the case in Australia. Now that is actually something we havenít really understood, previously, until you actually start looking at the system. So what weíve actually got there is in fact an area where copyright does not actually reach what really is the use of the material. So what weíre talking about here is what we as people who have actually tried to actually ensure that copyright does not extend too far, what weíre actually seeing is I guess some of the reasoning that hasnít been particularly well articulated by copyright association representatives, publishing community, that in fact theyíve actually been saying for a long time we should actually extend copyright to uses of material, that they havenít actually been able to explicitly explain why that is the case but as an author, when you actually understand that this is the use thatís being made of my material, itís obviously being made of any other people who are publishing sort of like significant leading edge material in your area, that is being used to teach, the value is not really actually being recouped. And to me thatís an issue and I just want to actually say that to me there seem to be a lot of similarities, like about the misfit of copyright in relation to the digital music as well.

 

P: Itís not just copyright, itís the whole right offering is not relevant to the way that most of the lessons are done, and if I can bounce across to Renato, because he just did 3 months of research in that area, the whole area of course packs and then converting course packs into digital objects, which is whatís happening at the moment.

 

AF: I guess what Iím actually saying is what these people are not doing, theyíre not even bothering to actually put up material on the internet, what theyíre actually doing is constructing the outline of a course and saying, ďread this chapter this week and here are the questions that Iíll ask you on thatĒ and then at the end of the course they examine you on it. So theyíre just saying ďbuy the bookĒ from Lawbook or from Thompson, from Lexis Nexis and weíll actually examine you on it so theyíre actually taking, now this would have to happen with any of the leading educational writes in Australia. Now basically what we have had in Australia before, what you begin to understand is that societyís actually organised ways of actually capturing value. Now in Australia we donít actually capture that value, that value goes to ex-university, which actually then puts it into Ė

 

I: Or in some Rupert Murdoch partner or whatever.

 

AF: So theyíre actually totally avoiding copyright infringement, theyíre just saying to students, the course is based on this book, buy the book from the publisher, the publisher makes a $10 profit, they make a $100 profit.

 

P: Why do the course, whatís the value of the course if theyíre not adding value?

 

AF: So to me that in the Australian context weíre all for spreading information, making information freely available, but we actually donít have, this is like total market failure, there is actually no incentive, but authors in Australia make peanuts from publishing. Publishers in Australia are sort of telling us that theyíre struggling. But we actually see, for profit universities, are actually making a lot of profit and building a lot of buildings from the stuff we really do for free. I actually write books which are used by these universities, they build buildings, I sit there and work for free and basically get royalties.

 

I: It is an interesting example of what I call the schizophrenia of the academic where one part of us believes in openness and limited protection, and the other part of course is an author.

 

AF: Well, as you know, Iím actually a person whoís actually worked and had significant input in helping kind of mould the legislation in relation to copyright protection of software. But to me this is an interesting peculiarity. To me this is the Australian peculiarity which we should write about because I think that this is as interesting in its own way as what actually happened with Napster and MP3.com in the US. Thereís obviously a demand for something different there.

 

L: Anyone want to follow up with a comment on that?

 

S: Iíd just make a quick comment in relation to the scope of protection which the digital agenda amendments are trying to provide, as their appears to be some confusion this evening as to what the intended scope of protection is . The definition of technological protection measures means that a device or product, in the ordinary course of its operation, that is designed to prevent or inhibit infringement of copyright. So itís a device which is used to prevent the infringement of copyright. So if that technological protection measure is used for a purpose which extends beyond the protection of copyright rights then it would fall outside the protection of this scheme. So I think thereís a couple of issues which weíre talking about here when weíre talking about uses which go beyond copyright.When weíre talking about using technological protection measures to prevent uses which go beyond protecting against copyright infringement, then weíre not talking about the legislation actually protecting that, itís only where those technological protection measures are used specifically to prevent against copyright infringement that they fall within the legislative scheme.

 

B: What does that mean in practice? Does that mean that I can market a circumventing device that enables me to crack Alice in Wonderland because thatís public domain work? Whereas exactly the same technology is employed to protect Harry Potter?

 

S: Yeah, well itís a public domain work and you protect it with a technological protection measure, well that protection measure is not to protect against infringement of copyright because Ė

 

I: It has to stand on its own Ė

 

LB: At least youíve got a device thatís solely useable to crack public domain works, itís primarily or solely Ė whatís the test again?

 

I: All of the devices, well, no device can distinguish between public and copyright, public domain work Ö

 

S: No, but in terms of the actual application of the law, the law can distinguish. So if you use a technological protection measure to protect something within the public domain, and obviously youíre not protecting against copyright infringements because itís a public domain work.

 

BF: The problem with that though is that the argument is, and this has come up in the US, is that when you mix a copyright work with a public domain work, and every copyright work has public domain in it because facts are not copyright. Sorry, so anything thatís behind the veil of the protection measure, you canít hack through the protection measure to get to the facts, nor can you hack to get through to the expression of those facts. Now what Sís saying, it will be fine if you could just limit the hacking, prevent hacking through to the expression, but the problem is that also prevents you from getting to the raw data. And the copyright law except in the compilation case that weíve just had here, doesnít allow protection of that raw data. Copyright law has a distinction between ideas and expression. So Bt, isnít that the case, that the facts behind the protection measure, that are in a copyright work?

 

B: Yeah, so the dual use argument works actually for every information product, thatís your point, not just for public domain and vis-ŗ-vis private but every information product has a public domain aspect to it which now gets this extra protection which proves the point that everyone has been making already that these different regimes simply do not fit, thereís no compatibility there, you cannot follow the contours of copyright. Itís a fact something completely different, the legal protection of technological measures.

 

S: Are you also taking into account the access which libraries and archives will be able have to that material and provide such material to their users , Just as long as the libraries and archives have legally acquired the material, then you have exceptions which apply so that users can access that material for research and study and they can send out reasonable portions, etc.

 

I: If it were in an institution called a library.

 

S: Yes.

 

I: And who defines what a library is?

 

L: A library can be anything. It includes corporate libraries.

 

I: I think Iím going to set up a library.

 

L: Itís not that hard.

 

N: Can I say something that was touched upon before, about dealing, that if you get something, you give something. You give protection in return for publication. One thing that you had to give in the United States and currently still do is registration which you donít have to do anywhere else in the world because of the Berne Convention. But registration is a massively useful thing, because that way, anyone can work out who owns copyright works, just as anyone can work out who owns a piece of land, which is very useful. And I think Digital Rights Management Systems might give an opportunity to return to a system of registration, if you could just overthrow WIPO and Geneva, because it ought to be trivial to implement. If youíve got a digital object, and you got all these rights going everywhere, it ought to be easy to say that there is a government service under it, you just have to go ďblipĒ, and the government server recognises that youíre digital object exists. And from then you could have a registration system, where anyone could track down who owns what, and then easily tie into ODRL and whatever else. And that way, for example, you could also say the owner has to come back every 5 or 10 years, and say Ďyesí, Iím still interested in protection. And that way the public domain material that is intended for the public domain could fall instantly into the public domain, as it has done in the United States, rather than requiring protection for 100 years until people had thought of no worth whatsoever when they wrote it.

 

I: The life of the work is 50, 70 years.

 

N: So you can avoid all of that by saying that I choose not to register my digital object, thatís all.

 

I: The cross registrations system depend on peopleÖ the US registration system wasnít a contestable system like patents, was first come, first served.

 

L: You got the authentication offer Ė

 

N: Youíd have to have something, of defeating fraud.

 

I: Get everyone claiming an interest to get involved.

 

P: Thereís a proposal at the moment for an intellectual property rights directory, a rights-holderís directory to do just that because in formulating OzAuthors and authors, weíre going, ďhere are all of these rights assertions going on, there is no way of verifying, there is no Land Titles Office, and even if there was you had to ring up someone. Why canít I just synchronise my system in with theirs and see who owns what. Who do I go to for digital rights to do this into a learning object?

 

N: It might even be possible to have a voluntary register which wouldnít violate the Berne Convention because youíd be offering authors something more that is the right to connect with the potential customers.

 

B: Thereís actually an example of this model which already exists, is compulsory, in Europe. Itís not quite a formality, but you can only exercise secondary cable rights, retransmission rights, through a collecting society. As an individual author you can no longer exercise, and thatís part of the cable and satellite Directive. Thatís not really a registration system, but itís very close to it.

 

LB: Itís highly pragmatic.

 

B: You have to become part of the collecting society otherwise you lose your rights.

 

P: Whatís the collecting societyís overhead on that? 10%? 25?

 

B: Could be massive.

 

LB: Thatís effectively the case with the statutory licences under the Australian legislation. Itís collectively managed, educational institutions have collecting societies Ö

 

B: Yeah, but that doesnít take the right away of the individual author to grant licences individually.

 

LB: But it doesnít happen.

 

B: But it doesnít happen, no, youíre right.

 

I: Actually the collective licensing system is a regulatory regime.

 

P: Itís an anti-friction device.

 

I: But we should have a think about extending that logic to the whole thing.

 

LB: Oh, the collective licence for multimedia companies.

 

B: Thatís an ethics discussion, thatís the other world, thatís the opposite of diorama vision, thatís the vision we canít control uses anymore, so letís get the poor authors at least a few pennies out of it, letís impose levies everywhere. Itís good for freedom of expression, at least at the micro level. Iím not sure in the long run the incentives will work, but thatís the German model.

 

BF: With all these brilliant minds here, we havenít answered an important issue. In fact, a court judge needs our help. In the Sony v Stevens case, basically the judge is going to be asked whether a technological protection measure is involved, and the measure simply is the regional coding on the games because basically you canít play them, you can copy them, but you canít play them in the console because of the regional coding. And the argument on the other side will be, well this doesnít stop copying, so it canít be a technological protection measure. But it does something; itís a disincentive for copying, because you canít play a copied disc in the console. So this is a rudimentary digital rights management system. Anyway, the question that we havenít answered that I would like to get some feedback on is whether this is a technological protection measure for the purposes of the definition that we were just read. Can you read the definition again?

 

S: Sure. A technological protection measure means a device or product designed, in the ordinary course of its operation, to prevent or inhibit the infringement of copyright, by either or both, an access control, or copy control mechanism. Now thatís my paraphrasing of the legislation.

 

I: If a judge adopted, as he or she should, a purposive approach to statutory interpretation, they would say the connection between this, copyright and copying is too remote.

 

P: Okay, but thereís another argument to make. If you have access control in the act, then it is an access control mechanism, it is not a copy control mechanism.

 

B: Under the European broad approach where the connection between infringement of copyright and the definition of the protective technological measure has been lost, in the discussions, where itís about restricting acts not authorised by the right-holder, there it makes it much broader - big mistake - there your regional coding disabling would be circumventing a technological measure, would not be allowed. Even parallel imports are not allowed in Europe.

 

CC: Under the Australian law, canít we argue dual purpose, and if you look at the primary purpose of the regional coding, itís to establish market share, set differential pricing, undermine parallel importing etc. I mean thatís why the ACCCís in this case and not some other agency. So, the definition thatís been read out is only half the story because if you can argue that any of the devices has another purpose, then the next test is ďwhat is the primary purpose?Ē What is the primary purpose here, nothing at all to do with Ö

 

BF: Can I just take up on that point? Someone said to me the other day that the whole issue about parallel importation is this whole notion of geographical segmentation also allied in some way to the communication right or the transmission right which weíve now introduced in many countries which allows us to transmit across geographical boundaries certain content. Now, the regional coding device also interferes with that fluid nature of communicating. So to some extent the regional coding does impact with the right to Ö

 

P: Itís a lot more pragmatic than that. This all goes back to movie studios. What does it cost to do a print of a film? $US5000 - $AUD10,000. what do they do? Theyíre now into big hits. They roll out 20,000, 2000 theatres at a time, pick them up at the end of three weeks roll it out to the next country, then roll it out to the next country. Their biggest fear is that if the movies get out everywhere then they canít do the roll-out in the theatres. So as soon as youíve done your movie theatres, then the DVD comes out or in the old days, VHS. Anything that threatens that sequential roll-out cost minimisation harms their profits.

 

I: Yes, but is sequential roll-out a necessarily efficient way of doing things?

 

P: No, but youíve got now a complete system of staged roll-outs of media that doesnít have a $5000 print run cost for each print of a movie. But itís now culture, itís about maximising profits, minimising cost and reusing stuff. And the whole regional encoding of DVDs, I mean we were part of the very very (sorry, previous life) very early discussions on DVD back in í94, í93 in all of this stuff. And it was really almost going to do DVDs to death. Same things with VHSs before it Ė they donít have regional encoding, they just didnít make them available.

 

L: So is the ACCC going to stress those sorts of arguments?

 

BF: No, Iíve read the ACCCís submissions, and the ACCCís submissions are not on competition law grounds. Theyíre purely on the grounds of the circumvention legislation and the grounds that weíve basically said: this is not a technological protection measure, because it doesnít allow access or copying.

 

I: Copyrightís not what itís at.

 

BF: Thatís right. But I thought when you started, you were going to take a substantive purposive interpretation. The effect of the regional encoding is I still canít take a burnt CD in my console and play it. So itís a disincentive for me to copy.

 

L: But is it a secondary purpose or a primary purpose?

 

I: And is this an objective or a subjective test? If itís an objective test, you just say what are the consequences of this restriction. If itís a subjective test, you say what is this restriction designed to do from the point of the person who imposing it?

 

LB: But there is a purpose test, isnít there? Itís not sole purpose, itís primary purpose, isnít it?

 

I: The purpose is an objective concept, not a subjective one.

 

LB: Yes.

 

P: So the first thing kids will do is either get a breached DVD player or go and hack the copy of the DVD and burn a non-regional one. Kids who are a lot more technical savvy than us, will either go and get a DVD player that doesnít have regional encoding, all regions, or put diesis over it or something else that removes the encoding and then burn a CD that they can play anywhere.

 

S: The provision reads: ďA technological protection measure means a device or product or a component incorporated into a process thatís designed in the ordinary course of its operation to prevent or inhibit infringement of copyright work or other subject matter or by the following means Ė

(a)    by ensuring that access to the work or other subject matter is available solely by using access code or process such as decryption; or

(b)   for a copy control mechanism.

 

I: Thatís a subjective test. I mean, the way thatís phrased, thatís subjective. Look at the purpose which the person imposing the technology has in their mind.

 

S: That is designed in the ordinary course of its operation.

 

I: In the ordinary course of their operation, not what people might perceive outside. So itís a subjective test.

 

L: I think weíve probably come to the end of discussions, looking at the state of peopleís eyes around the table. Iíve gotten alot out of this, I hope you all have as well.