By Charles Lam
By R. Scott Moxley
By Taylor Hamby
By Matt Coker
By R. Scott Moxley
By Charles Lam
By LP Hastings
By Taylor Hamby
By Bob AulIn the early '80s, the American entertainment leviathan tried to outlaw a major new threat to their existence: videocassette recorders. VCRs, they argued, would be used to record TV programs and thus violate their copyrights; the machines should be banned. They took their case all the way to the Supreme Court, which declared in 1984 that as long as VCRs had a legitimate use, they were legal, regardless of any potential illicit uses they might be put to. Videocassettes now account for a chunky portion of movie studios' profits.
Apparently, they haven't learned anything from this because they're trying to do it again. This time, the towering menace to their livelihoods is . . . Linux users.
In November 1999, a group of programmers from Norway who called themselves Masters of Reverse Engineering (MoRE) announced they had cracked the encryption code, known as CSS, that protected DVDs. They wrote a tiny utility, called DeCSS, that allows users to make copies of DVD movies and store them on their hard drives. The program was of principal interest to Linux users because before MoRE cracked the DVD encryption, they had no way to view DVDs on their computers. (Windows and Macintosh users could.)
The entertainment industry promptly went into major freak-out mode. Part of their hysterical reaction was probably due to the fact that MoRE claimed breaking the encryption had been insultingly easy; CSS used only a 40-bit encryption key (anything less than 56 bits is generally considered inadequate for security). Now the industry has filed three separate suits against people who made DeCSS available online—including one currently playing out in Santa Clara.
On Dec. 28, the DVD Content Control Association (DVDCCA), the trade organization responsible for overseeing CSS, sent out e-mails naming 72 defendants and informing recipients they were being sued for violating California law regarding the misappropriation of trade secrets. A number of the defendants named in the suit were sites that merely linked to other sites carrying a copy of DeCSS, including several journalism sites such as Slashdot (www.slashdot.org) and 2600 (www.2600.org). The DVDCCA was asking for a temporary restraining order to prevent the defendants from posting DeCSS or linking to a site that had posted it.
But when they arrived for the hearing on Dec. 29, they were greeted by a team of lawyers and a crowd of Linux users, many dressed in unfamiliar suit and tie. Rather foolishly, when the DVDCCA's lawyers sent out their e-mails, they included a list of all the recipients, complete with their e-mail addresses. The new defendants immediately started exchanging e-mails, and very shortly, the Electronic Frontier Foundation (EFF) announced they would represent one of the defendants, Andrew Bunner, at the hearing scheduled for the following day. Slashdot, a major gathering place for Linux folks, asked readers in the Santa Clara area to show up at the hearing and offer their support. A number of them came up to the defense lawyers during the break and offered technical advice. Chris DiBona, who attended the hearing, wrote later on his site: "Imagine just having 50 qualified experts just showing up to help. This is the true power we wield. And we put it together in 36 hours."
"The industry has been pretty sneaky about this," said the EFF's Tom McGuire. "They filed between Christmas and New Year's, which did not make it easy to respond. They clearly planned to file at a quiet time and get the temporary restraining order before anyone happened to notice. But as soon as we found out, we jumped right in."
Huntington Beach computer consultant Andreea Martin was one of the Linux users who showed up at the Santa Clara courthouse to lend her support to the cause after she heard about the suit on Slashdot. "The main purpose of this software is to play DVDs that people legally purchased on Linux. People who want to pirate the movies don't need this software. There are other ways to pirate movies," she said. "The Linux community is upset that the multibillion-dollar movie industry is using these scare tactics against individual users who just want to play DVDs on their machines."
On Jan. 21, the judge in the case ordered the defendants to stop posting the DeCSS program on their Web sites. Then he poked his finger in the industry's eye, refusing to issue an injunction forbidding sites to link to other sites carrying DeCSS, rightly observing that "such an order is overbroad and extremely burdensome. Links to other Web sites are the mainstay of the Internet and indispensable to its convenient access to the vast world of information. A Web site owner cannot be held responsible for all of the content of the sites to which it provides links."
At issue in the case is whether the defendants violated trade secrets by posting DeCSS on their sites or linking to sites that carried it. The DVDCCA argues that MoRE's reverse engineering of CSS was achieved through the misappropriation of trade secrets and that the defendants should have known that when they posted or linked to the program. They argue further that DeCSS was designed specifically to illegally pirate DVDs.