by Muskingum University Library

A considerable number of today’s copyfight discussions revolve around the usage of DRM to prevent transformative uses of works, to prevent the sharing of works, and to generally limit how individuals engage with the cultural artefacts around them. This post takes a step back from that, thinking through the significance of transforming ‘classic’ works of the English literary canon instead of looking at how new technologies butt heads against free speech. Specifically, I want to argue that NewSouth, Inc.’s decision to publish Huckleberry Finn without the word “nigger” – replacing it with “slave” – demonstrates the importance of works entering the public domain. I restrain from providing a normative framework to evaluate NewSouth’s actual decision – whether changing the particular word is good – and instead use their decision to articulate the conditions constituting ‘bad’ transformations versus ‘good’ transformations of public domain works. I will argue that uniform, uncontested, and totalizing modifications of public domains works is ‘bad’, whereas localized, particular, and discrete transformations should be encouraged given their existence as free expressions capable of (re)generating discussions around topics of social import.

Copyright is intended to operate as an engine to generating expressive content. In theory, by providing a limited monopoly over expressions (not the ideas that are expressed) authors can receive some kind of restitution for the fixed costs that they invest in creating works. While true (especially in the digital era) that marginal costs trend towards zero, pricing based on marginal cost alone fails to adequately account for the sunk costs of actual writing. Admittedly, some do write for free (blogs and academic articles in journals might stand as examples) but many people still write with the hope earning their riches through publications. There isn’t anything wrong with profit motivating an author’s desire to create.

Problems do arise, however, when copyright strays from its original purpose of generating speech. When copyright functions as a kind of ‘property’ right that unduly distorts or undermines subsequent expression because of its duration there is a problem. If individuals cannot transform poignant cultural artefacts in making their own statements, with the effect that their expressions lose credibility and communicative force, then the law of copyright threatens to weaken expression. In short, copyright that significantly limits creative possibilities for extended periods of time has the capacity to weaken, or muffle, the impact of speech (Netanel, p. 30).

In the case of Huck Finn, we see a publisher transforming a public domain work and then releasing it to the market. To be clear: NewSouth isn’t forcing all old copies of the text to be burned, they’re not requiring that everyone buy the new version, nor are they forcing all publishers to adopt the same kinds of changes. They are not the sole publishers of the text. In changing the words “nigger” to “slave”, however, they are (potentially, at least) transforming the character of the book’s text. This may lead to new narratives, new questions, new insights….or it might just lead to narrative confusion and worsen the strength of the text. These are open questions, ones that should be examined prior to the book being used as a pedagogical tool. Much as changes in the musical and film genre of mash up provoke new ways of engaging with music and video, NewSouth’s transformations promise new kinds of engagements with the text, as well as with the publishing and authorial responsibilities involved in producing a text. While the quality of the transformation can (and should) be subject to cultural and aesthetic evaluation, the fact that transformation is itself permissible should be subject to divergent standards: is the transformation illegal? is the transformation an expression? Assuming the former response is negative and the latter positive, then the transformation itself should be permitted and encouraged.

Readers might be asking what right NewSouth has to go and modify the works of Twain; doesn’t he have moral rights that should preclude transformations of the work that are in contravention of his initial intentions? Perhaps, but his work has been in the public domain for a considerable period of time – he no longer has a copyright interest in the work as he did whilst the work was under copyright. Netanel nicely articulates most of my position on this matter of authorial rights, stating that

Authors do have a speech interest in presenting their work to the public in the precise formulation, context, and media that they believe will best convey their message and aesthetic sensitivities…However, an author’s speech interest in presenting his work in unadulterated form and context does not extend per se to an exclusive right to control each and every instantiation of his work. (Netanel, p. 49)

Ethically, perhaps, a publisher might feel obligated or be expected to identify their transformations but such a position is a comparatively new development in the ethics of publishing. The ‘great texts’ that we teach our students – Plato, Aristotle, and the like – have underwent considerable transformations that were rarely credited. Such modifications were not ‘illegal’, nor were they ethically bankrupt. Instead, they were reflections of a literary culture’s engagement from their cultural artefacts. I’m not advocating for a return to pre-Gutenburg ethics of publication, but simply reminding readers that ‘ethics’ are contingent to the cultural/social/political framework(s) of the day: ethics are not morals, and we shouldn’t hold them up as such.

Arguably, the contest around the ‘appropriateness’ of the transformation by NewSouth underscores the ongoing tension around notions of copyright itself. As Lessig has noted, we are at a point in history where we are so concerned about protecting copyright that we have lost sight of it’s actual purpose (Lessig, p.19). Patry nicely builds on this point, writing

Copyright owners also ignore that what they regard as a right is instead a government grant specifically for the benefit of society, not authors … The benefits to the public are, therefore, of greater importance than the benefits to authors. (Patry p. 123)

In this case, copyright served its purposes (in theory, it was part of the reason why Twain wrote) and the monopoly right has since lapsed. The work is now being transformed, enabling subsequent speech acts and expressions that are made more resonant because of the cultural import of Twain’s work. Copyright served its purposes, and now we enter discussions of the present public value of new expressions based on public domain sources. The public domain is working.

So, what does public domain work ‘do’? In a significant way, it lets creators appropriate, modify, and reframe what has gone before. Ideally, the appropriation of the past is done in such a way to improve the subsequent cultural artefact that is created. Failures to approximate the ideal, however, need not be ‘abolished’ or pre-censored – a standard of excellence for playing with one’s culture need not be developed and adhered to as a precursor to appropriating work in the public domain. Many audio and video mash ups are horrific, and the same is the case with written mash ups and transformative instantiations of texts. Does this mean that any and all transformations are permissible, that anything goes? Only to a certain extent.

First: We have hate speech laws, and various other laws that constrain the range of expression that can be articulated. Such laws will continue to frame the kinds of speech that can be made with public domain works. State-backed speech laws thus act as one boundary that limit how public domain works can and should be appropriated for transformative purposes. In some cases such laws may be inherently censorial, in which case they need to be challenged. Regardless, the law will shape some speech and thus uses of the public domain.

Second: We need to make a distinction between what NewSouth is doing and a uniform, forced, and totalizing censoring of a text. The latter instance of censorship is best exemplified by publishers forcing authors to modify texts pre-publication for purely political reasons, or e-versions of texts being modified and the modifications forced upon all e-readers. Uniform and forced censorship would also be evidenced if a state exerted its power and attempted to ban or modify public domain works without any semblance of legitimate debate. As engaged modern citizens we arguably need to resist instances where the uniform and incontestable modification of a public domain work that both transforms the work and makes the ‘original’ iteration of the text effectively unavailable.

In the case of NewSouth, however, we’re dealing with a localized, particular, non-uniform transformation. There is a change to the words of the text but this doesn’t have the same qualitative impact as an all-out uniform and unquestionable modification. NewSouth should be encouraged for doing something daring with a public domain work. This said, encouraging transformative uses doesn’t mean that we accept changes without question; we need to seriously and critically interrogate the modifications. What is important, however, is that we not prevent those changes: part of authorship and being an engaged citizenry is critically engaging with the way cultural artefacts are produced and disseminated. The ire raised by NewSouth indicates that we’re dealing with a transformation that is inciting members of society to talk about issues of truth, culture, history, racism, and so forth. These are incredibly important issues, and it’s a good thing to have discussions about them as members of a (hyper)literate society. Transformation of works is to be encouraged, and it’s something that’s often discouraged by contemporary instantiations of copyright – this is one of the key ways that copyright works to stiffle and muffle free speech.

Importantly, because Twain’s work is public domain NewSouth can transform the text and provoke questions around authorship, race, and cultural origins. We can ask whether the change is ‘appropriate’ or not. We can evaluate what normative frameworks should be used to adjudicate the ‘correctness’ of transformations of cultural artefacts. We can debate, publicly, the values built into notions of modern copyright and publication monopolies. NewSouth’s expression is an expression of free speech, as are the strident (and often disapproving) discourses being struck up around the company’s speech act. The cost of free speech, as it were, is that sometimes things are said or expressed that we don’t like. When we dislike speech (as may be in the case of NewSouth’s particular transformation) we can publicly engage with one another – their own speech act stands within a broader matrix of public discourse; NewSouth’s act does not stand as a uniform, fixed, and separate expression that stands outside the public sphere.

Further, we need to consider what kind of discussion we would be having if Twain’s works were still copywritten. If it were, then our present discussion would be more abstract and use hypotheticals; to use Netanel’s language it would be ‘stiffled’ or ‘muffled’ because NewSouth would have been unable to transform such a poignant text in making their expression. Much of the potency and vigour of the present discourse arises because Twain’s works are themselves significant to the English canon. As a consequence, the discussions online, in homes, and in schools resonate that much more loudly. The public domain enables key modes of discussion that draw on cultural prizes, and the debate around Huck Finn serves to show us just how important it is for texts to be subject to transformation: once in the public domain entirely new, unexpected, unpredictable, and exciting discussions can arise within the public sphere. The public domain fuels many of our expressive possibilities; more works need to enter it so that the public can be enriched by creative works in manners impossible (or, at least illegal) when authors/publishers retain and exercise their fully copyright monopoly over works.

Print Sources

L. Lessig. (2004). Free Culture: The Nature and Future of Creativity. New York: Penguin Books.

N. W. Netanel. (2008). Copyright’s Paradox. New York: Oxford University Press.

W. Patry. (2009). Moral Panics and the Copyright Wars. New York: Oxford University Press.

Other posts you might be interested in:

1. Copyfraud, the Corporation, and College Publishing
2. Public and Private Digital Space
3. Public Databases and Massive Aggregation of Data

Image courtesy of the MIT Press

This first: the edited collection is a decade old. Given the rate that communications technologies and information policies change, this means that several of the articles are…outmoded. Don’t turn here for the latest, greatest, and most powerful analyses of contemporary communications policy. A book published in 2001 is good for anchoring subsequent reading into telecom policy, but less helpful for guiding present day policy analyses.

Having said that: there are some genuine gems in this book, including one of the most forward thinking essays around network neutrality of the past decade by Blumenthal and Clark. Before getting to their piece, I want to touch on O’Donnell’s contribution, “Broadband Architectures, ISP Business Plans, and Open Access”. He reviews architectures and ISP service portfolios to demonstrate that open access is both technically and economically feasible, though acknowledges that implementation is not a trivial task. In the chapter he argues that the FCC should encourage deployment of open access ready networks to reduce the costs of future implementation; I think it’s pretty safe to say that that ship sailed by and open connection is (largely) a dead issue in the US today. That said, he has an excellent overview of the differences between ADSL and Cable networks, and identifies the pain points of interconnection in each architecture.

Generally, O’Donnell sees interconnection as less of a hardware problem and more of a network management issue. In discussing the need and value of open access, O’Donnell does a good job at noting the dangers of throttling (at a time well ahead of ISP’s contemporary throttling regimes), writing

differential caching and routing need not be blatant to be effective in steering customers to preferred content. The subtle manipulation of the technical performance of the network can condition users unconsciously to avoid certain “slower” web sites. A few extra milliseconds’ delay strategically inserted here and there, for example, can effectively shepard users from one web site to another (p53).

Arguably not only websites are affected by such ‘steering’ efforts, but protocols and application-types as well; his position on steering users is well reflected in contemporary network neutrality and Internet Governance texts, such as van Schewick’s Internet Architecture and Innovation. In the face of such discriminatory actions by ISPs, what is the solution? For O’Donnell, the solution is to have an objective monitoring regime that both monitors content discrimination and alerts customers of subpar network performance. In today’s landscape we can find these suggestions put into practice (e.g. tools available through M-Lab and the FCC’s recent call for applications to ID net neutrality violations), though it is questionable how widespread and effective they really are/will be.

If you need a justification to buy this book (and, given that it’s a decade old policy book, you likely do) it’s found in Blumenthal and Clark’s “Rethinking the Design of the Internet: The End-to-End Arguments Vs. The Brave New World.” The authors carefully examine how the End-to-End principle is violated by ISPs at the time of the chapter’s writing and the potential implications of such violations. This chapter reads like a well rationalized argument for legally guaranteed network neutrality. The authors worry that ISPs will weaken their commitments to invest in infrastructure for general Internet once they deploy their own content delivery networks. This is, obviously, a key issue in today’s discussions of vertical integration, throttling of over-the-top content streams, and provisioning bandwidth to access third-party content.

When third parties actively inspect content in transit the E2E argument is logically invalid – E2E precludes such interference by the network core. As a result, faced with this situation, the authors suggest that having a debate about the situation requires that either E2E be abandoned, that the third party involvement be rejected in its entirety because it undermines E2E, or that a next generation principle be developed that retains as much of E2E as possible. We regularly see different bodies continuing to weigh this triumvirate of choices today, and Zittrain’s ‘generativity principle’ (a rule that asks that any modifications to the Internet’s design or to the behaviour of ISPs be made when they will do the least harm to generative possibilities, discussed in The Future of the Internet–And How to Stop It) clearly fits within the third option given by Blumenthal and Clark. Rather than turning to derivative versions of this tripartite division, come to this essay instead.

Further, the authors worry that whereas in the 80s and early 90s the core of the network interfered with applications for their benefit, this is less the case today. As a result, injecting middleware ‘intelligence’ is potentially problematic, and even hostile, to users’ data traffic. While much of the chapter reads like a love letter to network neutrality advocates, it comes with some words of caution. First: there is a warning that the law is just not prepared to ‘catch up’ to the technical speed of the ‘net. As a result, legal/regulatory responses will be delayed and code will race ahead. To ‘catch up’ the legal system itself needs to be reformatted in some sense. It’s unclear whether this modification to the legal system has happened, and perhaps even less clear whether the courts and regulators can competently keep pace with telecom developments. Code, it seems, still races ahead of law though it is admittedly ‘pulled back’ by regulatory structures and legal judgements from time to time. The threat of regulation and legal action may actually be more powerful than actual deployments of regulatory capacity and legal might. Second: while E2E empowers connectivity, it should also impose a responsibility. Where the unrestrained actions of ends cause harm to the network and/or its users, the individual(s) responsible for those ends ought to be held accountable. This is a contentious point, one that resonates with tech heads and less with consumers who treat the ‘net as another consumer good.

The final essay that I would highly recommend of the collection (though most are truly excellent) is Greenstein’s “Copyright in the Age of Distributed Applications.” Greenstein recognizes that many of the vicarious copyright infringement findings in the US are based on case law where absentee landlords had a physical capacity to oversee the infringing action(s). Such is not always the case with distributed (P2P) applications. Where the capacity to supervise is infeasible or ineffective in stifling infringing acts it seems unreasonable to apply old case law. A new framework is required, one that would emerge if the following questions guided vicarious infringement judgements:

1. What is the nature of each potential non-infringing use?
2. What is the likelihood that any consumer would acquire and use the product for such non-infringing uses?
3. What is the role of the technology in facilitating the infringing uses?
4. What is the role of the technology in facilitating non-infringing-uses?
5. What is the likelihood that, if the technology is or is not deemed to be infringing, non-infringing uses will proliferate.

One can imagine that, were this set of criteria adopted, case law around P2P in the United States and WIPO signatory nations might be very different…

In addition to these three papers, Rob Frieden’s discussion of peering relationships is truly excellent, and the early discussion of wireline vs wireless deployment in the US and Japan by Moto Murase gives a good (and early) comparison of those nations’ policies. With her work you can nicely anchor a temporal comparison of both nations’ deployment strategies and their respective effects. Both papers are excellent and valuable to the contemporary telecom policy scholar, policy wonk, or layperson interested in telecom policy.

It might be hard to justify the cost of a decade-old communications policy text, but this collection has aged quite well. If network neutrality, peering, copyright, or comparative deployment policies are in your line of interest then this is a wonderful book to add to your collection!

B. M. Compaine and S. Greenstein (eds.). (2001). Telecommunications Policy in Transition: The Internet and Beyond. Cambridge, Mass.: The MIT Press.

Other posts you might be interested in:

1. Review: Network Nation – Inventing American Telecommunications
2. EU: Judicial Review Central to Telecom Disconnects
3. Review: Internet Architecture and Innovation

Image courtesy of the MIT Press

Gillespie argues that we must examine the technical, social-cultural, legal and market approaches to copyright in order to understand the ethical, cultural, and political implications of how copyrights are secured in the digital era. Contemporary measures predominantly rely on encryption to survey and regulate content, which has the effect of intervening before infringement can even occur. This new approach is juxtaposed from how copyright regulation operated previously: individuals were prosecuted after having committing copyright infringement. The shift to pre-regulation treats all users as criminals, makes copyright less open to fair use, renders opposition to copyright law through civil disobedience as challenging, and undermines the sense of moral autonomy required for citizens to recognize copyright law’s legitimacy. In essence, the assertion of control over content, facilitated by digital surveillance and encryption schemes, has profound impacts on what it means to be, and act as, a citizen in the digital era.

This text does an excellent job at working through how laws such as the Digital Millennium Copyright Act (DMCA), accompanied by designs of technologies and the political efforts of lobbyists, have established a kind of ‘paracopyright’ regime. This regime limits uses that were once socially and technically permissible, and thus is seen as undermining long-held (analogue-based) notions of what constitutes acceptable sharing of content and media. In establishing closed trusted systems that are regulated by law and received approval from political actors content industries are forging digitality to be receptive to principles of mass-produced culture. This continued imposition of consumer-based engagement with cultural products challenges hopes that the digital might offer a way of reinvigorating democratic discourse. In effect, content industries are continuing to undermine democratic notions of what individuals should be able to do with their cultural artifacts and technological systems.

Gillespie’s work can be seen as a nuanced examination of how encryption technologies embedded in digital rights management systems curtail speech, action, and moral autonomy in contemporary democracies. Such limitations are only possible because of the adoption of digital technologies and the integration of surveillant sub-systems to limit the uses of content, often to the detriment of individuals. He has written a book that speaks to the contemporary struggle around digitized content: should content be more ‘accurately’ restricted in the digital era, where all uses are monitored and monetized, or must we instead fight to retain the socially-acceptable norms of non-commercial content sharing and dissemination from the pre-digital era? He powerfully argues for the latter, and warns us of the dangers of the former.

T. Gillespie. (2007). Wired Shut: Copyright and the Shape of Digital Culture. Cambridge, Mass.: The MIT Press.

Other posts you might be interested in:

1. Review: Canadian Copyright – A Citizen’s Guide
2. Review: Delete – The Virtue of Forgetting in the Digital Age
3. Kinder DRM Still Undermines Digital Abundance

Ole asserts that there are two key infotainment revenue streams that content providers, such as ISPs, maintain: the $150 Cable TV stream and the $50 Internet stream. Given that content providers are required to redistribute some of the $150/month to content creators (often between 0.40-0.50 cents of every dollar collected), Ole argues that ISPs should be similarly required to distribute some of the $50/month to content creators that make the Internet worth using for end-users. Unstated, but presumed, is a very 1995 understanding of both copyright and digital networks. In 1995 the American Information Infrastructure Task Force released its Intellectual Property and the National Information Infrastructure report, wherein they wrote;

…the full potential of the NII will not be realized if the education, information and entertainment products protected by intellectual property laws are not protected effectively when disseminated via the NII…the public will not use the services available on the NII and generate the market necessary for its success unless a wide variety of works are available under equitable and reasonable terms and conditions, and the integrity of those works is assured…What will drive the NII is the content moving through it.

Of course, the assertion that if commercial content creators don’t make their works available on the Internet then the Internet will collapse is patently false. As written about by Middleton in “What if there is no killer application?“, an early study in Littleton about how individuals use high-speed networks in the mid-90s found that customers were most engaged with amateur content production (i.e. that of their neighbours) and entranced by the communicative possibilities made available through broadband (i.e. e-mail and mailing lists). In essence, from this we can suggest that the empirical study demonstrated that the ideological and financial values placed on commercial cultural artifacts by bureaucrats and commercial content producers is less obvious than they (loudly) state. Further, the value of commercial content is arguably diminished even more in an environment where people spend increasing amounts of time engaging with the generative elements of the Internet, often referred to as amateur-dominated social media environments. In essence, the undertone that ISPs can only sell their data transmission services because of commercial content is at the very least shaky, and more likely to be empirically unsupportable if posed as a strong correlation between the value of transmission capabilities and commercial content availability.

Depressingly, Ole believes that a broadcast-based (historical) business model should be imposed on ISP transmission-based companies in an effort to regenerate the value of their (now somewhat devalued) intellectual properties. Specifically,

The ISP business model for the Internet could and should mimic that of Cable/ TV. Modern technology allows the ISP to identify what content is being used and then they can allocate the appropriate share to the creator or supplier of that content.

This would put ISPs in the situation of somehow being liable to the collection societies, and also require substantial telecommunications investment in labour and sunk capital to establish an (ineffective) network surveillance policy designed to monitor the amount of copywritten content flowing across Canada’s networks. Most likely, such a proposal would turn ISPs into content police and require the use of some kind of packet inspection equipment to survey Canadians’ data traffic, pick out that which is believed to be infringing, and pay some kind of monthly tax for the transport of customers’ content. This amounts to a suggestion that ISPs become content police on the basis that only by doing so would they evade being identified as encouraging copyright infringement. Ole is intimating that ISPs must implement surveillance one the networks if they are to avoid third-party liability.

There are systems on the market that claim they can analyze data traffic to develop ‘piracy’ indexes. CView is used by Virgin in the UK (though we’ve no idea how effective it is) and Audible Magic has been successful in forcing some ISPs and campuses to adopt their technology. In most cases, such content analysis technologies require the offloading of data traffic suspected of being infringing in high-traffic networks, doing a one-way hash of the data, checking the hash against known copywritten files’ signatures, and then aggregating the overall amount of infringement and particular cases of infringement on a per-file basis. This is substantial overhead for any party, especially one that is just trying to move data from one place to another. Moreover, any such massive dragnet analysis of content raises real questions of whether ISPs could then be considered ‘transport’ facilities; while presently there is substantial monitoring for particular protocol types, Canadian ISPs are not searching for particular content-types. This is an important distinction, insofar as ISPs can understand what application-types are generating traffic on their networks but not what those application-types are actually being used to transmit and receive. For all Canadian ISPs know, Canadians might have some strange obsession with massive downloading and sharing of Linux .ISO files and the entire Canadian population actually avoids downloading copywritten music.

There continue to be doubts concerning whether any kind of massive copyright-analysis engine could work – prominently by companies that actually sell the solutions and those that would be responsible for deploying these fears – and further whether such engines could ever competently detect fair use/fair dealing of some material. YouTube’s algorithms are relatively notorious for censoring uses of copywritten material falling under fair use and fair dealing provisions; what guarantee do citizens have that any algorithmic surveillance and monitoring system deployed on communicative networks would avoid the YouTube problem? Should the content creator-owner get restitution for fair dealing of works? How would this be adjudicated – by determining where the data was to and from (i.e. if to an educational institution, we must assume that it’s for fair dealing research purposes) or on a case-by-case challenge basis? Moreover, doesn’t the provision of funds for fair dealing uses modify the provisions of fair dealing, insofar as content creator-owners would receive a fiscal benefit even for fair dealing whereas presently fair dealing falls outside of their revenue traps?

Of course, even the suggestion that Canadian ISPs should be required to cough up money to content creator-owners is absurd in the face of a recent Federal Court of Appeals ruling that asserted that ISPs are not broadcasters. The question of ISPs’ status was punted to the Court by the CRTC, who wanted judicial guidance before it proceeds to determine whether ISPs can be legally required to establish copyright levies. Since ISPs fall under the Telecommunications, and not Broadcasting Act, they are seen as solved involved in providing,

the mode of transmission, they have no control or input over the content made available to Internet users by content producers and as a result, they are unable to take any steps to promote the policy described in the Broadcasting Act or its supporting provisions. Only those who “transmit” the “program” can contribute to the policy objectives.

Under this decision, so long as ISPs are not involved in discriminating against any particular content and thus making an input into the content made available on the Internet to and by users (i.e. so long as Canadian ISPs adhere to a form of network neutrality), any levy-based system is dead. The very system that Ole is advocating for has already fallen before the Court of Appeals.

Now, out of all of this, we might be expected to feel poorly for the content creator-owners that depend on selling and licensing content for their commercial success. I think that if we look at the history of these companies’ digital involvement, however, we quickly disenchant ourselves of this position. Major labels refused to license recordings to Napster and subsequently engaged in what Jessica Litman refers to as a process of “suing upstart new businesses into bankruptcy” to try and stem the Internet as a disruptive factor in their businesses. This saw content creator-owners financially assassinate Napster, Scour.com, iCraveTV, RecordTV, mp3.com, Aimster, Grokster, Streamcast, KaZaA, and others. Authors have gone after Google for the mere action of scanning books for search index purposes, a purpose that would enable authors to sell additional texts when the texts appeared through a Google book search. That the copying a text, even for fair-use purposes, is grounds for massive legal obstruction speaks volumes of content creator-owners general willingness to genuinely deal with the digital reality they are immersed in. Broadly, instead of working to establish a marketplace for digital manifestations of content creator-owner works there have been, and continue to be, mass efforts to shut down marketplaces that don’t grant total control to content owner-creators and their associated companies. As such, customers have become used to going to illicit sites that offer superior selection with fewer restrictions than label offerings. This indicates a failure in big content’s rent-seeking business model and the truth that modern customers are rational economic actors. It does not indicate that ISPs are somehow required to prop-up a rent-seeking model, nor a moral deficit on the part of customers.

Labels were, and remain, in a state of ontological insecurity that accompanies their plunging into a decade-long existential crisis: how can they maintain their rent-seeking behaviour in the face of disruptive technologies. Answers to this existential question are out of reach of most companies on the basis that their perception of the world markets preclude taking risks that could see a (necessary) cannibalization of short-term revenue streams for long-term survival. Unfortunately, while adherence to historical models was effective last decade in colonizing their futural existences – in assuring them of how to approach the world and guarantee particular revenue streams – that old model leaves them grasping at new rent-seeking behaviour instead of adopting novel business strategies. While we can all appreciate just how devastating existential crises can be on a personal level, when we consider the multi-billion dollar record industry we tend to have far less sympathy. Just as you or I are unable to let a crisis linger for a decade – we go to a therapist, get straightened out, and get back on our way – neither can these companies. At best we might feel pity as we watch them wallow in their crisis. At worst, we fear what they might crush as they roll around on the ground like starving dinosaurs and demolish other elements of civil society in their throes of panic and fear aimed at extinguishing the generativity seen as endangering their ontological security. They’ve already made a mess of copyright and cultural transmission possibilities; let’s hope they don’t damage the conditions of democratic communication itself while they’re working out their problems.

Other posts you might be interested in:

1. Comment: Canadian ISPs and Internet Traffic Management
2. Update: Associating Canadian ISPs with Anonymized Data Traffic Submissions
3. Deep Packet Inspection: What Innovation Will ISPs Encourage?

The COUNTER project is a European research project exploring the consumption of counterfeit and pirated leisure goods. It has a series of primary research domains, including: (1) frequency and distribution of counterfeits; (2) consumer attitudes to counterfeit and pirated goods; (3) legal and ethical frameworks for intellectual property; (4) policy options for engaging with consumers of counterfeit; (5) the use of copyrighted goods for the creation of new cultural artifacts; (6) impacts of counterfeiting and control of intellectual property.

What quickly became evident in the course of conference presentations was that there was a relative dearth of reasonable, well-articulated, and non-partisan work devoted to unearthing empirical data about how consumers engage with ‘illegitimate’ sources of content prior to the COUNTER researchers beginning their European data collection. Even where legitimate data sources existed (e.g. OECD data on counterfeit goods) there was rarely a common standard for gathering and archiving that data (e.g. do you measure counterfeit items by discrete number of items, number of shipping containers, street value, manufacturer value, etc.). These issues stemming from data collection were noted by the COUNTER Project Coordinator, Dr. Jo Bryce, as well as the representative from the European Union’s Intellectual Property Unit, Phil Lewis. The latter, in particular, noted the importance of establishing observatories that could gather data and statistics about the use and transit of pirated works, information that could subsequently be used to change public perceptions and attitudes to the usage of infringing works. The EU representative, and the parties he has been working with, are particularly interested in preventing infringing content from ever getting to the ‘net in the first place, though stated in response to a question I raised that deep packet inspection is not something that they are presently thinking of including in their observatories. Their unwillingness to use the technology stems from the fact that they might be unable to legally use it for data surveillance and, even they could use it legally, are uncertain that they want to adopt this mode of data collection.

Dr. Bryce identified consumer behaviour as the problem – or, in other words, the driver – of the the trafficking in counterfeit and pirated goods. Partially as a result of the disorganized responses to infringing uses of content, enforcement and education mechanisms alike have been largely ineffective in stemming the traffic of counterfeited goods or illicit trading in copywritten works. Her research found that while consumers tend to adopt various ethical perspectives on why file-sharing is socially acceptable, by educating consumers on the challenges transit of infringing intellectual properties imposes on individuals working in content generation industries it is possible to reduce consumers’ inclination to engage in file sharing. Moreover, her work noted that the content industries have lost a great deal of consumer trust and remain opaque organizations; consumers need to trust and appreciate the bodies generating content if content industries are to develop a positive relationship with their customers. This need for openness and transparency was regularly noted throughout the conference, though some academics and industry representatives alike dismiss the need for a positive relationship to exist between consumers and content production industries.

In a panel on consumer perspectives on downloading, empirically grounded research was provided to express the position of consumers in relation (primarily) to peer-to-peer filesharing. Emergent from the research presented, we found that consumers actually have a decent intuitive understanding of the world of filesharing, insofar as they differentiate between copyright infringement and stealing. Perhaps worryingly, researchers, consumer advocates, and rightsholders alike (and this is true across much of the conference) struggled with notions of enforcing copyright. Precise concerns and solutions varied, but we regularly heard ruminations about methods to impress upon consumers the moral right to copyright, numbers of ‘coercive impacts’ required to adjust behaviour, need to introduce copyright education to parents and into schools, and so forth. As it stands, research showed that most filesharers fail to see their actions in a moral light and are unworried about the possible consequences of being caught. Effective enforcement, members of the content industries and academics alike noted, requires there being a 10% chance of being caught. As it stands today, enforcement techniques are limited by:

• judicial resources;
• lack of clear sanctions;
• failures in educations (i.e. what does/doesn’t constitute infringing use);
• poor marketing campaigns;
• the use of generic, over specific, messages.

Emergent from this session it was evident that a key issue facing rights holders, and the advocates of rights holders, is the cultural and legal differences that impede uniform positions on copyright. In particular, differing nations adopt differing legal positions concerning downloading, uploading, the degree of criminality of file sharing, and so forth. One academic tried to make the boldfaced equation of copyright infringement and theft…it left him in a very hostile room, and arguably weakened the likelihood that his data will be adopted more widely into the literature.

In a panel where industry experts spoke of the harms caused by file sharing and counterfeit goods – damages ranging from 200 million pound a year, to 43 billion Euro lost in 2008, to equations of counterfeit with organized crime – a member of the audience asked: where is this money going? The thrust of the question was that consumers are choosing to allocate their monies to different areas of the economy, and so assertions that any economy was seeing a removal of monies is only true when economic sectors are seen in absolute isolation to one another. The complexity of the copyright environment, and its necessary interelation with a much more substantive socio-economic domain, should require the content industries to engage in holistic surveys if those surveys are to carry weight amongst critical audiences. Members of industry uniformally lacked such holistic surveys.

I sat in a panel on deep packet inspection – the draft of my paper that touches on deep packet inspection as it related to privacy and freedom of expression has been made available – alongside Klaus Mochalski of Ipoque and Paul Polanski, Director of Electronic Publishing for C.H. Beck Publishing. Klaus noted the capacities of Ipoque’s equipment (and inability for DPI to be used for totally effective inline copyright filtering) and Paul the problems surrounding ISP liability that arise when DPI is used for copyright enforcement purposes. Both were excellent speakers, and all three of us recognized the dangers that DPI threatens to pose for essential liberties in constitutional democracies. On a more personal note, it’s moderately disconcerting about speaking to Brits about the value of privacy, and harms of surveillance, and it felt nice to try and articulate the position that constitutional rights are more important than copyright. The latter position, in particular, wasn’t well received by representative of the content industry in the audience, but was certainly something that needed to be said more regularly than emerged over the course of the conference.

Arguably the most heated session I attended was the last session of the conference, the three strikes panel. It drew together academics, an ISP representative, copyright holder advocates, authors, and a member of the Pirate Party. There was an almost all out assault on the controversial sections of the UK’s Digital Economy Bill, with Richard Mollett of BPI (yes, that Richard Mollett) becoming the punching bag of the panel and audience. Mollett is the directory of policy for BPI and was clearly used to working in hostile rooms, but the vitriol was between members of the panel was particularly thick. Vanessa Mortiaux, Senior Legal Counsel for Orange, made very explicit that Orange was entirely against any requirement that ISPs monitor for copyright enforcement. To the detriment of the panel, however, there was almost exclusive focus on the Digital Economy Bill, to the point where the broader issue of three-strikes was largely implicit, rather than explicit.

Overall, the conference was excellent. It drew together academia, industry, and civil society in productive ways, though largely absent were the actual content creators we were so often speaking about. Consumers were (I would suggest) well represented by the consumer groups and large division of the Pirate Party (local UK, Swedish, and EU levels being represented) present at the conference. I was, however, largely disappointed with attempts to shuffle copyright from an economic privilege to a moral right and the commonly espoused unwillingness to think through the potential harms that threaten to follow from further augmentations of copyright ‘protection’. Admittedly this speaks to my own personal interests – I’m insatiably curious about how economic privileges threaten to upset and disembowel constitutional protections given my own academic background – but also to a culture of what might be called ‘copyright blindness’, where copyright blinds us to the larger issues at play in the copyright debates.

Depressingly, it isn’t that my position is unique or shared only by a handful of people; informally most academics and academically-trained people that I spoke with at the conference were in agreement that the potential harms of copyright must be carefully, and seriously, considered. Publicly, however, this worry and accompanying strong language demanding a rethink of the present copyright regime was largely absent from conference presentations. There were only a few strong voices addressing copyright in light of the larger social good, and while they were (arguably) positive beacons it would have been nice to have much of the ‘informal’ consensus be more formally presented to rightsholders and other members of the conference. Having said this, generally the research presented was well-rooted in rigorous methodological techniques, and perhaps this research might be adopted and leveraged by policymakers in their ongoing engagements with copyright, content producers, and the public. My expectations, however, are less positive: I fear that the work of the COUNTER research project will remain sheltered in academia, sequestered from the public, and consequently ineffective in reshaping the copyright debacle in but the most limited of fashions. Hopefully this is a case where academia can successfully puncture the academic/public divide and breech the public policy debate, but I’m not holding my breath.

Other posts you might be interested in:

1. Universities Struggle to Cope with Anti-Piracy Requirements
2. Draft – Deep Packet Inspection: Privacy, Mash-ups, and Dignities
3. Thoughts: Deep Packet Inspection and Copyright Protection

I’m composing the beginning of this article to the sounds of Girl Talk’s ‘Like This’ from his Feed the Animals album. His artistic technique is to take very short samples from a variety of artists – twenty-nine samples are taken in the three minutes and twenty-one seconds of ‘Like This’ – and remix the work to create entirely new songs.[i] He isn’t a DJ but a self-described musician of the digital era, and when his work was presented to Marybeth Peters of the US Registrar of Copyrights she recognized that his music was amazing. She also recognized it was likely illegal, and the fact that his own creativity clearly imbued his creations offered no defense against copyright infringement: “You can’t argue your creativity when it’s based on other people’s stuff.”[ii] This position is mirrored by Barry Slotnick, head of the intellectual property litigation group at Loeb & Loeb, who has stated that “[w]hat you can’t do is substitute someone else’s creativity for your own.”[iii] Girl Talk’s work is recognized as amazing and creative, even by defenders and advocates of the present copyright regime, but is still questionably legal (at best). Feed the Animals is a popular album that pulls together anthems of pop culture, and its artist has been used as a defender of copyright reform movements,[iv] but it is only one item in a rapidly developing and emerging ‘mash-up’ culture that draws together existing cultural artifacts to in the creation of a recombinant digital culture.

Rather than stepping into the technical (il)legalities of mash-ups in any depth in this article I engage with mash-ups at a normative level. I aim to construct a normative argument for the cultural value of mash-ups, recognize some issues concerning expressive and cultural dignity that emerge alongside the ubiquitous surveillance and censorship of mash-up data traffic that may be identified as ‘infringing content’, and offer both a practical and a political solution to alleviate surveillance dangers and secure our emerging digital culture. To this end, I first outline the importance of mash-up culture, and then proceed to sketch a set of dignities that citizens in Canada (and other Western countries) should be able to expect in the digital domains they routinely roam in: citizens should be meaningfully able to possess expectations of contextual privacy and engage in civil expressions in domains of digital hybridity. It is with the shift to previously implausible ubiquitous digital surveillance and control systems, such as deep packet inspection, that Western citizens are again forced to worry about their privacy and expressive capacities in communal, rather than merely individual, senses. Accompanying this surveillance and control system is the threat of chilling speech, limitations of civil expression, and infringements on the possibilities of innovation. The technical structures that wait for copyright infringement should not be permitted to threaten innovation, criminalize otherwise routine communication, or undermine cultural development and experimentation without a full and transparent discussion of the costs such infrastructure could pose to the emergence and development of Western cultures, states, and citizenries.

To this end, I argue that there is a need to moderate the legal considerations of copyright, perhaps by adopting a hardware tariff model or developing distinctions in what constitutes infringing use. This will alleviate the demand to use technologies such as deep packet inspection for copyright enforcement, but is insufficient to genuinely alleviate the more general threat to civil dignities posed by these ubiquitous digital surveillance instruments. To better secure civil actors from the threats posed by these instruments there must be increased transparency surrounding digital networks, insofar as both vendors and Internet service providers must be required to disclose to the public, and its civil advocates, the technologies under development/in use, motivations driving development and usage, and modifications that are made to already deployed systems.

Why Mash-Up Matters

The public domain operates as the basis “for our art, our science, and out self-understanding. It is the raw material from which we make new inventions and create new cultural works.”[v] The public domain is from where the majority of our culture emerges from, and in the face of an ever-extending capture of the public domain by the advocates of strong copyright reform mash-up artists and citizens have taken to the ‘net to (re)generate their cultural heritage. Mash-up matters because it’s the beachhead upon which (dominantly) youth are mounting their critiques about the current legal conditions of their cultural existence. Mash-up matters because if the dogs-of-law do not release this mode of cultural formation from their jaws, then the equivalent of the future’s jazz and rock-and-roll will be criminalized, and the electronic culture of the future put in jeopardy. Mash-up matters because it can be read as the exemplar of the praxis of digitality itself.

Digital technology facilitates the engagement with culture in a massive way. Whereas folk and jazz music alike historically saw relatively small groups coming together to ‘remix’, or modify, add, and subtract, pieces of the music, the Internet has given today’s equivalent of folk and jazz musicians a global audience. There is, however, a clear difference between those musicians that used non-digital instruments and those using laptops, Garageband, and electronic keyboards; the former were limited in the acquisition and distribution of cultural artifacts, whereas the globe is the limit for the former. Lawrence Lessig, Paul Virilio, and Matt Mason recognize that there has been a shift in the speed and virtuality of informatic-creation, movement, and communication. In his recent book Remix, Lessig argues that there is a kind of ‘Read-Only’ culture – one where citizens could only purchase and enjoy culture in relatively static ways – and ‘Read-Write’ culture – a cultural situation where citizens modify and freely exchange new cultural creations.[vi] In the former, culture retains its agency by refusing to let the audience engage with the work itself to unlock its creative possibilities. Expensive equipment or highly specialized training was required to take up film, music, and similar ‘technical’ arts to creatively engage with the material itself in a way that directly copied and implicated the content itself in the development of new cultural artifacts. In the latter situation, culture’s agency becomes shared between the artifacts and those engaging with it: culture becomes ‘active’, as it was in the heydays of folk and jazz music.

In his discussion of the globalization of communications networks and the heightening velocities of contemporary technologies, Virilio ominously writes that we understand nothing of the information revolution, nothing of digitality itself, unless we recognize that it “ushers in, in purely cybernetic fashion, the revolution of generalized snooping.”[vii] With the shift toward ever-increasing standardization of the digital ecosystem – manifest in Internet’s technical architecture in the TCP/IP protocol suite, standardized ‘content containers’ such as JPEG, MP3, AVI, and uniform modes of measurement and signature analysis – comes the capacity to monitor, control, and mediate the objects enclosed in such standardized containers. Simultaneously, there is a division of object, a mass multiplication and exponential enumeration of such objects given that “data objects are nothing but the arbitrary drawing of boundaries that appear at the threshold of two articulated protocols.”[viii] Protocol, the medium binding and delivering cultural artifacts, functions as an instrumental or technical addition, as a necessary element of control that rests upon and frames the playful capacities inherent with digital cultural expression. The protocol that facilitates the playful engagements of youth with their culture simultaneously establishes the mesh within which their cultural artifacts can be scanned, probed, analyzed, and censored.

The search for control over intellectual creations maps onto the logic of perfect control annunciated by James Boyle: there is an argument, routinely touted by copyright holders, that the strength of intellectual property rights must vary inversely with the cost of copying to ensure a vibrant for-profit cultural environment. He calls this ‘the Internet Threat’, the stance that “without an increase in private property rights, cheaper copying will eat the heart out of our creative and cultural industries.”[ix] It is (partly) in reaction to the Internet Threat that Mason examines the effects of the rapid development of the digital ecosystem, and digitality’s potential to enable citizens to engage with cultural artifacts new and novel ways. As we will revisit, shortly, it is the Internet Threat that leads deep packet inspection equipment to be purposed to secure intellectual property.

A clear result of the digitization of cultural artifacts has been the near-instantaneous delivery of cultural content to meet the desires of particular individuals. This is most evidently manifest with Napster’s explosion onto the digital scene, which subsequently lead to the branding of filesharers as pirates. Instead of seeing pirates as the doom of culture, Mason asserts that “[p]irates highlight areas where choice doesn’t exist and demand that it does… this mentality transcends media formats, technological changes, and business models.”[x] A component of transitions to digitality, in particular, entail the ability to enjoy and develop culture through ‘remixing’.  Remixing “is about taking something that already exists and redefining it in your own personal creative space, reinterpreting someone else’s work your way . . . It’s about shifting your perception of something and taking in other elements and influences . . . your originality should outshine the borrowed elements, or at the very least, present them in a new light. A good remix adds value to something.”[xi] In the language of generating cultural artifacts, this means that with the emergence of a new set of tools (cheap, yet technically sophisticated computer software and accompanying cheap, yet powerful, computer hardware) and new communications mediums that realign ‘personal creative space’ with YouTube, the youth of today have begun ‘editing out’ their own cultural commons. The challenge they face can be put thusly: the public domain and the relative anonymity provided in a world of analogue search-and-lawsuit practices are being dissolved in the face of legally driven protocological conflict. Without access to the public domain, without access to anonymity, youth and other participants in recombinant digital culture are under legally sanctioned siege, a siege that is criminalizing an outrageous percentage of the population.

To summarize, mash-ups matter because they can be seen as the resurgence of the past, of a time where individuals could take up and share the cultural artifacts they were immersed in. Mash-ups, in their massively available form, are presently made possible through the usage of contemporary computer systems; the systems of simulation that can be used to play video games, listen to music, and display YouTube videos are the same systems that encourage cultural generativity and massive instances of self-expression. Code can be, and is, taken from disparate sources, tinkered with, and subsequently emitted to the Web. This is an example of mash-up culture. Various musical albums that span various genres are recombined in fits of creativity to generate new conditions for cultural possibility. This constitutes a mash-up. Citizens draw pieces of video from music videos, news, advertisements, and government announcements to inscribe their own social, political, or banal commentary on the actions of the day. This too, is part of mash-up culture. Each of these three elements (of many more!) of mash-up culture play a role in defining how the digital generation will engage with their world; this generation has moved well beyond the recombination of words in blogging, to the recombination of the audio-visual facets of culture to transmute sterile corporate cultural artifacts into invigorated and vibrate artifacts endowed with cultural meaningfulness and life.[xii]

Next Section: As We Walk Into the Valley of the Shadow of Surveillance…

[ii] RIP A Manifesto, at http://www.nfb.ca/film/rip_a_remix_manifesto/

[iii] Steal This Hook? D.J. Skirts Copyright Law by Robert Levine, August 6, 2008. New York Times. Link: http://www.nytimes.com/2008/08/07/arts/music/07girl.html?pagewanted=2&_r=1

[iv] Pennsylvania Congressman Mike Doyle – member of the Subcommittee on Commications, Technology, and the Internet – has spoken highly of Greg Gillis (aka Girl Talk) in Congressional hearings. For more, see: http://www.rollingstone.com/rockdaily/index.php/2007/04/27/why-one-congressman-wants-you-to-borrow-more-music/

[v] Boyle, James. (2008). The Public Domain: Enclosing the Commons of the Mind. P 39.

[vi] Lessig, Lawrence. (2008). Remix: Making Art and Commerce Thrive in the Hybrid Economy.

[vii] Virilio, Paul. (2005). The Information Bomb. P. 62. Emphasis from text.

[viii] Galloway, Alexander. (2004). Protocol: How Control Exists After Decentalization. P 54.

[ix] Boyle, p. 60.

[x] Mason, Matt. (2008). The Pirate’s Dilemma: How Youth Culture is Reinventing Capitalism. P. 46

[xi] Mason, Matt. (2008). The Pirate’s Dilemma: How Youth Culture is Reinventing Capitalism. Pgs. 71, 81, and 83. Emphasis added.

[xii] Something about Adorno and the culture industry

Other posts you might be interested in:

1. Draft – Deep Packet Inspection: Privacy, Mash-ups, and Dignities
2. Will Copyright Kill eHealth?
3. The Role of Digital Surveillance in Stopping the Past’s Rebirth

While I pay attention to copyright developments in Canada and abroad, and have strong stances on how academics and the Canadian government should licence their publications, I’m not a lawyer. I do, however, know that government documents in Canada are governed by Crown Copyright – unlike in the US, the Canadian government maintains copyright over its publications – and thus I wanted to check with the CRTC if there were any problems hosting documents from their site, including those presumably under a Crown copyright such as the CRTC’s decision.

Today I spoke with someone at the CRTC and received word that I could rehost the documents, without any problems. They were ‘in the public domain’ and so I could do with them what I wanted. I was pleased to hear this, as I wasn’t sure if the Reproduction of Federal Law Order would apply to the filings of private companies – it should apply to the CRTC’s decision itself, but as the order is written it’s ambiguous (to me) where and how private filings ‘fit’. In any case, I’ll take the CRTC’s word and be pleased that their public notice filings, including the filings by private corporations, are ‘public domain’ works and not governed by crown copyright. In case someone is wondering why I even bothered checking with the CRTC, given that my intended uses of the works arguably fall under under the research and review criteria of Canada’s fair dealing provisions, I expected that my use was legitimate but wanted to check with some lawyers that I was actually in the clear. I didn’t want to have a project go live, only to receive lawyer-grams from the CRTC or private companies! The CRTC has lawyers, and I thought it’d be a decent idea to draw on their expertise. Had I gotten a baffling response (e.g. no, for copyright reasons you cannot host anywhere else!) I’d have gotten a second opinion.

So, that’s fine and good: I can use the documents. It was the rest of the conversation that was particularly interesting, and more than a little disturbing.

I learned that the CRTC occasionally removes documents included in public filings and, far more significantly, sometimes changes the actual documents themselves without notifying anyone, not ever parties who were involved in the public notice. Such changes are made to correct misstatements of fact, to redact content already on the record or make available incorrectly redacted content, and so forth. This has far-reaching implications: closed public notices can have documented modified, where such modifications could potentially have affected public awareness of the notice as it was ongoing. In the case of some ‘corrections’, this could be incredibly important: what if in PN 2008-19 (and this is entirely hypothetical and meant as an example: I have ABSOLUTELY NO REASON TO BELIEVE THIS IS THE CASE) it turned out that one of TELUS’ redacted sentence was made available to the public, and it stated that TELUS was in early consideration stages of using Deep Packet Inspection in their networks? Such a ‘correction’ would have substantial effects on the arguments put forward by various civil advocates, and would render someone who was not involved with the public notice as it was ongoing very confused about the apparently contradictory filing between (in this example) TELUS and public advocacy groups. Thus, not only do these secretive changes risk contaminating later research, but it could also undermine public confidence in the public notice process itself.

The other very interesting copyright-related item that I learned was that, while hosting the documents isn’t a problem, were I to scrape and do a check-sum between what I have hosted and what the CRTC hosts that would be considered a copyright infringement. The gentleman I spoke with professed not understanding how that would be a copyright issue, and was just passing on the message from the lawyers, but it’s incredibly bizarre. In effect, it states (to me) that I can host but cannot check to guarantee that what I’m hosting is ‘the most accurate/recent version’ unless I want to eyeball the documents and look for ‘corrections’ that may or may not be announced anywhere in the document or public notice website itself. From a government transparency point of view, this is deeply concerning: members of the public, if aware of the potential for relatively secretive changes to public filings, cannot automate any system to watch for such changes without running afoul of lawyers. The resources thus required to ‘check up’ on the CRTC would be enormous for the poorly funded civil advocacy groups and members of the public (neither eyeballs or time are in abundant supply!). Moreover (and again, I am not a lawyer!) in my reading a check-sum or something like it is required to actually comply with Canadian copyright law. The law,

authorizes anyone, unless otherwise specified, to copy federal legislation, statutes, regulations, court decisions and tribunal decisions without the usual restrictions that govern Crown copyright materials, provided that one is careful to ensure the accuracy of the materials reproduced and that the reproduction is not represented as an official version. (emphasis added)

Given that I’ll be hosting documents, to ‘carefully ensure the accuracy of the materials reproduced’ aren’t I required to set up some automated system, given that the CRTC can potentially just change or remove documents without any public notification or transparency? Does this mean that compliance requires me to manually check on a daily/weekly/monthly basis that all the files on the CRTC’s webpage are exactly as they were when I first copied them?

Admittedly, these changes to documents in public notices are supposed to happen ‘fairly rarely’ and there isn’t any reason to expect that the filings for PN 2008-19 (which is what I’m interested in for this project, right now) are going to change. It’s possible that there was miscommunication as a result of interjecting an intermediary between myself and the CRTC’s lawyers. I’m very happy that I can host the filings for PN 2008-19 and that all of the items in that filing (including the CRTC decision) are apparently ‘public domain’ and thus outside of crown copyright. Those are all great things and I appreciate that the CRTC was fairly quick in getting back to me (it took about 4 business days). I’m far less impressed with secretive changes happening to public filings, and am disturbed by the position that scraping for check-sum purposes would somehow violate copyright.

I’m not a lawyer, and I’ll be following this up with the CRTC to try and get additional transparency into what’s going on. Hopefully there was just a miscommunication; I would understand if regular scraping was a problem because it could bog down their servers, and that on that basis they could drum up DDOS charge or something, but to construe server access to guarantee I’m hosting the most up-to-date documents with a copyright violation is mind boggling, and screams of misuse of copyright to this non-lawyer.

Other posts you might be interested in:

1. Update: CRTC PN 2008-19 ISP Filing Summary Document
2. Will Copyright Kill eHealth?
3. Update: CRTC PN 2008-19 Filings

What we see less of in the eHealth debate are the prevalent dangers accompanying threats to cut citizens off of the ‘net as a consequence of copyright infringement. It’s this issue that I want to briefly dwell on today, in part to start ramping up some thoughts on the wide-ranging effects of three-strikes laws that are starting to be adopted and/or seriously discussed in various jurisdictions around the world.

To give an overview, three-strikes laws in the copyright context are generally presented as a way of curtailing copyright infringement. Often acting under the assumption that a downloaded copy of a file is the equivalent of a lost sale, major content and rights holders insist that they are losing billions of dollars per year to Peer to Peer (P2P) filesharing. While I will note that this is a relatively insane equivalency (it is largely like arguing that every person who opens a book in a bookstore, reads it for about 10 minutes, and then puts it down constitutes a ‘lost sale’ – for more on this read Doctorow’s Ebooks: Neither E, Nor Books), there are lots of great articles you can read that deal with this issue and so I’m not going to dip my feet into that argument here. You might ask how it is possible to identify copyright infringing work, and one of the ways of doing so is through specific implementations of Deep Packet Inspection (DPI) appliances by Internet Service Providers (ISPs). Virgin Media is trialling a system that will generate a copyright infringement index (though won’t identify particular individuals who are infringing on copyright) and DPI vendors such as iPoque have already produced equipment that is designed to identify infringing file transfers in realtime.

Three-strikes laws have a common, general, format: after an individual is found, or believed to have been found, infringing on copyright three times they are forcibly disconnected from the Internet by their ISP either at the behest of the government or content holders. The particular legal structure that facilitates these ejections from the Internet differs – sometimes there is a presumption of innocence and requirement that infringing use is proven, whereas in other systems accusations alone suffice – but the common end is the same: during an era when broadband is seen as a key to performing job searches, gathering academic research, developing knowledge about our illnesses, and discovering new cultural artifacts, copyright holders want to insist that their intellectual property rights should be foregrounded and other social goods put to the back of the line.

This bring us to the question posed by this post’s title: “Will copyright kill eHealth?” What happens when, after investing billions of dollars in ‘revolutionizing’ the current health system so that individuals are ‘empowered’ to access their health records, governments and their citizens realize that they are in a digital wasteland, where accessing health records is dependent on good copyright-related behaviour? When I’m tasked with absolutely securing my wireless network so that a war driver can’t access my network and download some pop track, does this mean that I should sign up for expensive third-party services to guarantee access to my ‘newer and better’ health records and other government services? To alleviate these anxieties, perhaps I’ll be able to pay a small monthly fee to my ISP and they will, on my behalf, block anyone on my network from accessing potentially copyright infringing work from non-sanctioned repositories so that I can participate in the new digital economy.

I’m not suggesting that health authorities are necessarily experts in areas of copyright, network management, network surveillance, or data transactions. Typically, they’re not, and citizens don’t expect their M.D. to understand the ins and outs of file transfer protocols, file signature analysis, or data packet analysis. While I’ve suggested (recently, no less) that it is important to consider the particular impacts of certain ‘high-functional’ technologies, such as deep packet inspection, we do still need to step back occasionally and think of some of the possible impacts that high-functioning technologies and the surrounding basin of law might have on the delivery of core, newly digitized, government services. I don’t want to live in a world where my ISP has a real market incentive to ‘sell’ me the equivalent of copyright-infringement ‘insurance’ on a monthly basis so that I can view the digital records that governments and corporations retain about me. I actually don’t think that ISPs want to live in this world either; in such a world they would be placed in a position of liability upon failing to prevent me from accessing infringing material! It’s because of the wide-ranging possibilities of network intelligence and the laws around it that research into network intelligence and security is so interesting – with the Western transition to the digital, and the ability to watch and impact digital flows, the role of the ISP will only become more and more significant to citizens’ daily lives.

Who can we turn to in the event that some kind of a three-strikes law becomes manifest in a Canadian context? It’s entirely possible that the inspection of data flows for copyright infringing material might be ‘privacy protective’ – privacy might be built into the infrastructure by design per the governing ethos of the Information and Privacy Commissioner of Ontario – and this suggests that the language of privacy may be insufficient to really limit the challenges of any three-strikes law. I have similar worries about the ability for consumer protection laws to effectively limit the negative consequences of a three-strikes law (though Canada does have one of the world’s forefront copyfighter’s on the people’s side), and if we require judges to hold real cases before individuals have their digital lifelines terminated then court costs over what are (likely) just people ‘browsing content’ will be exorbitant. The transition to electronically delivered content has (supposedly) been devastating for how the major content owners have been able to turn profits, but we need to go further than just say they need to develop better models instead of suing people. We need to ask this: should government be developing laws the prop up questionable current-day business models at the potential expense of wasting billions in public infrastructure upgrades, or should government be taking a longer view of things and start siding with both citizens and their own allocation of infrastructure dollars? I worry that if government doesn’t more prominently side with themselves and their citizens, we’ll see eHealth and other eGovernment ventures die under the knife of copyright reform and protection, and that would be a tragic shame and absolute waste of citizens’ tax dollars.

Other posts you might be interested in:

1. Update to Virgin Media and Copyright DPI
2. Virgin Media to Monitor Copyright Infringement
3. Copyright and the Blank Media Levy

The story about Detica’s involvement really broke with Chris Williams’ piece over at the Register entitled, “Virgin Media to trial filesharing monitoring system.” In the piece, he recognized that the trial will encompass roughly 40% of Virgin’s customers, that the aim is to measure overall levels of filesharing rather than identify individual customers, and (at least initially) will focus on music. After I read the piece, I send some questions off to Detica and posted them (“Virgin to Use DPI to ID Copyright Infringement“) based on my reading of Williams’ piece and Detica’s consultation paper, and shortly thereafter followed up with Detica’s responses and thoughts on CView and privacy infringements (“Update to Virgin Media and Copyright DPI“). Between the posting of my questions, and the response from Detica, Richard Clayton had a meeting with representatives from Detica and posted the information they released to him over at Light Blue Touchpaper in a posting “What does Detica Detect?” The Register was also able to get face time with people working at Detica, leading Williams to produce his second piece “Spook firm readies Virgin Media filesharing probes.”

In the rest of this post, I want to pull together the information that has come to light so that we can get a better picture of what is known about CView. As such, this is very much a summary rather than an analytic post; hopefully I’ll have time to delve the information more critically in the near future.

How does CView integrate with the ISP network?

In the interview with Williams, Dan Klein of CView acknowledged that the CView appliances are expensive enough that ISPs are unlikely to purchase very many of them. The system,

starts by using fibre taps to pick off traffic from an appropriate part of the ISP network. They use a fibre tap rather than “port mirroring” to make it easier for the ISP to be sure that they won’t disrupt any traffic. The links that they monitor need not be carrying all of the ISP’s traffic — they merely hope that it will be a statistically significant sample.

The raw traffic is then sent to the CView box, which can handle multiple 10Gbit links. The first stage of processing is in hardware (FPGAs), then software takes over. The “external” endpoint identity is discarded and the “internal” identity is encrypted using a key that is not made available outside the box (ie: the intent is to make the customer “anonymous” but to be able to link different activity from the same source). (“What does Detica detect?“)

Put in other words, the Detica CView system engages in a passive, offline (as opposed to inline) analysis – the traffic is split (i.e. mirrored) from the ISP network so that consumers don’t experience any meaningful impact on their speed, if any impact whatsoever is even felt.

What does CView detect?

The Register, in their December 7, 2009, article revealed that eDonkey, Gnutella, and BitTorrent were the protocols that were to be inspected by the CView. At the moment, the appliance is geared to examine for music files, but the original Register piece raises questions of whether or not it will necessarily be limited to just music files in the future.

How does CView perform detections?

After splitting the traffic into the CView appliance, it examines data traffic to determine if data is being carried along one of the three aforementioned file sharing services. Even when encrypting your data traffic, it is often possible to identify the protocol used based on the cleartext data that precedes the encrypted flow. It should be noted that the most recent Internet Evolution test of DPI provided test results confirming this capacity to detected encrypted P2P flows. Detections are performed passively, out-of-line from the ISP’s traffic. When data traffic is identified as being P2P a content field is generated with the below information:

• the encrypted (and thus anonymised) customer identity
• the type of P2P protocol
• the content identifier value
• the file size
• a timestamp

Where the P2P flow is encrypted, while a record is generated no data can be entered into its fields. In addition to this information, the CView appliance will generate an ‘acoustic fingerprint’ from the file – this is, perhaps, the ‘content identifier value’ that Clayton notes? – and then passes this information along to a separate statistics box that will identify whether the P2P file is copyright infringing.

What about anonymity?

Of course there are worries that a system like CView could be used to rapidly identify the copyright infringers that are operating on a particular ISP’s network. Given the information provided by Detica, the company certainly is trying to secure the anonymity and identificatory privacy of ISP customers. Specifically,

IP addresses are anonymized at the source/DPI device using a pseudo-random replacement algorithm, which also entails ignoring the external IP addresses. The key generation system is managed automatically by the device (and thus an ISP can’t muck around with the system), and keys are periodically cycled and redistributed. The keys are never made available outside of the device, and once a set of keys for a given time period are discarded they cannot be recovered – the process is irreversible. On this basis, we can argue that no subscriber ID is associated with the randomized replacement algorithm, there is no way to associate a subscriber ID with the pseudo-random number after the fact, and as such the anonymization system should serve its purpose. (“Update to Virgin Media and Copyright DPI“)

Richard Clayton maintains, as I do, that CView is employing DPI in a manner that addresses individual privacy and data protection concerns though is mindful of the possible RIPA issues. Specifically, he writes:

I should also address (especially given the huge fuss over Phorm) the rather important question as to whether the system is lawful to operate? Please note thatIANAL, but I’ve studied their writings in this area a fair bit…

The design as explained above seems to address issues of privacy and data protection (amalgamating statistics and discarding identifiers is a sound technique for jumping these hurdles). But there is then the vexed question of illegal interception. The system does “wire-tapping”, that’s obvious, but the criminal offence is called “interception” and that is carefully defined within the Regulation of Investigatory Powers Act 2000. I expect that Detica would wish to argue that there is no interception because no content is seen by any humans… however, spitting out the file identifier might in itself be sufficient to infringe. It may take some case law before anyone can say for sure. (“What does Detica detect?“)

It will be interesting to see whether or not CView faces the same calibre of public outrage as Phorm did; Phorm ran up against Alexander Hanff (amongst others) but Hanff has recently noted his inability to work as a privacy advocate ‘full time’ this round as he did against Phorm. Admittedly, I see Phorm as engaging in different activities as Detica, but the emphasis often placed against Phorm (as I read things) was DPI first, and behavioural advertising second. That might, admittedly, be a coloured reading on my own part. Regardless, I’m sure that Detica’s PR staff is breathing some small sigh of relief that they won’t be dealing with Hanff full-time.

What is the utility of CView to ISPs?

Detica is promoting CView as a way for ISPs to establish an ‘index’ of copyright infringements. As noted by the Register,

Perhaps most importantly, at least at first, CView will measure how the overall level of copyright infringement via peer-to-peer networks responds to Lord Mandelson’s letter-writing campaign. If the Digital Economy Bill is passed in what remains of this Parliament, those observed by rights holder groups sharing copyright material could start receiving statutory warnings in the post from their ISP as soon as April.

A year later a system of “technical measures” – bandwidth restrictions, blocked protocols and disconnections for the most persistent – imposed on ISPs by Ofcom, is likely to follow. If successful in trial, CView will allow Virgin Media to monitor how its customers respond to the regime, although it will not be involved in idenfiying infringers. (“Spook firm readies Virgin Media filesharing probes“)

Richard Clayton notes that it might be the case that a small number of files might be ‘incorrectly’ identified as infringing, but such identifications are likely small enough to be inconsequential. The worry, of course, is that minor tweaks might turn CView into a “first-class monitoring system” that can be used to identify and target individual users. While an injunction would be required for this, the pushes for such injunctions in the EU mean that this is something that must be kept in mind, even though UK media conglomerates have not previously sought such injunctions.

What isn’t (totally) clear to me

I think that we’re developing a pretty good understanding of what the Detica system entails, as well as its characteristics ‘out of the box’. I’m still unclear about how the ‘audio fingerprints’ are taken – I assume (based on Occam’s razor) that based on what has been released to Richard that hash-based, rather than fingerprint-based, methods of analysis are being performed but can’t be totally certain. (Note: fingerprinting can be used to detect infringement where only a fragment of a file is identified as infringing, as in a mashup that includes a second or two of a song, whereas a hash-based analysis would only examine the totality of the file, as in a .mp3 file of Madonna’s ‘Like a Virgin’.)

The other, fairly major, element that isn’t clear is just how easy it is to ‘tweak’ the CView system as Richard suggests is possible. If we’re talking about a firmware update, that’s a fairly low cost with potentially very major functionality changes to the device, and would run counter to the assurances provided by Detica to Richard, the Williams, and myself that the system is designed to provide anonymity. On the other hand, if it would take a hardware modification, then the infrastructure, manpower and capital expenditure costs to ‘upgrade’ the device might alleviate the drive for ISPs to implement a genuinely granular user-identification system. Function creep with these devices, of course, is a real worry – it would be great for Detica to clarify how these ‘tweaks’ are technically possible as part of their ongoing efforts to be transparent.

Other posts you might be interested in:

1. Update to Virgin Media and Copyright DPI
2. Virgin Media to Monitor Copyright Infringement
3. Draft – Deep Packet Inspection: Privacy, Mash-ups, and Dignities

The key question that is lurking in my own mind – if not that of others interested in the CView product – is whether or not the appliance can associate inspected data flows with individuals. In essence, I’m curious about whether or not CView has the ability to collect ‘personally identifiable information’ as outlined by the Privacy Commissioner of Canada in her recent findings on Bell’s use of DPI. In her findings, the Commissioner argues that because Bell customers’ subscriber ID and IP address are temporarily collated that personal information is being collected that Bell does collect personal information. In the case of Bell, this didn’t mean that they had to stop the collection, but that they had to adjust their privacy policies to reflect this collection (though it should be noted that any such association and collection will happen, with or without a DPI appliance, because Bell always associates a subscriber ID with dynamically assigned IP addresses).

Now, this means that my examination of the CView system and consideration of privacy is different from those approaching the system from the stance of Regulation of Investigative Powers Act which might be seen as putting me off-side of some privacy advocates. I don’t necessarily have an issue with that, and in fact think that strong, well meaning discussion amongst the privacy community can be quite healthy – different levels of analysis and approaches are called for when facing particularly novel technological systems, and expecting a lockstep approach of these technologies and their accompanying politics is somewhat absurd. For my purposes, I’ll simplify things and identify a privacy infringement (for my purposes, if not those of RIPA) as entailing:

1. A collection, processing, storage, or analysis of data that is associated with an individual, or a very specific set of individuals;
2. A case where whatever is collected, processed, stored, or analyzed is done so to influence the individual, or specific set of individuals, in a particular and reasonably direct manner;
3. An instance of data anonymization where there is the strong likelihood that such anonymization is either intentionally compromised or unlikely to be effective.

In terms of the CView system, let’s first address the concern of anonymization. Specifically, we have to ask how stringent the anonymization system actually is. When I asked Detica about this process, they informed me that because the CView device is intended to produce a Copyright Infringement Index (aka the ‘Piracy Index’) by evaluating the overall filesharing on a network that identity information isn’t required for this objective. IP addresses are anonymized at the source/DPI device using a pseudo-random replacement algorithm, which also entails ignoring the external IP addresses. The key generation system is managed automatically by the device (and thus an ISP can’t muck around with the system), and keys are periodically cycled and redistributed. The keys are never made available outside of the device, and once a set of keys for a given time period are discarded they cannot be recovered – the process is irreversible. On this basis, we can argue that no subscriber ID is associated with the randomized replacement algorithm, there is no way to associate a subscriber ID with the pseudo-random number after the fact, and as such the anonymization system should serve its purpose. Of course, there is a concern that there are no such things as anonymization processes – as noted by Paul Ohm – but I think that a more technical analysis of data logs would be required to figure out whether or not we could make the push that Detica’s system is a failure. At the very least, they appear to be making a real effort in keeping data sets anonymous and doing what they can to prevent privacy infringing behaviour.

One of the questions I posed to Detica, which was related to CView identifying copyright infringing files, went as follows:

“…what method is used to identify content. Is Detica using a file hash-based identification process or fingerprinting system? I ask because broadly identifying protocol alone would render any analysis of P2P data traffic as inherently infringing somewhat problematic, given that P2P is also used for legitimate file transfers.”

The member of the company I wrote to admitted that they couldn’t go into the specifics of how the system performed identifications for commercial reasons – this is normal when dealing with what are effectively corporate secrets – and thus couldn’t speak to their system using either fingerprinting or hash-based analysis. They did say, however, that the system is conservative, insofar as it makes its assessments based on assumptions that transfers are legitimate unless there are reasonable grounds for determining otherwise. As I read/translate this statement, it says to me that rather than classifying all P2P traffic as infringing, the system only flags infringing content as that which can be matched against its index of infringing files. Whether this entails fingerprinting (where only a fragment of a file is identified as infringing, as in a mashup that includes a second or two of a song, instead of the whole file, as in a .mp3 file of Madonna’s ‘Like a Virgin’), however, is unknown.

Detica’s responses maintain that their CView system is deployed in a passive mode (which is expected), and I’ve asked for clarification about whether or not it rests inline or offline – whether the appliances will perform traffic analysis in real time inline with the flow of data passing through the ISP’s network, or in a delayed fashion that sees the data traffic ‘offloaded’ out of the ISP’s network. I expect that it is a passive, inline appliance, but we’ll see. The company does maintain that “there is no persistence of any analysed content – Detica CView(tm) is a measurement system so could not be used as an evidence collection mechanism.” This means that the DPI appliance cannot be used, as designed, to identify individuals trading infringing material online, and thus cannot be effectively used to enforce any three-strikes law.

Ultimately, given that CView is engaging in network-level intelligence, without correlating IP addresses with a unique signature or code, let alone a subscriber ID, I’m not certain that this system is necessarily ‘privacy infringing’ as it’s presently configured and deployed. Does this mean that it can be used to subsequently insist on deeper penetration and analysis of who is trafficking following the establishment of a ‘piracy index’? Quite possibly – the political ramifications of having quantifiable network intelligence are vast. One of the reasons why DPI appliances in general are so interesting is how they are wrapped up in the politics of net neutrality, privacy, and copyright. Despite their interesting intersection along the crossroads of digital issues, perhaps we need to develop an archetype to engage with these devices as follows:

1. What does the technology do, today? Does this constitute a privacy (or, preferably, constitutional rights grounded) infringement?
2. What can the technology do, tomorrow? In light of what it can do, how should we advocate for strong protections to prevent our concerns from arising, and channel the technology towards ‘good’ outcomes?
3. Ask the question ‘what needs to be put in place to ensure that the ‘good’ outcomes of tomorrow triumph over the possible ‘bad’ ones?’ and provide resources to achieve the good and avoid the bad.

This is a simple schema (and, actually, deserving a deeper analysis), but parallels what I’ve come to adopt over the past few months. It is critical that we analytically distinguish between temporal realities and futural possibilities, as well as between the issues of network neutrality, copyright, and privacy (among others) to develop sufficiently nuanced and complicated understandings and resolutions to the insertion of DPI appliances in ISP infrastructures. DPI is unlikely to go away; the aim now has to be to identify and proclaim ‘good’ uses of the technology and work to prevent the ‘bad’ uses from becoming prominent telecommunication practices.

Other posts you might be interested in:

1. Virgin Media to Monitor Copyright Infringement
2. Copyright and the Blank Media Levy
3. Aggregating Information About CView