[A2k] Paris TACD Meeting: Draft 'understanding' on RMI and TPMs
Philippe Aigrain
philippe.aigrain@wanadoo.fr
Sat Jun 3 09:53:02 2006
Further to exchanges betwene Nick and Michelle on this subject. My impressi=
on
is that Nick's proposal intention is good, but that it takes a too
specialised approach, not addressing some major concerns related to TPM, DR=
Ms
or compulsory RMI. Here is a proposal for a streamlined set of points,
including one on this last aspect (impact on the freedom in the overall
information infrastructure) :
----
1- Rights information should be the enabler of a freely endorsed social
contract between creators and users, not a vessel to force TPMs and DRMs on
them. Thus, there should be no compulsory implementation of rights
information related checks, and no associated locks on usage.
2- TPM systems must be submitted to the a priori check of the relevant
information security and privacy or data protection authorities, and can no=
t
be applied to works without the informed consent of their creators.
Commercial media carriers and services must provide adequate information to
consumers about usage limitations introduced by TPMs and DRMs.
3- Legal usage rights, for instance those expressed as exceptions or
limitations to copyright, should always be immediately effective in relatio=
n
to TPMs : any TPM must implement such rights, and TPMs should not be
protected against circumvention when such circumvention is needed to
legal or contractually authorised usage.
4- The protection of interoperable access to works (accross devices, accros=
s
software platforms) must be such as to guarantee:
- the ability of creators to make their works accessible to the widest publ=
ic
including under licenses that grant free access and/or usage rights, and
without losing the benefit of redistribution of fees collected under legal
licensing schemes
- the freedom of software writers to disclose and license under the license=
of
their choice the source code of software that achieves this interoperabilit=
y.
----
Re the comments of Nick on compatibility with existing legal treaties and
laws: the only possible problem is with the first part of my point 3 (TPM m=
ust
a priori ...) and EUCD. Leaving aside the fact that we should never stop at
considering needed changes in treaties and laws, the actual transpositions
for EUCD show that there is a wide margin of interpretation in
implementation. Ireland has implemented this first part of point 3, and
several other countries the second part.
--
Philippe Aigrain
Le Vendredi 2 Juin 2006 18:29, nah.maillist@fastmail.net a =E9crit :
> Firstly thanks very much for such a comprehensive reply and for what it
> is worth I think these are all good points.
>
> With respect to point 1, you understand corrrectly.
>
> I do understand that there are many groups which object to RMI, TPMs,
> and DRMs completely. Basically the point underlying the first draft is
> that it isn't realistic for countries to un-ratify the Internet Treaties
> (and certainly many representatives of music constituencies would not
> wish for that to happen), and therefore in those countries there will be
> protections of RMI and TPMs. The question is whether or not we can agree
> some common-sense regime to regulate the use of these technologies so
> that the positive outweighs the negative.
>
> 1(a) Of course. The use or non-use of RMI and TPMs is entirely separate
> from any other issue. If services want to use them, they'd have to
> 'follow the rules'. If they don't wish to, then they wouldn't. That
> said, RMI is just information and since quite a lot of that information
> could - and indeed is - of interest (artist name, composer, performers,
> date recorded, etc) providing it is accurate having RMI attached to a
> song isn't actually harmful, which leads us to point 1(b)
>
> 1(b) Of course we could put something in to cover the privacy issue. It
> may be useful to state that a model which relies upon actual usage to
> determine the level of royalties which go to which artists does not
> require information about the individuals who use a song. However, I do
> take the point that information on users would be held somewhere - and
> the disclosure of that information should be regulated. Could you
> perhaps provide some language that covers this? I know that you're far
> more familiar with this area than I am unfortunately.
>
> 1(c) Completely understand what you mean. My language here is frankly a
> bit cumbersome anyway. As with 1(b), could I bother you for replacement
> language?
>
> 1(d) Personally I agree completely. The question is: would such a
> requirement actually fulfil the legal obligations that WPPT/WCT parties
> have to one another? And, in the EU, would the requirement breach the
> provisions of Directive 2001/29/EC? If the answer to is yes,then we
> cannot ask states to go this extra step. We'd have to come at this a
> different way.
>
> 1(e) Sorry to do this to you again, but any chance for a sentence that
> would work for you?
>
>
>
>
> ----- Original message -----
> From: "Michelle Childs" <michelle.childs@cptech.org>
> To: "Nick Ashton-Hart" <nah.maillist@fastmail.net>
> Date: Tue, 30 May 2006 08:46:06 -0400 (EDT)
> Subject: Re: [A2k] Paris TACD Meeting: Draft 'understanding' on RMI and
> TPMs
>
> Nick
> Thanks for this helpful first draft. I have a couple of initial
> comments:
>
> 1) This is intended to be a section in a wider document, but it may
> nonetheless be helpful to put it in context. A number of groups are
> opposed to the use of TPMs or RMI's at all. This section, as I
> understand
> it is drafted on the basis that where they are used( and there are many
> on
> the market now) , these principles should apply, rather than a wholesale
> endorsement of their use?
>
> 2) I think it would be helpful to add a few things to the principles you
> set out:
>
> a) A caveat that nothing in these principles would prevent the use of
> alternative models. For example some providers are using flat fees.
>
> b)In relation to RMI's the issue may not be restricting access but it
> does
> raise quite profound privacy issues. There needs to at least be a
> reference to data protection principles. For more on this see the TACD
> resolution on TPMS.( www.tacd.org)
>
> c) you refer to 'Be used to prevent access, or make access unreasonably
> difficult, for a use that is covered by an exception or limitation to
> copyright in connection with the works and/or performances in question
> were they acquired in any non-digital form;' I am concerned that using
> as
> a benchmark what is allowed for a non digital form may lock in current
> non
> digital usage ( which are already inadequate for some digital uses)
> rather
> than anticipate new uses- this can be dealt with by drafting. Either
> remove ref to non- digital form or preferably expand to cover broader
> consumer usage. See beuc digital rights campaign for examples of what
> some EU cosnumer orgs have been calling for in this area. Or are you
> intending this borader usage issue to be covered by the fair use
> principle?
>
>
> d) Remedies for breach. I think the current draft misses one of the
> most
> important points behind the pre registration regulatory regime idea,
> which is that unless the TPM passes this clearance procedure they DO NOT
> BENEFIT FROM THE LEGAL PROTECION AGAINST CIRCUMVENTION. The draft does
> not
> mention this but instead introduces a new idea that there should be a
> trustmark to show that it does comply. Leaving aside whether such a
> trustmark is necessary, such an omission weakens the idea, which is to
> both provide a process for review and wide public debate but also an
> incentive to comply with public interest and copyright exemptions.
>
> Under the US and EU copyright laws DRMs automatically aquire legal
> protection against circumvention. The regulatory clearance idea is that
> instead of provding automatic legal protection to DRM regimes, vendors
> of
> DRM regimes or publishers are required to first register their
> systems,
> in order to apply for protection. Only registered systems would benefit
> from the anti cirumvention protections under copyright law.
> Regsitration would not be automatic and would involve an evaluation of
> the
> system and negotiations over features of the system to protect user
> rights.
>
> For example, Adobe might apply for anti-circumvention protection for a
> particular version of its ebook publishing technologies. In doing so, it
> could be asked to explain how the DRM regime will respond to legitimate
> uses of the works under public (rather than private) standards for
> access.
> The legal protection would not then be forthcoming, until the regulator
> was satisfied that the DRM regime did not inappropriately restrict
> access
> to the work
>
> Its therefore important that the link between registration and
> protection
> is restored in the draft.
>
>
> e) While I support the call for a simplified and effective adr system,
> under the anti-circumvention provisions in EU and US law the burden is
> now on users to enforce their rights if a DRM scheme infringes them,
> rather than on rights holders to respect exceptions and prove breach,
> which is why its important to reverse some of the incentives as above.I
> also think that as a last resort, there should be the legal right to
> circumvent such drm, to make use of exceptions and limitations .
>
>
> I hope these comments are helpful.
> Michelle
>
> > --
> > [ Picked text/plain from multipart/alternative ]
> > Good morning A2Kers everywhere!
> >
> > For those that do not know me, I'm helping the TACD Secretariat with th=
e
>
> drafting of the Paris Accord for that meeting as it relates to music. My
> background is as a music manager, and also the former
>
> > Executive Director of the International Music Managers Forum (which
>
> represents the managers of popular featured artists worldwide);
>
> > during my time at the IMMF - and I'm glad to say that the current
>
> management of the IMMF have continued to work in this area - I was a
> strong proponent of the audience - represented by consumer groups - and
> the artists - represented by themselves and by those who they have
> charged with protecting their interests - working together for their
> mutual interests.
>
> > I believe that consumers and creators are natural allies who should wor=
k
>
> together to see that the commercial exploitation of music serves the two
> ends of the "product chain" rather than serving those in the middle who
> are supposed to make the music of the world as accessible as they can.
>
> > In January of this year, I was asked to speak to the Legal Affairs
>
> Committee of the EU Parliament in a debate on the forthcoming
>
> > directive on IP enforcement. The speech that I made was written by
>
> myself but substantial elements were contributed by the
>
> > representatives of audiovisual performers (FIA), independent record
>
> producers (IMPALA) and music managers (IMMF). Part of that speech was a
> rather pointed condemnation of the way in which DRMs are being used by
> intermediaries not for ends which actually work for anyone, but for ends
> which don't really work - and do harm the interests of many.
>
> > Out of that grew an interest by NGOs connected with the music world to
>
> seek a dialogue with consumer representatives on whether we can jointly
> agree an approach, politically, in relation to DRM technologies.
>
> > As a part of the drafting work I'm helping with for the TACD
> > Conference, I have prepared the text below as a starting place for that
>
> discussion. The principles behind it come out of the speech I mentioned,
> but at this point it is time to see what others think of it.
>
> > It would clearly be a major thing if we could come out of the Paris
>
> meeting with some kind of common understanding of how to deal with DRMs,
> and the protection of RMI and TPMs which underpin them. I offer the text
> below to you in the hope that it may get us at least part of the way
> "there". If we can get something that we can agree on, we can of course
> attach this to the Paris Accord, though I would submit that the issues
> surrounding these technologies are so contentious and important that it
> merits a separate document of this kind as well.
>
> > This text is not sponsored by any NGOs, nor has it been reviewed or
>
> agreed by any of them; It has been drafted by me, though I have tried
> to keep in mind the interests and views of both creators and consumers
> in drafting it. I'm sure that all will be very happy to tell me just
> what they think!
>
> > I'm forwarding the text to CPTech and TACD so that it can be made
>
> available for download since the A2K list doesn't allow attachments.
>
> > -------------------------------------------
> >
> > Rights Management Information (RMI) and Technical Protection Measures
>
> (TPM) when applied to works and performances under copyright are
> increasingly protected by law in countries throughout the world, to
> comply with the provisions of the WIPO Internet Treaties of 1996. These
> technologies when used together are most commonly known as Digital
> Rights Management (DRM) and have frequently been implemented in ways
> both Consumers and Creators see as harmful to their interests.
>
> > Instead of being used to provide essential information about creative
>
> goods, and provide an interoperable infrastructure for the
>
> > development of new business models to make more flexible access to
>
> cultural goods possible, these technologies are used by
>
> > intermediaries to unreasonably restrict legitimate use by the public
>
> without the consent or involvement of the creators.
>
> > There is a clear failure of the marketplace to provide
> > implementations of these technologies that are constructive,
> > interoperable, reasonable, and equitable. Despite repeated calls for a
>
> rethink of the current uses of these technologies by the consumer
> movement, creators themselves, and even independent phonogram
>
> > producers, the abuse of these technologies continues =96 indeed, in man=
y
>
> countries, the abuses continue to become more serious.
>
> > Creators and Consumers agree on the following principles and believe
>
> that they should be given the force of law in any part of the world
>
> where RMI and TPMs are themselves the subject of legal protection:
> > That the use of RMI to provide information about a work or
> > performance, those who created it, and their rights in their
> > creations, is useful, as long as:
> > The information is accurate, and;
> > The RMI is used to provide information, not as the basis for a TPM. Tha=
t
>
> RMI be used constructively =96 such as providing the
>
> > =91informational backbone=92 facilitating the development of new busine=
ss
>
> models that make creative goods available more flexibly, to more of the
> public, by helping the development of systems to equitably
>
> > remunerate creators and rights-holders based upon actual uses of
>
> cultural goods in the digital environment equitably and transparently.
> That the abusive use of TPMs be prevented by obligating vendors of these
>
> technologies to assure that they cannot:
> > Prohibit, or limit, access and/or use which is lawful with respect to
>
> the works and/or performances being protected,
>
> > Be used to prevent access, or make access unreasonably difficult, for a
>
> use that is covered by an exception or limitation to copyright in
> connection with the works and/or performances in question were they
> acquired in any non-digital form;
>
> > Prohibit, or limit, access and uses which would be possible when the
>
> same materials are acquired in physical form,
>
> > Prohibit, or limit, access and uses which would be viewed as =93fair us=
e=94
>
> or =93fair dealing=94 by a reasonable person;
>
> > Be deployed without the active, informed consent of the creators and
>
> relevant rights-holders;
>
> > Fail to interoperate across devices like personal computers, mobile
>
> communications devices, and consumer electronics which might
>
> > reasonably be used by the public;
> > Prevent access and use, or make access and use difficult, to anything
>
> that is in the public domain;
>
> > The extent and nature of any limitations these technologies may
> > impose on the user should be clearly visible on any product or
> > service so that the members of the public may make informed choices;
> >
> > We believe that an essential component of giving legal effect to the
>
> above is the following:
> > A regulatory regime that requires the application for advance
> > registration and testing of new TPMs by an independent agency to ensure
>
> that they comply with the rules governing their use as
>
> > outlined above. Successfully passing the tests should allow the
> > vendor of the TPM to display a mark that makes clear that the TPM has
>
> been approved and certified, giving the public, and the creator
>
> > community, confidence that any restrictions imposed by the TPM are both
>
> within the law and reasonable;
>
> > In the instance that, despite the safeguards above, a TPM is used which
>
> breaches the above principles, an affordable, expeditious, and
> transparent complaint mechanism is available for members of the
>
> > public and the creator community to use. The process should be
> > capable of requiring that breaches of the above principles by vendors
>
> and/or those who make use of infringing TPMs must be remedied, and where
> relevant, egregious infringements allow for fines to be levied which are
> sufficient to form a deterrent to future infringements.
>
> > --
> > Regards,
> >
> > Nick Ashton-Hart
> > PO Box 32160
> > London N4 2XY
> > United Kingdom
> > Tel: +44 (20) 8800-1011
> > Fax: +44 (20) 7681-3135
> > mobile: +44 (7774) 932798
> > email: nashton@spamcop.net
> > Win IM: ashtonhart@hotmail.com / AIM/iSight: nashtonhart@mac.com /
>
> Skype: nashtonhart
>
> > Online Bio: https://www.linkedin.com/in/ashtonhart
> >
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > A2k mailing list
> > A2k@lists.essential.org
> > http://lists.essential.org/mailman/listinfo/a2k
>
> --
> Michelle Childs -Head of European Affairs
> Consumer Project on Technology in London
> 24, Highbury Crescent, London, N5 1RX,UK.
> Tel:+44(0)207 226 6663 ex 252.
> Mob:+44(0)790 386 4642. Fax: +44(0)207 354 0607
> http://www.cptech.org
>
> Consumer Project on Technology in Washington, DC
> 1621 Connecticut Ave, NW, Washington, DC 20009 USA .Tel.:
> +1.202.332.2670,Fax: +1.202.332.2673
>
> Consumer Project on Technology in Geneva
> 1 Route des Morillons, CP 2100, 1211 Geneva 2, Switzerland
> Tel: +41 22 791 6727
>
>
>
>
>
> _______________________________________________
> A2k mailing list
> A2k@lists.essential.org
> http://lists.essential.org/mailman/listinfo/a2k
> -------------------------------------------------------------------------=
--
>------------ Orange vous informe que cet e-mail a ete controle par
> l'anti-virus mail. Aucun virus connu a ce jour par nos services n'a ete
> detecte.
--
Philippe Aigrain
(message personnel)