SunMink

Simon Phipps's other Weblog
(a WebMink in the Sun)

Happy Document Freedom Day

Happy Document Freedom Day! Today, March 26th, is the first such global celebration of open documents. When I look back to 2002 and the ridicule that we faced when the first proposed that the world needed a stanard for office productivity documents, it's amazing to see those same mocking voices six years later advocating XML-based open document formats as if they thought of the idea!

We still have a long way to go. There is more to this than just standards. Our freedom depends on being able to implement, being able to influence future evolution and on having collective ownership of document standards. Today, only ODF offers the hope of that so here's to the ISO 26300 Open Document Format today, Document Freedom Day.

Responding to the EU on DRM

In response to a request from the European Union concerning DRM and interoperability, Sun has submitted a lengthy written response. Preparing for and reviewing the response with colleagues took me back to my earlier article, DRM and the Death of a Culture. My tendency is always to look for a guiding principle rather than to seek a set of rules, and in this case it's about quantization of discretion. Here's what I wrote:

People talk of "fair use" but what they actually mean is that we all depend on the exercise of judgment in every decision. Near the "bulls-eye" of copyright we're all clear what is what, but as Lessig eloquently explains in Free Culture, in the outer circles we have to make case-by-case judgments about what usage is fair and what usage is abuse. When a technologist embodies their or their employer's view of what's fair into a technology-enforced restriction, any potential for the exercise of discretion is turned from a scale to a step and freedom is quantized.

It strikes me that the inherent quantization of rights is what makes DRM at best undesirable and at worst a guarantee of cultural Alzheimer's. I was thus delighted when a very senior Sun executive insisted that the position paper include the following paragraph:

Before we discuss interoperability in detail, we would like to emphasize this last point. Sun believes that DRM should be a solution only when necessary. DRM should never restrict the user's ability to utilize the content in legally-permissible ways. With this in mind, any DRM system must be open, fully interoperable, and free from hidden IP licensing burdens that effectively re-close the system economically. Indeed, in the spirit of the company that supports OpenOffice.org, Sun believes that the Commission's stance should enable it to be possible to create a free version of any DRM system used in the EU!

Of course, I am personally among those who believe it is never necessary to apply Digital Restrictions to content, but I'm very pleased that Sun is taking a position that DRM should not be assumed to be automatically a part of the entertainment business.

Roman Canaries

Today I had the privilege of speaking to a large and distinguished international audience in Rome, DFIR, considering the creation of a "Bill of Rights" for the Internet as a part of the ongoing IGF process. Many presenters spoke about privacy, about access to knowledge, about the need to build on the well-established corpus of wisdom in existing statements on human rights. Listening through the morning, it became apparent that most people were taking for granted the technical basis on which the Internet was created.

Thus in my speech I decided to take the opposite approach, taking as given the obvious need to establish human rights of privacy, access, free speech and non-discrimination and look at the technical foundations. The Internet exists because of three realities - informally constituted but still consistently real. We have to remember the heritage of the net if we are to protect higher-order rights for its future. Those are

• Open Standards - a Bill of Rights should establish the responsibility to ensure interface interoperability within every layer of the Internet's architecture, including the “application layer” and its myriad file formats, protocols, schemas, and application programming interfaces.
• Open Source - a Bill of Rights should establish the responsibility to ensure that is it legally, technically and practically possible for software applications to be equally available under both open source and propriety source code models.
• Open Access - a Bill of Rights should establish the responsibility to ensure the ability of any end-point on the network to connect to any other correctly configured end-point is available to every other end-point without unreasonable obstruction.

The Sentinel Principle

And so to canaries. It struck me during this that Free software plays an important role over and above delivering the liberty to use software one can inspect and alter. It also serves as the canary in the coalmine for the word "Open". Standards are truly open when they can be implemented without fear as Free software in an open source community. Open source communities are very sensitive to and wary of aspects of a standard that limit or otherwise harm their freedom. As the case of SenderID proved, they spot things for which others have a blind spot or have been gamed.

Whether or not you use the Free software itself, if it doesn't exist then the standard you're considering may well involve the sort of harmful, invisible agent that canaries were used to detect in an earlier age. I know there's plenty of discussion about the precise definition of "open standard" - maybe the best approach is not to define it but rather identify when it is not present using a sentinel.

I'd not want to confuse "Open Standards" with "Open Source" - their only link is that open standards implemented as open source create optimum freedom - but this additional sentinel role for software freedom just might be the answer to a tricky semantic issue in the current public policy arena.

No canaries were harmed in the preparation of this posting.

Last Chance on Euro-DMCA

I wrote to my MEPs last week (that's Members of the European Parliament) using the wonderful Write To Them about IPRED2. Here's what I said, in a personal capacity:

Dear Daniel Hannan, Peter Skinner, Ashley Mote, Caroline Lucas, James Elles, Sharon Bowles, Nirj Deva, Richard Ashworth, Nigel Farage and Baroness Nicholson of Winterbourne,

I note that the IPR Enforcement Directive comes to vote soon at the European Parliament. I am very concerned with this legislation and with the chilling effect it is likely to have on the emerging culture and economy of the Internet. By providing established large businesses with a new tool to exploit, we risk the dampening of the innovation that is happening online.

This is an unproven area, and as the US experience with the DMCA shows, unleashing powerful sanctions at the behest of existing businesses results in random abuse rather than its prevention. This directive may have aspects which lobbyists from the drug, software and communications industries can make sound appealing, but it will restrain open source software development in Europe and the pioneering of new European businesses. It is only pro-innovation for those with existing monopolies or near-monopolies.

If this directive had been in place before, Oracle could have crushed MySQL, Microsoft could have crushed OpenOffice.org and Skype would never have happened. Please vote against it.

Yours sincerely,

Simon Phipps

I said "against" since the e-mail was already long enough without articulating the pros and cons of each proposed amendment - I know they will get the point! So far I have had placeholder responses from Lucas, Bowles and Mote and a real reply from Farage. I've offered to discuss the legislation with any of them that want to contact me direct.

As Glyn and Cory both point out, if you are a citizen of a country that is a member of the EU, today is probably your last chance to beg your representatives not to cave to the unholy alliance of drug, media and software companies that wants to make criminal sanctions available against copyright and patent abusers. It needs to remain a civil matter, and the proposed amendments do their best to keep it that way.

Branding Scar

While it's currently fashionable to knock Google, I can't help agreeing with both The Register and GMSV in supporting them over the defence of their brand. Anyone with even the most passing understanding to trademark law will be familiar with both the problem of a brand becoming generic and how you prevent it.

It happens when, through the neglect of the brand owner, a term gets used colloquially as a part of speech rather than in specific relation to the product or company it refers to. Famous losers in the US are kleenex (as in "I blew my nose in a Safeway's kleenex") and xerox ("go make a xerox on that computer will you"), and famous winners are Coke (which is why asking for a coke in a restaurant that sells only Pepsi gets you corrected every time in the US).

Every marketing professional with half a brain knows that a brand owner has no choice but to send a letter asking anyone they notice mis-using their brand to stop doing it. They may not want to, and it may not be a 'cool' thing to do, but there's no choice - defend it or see your failure to do so in any particular case being used to prove you don't care about your brand. In this case, Google has been as cute about it as possible, using humour so subtle some people aren't spotting it. They are also being consistent, having sent polite and not especially threatening letters to pretty much everyone since at least 2003.

So if this is obvious, common practice, required by law, and consistently carried out in a reasonable way since 2003, why are obviously experienced marketeers like Steve Rubel and the Boing Boing gang attacking Google over it? Seems to me it's more to do with their agenda than Google's behaviour. Posted by webmink ( Aug 14 2006, 11:44:00 PM PDT ) Permalink Trackback

Breach of Contract?

They are my personal views, so I have made sure you can't possibly mistake them for Sun's views by writing about software patents over on Webmink.

Is DReAM A Nightmare?

Reading Cory Doctorow's article discussing the junction of DRM¹ and Free/Open Source Software (F/OSS) and then Andrew Orlowski's interviews in The Register over the weekend, I have to say that I agree with much of what Cory has to say² concerning Sun's Project DReAM.

In my view, the project has unfortunately conflated two different debates. By invoking F/OSS it automatically brings with it the worldview that implies. In the dialectic of that world, software is considered to either promote liberty or to promote monopoly, with F/OSS always promoting liberty. By associating DRM (which can never promote liberty) and F/OSS (which always does), anyone is guaranteed to come across as initially clueless, it is a semantic inevitability. This is the justified attack that Cory makes and he has my respect and broad agreement in making the point.

However the experimental project is licensed³, it doesn't change the fact that Sun groks software freedom. We've realised that the business of software doesn't depend on keeping the source code secret - in the networked era that simply limits the opportunities. Freeing the source code and opening up development to communities is becoming an instinct - one the DReAM team has rightly followed.

Is There A Place for Pragmatism?

But to my eyes, Project DReAM is not an open source play. I can't help believe that DRM will be a fact of life for at least the next five years. My view is that it's a disaster for modern culture, not least because it destroys "fair use" rights by quantising discretion. But, like death and taxes, it seems inescapable. So given we have to head into this void, the DReAM approach is to try to create a system that is the least worst option.

The truth remains that as people create IPTV systems and music distribution systems and more, they will use DRM, even if it is bad for the customer. It seems churlish to let the stuff Big Media is churning out place a generation of culture out of the reach of the ordinary citizen - to not play is to guarantee that, if Tim is wrong and this stuff takes hold, it's all the domain of the bad guys. As comes across from David Berlind's interview with Tom Jacobs, surely there is room for technology experimentation to see if it's possible to find a way to defend fair use in a world hell-bent on eliminating it? That seems to be the point Lawrence Lessig was making:

We should have laws that encouraged a DRM-free world. We should demonstrate practices that make compelling a DRM-free world. All of that should, I thought, be clear. But just as one can hate the Sonny Bono Act, but think, if there’s a Sonny Bono Act, there should also be a Public Domain Enhancement Act, so too can one hate DRM, but think that if there’s DRM, it should be at least as Sun is saying it should be.

I agree with Lessig (and Richard Stallman). Within that frame, I've been happy to support the (definitely incomplete) experimentation that Project DReAM represents - flat refusal to explore the space is unsatisfyingly dogmatic. I'll carry on watching, with an open mind, but for now I'm mostly with Cory.

Limited Indemnity?

Help me here. I thought one of the key advantages of buying software from a corporation was they protect you from patent claims - part of something called "indemnification". It's what Sun did with Kodak when Kodak managed to persuade a Rochester court that a patent they bought was valid and infringed by the Java environment (despite the prior art). Sun took the $90M bullet and saved Java developers and deployers from having to change anything.

So why exactly are all Microsoft's customers being told to upgrade Office or face a lawsuit? Microsoft lost the case, paid damages but does not appear to have bought a license to the patent. So all its customers remain at risk from a patent lawsuit themselves, unless they update their software to use Microsoft's work-around. Did one of the world's richest and most aggressive companies just fail to indemnify their customers? Surely not.

Open Media Commons Workshop

I notice that the Open Media Commons (the initiative to create open and open source DRM) has announced a workshop in California on March 15-16. Looks worth investigating and registering early - and they are inviting presentation proposals too.

DRM and the Death of a Culture

I had the privilege of delivering a keynote at the Open Source Meets Business conference in Nürnberg, Germany this week (delegates will find my slides online as a PDF). I travelled there from an engagement in Paris, and took the Metro/U-bahn² in both places. There was a very visible difference between the two experiences.

In Paris, I bought my Metro ticket and then used it in an automated barrier to reach the platform. I noticed lowlife furtively scanning the station and then vaulting the barriers, and I saw armed police at the station to catch the thieves doing this (they didn't catch any that I saw, and there were several of each at each station).

By contrast, the U-Bahn in Nürnberg has no barriers. I bought my ticket, boarded the train without fuss, there was no risk of being shot by a policeman targeting a barrier-vaulting cheat, and the system was still clean, efficient and well-used.

This all sprang to mind when a conversation about DRM followed the GPLv3 item up over on Stephen's blog. A comment writer (Christopher Baus) said of DRM:

I might be the only technologist on the other side of the DRM fence. To me it is like checking my lift ticket when I get on the ski lift. I might find that a bit annoying, but if ensures the resort can stay in business from collecting ticket money, then that is a net good thing for me. If the ski resort goes out of business I can't go skiing, and I would resent those who got on the lift w/out paying.

I think there are quite a few people around who have Christopher's view, which is unfortunately rather simplistic. DRM - the imposition of restrictions on usage of content by technical means - is far more than that. It's like checking the lift ticket, yes, but also the guy checks you are only wearing gear hired from the resort shop, skis with you down the slope and trips you if you try any manoeuvers that weren't taught to you by the resort ski instructor; then as you go down the slope he pushes you away from the moguls because those are a premium feature and finally you get to run the gauntlet of armed security guards at the bottom of the slope checking for people who haven't paid.

DRM's Collateral Damage

The problem with technology-enforced restrictions isn't that they allow legitimate enforcement of rights; it's the collateral damage they cause in the process. In my personal opinion the problems are (very concisely) that they:

1. quantise and prejudge discretion,
2. reduce "fair use" to "historic use",
3. empower a hierarchical agent to remain in the control loop, and
4. condemn content to become inaccessible.

To go into more depth on those:

Technology-enforced restrictions quantise and prejudge discretion

People talk of "fair use" but what they actually mean is that we all depend on the exercise of judgement in every decision. Near the "bulls-eye" of copyright we're all clear what is what, but as Lessig eloquently explains in Free Culture, in the outer circles we have to make case-by-case judgements about what usage is fair and what usage is abuse. When a technologist embodies their or their employer's view of what's fair into a technology-enforced restriction, any potential for the exercise of discretion is turned from a scale to a step and freedom is quantised.

Technology-enforced restrictions reduce "fair use" to "historic use"

The natural consequence of having the quantum outlook and business model of one person replace the spectrum of discretion is that scope for new interpretations of what's fair usage in the future is removed. Future uses of the content involved are reduced to just historic uses the content had at the time it was locked up in the DRM wrapper. The law may change, the outlook of society may mature but the freedom to use that content according to the new view will never emerge from the quantised state the wrapper imposes. The code becomes the law, as Lessig again explains in Code. As others have pointed out, "fair use" is forward-looking, "historic use" is ossifying.

Technology-enforced restrictions potentially empower a hierarchical agent to remain in the control loop

When use of content depends on a technology from a single vendor, as is currently universally the case, that vendor effectively becomes the gate to ongoing use rather than the actual copyright owner. A great argument for an alternative approach like the open source, distributed-identity-based scheme in Project DReaM. What's much worse, though, is that the restrictions don't go away when the rights they are enforcing do. Copyright eventually runs out, but technology-enforced restrictions never do.

Technology-enforced restrictions condemn content to become inaccessible

As DRM's outspoken critic Cory Doctorow points out, DRM condemns content to suffer the fate which for documents I call corporate Alzheimer's. Each of the problems above combine in a 'perfect storm' to create a content owner's dream world of built-in obsolescence and repeated opportunity to sell the same content to the same people all over again if they actually like it enough to use it. Meanwhile, our collective cultural memory gets locked up in instances which become inaccessible on the occurence of the first one of:

• The content being 'turned off' by a usage rule
• The implementation of the restriction mechanism is obsoleted by an "upgrade" of the host system
• The original medium degrades into uselessness but couldn't be copied
• A part of the "phone home for authorisation" chain goes out of business
• The original license is no longer applicable (for example because your children have inherited the media but not the digital key)

Thus your children won't get to play your music, show your favourite films, share your culture, with your grandchildren because they won't inherit anything containing that from you that's usable.

Complacency leads to servitude

Christopher went on to express his complacency over the whole situation:

IMHO if DRM isn't good business it will go away. Simple as that. No need to worry.

Except the prior market power of huge corporations is being used to project it into markets in a way that distorts market forces and conceals the lack of ethics and the erosion of the social contract behind rights law. What if it's good business but bad humanity? What we're seeing here is the 21st century equivalent of enclosure - indeed, the comment by More from Utopia rings eerily true:

... not contented with the old rents which their farms yielded, nor thinking it enough that they, living at their ease, do no good to the public, resolve to do it hurt instead of good. They stop the course of agriculture, destroying houses and towns, reserving only the churches, and enclose grounds that they may lodge their sheep in them.

It's clearly right to "pay the labourer a wage" but is that enough excuse to also condemn culture into the memory hole and enforce an economy of constant repayment for the same stuff? Is there a solution?

If there is, it will surely involve a fundamental rethink of rights legislation - patents and copyrights - that goes back to the social contract on which both are based³, giving limited and temporary one-time rights in exchange for the enrichment of society. We've forgotten that was the root of the whole system, and corporations now have the sort of entitlement culture they deride in individuals.

We also need the invention of schemes like the Open Media Commons that allow the technological equivalent of the Nürnberg U-Bahn for content and OpenDocument that guarantees future access to today's documents. And we need to recognise the point at which schemes like iTunes finally funnel us away from circumventable almost-locks into real servitude and not give in to the intentional seduction⁴.

But whatever the answer, we need it soon, because we're rushing headlong into a world that will be doomed to forget its culture and history - if it doesn't keep paying the protection money. As a card on my wall reminds me, "the biggest enemy of freedom is a happy slave".

1. The title is a reference to Rookmaaker's influential religious book discussing how modern art signals an inner decay of society.
2. That's the subway/tube/underground railway - interesting how even in English there's no agreement what to call it. Just to complicate matters further, it was actually the RER that I took...
3. As I have commented on Groklaw, in the US Constitution you'll find this social contract in section 8, clause 8. The core assertion in my article is that the beneficiaries of those monopolies have become addicted to them and now want to make the monopolies permanent without amending the Constitution (or equivalent elsewhere). Payment for creative work is still justified; requiring payment in no way necessitates junking the constitutional limitation on the monopoly of rights. But the sole focus of the technology industry so far has been to do just that, at the behest of customers who want to make temporary monopolies permenenat.
4. James Governor has been hammering me on this one for a while. I'm happy enough to use iTunes all the time there's a way to get real MP3s of my purchases that's not too much fuss as it also makes me take backups. But I'm pretty close to giving up on them because of their "5 users" limit (as a household we have 5 machines so we have to keep a careful eye on authorisations), and I don't buy their videos because I can't get unencumbered versions that will live on when iTunes dies.

French law to require rewrite of all connected software?

Sun is very deeply concerned by the proposed VU/SACEM/BSA amendment to the DADVSI law project forbidding software designed for sharing copyrighted matarial, and not equipped with technical measures since the definition is so broad that it could embrace software such as some of Sun's commercial offerings like Java System Web Server, Java System Messenging Server, Open Solaris, as well as other proprietary and open-source software that drive the internet, like Apache Web Server, Linux...

It appears necessary to take more time to examine all the implications for the rest of the industry of such an amendment rather than proceding at the request of a single interested party

It seems that those drafting the amendment didn't really understand the reach of the words they were using. This is what happens when you let interest groups write law, I suppose.