I attended the 83nd meeting of the Copy Protection Technology Working Group at the Sheraton Gateway Hotel at LAX on September 1.
Congress does not do much work during the summer, so there was no progress on any of the pending legislation. The very controversial and dangerous Induce Act will be amended in order to increase its chances of passage.
The FCC approved the details of the Broadcast Flag rule. This was covered in my August Report. The Ninth Circuit Court of Appeals delivered a decision on MGM vs Grokster. This was also covered in my August Report.
On August 31, a decision was delivered on Chamberlain v. Skylink. Chamberlain makes automatic garage door openers. Skylink makes replacement remote controls. Skylink reverse engineered Chamberlain's system in order to create a control that opened Chamberlain's doors. Chamberlain complained that this was a violation of the DMCA (Digital Millennium Copyright Act). The Court found in favor of Skylink:
The DMCA does not create a new property right for copyright owners. Nor, for that matter, does it divest the public of the property rights that the Copyright Act has long granted to the public. The anticircumvention and anti-trafficking provisions of the DMCA create new grounds of liability. A copyright owner seeking to impose liability on an accused circumventor must demonstrate a reasonable relationship between the circumvention at issue and a use relating to a property right for which the Copyright Act permits the copyright owner to withhold authorization-as well as notice that authorization was withheld. A copyright owner seeking to impose liability on an accused trafficker must demonstrate that the trafficker's device enables either copyright infringement or a prohibited circumvention. Here, the District Court correctly ruled that Chamberlain pled no connection between unauthorized use of its copyrighted software and Skylink's accused transmitter. This connection is critical to sustaining a cause of action under the DMCA. We therefore affirm the District Court's summary judgment in favor of Skylink.
This is a good decision for Consumers and CE Manufacturers. It is a disappointment for the Studios because they are attempting to use the DMCA to create new property rights.
The CTO of MPAA explained that the device revision messages that are a feature of most DRM systems are not always delivered to all devices, and can be inadvertently stripped from programs when copied. They are proposing standards for inserting SRM (System Renewability Messages) into the the MPEG SPTS (Single Program Transport Stream). This will require changes to DTCP and other schemes. Most of the effected standards are already frozen, so I don't know if MPAA is going to be able to complete this change.
Cryptography Research presented a report on the security of Cryptographic Hash Functions. Many cryptographic security schemes (including most DRM schemes) rely on Cryptographic Hash Functions. One property of these functions is that it is virtually impossible to create two files having the same hash.
Xiaoyan Wang of Shandong University has found a method of creating hash collisions with the MD5 algorithm in about an hour. There are some applications of MD5 that are still secure for the moment, but MD5 has been compromised, and is no longer deserving of trust.
SHA-0 has also been cracked, but SHA-1 has not. SHA-1 has a feature that was added by the NSA (National Security Agency) without explanation which prevents this new attack. SHA-1 is still secure.
This company claims to have a magic chemical than can be used in the manufacture of DVDs that can prevent bit-for-bit disc cloning. I am very skeptical of their claims.
The FCC's approval of TiVo's TiVoGuard must be very troubling for MPAA, since it allows Consumers to make copies of Broadcast Flag programs and send them to others over the Internet. MPAA is trying to create the perception that all unpaid copies are evil and illegal. The FCC, by making a rule which explicitly allows citizens to make and distribute a reasonable number of free copies, makes MPAA look foolish.
After the public CPTWG meeting, MPAA had a private meeting called "TiVo". I do not know if this is a meeting with TiVo or, more likely, a meeting about TiVo. No one from TiVo was at the public meeting.
I expect MPAA will take some sort of action, but I don't know what.
The next meetings are Oct 13, Dec 8, Jan 11, Feb 23, and Apr 14.