Vitanuova for 2002 May 24 (entry 1)
< General
Brown-Tien >

I had an interesting conversation about secondary liability recently; I recalled the "capable of a substantial non-infringing use" standard in the Betamax case.

Since copyright industries' lawyers love to emphasize the narrowness of the Betamax holding (even as they sometimes suggest that even such a narrow holding is obsolete in this Revolutionary New Era of Perfect Digital Copies!), I will here suggest that it was, actually, very narrow. The Supreme Court did suggest (I think in dicta) that substantial-non-infringing-use products could be banned in the future (they just had not been banned yet).

This is reminiscent of another copyright-liability case, U.S. v. LaMacchia, where the court was extremely upset that no legislation actually on the books created criminal liability for LaMacchia's behavior (non-commercial copyright infringement). The court suggested that Congress should pass legislation imposing criminal penalties for such behavior, and it immediately did so (the NET Act).

In the years after Betamax, secondary-liability copyright theories died down in court (until digital recording became widespread, whereupon lots of copyright holders started to suggest that various traditional rights were peculiar to the analog-recording world and didn't carry over at all into the brave new digital world). However, secondary-liability legislation did happen in Congress to some extent; the examples I know offhand are the Audio Home Recording Act of 1992 and both the anticircumvention (1201(a), 1201(b)) and Macrovision mandate (1201(k)) provisions in the Digital Millennium Copyright Act six years later. (I could also add the CMI provisions of that Act, but that's a whole other story.)

I'm sure that's not the limit of secondary-liability legislation, because I can think of several other things which Federal law has restricted to deter copyright infringement -- but I don't actually know the legislative history behind those things. The general point is that Congress has, on a few occasions, acted to outlaw things which did have substantial non-infringing uses. And it's not clear that the Betamax case said that Congress could not do so. I'm pretty sure no judge has ever overturned secondary-liability Federal legislation on the strength of Betamax.

OK, but outside of the entertainment industries, we generally believe (or act as though we believed) that "substantial non-infringing use" is the right rule for secondary copyright liability for every technology and not merely for those technologies about which Congress has not yet spoken -- we seem to believe that Congress was always wrong to create secondary liability for the manufacture or distribution of any of these technologies. (Of course, when we complain about things like the DMCA, which eradicate large portions of the substantial non-infringing technology world outright on a single company's say-so, many people reply that secondary liability legislation is routine (1) outside of the copyright law world and (2) also even within the copyright law world since Betamax but you just didn't notice most of it when it happened.)

This suggests that many people treat "substantial non-infringing use" as a kind of moral principle or public policy principle and not just as a characterization of the proper way to interpret the 1976 Copyright Act. We tend to feel, in other words, that the Betamax decision touched on something which was much deeper than the particular question before the Court -- a freedom of innovation or freedom of manufacture.

There is an old legal maxim abusus non tollit usum which goes back long before Betamax -- "tollit" literally means "picks up" but here means something more like "removes" or "takes away", so "(an) abuse does not eliminate (a good) use". And I think this is intuitive to people if you phrase it that way: "Would you want to be prevented from having something or from doing something just because someone else might abuse it?" Most often the answer is no, at least if you're asking about something the person you're talking to actually values. And we always hear that various DMCA-prescribed "circumvention devices" are "(the equivalent of) a digital crowbar", but we can point out easily enough that crowbars are legal. Behold:

This very crowbar was recently seen -- and used -- at EFF! EFF purchases and uses crowbars in its work! Furthermore, the crowbar was displayed openly (in full view of passers-by), and nobody called the police. It was even purchased openly, likely with cash, at a hardware store some time in the past. (Our paralegal/general contractor was doing a little remodeling.)

So there's a particularly excellent irony in the fact that crowbars are a legal technology and readily available to the public; the fact that they can be used by burglars (and often are used by burglars, and crowbar manufacturers are aware of this) has not deterred the manufacture and sale of these implements. And they are obviously very useful for both legal and illegal purposes.

On the other hand, if MPAA attorneys (hi guys!) wanted to employ, or Jack Valenti wanted to employ a more rhetorically effective analogy, they could always resort to "digital lock-pick" (which, in fact, they have used interchangeably with "digital crowbar"). Here in some cases local legislation does restrict who can purchase certain kinds of lock picks, or who can carry them around where. (This has never translated into a suggestion that the speech of people explaining how to open locks, even in technical detail, could properly be curtailed in order to protect the locks. See Chicago Lock v. Fanberg (lock-opening details as protected speech); MIT Guide to Lockpicking (widely disseminated instructions for the same). But note that some MIT hackers felt that "indiscriminate" publication of this information was inappropriate. Secondary liability for pure speech is extremely rare, although some people think that Rice v. Paladin -- the "Hit Man" case -- did provide for that prospect, and the Supreme Court declined to review this decision.)

Returning to this subject, lock picks have substantial legal uses (for example, many people use them to break into their own property or to help others break into their own property; they're also used in emergencies, for educational purposes, and for security research and experimentation). I have tried lock-picking with a pick set (I was remarkably bad at it!) and certainly found it intellectually interesting (as did Richard Feynman, who might actually have broken Federal criminal law now and then with some of his lock experiments at government facilities).

I suspect that most technical people I know would feel that lock picks should be legal for sale to the general public everywhere, and would tend to value their freedom to buy lock picks. And lock picks are actually legal for sale to the public in many jurisdictions (some will require some kind of affirmation or certification).

You can easily shade over into substantial-non-infringing examples with dual-use technologies which can kill, and here opinions start to diverge more sharply. (While some acts of copyright infringement, not to mention l'havdil burglary, have been punished much more severely than l'havdil some acts of murder, many people will feel that the high stakes here are enough to make them reconsider.) You can start with guns, where the substantial-non-infringing use rule has rarely been honored by legislation (though one could certainly argue that the defensive uses of extremely powerful weapons are not "substantial" under ordinary circumstances). Some gun advocates have suggested, in some sense, that it should be. It seems clear that guns can be used legally (even to kill, in self-defense) and that this use is "substantial" -- it happens frequently that lethal weapons like guns are used to an apparently legitimate purpose.

The argument over whether or not guns are an effective means of self-defense (especially for people who haven't been trained in their use) seems like a decoy, since some people do believe that guns will be effective this way for them, and many of them have been correct.

A more interesting question, as I see it, starts by observing that guns are weapons which have been specifically designed to be lethal, to kill people -- a capability it's hard to imagine a just world putting to use. This world as it is finds seemingly just and unjust uses for that capability, and individuals want it. The weapons have not apparently been specifically designed for illegal murder, and they do have substantial legal uses. Starting here, some arguments shade back into a concrete cost-benefit analysis (comparing the number of people killed by guns in various circumstances, or estimating other probabilities), but a deeper question seems to be when a cost-benefit analysis is legitimate. The Supreme Court considered cost-benefit issues raised by the VCR, but subsequently it appeared to articulate what had the ring of an alleged moral principle which we can read to say that cost-benefit analysis was not appropriate in the first place. That is, it doesn't matter, for example, if 90% of users of something are copyright infringers, or 95%, or 98%, if the thing is merely capable of substantial non-infringing use. The percentage doesn't matter, the actual fact-pattern doesn't matter. Does that make sense, and does it make sense for other things, like weapons?

Another corresponding example much in the news these days is government regulation of biological samples used for research (and also radioisotopes of certain types, purities, and concentrations; Cory recently wrote a great piece in which he noted that movie studios seemed to want the humble analog-to-digital convertor treated as though it were one of these dangerous substances). It seems intuitively bad to me to think of researchers being required to register (or get permission) for their research. (And in fact various people have been horrified by the DMCA's effects on cryptography research; the academic world and the computer security world consider it ridiculous that you should need to ask someone before you try to devise attacks on a cipher or cryptosystem.) But controls on hazardous physical materials like explosives, radioisotopes, and biological toxins and infectious agents are being strengthened. And they also seem relatively normal to people (to some extent including the researchers or others whose use of these materials is regulated).

Entertainment industries, as I said, are happy to draw an analogy back to digital technology: I've heard an argument so close to "if we control who can have dangerous materials like U-235, why can't we also control who can have dangerous materials like fast digitizers or Internet nodes?". That argument seems silly, but is there some obvious moral conclusion which shows why it's wrong? Is there a clear reason why we do have a right to some technologies, without having to ask anyone else's assent, or without having to stave off Congressional action? (Here I am assuming arguendo inappropriate things about political philosophy such as that there is a legislature which can properly compel people to do certain things, and obviously that assumption needs to be justified and it's not clear that it is. But that issue isn't the most interesting question this year, or at least not in this diary entry.)

And what would that right tell us about existing patterns of regulation of other technologies? For example, the DMCA and the broadcast flag issue have galvanized opposition among people I know to the "cell phone scanner law", even though it was rarely on the minds of anybody but hams since it was enacted in 1991. All of a sudden, we are thinking again about existing technology mandates, and feeling skeptical about them.

The obvious idea seems to be that secondary liability is a bad thing (1) because it punishes people for things they haven't done ("punishment in advance", "collective punishment") and (2) because it hurts innovation, sometimes. So secondary liability is really about preventing people from acquiring (or helping people acquire) certain capabilities, supposedly as a way of deterring a result which occurs when those capabilities are used in a certain way.

DMCA proponents, for example, might observe at this point that it's quite rare to trust people in general unconditionally with every ability they might want or every ability they might be able to use. So, for instance, you might believe that someone who enters your house without your permission is doing something wrong (and then you might go on to believe that such a person may properly be punished, after the fact, for having done so). Usually you then take an affirmative step to deny the public the ready capability to enter your house without your permission, by locking your doors. You don't necessarily think that this is some sort of imposition on the public's rights. (Of course, if you're John Perry Barlow, you might instead not lock your house, tell a pseudonymous person you've just met where you live, and then publish all the details in an article.)

You could say that the actual underlying wrong here is the trespass, and that a rule against breaking and entering is actually a kind of secondary liability, so that a rule regulating the tools needed to perform an act of breaking and entering is actually tertiary liability. (It's trying to stop people from getting into your house, by trying to stop them from getting the capability to get into your house, by trying to stop them from getting the capability to get the capability to get into your house.) On the other hand, the idea that a security measure deserves legal protection in itself (without a need to prove that someone who impaired or evaded it had a nefarious intent) is old enough that it seems unremarkable. Maybe it ought to be remarkable.

If you believe the misleading sleight-of-hand which suggests that a TPM is like a lock on your door (because a copyrighted work is like your house? so that the NII is like a prison?), then the DMCA's prohibition on circumvention is like banning breaking and entering, and the prohibition on trafficking in circumvention devices is like banning lock picks. They are actually distinct approaches and one of them is further removed from the alleged harm than the other.

Back outside the strange copyright funhouse, you could attempt to prevent terrorist attacks by attacking the capability to mount them, which could mean attacking access to materials which would facilitate those attacks. And U.S. law has certainly gotten involved in regulating the manufacture or distribution of explosives, which, as I noted above, obviously have substantial non-infringing uses (such as demolition, mining, and pyrotechnic displays). For the most part, explosive agents aren't banned, but controlled (although regulations are usually implemented in the form "no person shall do X, except..."). The ability to handle and possess certain explosive devices is limited to licensed members of a licensed profession and this is not just because they have professional training others don't but also because they've identified themselves. A whole culture of identification and documentation exists within these professions. Members have to prove not only that they know how to handle dangerous materials safely, but also that they are a part of a system which has an institutional commitment to following certain laws, and to keeping those dangerous materials within the exclusive control of members of that system.

In some sense this is a straightforward restriction of the freedom of every member of the public (including those who are licensed to deal with explosives, because they have given up a great deal of privacy and autonomy to reach that position). It's not just a safety regulation (concerned with preventing accidents), because it doesn't simply require evidence of knowledge or skill. (To a first approximation, licensure of amateur radio operators is closer to a pure test of skill -- verifying that hams know how radio systems work and know how to avoid injuring anyone or causing any prohibited interference. Licensure of drivers also works that way -- supposedly it's simply a confirmation that a licensed driver can drive safely.) In the explosives world, I think licensure goes far beyond safety rules to prevent accidents. There are also rules which contemplate (and indirectly try to hinder) willful abuse of explosives. These rules know that there will be a human in the loop, let's say an expert human, and they explicitly don't trust that human, explicitly restrict that human in advance on account of that mistrust.

How can we say whether this is right? Legal rules here seem like a patchwork, without a unifying thread, and moral debates about even a single instance of the question, like access to weapons, seem terribly mired. I heard that Thomas Edison said "I'm proud of the fact that I never invented weapons to kill", and there's a tremendous amount of obvious sense in this, for many reasons. I don't think I have to enumerate them. Does that lead to a suggestion that inventing weapons is wrong? Inventing weapons isn't killing, but revealing a capacity for killing -- "you can kill people by..." -- oddly similar to Paladin's decision to publish a manual for hit-men. And that capacity, or the knowledge of that capacity, has non-murderous uses now and then even if it's never used. (Using it in self-defense might also be legitimate, and it's easier to find broad approval if you think about non-lethal weapons like pepper spray, which are still explicitly designed to cause pain and suffering.)

It's commonplace to say that it matters who receives the fruits of some invention ("this technology could fall into the wrong hands!"). But in the crypto debates, the Internet community was adamant about rejecting secondary liability for the abuse of cryptographic technology. (Of course, there was considerable disagreement, and still is, about what constitutes an abuse of cryptography. For example, I can think of at least five positions on whether using cryptography specifically to hide communications from a government is wrong.) One claim was that it was meaningless or impossible to separate "good" users from "bad" users, especially if one wanted to deploy a technology as infrastructure, or publish it or give or sell it to the public. And science and commerce and journalism in general have ideals about openness and against restricting the flow of information or products. It would seem strange to say that some scientific knowledge should be kept secret -- but for hundreds of years, parts of science have been done in secret, and there's still tremendous conflict over this. The default here very strongly favors publication, which means that everyone learns and benefits, for good or ill, and secondary liability seems misplaced. A few parts of technology have been pre-empted and classified, but in the U.S. we can at least pretend that this is a special case and not the ordinary way things work. Which cases are "special"? How do you know?

[Main]
Support Bloggers' Rights!
Support Bloggers' Rights!


Contact: Seth David Schoen