Educational CyberPlayGround ®

THE LAW applies to technology in the following areas


Copyright vs. Copyleft and the Creative Commons


Standard English Language



Standard Technical Language


Was coined by those who wish to claim as "rights" some things which are not actually their rights, or are at best contested. In other words, the "R" in the term "DRM" begs an important legal question. I wish people would instead use the term "TPM" (Technological Protection Measures) because at least it is neutral on whether or not those who deploy them have a "right" to do what they're doing in locking up information. And TPM happens to be the term used in the WIPO treaties, too. ~ Peggy Radin Intellectual Property Professor of Law

The word "Right"

The word "Right" has a specific meaning.

"Constitutionally protected Rights"

"Constitutionally protected Rights"

Article 1. Section. 8. Clause 8:
To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;

A. Michael Froomkin Professor of Law:
The rights that copyright holders get are *statutory* rights, not constitutional ones; the Constitution merely empowers Congress to define what rights are appropriate, and it's done so in a way that creates a set of rights smaller than the set of powers that current technologies seek to claim for the sellers.
One of the problems with D-"R"-M is that the "rights" it seeks to
"protect" usually go well beyond what Congress has legislated -- to a point where they are not rights at all, but just grabby.
Two examples will make this clear.
(1) The Supreme Court has said that we have a right to "time shift" a broadcast -- record it now, play it later.
Some DRM systems try to make this impossible. Calling that "rights" protection is misleading, since what's being stopped isn't part of the right.
(2) The copyright statute gives us all a right of fair use. D-"R"-M that makes any copying impossible isn't illegal -- but it's "protecting" the content in a way that materially exceeds the scope of the right granted by copyright law.
If the average person "knows" something different -- for example
"knows" that Copyright comes straight from the Constitution without the mediating institution of Congress whether acting alone or implementing treaties -- then, once again, the average person "knows" something that ain't so.

DRM is _not_ a legal term;

it's a technical term.

In IT security, when we talk about "rights" we do not mean whatever the local legal meaning for "rights" might be. One would hope that the legal terminology war that has hijacked so much of the X.509/PKI technical work would stop there, where it has already shown to cause more harm than help.
The technical term Digital Rights Management is about "digital rights" -- as in access rights to digital information. Whether those digital access rights correspond or not to legal rights is an open, local and variably-understood question. It may well be that DRM imposes access restrictions that are not legal in some jurisdictions, while they are legal in others. OTOH, technically, "protection" is not the same as "rights". Therefore, DRM and TPM, technically, should not be the same. ~Ed Gerck

CSS - or Content Scrambling System.
CSS is the DRM (Digital Rights Management) that's designed to protect a DVD from its owner. DVD owners forced to do this to comply with DMCA act are often times looked upon with suspicion, as the owner might try to copy the product they own onto a portable device or their home computer. The answer to the demand to copy DVDs came from a product called DeCSS, which stripped away the copy protection, and with it, the dignity of DRM advocates. ~ ke

Seth Johnson:
It isn't the work, ultimately, that we want out of copyright; it's the shared (published) information, the knowledge and understanding and facts and ideas which promote the progress of science and the useful arts. The information within the work, when we make a distinction from original expression, is free to be used. That this is the case is not a mere legal artifice; it is in the intrinsic nature of publishing any information at all. It's nothing new; it's not a result of the digital revolution; it's a result of the nature of information, regardless of the medium or the form in which it is represented -- and this has
Distinguishing copyright and private interest uses of TPMs lets you start sorting things out and begin articulating a sensible policy that lives in the real world. You want to control a transaction, use access control. That's more of a private interest concept than copyright policy is designed to accomplish.
You want to set special terms for exactly what sort of transaction is taking place when someone obtains a work from you, then we need to confront those policy implications forthrightly. But what's going on there isn't really copyright: even though TPMs may be strengthened by enforcement under the misnamed Digital Millennium Copyright Act, the terms that are imposed in these transactions are not really in principle valid under copyright -- and on the other hand they're often not really good models of valid, consensual contractual arrangements.
Now, to look at it from that perspective, contractual arrangements that go beyond transfers of specific exclusive rights that authors hold, are about private interest and they also happen to be consensual; whereas authors may exercise their exclusive rights under copyright even without a consensual contract. There's a deep mismatch there. The rights that we choose to give to authors under a copyright policy appropriate for the digital age have to be considered in this light.
The confusion evaporates after you recognize these distinctions between copyright and attempts to impose prior restraints on how others can use the information contained within expressive works.
I might add, that clarifying the above is completely inconsistent with a basic purpose behind the various attempts to promulgate the notion of "DRM": the idea being to mix copyright policy with private interest perspectives until something very, very different from valid copyright can be established, and a new precedent can be set, that will hopefully trump traditional jurisprudence. If this cannot be accomplished through laws enacted by representatives directly accountable to their constituencies, then the intention is to do so through international treaties enacted by unelected representatives.


8/17/17 Federal court finds online agreements are binding
The district court erred in concluding that the notice of the Terms of Service was not reasonably conspicuous Judge Chin wrote. While it may be the case that many users will not bother reading the additional terms, that is the choice the user makes.

Whether you like or dislike shrink/click wraps, the portion of the ruling noted above is most disturbing.
Back in the 90's many of us opposed the business software companies at many NCCUSL meetings opposing UCC2B / UCITA especially in our demands that ALL click/shrink wraps *MUST* have all terms visible prior to sale. That was a point that we actually won...
It makes zero sense that anyone should be held accountable to a contract (negotiated or not) that's written "and anything else that we wrote someplace else that you can't see at the time you're agreeing to this".
~ Glenn Tenney CISSP CISM

K-12 School

K12 Classroom copyright do's and don'ts.
A K-12 primer for teachers for the classroom.
Music, Video Copyright Law: How can K-12 legally use music for the video project, class project, multimedia presentation, school yearbook on the CD, class website or cable television program, produced at the school?

School's Rights vs. Students Rights Online.

Filtering in the Schools and Libraries restrict access to information

Standards for Electronic and Information Technology (NPRM) Implementation Section 508 Government Usability Requirements of the Rehabilitation Act.

Use the Law To Protect Yourself

Anonymous had a copy of Stuxnet. That would be the most infamous, most complex bit of malware ever written, the world's first weaponized computer virus, which was revealed last year to have crippled much of Iran's nuclear program. First the slightly technical explanation of Anonymous' greatest stunt yet, then the way Stephen Colbert described it. On February 24, Colbert did a lengthy segment on the hack, which by then had become international news. Here's how he played it: “Barr threatened Anonymous by telling the Financial Times he had collected information on their core leaders, including many of their real names. Now, to put that in hacker terms: Anonymous is a hornet's nest. And Barr said, ‘I'm going to stick my penis in that thing.' ” Colbert relayed that Anonymous took down Barr's website, stole his e-mails, deleted many gigabytes of HBGary research data, trashed Barr's Twitter account, and remotely wiped his iPad. “And he had just reached the Ham 'Em High level on Angry Birds,” Colbert said, to much studio laughter. “Anonymous then published all of Barr's e-mails—including one from his wife saying, ‘I will file for divorce'—and Barr's World of Warcraft name, sevrynsten. That's right. They ruined both his lives.” Four days after the Colbert jokes, Barr resigned his post at HBGary Federal.
On February 4, days after authorities had raided some 40 suspected members of Anonymous in connection with Operation Payback, Aaron Barr, the CEO of California-based cyber-security firm and government contractor HBGary Federal, stepped up and asked to be a target. Barr gave an interview to the Financial Times in which he claimed to have identified Anonymous' leadership using social engineering hacks—essentially trolling Facebook and other networks. Barr told the Financial Times he planned to unveil his research at an upcoming security conference.
Brown says Barr had everything wrong. He was about to release names of innocent people whom the feds would then raid. Nonetheless, Anonymous issued a press release, partially written by Brown, conceding defeat.
Then, the very next day, they attacked. Using something called an SQL injection, they broke into the database underlying There, Anonymous hackers found what Brown later described in an article for the Guardian as a “farrago of embarrassments”: a carelessly constructed database, systems running software with known security flaws, passwords poorly encoded, and, worst of all, the same password used on multiple systems. Within hours, Anonymous had destroyed HBGary Federal and its parent company, HBGary. Of course, Brown had called Barr an hour after the hack. He played a recording of that conversation for me. He keeps recordings like these as trophies. As the conversation grows less productive, somewhere around the 10-minute mark, Brown deadpans: “Well, you'll have a lot to talk about at the security conference.” (HBGary later decided to withdraw from the conference.)
The HBGary hack would amount to nothing but lulz—laughs at someone else's expense, the only acceptable motivation for any Anon who isn't one of those moralfags—except that's how Anonymous got its copy of Stuxnet. Someone at the antivirus firm McAfee had e-mailed it to Barr. But, far more important, buried in the 70,000 HBGary e-mails (which Anonymous made available to everyone on the file-sharing service BitTorrent) was clear evidence of a far-ranging conspiracy among several powerful corporate entities to commit what could be crimes. HBGary Federal, along with two other security firms with federal contracts, Berico Technologies and Palantir Technologies, were crafting a lucrative sales pitch to conduct a “disinformation campaign” against critics of the U.S. Chamber of Commerce. Hunton & Williams, the well-connected Washington, D.C., law and lobbying firm that was soliciting the work, also counts as a client Bank of America. The hacked e-mails show that the three security firms were working on a similar proposal to target supporters of WikiLeaks on behalf of Bank of America, which has reason to believe it might be the group's next target.
As February drew to a close and D Magazine went to press, about a dozen House Democrats called for an investigation into Hunton & Williams and the three security firms, saying that the hacked e-mails appear “to reveal a conspiracy to use subversive techniques to target Chamber critics,” including “possible illegal actions against citizens engaged in free speech.”
And so it comes to pass that the kid who first used his computer to feel a girl up, then later found he could use it to mess with furries, now finds himself using it to fight for free speech, of all things.
“Our people break laws, yes,” Brown says. “When we do so, we do it as an act of civil disobedience. We do it ethically.”