By Alex Salkever Should the music industry be allowed to look through files on your home computer in search of pirated content? Congressman Howard Berman thinks so. The California Democrat -- who represents Burbank and Hollywood -- announced in a speech to the Computer & Communications Industry Assn. on June 25 that he intended to introduce legislation this summer that would award copyright holders an exemption from existing computer crime laws.
Current laws proscribe cyber break-ins, but the Berman exemption would allow record companies, software companies, movie studios, and video-game makers, among others, to be exempted when seeking Net pirates. And the companies could go beyond just nosing around. How? Possibly by altering files on offending computers, or by replacing pirated files with bogus files of the same name. The goal would be to make it harder for the millions of people who use peer-to-peer networks, such as Gnutella and KaZaA, to find pirated tunes, flicks, software, and video games.
KNOCK FIRST. Berman believes Internet piracy is doing horrific damage to the content-creation businesses, and he offered statistics to underscore his point. He claimed that in April, 2002, 1.1 billion files -- the vast majority of which were copyrighted works -- changed hands over KaZaA.
Clearly, Berman's concern has some merit. Yet in the U.S., if someone wants to go into your house, they knock on the front door and ask to be let in. Sure, if the door is open, they might not be technically breaking and entering. But that's a lame argument in my book. You don't go in without an invitation or, in the case of the police, without probable cause. The same should hold true in the virtual world.
Among systems administrators and security experts, probing networks -- often referred to as rattling doors and windows -- is considered bad etiquette. Doing so can cause confusion, waste time, and possibly make it more difficult or costly for a company to do business.
GRAY AREAS. Any legal rationalization for private entities breaking into people's computers is extremely troublesome. Legislation such as Berman outlined could sanction corporate vigilantism in a legal area -- copyright and fair use -- where considerable gray remains. At its worst, the proposal could create conditions where "shoot first, ask questions later" becomes the norm. Collateral damage to innocent PC owners and companies far outweighs the value of catching copyright crooks.
The proposed exemption would be narrowly defined to cover instances where copyright holders acted to protect their works from unauthorized use, according to Berman. If the record labels or their brethren happen to cause damage to anyone's computer or network, then the law would contain provisions for awarding damages to victims.
Berman contends that his approach has merit because it's clear litigation won't solve the peer-to-peer piracy issue. The networks are no longer centralized, which means the ultimate costs to pursue legal action against the millions who share pirated files on them -- or even the 1% that are so-called supersharers -- is beyond prohibitive for both sides.
WRONG SOLUTION. Also, because the technology industry hasn't been able to reach an agreement with the content creators on standardized digital-rights-management technologies, Berman says copyright holders should be given other tools to protect themselves. "There really are no other effective remedies. You can't sue every individual who is trading. And digital-rights-management mechanisms don't help once stuff is out in the clear on the Internet," he says.
He further states that only in rare instances would anyone's computer be damaged. And users of peer-to-peer networks have already opened their hard drives to the world.
His points may be well meaning, but this bill isn't the solution. Record labels and other companies are already offering bogus copies of files on unmarked computers hooked to peer-to-peer networks. Users of these networks have noticed it's getting harder for casual sharers to find good copies of popular pirated songs. Furthermore, current laws already prohibit anyone from offering files on peer-to-peer networks that do willful damage to someone else's computer or networks.
TRESPASSING OR WORSE. This is the bottom line: If you want to feed me bogus MP3 files to quell my lust for pirated tunes, that's fine as long as I download them of my own volition from your machine. If you break into my machine -- or even wander into my machine unmolested through open ports -- you're a trespasser. If you change anything, you're a vandal.
Neither the rules of etiquette nor the laws of the physical world need to be -- or ought to be -- tweaked to give the copyright industries additional means to protect themselves. Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column