[ISN] FC: CBDTPA bans everything from two-line BASIC programs to PCs

From: InfoSec News (isnat_private)
Date: Wed Mar 27 2002 - 01:36:49 PST

  • Next message: InfoSec News: "[ISN] Are hired hackers worth the cost?"

    Forwarded from: Jei <jeiat_private>
    
    ---------- Forwarded message ----------
    Date: Mon, 25 Mar 2002 23:00:02 -0500
    From: Declan McCullagh <declanat_private>
    To: politechat_private
    Subject: FC: CBDTPA bans everything from two-line BASIC programs to PCs
    
    Just in case folks haven't figured out how sweeping the Hollings-Feinstein 
    bill, aka CBDTPA is, well, keep reading.
    
    The CBDTPA says that if I were to write and sell this BASIC program...
    
    10 INPUT A$
    20 PRINT A$
    
    ...after the regulations take effect, I would be guilty of a federal
    felony. That's up to five years in prison and up to a $500,000 fine.  
    Distributing my two-line application without charging for it, either
    via handing out floppies or by posting it on a website would be at
    least a civil offense and, depending on the circumstances, a crime as
    well.
    
    It's no joke. CBDTPA regulates "any hardware or software that
    reproduces copyrighted works in digital form." My program above does
    that, especially if my BASIC interpreter permits arbitrarily long
    strings.
    
    The business end of the CBDTPA says that "a manufacturer, importer, or
    seller" of such software cannot "sell, or offer for sale, in
    interstate commerce, or cause to be transported in, or in a manner
    affecting, interstate commerce" their code unless it "includes and
    utilizes standard security technologies that adhere to the security
    system standards adopted under section 3."
    
    The FCC gets to invent those. But I can't see how my two-line program
    is going to incorporate such standards. If I'm using C, must I
    "#include <sys/copycheck.h>?" In Perl, will I "use Parse::DRMVerify?"
    If so, who at the FCC will ensure that these modules are available for
    the languages I'm using? (It is true that folks at the FCC are smarter
    than the folks in Congress, though that is not saying much. FCC staff
    will try to make the standards workable. But the CBDTPA gives them --
    and the public -- precious little wiggle room.)
    
    By design, programming languages are terribly flexible. The only way
    to prevent software from removing do-not-copy bits from digital
    content would be for Congress to ban the programmable PC. And replace
    it, perhaps, with WebTV television-top boxes.
    
    In case you're curious, the felony penalties kick in when you try to
    sell your post-ban BASIC program -- not to mention any commercial
    software -- and perhaps even if you're a free software developer
    hoping to gain reputation capital from your code.
    
    They say that violators "shall be fined not more than $500,000 or
    imprisoned for not more than 5 years, or both, for the first offense;
    and shall be fined not more than $1,000,000 or imprisoned for not more
    than 10 years, or both, for any subsequent offense."  
    (http://www4.law.cornell.edu/uscode/17/1204.html)
    
    Yes, this is silly. No, it is probably (I hope) not what senators
    Hollings and Feinstein and their colleagues intended. Yet it is what
    the text of the bill says. And this is after the good senators had
    seven months of correspodnence from computer scientists and industry
    representatives worried about the scope of the legislation after it
    was widely circulated in August 2001.
    
    Don't believe me? Read it for yourself:
    
    Text of CBDTPA:
    http://www.politechbot.com/docs/cbdtpa/
    
    Politech archive on the CBDTPA:
    http://www.politechbot.com/cgi-bin/politech.cgi?name=cbdtpa
    
    -Declan
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    -------------------------------------------------------------------------
    Politech dinner in SF on 4/16: http://www.politechbot.com/events/cfp2002/
    -------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Mar 27 2002 - 05:21:37 PST