DMCA Misuse

David Hayes, an experienced IP lawyer at Fenwick & West, gave a talk last week about how lawyer/technologist combinations might respond to the Lexmark and Chamberlain cases, limiting some more extreme interpretations of the DMCA. His advice is entirely sensible on pragmatic grounds. It’s scary from a variety of public policy perspectives. If his clients follow his advice, here’s a taste of things to come. BNA’s Electronic Commerce & Law Report has a good report on the talk; this is the only accessible report — non-BNA — that I could find.

The key to triggering DMCA liability, even for circumventing technical controls on functional devices and data, is to design the technology so that the act of circumvention automatically triggers an act of infringement. If some digital content (data in a database; diagnostic routines; function calls) is encrypted on a server, and a key has to be supplied to decrypt it, then set up the system so that a program (or some module of executable code) has to be decrypted in order to access the digital content, and that has to be decrypted before the routine or call can be executed. The act of decryption – even as part of a process of reverse engineering – will create an unencrypted copy of the code. Voila: Any unauthorized access to the digital content automatically creates an infringing copy of the executable code. Even an act of reverse engineering is not protected under 1201(f) of the DMCA (protection for some acts of reverse engineering necessary to achieve interoperability), because 1201(f) offers no shield if copyright infringement results.

Similarly, the system can be designed so that after access to the encrypted program using the key, the program automatically sends a chuck of copyrighted code to the interoperable application. This may be unnecessary from a technical standpoint, but it constitutes an actionable “distribution” of the copyrighted program, and loading the chunk into RAM constitutes an actionable “reproduction.” Again, there a clear violation of a right protected by copyright, so the DMCA applies easily, and there is no protection under 1201(f).

I have no idea whether the advice is sound on technical grounds – in other words, whether this could or should be done. I assume that it can be done. I sense that there is no good technical reason for it to be done this way. Intuitively, then, this sounds like an extreme version of the sort of design abuse that the court in Lexmark was responding to, and the sort of thing that the federal government tried to fight in the U.S. v. Microsoft litigation. That intuition has to compete with another one, which is that it is very, very difficult for any law – antitrust, or some law of copyright or DMCA misuse – to intervene here. Lexmark reaches a sensible result on what strikes me as a somewhat tortured reading of the DMCA. When there is a fight at the Supreme Court over the right of the software developer to design as he or she pleases, when do we take that discretion away?