Is Hachette Being Hoisted by Its Own DRM Petard?

oldbooks2.JPGRebecca Tushnet points to this column by Cory Doctorow arguing that Hachette is being held hostage in its fight with Amazon over e-book versions of its books because of its “single-minded insistence on DRM”: “It’s likely that every Hachette ebook ever sold has been locked with some company’s proprietary DRM, and therein lies the rub.” Doctorow argues that because of the DMCA Hachette can no longer get access, or authorize others to get access to, its own books:

Under US law (the 1998 Digital Millennium Copyright Act) and its global counterparts (such as the EUCD), only the company that put the DRM on a copyrighted work can remove it. Although you can learn how to remove Amazon’s DRM with literally a single, three-word search, it is nevertheless illegal to do so, unless you’re Amazon. So while it’s technical child’s play to release a Hachette app that converts your Kindle library to work with Apple’s Ibooks or Google’s Play Store, such a move is illegal.

It is an own-goal masterstroke.

Everyone loves irony, but I can’t figure out how to make Doctorow’s argument work. First, I can’t figure out what the anticircumvention problem would be. Second, I can’t figure out why Hachette wouldn’t be able to provide other distributors with e-book versions of its books.

First, the anticircumvention point. This is something a lot of people miss, but Section 1201(a) only applies to circumvention done “without the authority of the copyright owner.” Hachette can immunize any user of its works from circumvention liability by authorizing circumvention, if it wanted to, and there’s nothing Amazon can do about that. It is true that technology providers may be “injured persons” entitled to sue under Section 1203(a) for violations of Section 1201, but the activity in question still has to be a violation.

But Doctorow mentions “removing” the DRM, and Rebecca Tushnet mentions that the issue of “stripping” it came up at the 1201 hearings. Maybe the thought is that Hachette could authorize circumvention but not “stripping” of the DRM, because Amazon has some sort of IP right in the encrypted file that would prohibit that. If that’s the argument I have all sorts of skepticism. (1) I’m not sure what “stripping” is exactly that distinguishes it from circumvention — perhaps saving the file in unencrypted form? That requires an argument that removing DRM from an encrypted file without the DRM owner’s permission is a violation of something. It’s not a violation of 1201, as long as you have the copyright owner’s permission, as I mentioned above. That’s true even if the encryption is itself copyrighted (which I doubt), because you don’t have to circumvent anything to get to the encryption — you’re circumventing the encryption to get to something else. (2) In any event it seems unlikely that there is some sort of plausible argument that the encrypted bits of a copyrighted work are somehow separately copyrightable, or that the encrypted file is a derivative work, or even if it is that deleting the new bits of a derivative work (leaving only the original) somehow violates the derivative work author’s rights.

There’s a third possibility, which is that while perhaps the act of circumventing could be authorized by Hachette under 1201(a), the act of creating tools to circumvent could not be, and Amazon could therefore sue under 1201(b), which prohibits making tools to circumvent a technological measure that “effectively protects a right of a copyright owner under this title.” It’s probably true that Hachette itself could not make such a tool, but that’s not due to anticircumvention law. Hachette may well have entered a contract with Amazon that prohibits it from disclosing the trade secrets contained in the Kindle DRM scheme.

But would others be liable for making such tools under 1201(b)? That strikes me as a nonstarter, again assuming that Hachette gives permission to decrypt. 1201(b) provides that a technological measure protects a right of a copyright owner — thus falling within the prohibition for circumvention tools — “if the measure, in the ordinary course of its operation, prevents, restricts, or otherwise limits the exercise of a right of a copyright owner under this title.” I suppose you could argue that a measure prevents a user from exercising a right of the copyright owner even if the copyright owner has licensed that exercise — there’s no reference to authorization, as in 1201(a). But that’s an odd reading of the statute. Among other absurdities, it means that manufacturers of licensed devices — such as DVD players — violate 1201(b) because their tools circumvent, in the normal course of operation, the encryption scheme on DVDs, which otherwise prevent purchasers of DVDs from exercising the right of reproduction or public distribution of the copyrighted works on the DVD.

Moving back to Hachette and the “own goal” idea, there’s a second basic problem with Doctorow’s argument that I don’t see a solution to. Namely, I don’t understand why Hachette would be trapped here, even if it could not authorize anyone to use the Kindle versions of its e-books. Unless Hachette for some reason retained absolutely no copies of its own e-books, such that Amazon has the only (encrypted) digital copies on the planet, and it would be infeasible for Hachette to create new ones, then it would seem pretty easy to provide new copies to other distributors and license those other distributors to carry them — assuming that’s contractually permissible, but I can’t imagine Hachette’s contract with Amazon says that is prohibited from going elsewhere and that Amazon can refuse to sell them. It’s more likely that Hachette is stuck simply because of Amazon’s market power.

[Cross-posted at the Marquette University Law Faculty Blog.]

8 thoughts on “Is Hachette Being Hoisted by Its Own DRM Petard?

  1. Briefly, your 1201(a)(2) argument doesn’t work because Amazon controls the DRM. Any decryption program will strip the protection out of .azw3 files whether the content comes from Hachette or not (unless there is some publisher specific code in there of which I am unaware, which is of course a possibility). Thus an offer of the software risks liability because even if Hachette books are a big chunk of Kindle books, the language refers to DRM that effectively protects a work protected under this title, and .azw3 does that for lots of non-Hachette works even if Hachette gave permission to help their existing readers switch to other devices. I would be shocked if it or any other company that’s not already committed to stripping DRM without consent would take the risk. (Fortunately or not, no one needs to wait on Hachette.)

    My reference to the DMCA hearings was too abbreviated, but there, it became clear that the contracts between the movie companies and DVDCCA prohibited either one of them from allowing the individual acts of stripping DRM required by the exemptions. The movie companies had no right, by contract, to authorize the removal of DRM; they could have delivered clear copies but weren’t going to do so; the DVDCCA had no right to authorize anything but the construction of compliant devices. You can call that a result of contract and not directly the DMCA, but the parties are hardly going to contract any other way among themselves because the effects are all on third parties. I don’t know what Hachette’s contract says, but if it’s anything like, that will be a barrier.

    And I’m pretty sure Doctorow understands Hachette’s options going forward. I understood his point to be that it’s the installed base that makes the transition hard, though not impossible. I am an aggressive user of new ebook technology where that technology promises an improvement, and I have five reader apps on my phone, and I absolutely hate it. I don’t think I know anyone else who is as willing as I am to have incompatible reading formats, and it doesn’t really make sense. (Most serious readers I know tend to take approaches involving Doctorow’s simple three word search in order to get their purchases in one place.)

    That said, I’m not sure he’s right.

  2. I wonder whether the 1201(a)(2) issue is a technical question. That is, can you write a program that breaks encryption, but only if it’s Hachette? It doesn’t seem outside the realm of possibility.

    Similarly, the 5 readers issue is not a DRM problem, it’s a standards problem. Presumably, you could have DRM that works equally everywhere, if everyone agreed to use a particular format.

  3. Rebecca: How do you get to the point where Amazon has the right to enforce 1201(a)(2)? As Bruce explains in the OP, the right rests with the copyright holder, which isn’t Amazon.

  4. Thanks Rebecca and Mike. I’ve actually mused about the 1201(a)(2) issue before, somewhere, but I forgot to raise it here. Putting aside for a moment the contract issues, I think if you have a multi-party DRM scheme and one significant content participant decides they are going to allow circumvention, then designing/distributing tools *after* that point becomes permissible under at least the first two prongs 1201(a)(2). Specifically, you can say the tool is not “*primarily* designed or produced for the purpose of circumventing a technological measure,” that it has *more* than a “limited commercially significant purpose or use other than to circumvent a technological measure,” given that the definition of circumvent in 1201(a) excludes authorized circumventions. As long as it isn’t marketed to circumvent non-Hachette works it would not fall within 1201(a)(2). I imagine there are many who would contest this, but I think “primarily” and “limited” have to mean something.

    All that said it makes sense that most multi-party encryption scheme licenses will be drafted to prevent this. I mentioned above Hachette probably can’t design circumvention tools, and possibly it can’t even authorize non-Kindle decryption of Kindle files. But that would be due to contract law; it’s not a right granted to Amazon under the DMCA. Amazon has no rights under the DMCA that override those of content owners. Similarly for the legacy format issue. It’s true that most Kindle users will not want to mess with either multiple devices or decrypting all their files. But I think that’s probably true even if we were just talking about unencrypted .azw files or .epub files. Most people just don’t want to bother with a format switch, and so Hachette’s bargaining position is hurt by that regardless of whether its Amazon e-books have DRM.

  5. I’d like to point out a subtle problem with the entire § 1201(a) argument: The assumption that Hachette is the copyright holder. The copyright-holder is probably the author… and, unlike much of the rest of the Copyright Act, Chapter 12 doesn’t use language referring to the holder of an exclusive copyright right, but refers to the holder of the copyright. That is, one can argue with at least as straight a face as does Mr Doctorow that Hachette can’t immunize DRM-stripping/circumvention (whatever may actually be authorized) — only the author can do so.

    An absurd result from an at-least-equally-absurd statutory mess. And I’ll leave aside the interplay between § 109 and Chapter 12, particularly when compared to the economic substance of book sales, because it’s an unholy mess. Trying to reconcile Kirtsaeng with Chapter 12 and Vernon is going to get very interesting, and very lucrative for some lawyers… especially when they start trying to draw a line between “software” and “e-book”.

  6. Fascinating, C.E. A brief check seems to confirm what you are saying, I checked 4 bestselling books on Hachette’s, two fiction and two nonfiction, and all 4 identify the copyright owner as one of the authors. When did this become the norm, exactly? The cases I teach, all involving pre-1976 Act contracts, usually assign copyright to the publisher.

    I would expect that Hachette has some sort of ability to manage the e-book process in its publishing agreements, but obviously this adds another layer of complexity to the situation. If Hachette could not act on behalf of its authors and give their authorization to circumvent, then it is indeed stuck to the extent it would be difficult to get that authorization now.

    I noticed something else as I searched, which is that e-book versions of Hachette’s works all seem to be available at Barnes & Noble. So there’s no Amazon exclusivity problem here; it’s purely a getting-customers-to-switch-stores problem. And some sort of Hachette lock-in to DRM does not seem to be causing that problem. To get back to the Doctorow piece, I can’t figure out what this sentence is supposed to mean, assuming it is not false: “The law of DRM means that neither the writer who created a book, nor the publisher who invested in it, gets to control its digital destiny: the lion’s share of copyright control goes to the ebook retailer whose sole contribution to the book was running it through a formatting script that locked it up with Amazon’s DRM.”

  7. Actually, the vast majority of works that have appeared in print and are held in publicly accessible libraries (as opposed to, say, the small library found in a chemistry lab or factory office) since 01 January 1978 are NOT works for hire or agreed transfers of copyright. This particularly goes for works of fiction — which, although perhaps the most visible “thing” in publishing, and the one that gets the most immediate attention, is the tip of the tail on the publishing dog by finances, by volumes sold, or by any other measure.

    The problem with the entire debate is that there is no single publishing industry with uniform practices on which we can, or should, impose universal copyright “results.” This is pretty obvious from the definition of work-for-hire in § 101: Note that stand-alone, book-length works of fiction by a single author CANNOT qualify as works for hire UNLESS the authors are employees… but atlases and textbooks can!

    This has become more difficult to see as conglomerates have merged multiple distinct publishing industries into single corporate umbrellas. For example, in the 1920s and 1930s — when the work-for-hire began its misbegotten judicial formalization — John Wiley & Sons* was a pure STEM-reference and -monograph publisher, with no trade nonfiction (___ for Dummies), no textbooks, etc. And definitely no trade fiction (abandoned in the mid-19th century)! This is the fundamental, conceptual error of this entire debate: That everything that is “copyrighted” necessarily must be evaluated using the same rubric, let alone reach the same result.

    Academics tend to think of “work for hire” as routine in book-length works. That’s because — for good or, mostly, for ill — academic-oriented publishers have long, by default, imposed work-for-hire and full-transfer-of-copyright terms on academic authors, whether or not authorized by law. The H___ U___ P___, through the purported trade imprint B____ P____, contractually assert work-for-hire to all works regardless of § 101 eligibility; stiff negotiation for anyone except superstars can get that watered down to a “mere” transfer of copyright subject to termination under § 203. That does not reflect either the legal authorization or the practice outside of academic publishing.

    Bluntly, reality concerning published textual works does not lend itself to the administratively convenient solution of a uniform, binary-selected, easily-enforced rule. That _should_ be obvious from the fact that “it relates to the arts,” but that has apparently escaped the notice of far too many interest groups…

    * I’m using Wiley as an example here because it’s relatively clean, and has a clear ownership history. Most other conglomerate-type publishers… not so much.

  8. Hold on. If:

    1. Copyright owners can authorize removal of DRM and

    2. Most authors own the copyright to their works (presumably giving publishers licenses for certain activities).

    Does that mean that authors could individually authorize readers to remove ebook DRM from their books?

    If so, it seems the only thing preventing completely legal ebook DRM removal tools is that someone hasn’t collected a (substantial) list of authors who are fine with DRM removal and publicizing DRM removal tools in conjunction with that list.

    Or are authors typically contractually bound to to not authorize DRM removal (the way movie companies are with DVDs)? Presumably Cory Doctorow could say something about that…

Comments are closed.