[This is a letter provided by a congressional source on condition of
anonymity. It's a little hard to parse, but Anonymous' comments have ">>"
prepended to them. I invite RIAA to reply. --Declan]
Some background:
http://www.politechbot.com/cgi-bin/politech.cgi?name=riaa
---
Response to Billboard Article on Anti-Terrorism Bill
Billboard's issue of October 27 contained an article, "RIAA Criticized Over
Effort to Change Anti-Terrorism Bill," that is so patently false that we
are driven to respond immediately.
Dear Editor:
It is hard to believe that Billboard would print stories as offensive and
irresponsible as your recent articles attacking RIAA's work on the
anti-terrorism bill. The baseless rumors that we took advantage of this
important piece of legislation to gain rights to hack into personal
computers were debunked before the article was even written; yet Billboard
perpetuates the malicious myths without regard for even the most basic of
journalistic standards.
Let's be clear: RIAA never lobbied Congress to give us the ability to hack
into PCs, plant viruses, destroy MP3 files on people's computers, or
anything resembling such actions. These assertions are not only completely
false, but also incredibly offensive and extremely irresponsible.
>> The RIAA does not assert that the language they provided staff would
not have permitted this sort of conduct.
Had your reporter bothered to call even one of the Senate staffers involved
in the legislation, or consulted with even one lawyer who could explain the
meaning of the proposed amendments, he would have learned that he was
unfairly maligning the RIAA and our industry.
>> What they may have "meant" to do does not explain their "extremely
irresponsible" (at best) drafting.
The true story here is that the Senate drafted its anti-terrorism bill
privately. When it was made public on October 5th it was discovered that
one of the provisions would have had an unintended effect on anti-piracy
measures that are lawful under current law. This inadvertent mistake would
have negatively impacted not just copyright owners, but also ISPs, telecom
providers and many other high-tech businesses, such as the companies of the
NetCoalition. As written, the measure would unintentionally have subjected
such businesses to lawsuits for activities that should be and are currently
allowed under law to protect the integrity of their products and networks.
>>According to the RIAA, the drafting of the Senate bill was done
"privately" and would have had "unintended effects" on the law. But what
Hillary Rosen fails to note is that their solution -- offered in the vacuum
of private negotiations -- would have done what EFF and other copyright
scholars NOT on the RIAA payroll say it would have done: it wouldve created
a license to hack. I suppose the RIAA position must be that private
negotiations involving the RIAA cannot possibly result in similarly
"unintended effects."
When we became aware of this inadvertent consequence in the draft
legislation, we notified the Department of Justice, the Senate, and other
industry groups; the proponents of the bill acknowledged that the draft
legislation created an unintended, negative side effect. We were asked to
propose language to avoid the unintended effects on our industry. We did so
- based on suggestions from the Department of Justice and Senate staff.
>> Perhaps the RIAA will tell us who they met with at DOJ about this
amendment? Did they show their proposed language to anyone from the
Executive Branch negotiating the bill? If so, whom?
And none of those drafts - we repeat, none - would have permitted the use
of viruses or anything else that could damage a user's computer or data in
any way. Contrary to the assertions in Billboard, measures that cause
damage to a computer or anyone's data would be actionable. Nor did the
article mention that the language provided no immunity from criminal
investigation or prosecution. Thus a copyright holder using any technical
measures to protect its works could do so only at risk of criminal
liability, a substantial guarantee that any such actions would be conducted
responsibly.
>> This is simply false! The bill itself defines damage as "any impairment
to the integrity or availability of data, a program, a system or
information" The The RIAA proposed 2 versions of a proposed amendment and
asked that it be added to the end of the civil cause of action section
(section 1030(g)): "No action may be brought under this subsection arising
out of any impairment of the availability of data, a program, a system or
information, resulting from measures taken by an owner of copyright in a
work of authorship, or a person authorized by such owner to act on its
behalf, that are reasonably intended to impede or prevent the infringement
of copyright in such work by wire or electronic communication; provided
that the use of the work that the owner is intending to impede or prevent
is an infringing use." OR "No action may be brought under this subsection
arising out of any impairment of the availability of data, a program. a
system, or information, resulting from measures taken by an owner of
copyright in a work or authorship, or any person authorized by such owner
to act on it behalf, that are reasonably intended to impede or prevent the
unauthorized transmission of such work by wire or electronic communication
if such transmission would infringe the rights of the copyright owner."
Both proposals would have prohibited any civil cause of action for actions
by a copyright owners for the "impairment of the availability of data, a
program, a system or information" [ which the LAW and the terrorism bill
define as "damage"] for actions they take that are 'reasonably intended' to
impede or prevent infringement of copyright or an unauthorized copy. Yes,
the RIAA could still have been prosecuted - which one must assume is how
they are able to argue that their conduct resulting in damage would be
"actionable". But no civil actions could have been brought! So victims
could not have sued. Period. This is the sort of verbal parsing and
misleading statement that the heads of the major record labels should
instruct their staff at the RIAA to put a stop to once and for all.
A person unfamiliar with the complex terminology of the Computer Fraud and
Abuse Act might not grasp these points from a quick reading of the proposed
amendments, which is why it is all the more important that anyone writing
on this subject check the facts and consult with informed sources. But the
writer of the article apparently made no efforts to contact the Senate
staff who actually handled this issue or to consult with anyone
knowledgeable about the facts or the law.
>> No, the folks who are concerned about this mess grasped the points. The
entire focus of the original section of the bill that amended section 1030
was hackers. Previously, the definition of "damage" under the act required
that there be $5,000 in damages or loss to a victim. Accordingly, absent
some narrow exceptions, if a person hacked into a private network or
computer and caused less than $5,000 in damage, he or she would not have
broken the law. The law also provides victims of section 1030 with the
right to bring a civil cause of action - a lawsuit - against the hacker.
But the $5,000 damage threshold also applied to these victim lawsuits.
Hence, the problem that others but the recording industry (NetCoalition,
eBay, AOL, e.g.) was trying to solve was: if you change to law to make it
easier to for the government to prosecute hackers by dropping the $5,000
threshold then you are also making it easier for victims of hackers to
bring a private civil lawsuit. The RIAA's proposed solution - above - would
have given them a complete carve out from the civil actions - Not just acts
those resulting in less than $5000 in damage but any amount of damage so
long as they were trying to stop "unauthorized" (note, not necessarily
illegal) copying.
Incredibly, the only person cited in the article is a lawyer for the
Electronic Frontier Foundation in San Francisco, who had nothing to do with
the legislation and knew nothing about what happened. But she was more than
happy to criticize RIAA for actions that the reporter described to her. And
Billboard was delighted to highlight her unfounded criticisms in large,
bold type.
The article also failed to mention that multiple industry groups and
companies likewise saw the need to fix the inadvertent error in the Senate
provision. Ultimately, the Senate staff decided to re-draft their original
amendment to avoid the problems it had caused, thus obviating the need for
an industry-specific solution. As finally drafted, the new provision is
supported by eBay, the NetCoalition, MPAA, RIAA and SIIA, among others.
>> Yes there were a myriad of organizations concerned about the effects of
the change on current law, but the RIAA's proposed amendment was not
supported by those groups, was it? Did eBay, the Net Coaltion, SIAA support
their draft. No. Not even AOL -- a member of RIAA -- was happy withthe
original amendment offered by Mr. Glazier. Yes, they all supported the
final version - the version that was worked out AFTER the RIAA was caught.
The damage done by these irresponsible acts continues to spread. On October
24, the Billboard Bulletin featured a story that a Member of Congress
"decries RIAA's tactics on legislation." The quotations attributed to the
Congressman make it clear that he had no idea what had actually transpired
- but having read Billboard's article, it's only natural that he would be
critical.
Let's be honest: the not-so-subtle message implicit in Billboard's articles
is that we were trying to "slip" something into the legislation, an act
that would be downright unpatriotic at this time of national crisis. And
that's what makes Billboard's articles so incredibly insulting -
manufacturing a story that makes us look underhanded and impugns our
patriotism at the same time. In fact, we became involved in the
anti-terrorism bill only because an inadvertent error in its drafting would
have negatively impacted legitimate businesses engaged in legitimate means
of protecting their products and networks; we proposed amendments only
because we were specifically asked to do so by Senate staff; and the
proposals we made were in fact narrow and responsible.
It's time for Billboard to start honoring some editorial standards. It's
not responsible to write articles without researching any facts, consulting
with any informed sources, or checking with the staffers actually involved.
It's time to start printing stories that are factually accurate, not
malicious gossip masquerading as news.
Billboard owes their readers, and the RIAA, an apology.
-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Received on Oct 26 2001
Intro
