fsfc-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [fsfc-discuss] 'DRM'/'TPM' + another thought

From: Russell McOrmond
Subject: Re: [fsfc-discuss] 'DRM'/'TPM' + another thought
Date: Sat, 18 Feb 2012 11:34:06 -0500
User-agent: Mozilla/5.0 (X11; Linux i686; rv:9.0) Gecko/20111229 Thunderbird/9.0 

On 12-02-18 01:33 AM, Michael Faille wrote:

Hello all,

I think end users can control TPM since they must own private key.


  And hence one of the many problems with the acronym overlap.
You are talking about "trusted platform module", a neutral technology in our computers.
The discussion so far has been about "technological protection measures"(1) as defined in Canadian Copyright Bill C-11, a term which is derived from the "technical measures" in the two 1996 WIPO treaties and the "technological measures" in the 1998 USA Digital Millennium Copyright Act.
What you then describe is a legal question applied to a specific technology:
a) Is it legally true that the "end user" of a computer that contains a "trusted computing platform" module *must* "own private key".
The "end user" may not be the owner of the computer, and there are many scenarios (employment, kiosks, rental equipment, etc) where it would be legally inappropriate for the "end user" to be the keyholder rather than the owner. 

  So, lets modify the statement.
b) Is it legally true that the "owner" of a computer that contains a "trusted computing platform" module *must* "own private key".
Even here while the law *should* agree and legally protect that statement, current law in many countries does not. In fact, if the "trusted platform module" is being abused by a device manufacturer as part of a Copyright Bill C-11 "technological protection measures", then it would be against the law for the owner to circumvent that "technological protection measure" by obtaining the keys.
This is where in my mind the proposed law is broken. For me it is not about copyrighted works, Hollywood, the motion picture industry, or any of these other folks. It is about device manufacturers confusing copyright holders, politicians and lawyers and changing the normal way that the concept of "ownership" works with respect to other property which has keys (digital or otherwise). 


  The legal matter should be simple:
c) If I am the owner, then I control the keys. If I am not the owner, and the owner prohibits me from possessing/using the keys, then it is unlawful for me to access/use the keys.
The specific technology (UEFI http://c11.ca/5361 , trusted platform modules, PGP, physical pin tumbler lock, ...) should not matter, the legal principle and the law protecting the rights of the owner should always be the same.
(1) Note that Bill C-11 (2011) / C-32 (2010) use "technological protection measures", Bill C-61 (2008) before that used "technological measures", and Bill C-60 (2005) used "technological measures" (WIPO style, not WIPO+DMCA style).
The addition of the word "protection" to further confuse what we are talking about was a recent addition by the Conservatives. Clarified, we could be talking about "protecting" copyright holders from computer owners: meaning specifically NOT protecting computer ownership. 

--
 Russell McOrmond, Internet Consultant: <http://www.flora.ca/>
 Please help us tell the Canadian Parliament to protect our property
 rights as owners of Information Technology. Sign the petition!
 http://l.c11.ca/ict

 "The government, lobbied by legacy copyright holders and hardware
  manufacturers, can pry my camcorder, computer, home theatre, or
  portable media player from my cold dead hands!" http://c11.ca/own
reply via email to
[Prev in Thread] Current Thread [Next in Thread]