Category Archives: Legal Issues

Issues of copyright and other legal thoughts

Adobe Digital Editions and infoleaks

Eliminate DRMThe online library world exploded today over the revelation that Adobe Digital Editions, software that is required for many library-focused eBook services, evidently leaks like a sieve when it comes to our user’s information. The TL:DR version of the story is that ADE appears to be sending in plain text to Adobe’s servers information such as: the book you are reading, title, publisher, which pages you have read and which page you are currently on. Much longer discussions about the leak and potential fallout here:

Andromeda and Galen then both went on to touch on some of the core problems with this leak, focusing on the conflict between Adobe’s action and the ethics of librarianship, and the possible role that ALA may have in bridging the gaps in libraries’ knowledge of these actions.

There are a few things I wanted to emphasize about this situation. The first is that several of the reports have noted that earlier versions of Adobe Digital Editions didn’t seem to “spy on its users” in the way that the most recent version (version 4) does, and recommend using earlier versions. The truth of the matter is that of course the earlier versions are spying on users…they just aren’t doing it in as transparent a manner as the current version. We need to decide whether we are angry at Adobe for failing technically (for not encrypting the information or otherwise anonymizing the data) or for failing ethically (for the collection of data about what someone is reading). It’s possible to be angry at both, but here’s a horrible truth: If they had gotten the former right and encrypted the information appropriately, we’d have no idea about the latter at all.

I think that Andromeda has it right, that we need to insist that the providers of our digital information act in a way that upholds the ethical beliefs of our profession. It is possible, technically, to provide these services (digital downloads to multiple devices with reading position syncing) without sacrificing the privacy of the reader. For example (and this is just off the top of my head) you could architect the sync engine to key off of a locally-hashed UserID + BookID that never left the device, and only transmit the hash and the location information in a standardized format. This would give you anonymous page syncing between devices without having to even worry about encryption of the traffic, as long as you used an appropriate hash function. I would prefer this approach, because (as mentioned above), if the entire communications stack is encrypted, it’s a black box for anyone attempting to see inside and verify what the vendor is actually collecting. There are answers to this as well (encryption keys that the vendor never sees at all, for example, and are totally local to the user’s device a la Apple’s latest security enhancements).

There are technical solutions that satisfy our ethical concerns. We need to insist that our vendors care enough about our ethics that the technical answers become a market differentiator. We need to insist that this is important and then we need to make them listen.

SOPA and Publishers

Here is a list of all of the companies signed to SOPA (which, while delayed until after the first of the year, isn’t dead):
Companies supporting SOPA

While there are a few surprises (GoDaddy? A DNS company that supports breaking DNS? Huh?) most of the names on the list are exactly who you’d expect: copyright holders that are clearly desperate to hold on to their business model. These happen to include publishers like Hachette, Harper-Collins, Macmillan, Elsevier, Hyperion, McGraw-Hill, Pearson Education, Penguin, Random House, Scholastic, and Norton. Not to mention all of the video/music companies that produce content that libraries spend money on: Sony, Universal, Disney, etc.

For those who aren’t keeping up with SOPA and PIPA and what exactly it is that the above companies are suggesting, let’s be clear: SOPA and PIPA are both so completely bad that I have trouble describing how bad they really are. I consider myself a writer, and I have trouble conjuring forth a description about just how incredibly fucked the USA would be if we allow these ridiculous bills to pass into law. So I’ll let someone else say it for me. Mr. Savage:

Make no mistake: These bills aren’t simply unconstitutional, they are anticonstitutional. They would allow for the wholesale elimination of entire websites, domain names, and chunks of the DNS (the underlying structure of the whole Internet), based on nothing more than the “good faith” assertion by a single party that the website is infringing on a copyright of the complainant.

Or maybe Mr. Dotorow? Or how about, oh…the engineers who built the Internet in the first place? Or maybe even the Stanford Law Review? All of them agree (as do I) that SOPA and PIPA would break the fundamental way that the Internet works, making the US into a third-world-country of ‘net access, and threatening the very concept of Free Speech online.

These are agressive, wrong headed pieces of legislation that attempt to find a technical solution to a legislative problem…we already have laws that punish individuals who infringe upon copyrights. This would be the equivalent of legislating the ability for private companies to decide to close down roads and revoke your drivers license just because someone claimed they saw you take a drink, instead of simply having and enforcing laws against driving under the influence.

So what can libraries do? I think we should let these signatories know that we disagree fundamentally with SOPA and PIPA and indeed any law that would lessen the freedom of speech on the Internet. Tell everyone you speak with at these companies that this is not the sort of thing that we will support. If SOPA and PIPA are still on the table at the time of ALA Midwinter, I plan to try to speak with as many employees of these companies as I can about this. I suggest you do the same.

Ripping your books

A really great article from Christopher Harris over on the American Libraries E-Content blog called “What’s Next? Book Match?” is getting passed around the web today. The pull quote that seems to be catching everyone’s attention is:

If I can rip my CD to an MP3, why can’t I scan my book to an EPUB?

I just wanted to step in and say: You can. There is decent case law in place that indicates that format shifting of personal copies is allowable in the United States. There is also strong case law in place for the ability to personally back up media that you legally aquire…both of these indicate that while there may be no clear “Yes you can” statement in copyright law, there is a lot of evidence that it’s perfectly ok for individuals given Fair Use rights in the US.

Moreover, there’s easier and easier ways to digitize books out there. If you haven’t seen the DIY Book Scanner project, go and check it out. This group is doing awesome stuff towards making digitizing books something that isn’t nearly as time-consuming as it once was. Plus, as I often point out in my presentations to libraries and librarians, if you think that digitizing books is going to be difficult forever, well…think again:

Apple intentionally hurting eBook stores

Apple announced the terms of their in-App Subscription Service this morning, and it does indeed look like they are shooting directly at Amazon. What I’m concerned about is the fallout from these new rules on other apps…here’s the paragraph that causes me issue, with the pertinent passage highlighted.

Publishers who use Apple’s subscription service in their app can also leverage other methods for acquiring digital subscribers outside of the app. For example, publishers can sell digital subscriptions on their web sites, or can choose to provide free access to existing subscribers. Since Apple is not involved in these transactions, there is no revenue sharing or exchange of customer information with Apple. Publishers must provide their own authentication process inside the app for subscribers that have signed up outside of the app. However, Apple does require that if a publisher chooses to sell a digital subscription separately outside of the app, that same subscription offer must be made available, at the same price or less, to customers who wish to subscribe from within the app. In addition, publishers may no longer provide links in their apps (to a web site, for example) which allow the customer to purchase content or subscriptions outside of the app.

To summarize: publishers are allowed to sell subscriptions on their own websites, but if they do, they must also allow for in-app purchase of said subscription, and there has to be pricing parity between the two methods. This means that, for instance, a newspaper couldn’t offer a subscription on their site for $5, but make the in-app purchase $8…this prevents publishers from variably pricing things higher in the App in order to pad the price to take into account Apple’s 30% of the sale price. So far, so good…it’s that last sentence that really worries me:

In addition, publishers may no longer provide links in their apps (to a web site, for example) which allow the customer to purchase content or subscriptions outside of the app.

Notice that in that sentence, Apple stopped talking about subscriptions and now include content generally. This single lline is the one that, I think, kills eReader software on iOS devices. This means that Amazon can’t keep the Kindle app the way it currently works, which is to tap a button inside the app that then takes you to the Kindle store in Safari. That’s not allowed given the above. That will apply to Barnes & Noble’s Nook software, as well as any other eReader software that I’m aware of on iOS. eBook providers like Amazon and B&N almost certainly can’t afford to move all their sales to in-app purchases because of the 30% Apple “tax”. This means that either they raise prices and move into Apple’s ecosystem, or they stop allowing purchases of books at all on iOS devices.

The rules appear to allow Amazon to sell Kindle books for iOS on the Amazon website directly (obviously Apple can’t do anything about that) but it seems to break any connection between the app and said site. This intentionally damages the user experience for this and other eBook apps, and is the main reason I can’t believe that Apple is pushing this as hard as they are. This is much different than other limitations that Apple has placed on the development of Apps…this isn’t hardware based limitation (multitasking) or anything like that…this seems to be purely a “show us the money” limitation. I’m really disappointed if this is the way that Apple chooses to enforce this, because while they are guilty of many things, intentionally hurting usability has never been one of them.

What I’m really curious about is this: Is Apple going to push these requirements for any App that allows for any purchase…like, for instance, the Amazon app that allows you to shop on Amazon directly. Or Zappos, or Ebay, or any number of other apps that act as a front-end for purchasing goods. If that’s the case, I think that Apple is in for some real trouble and pushback from companies, and possible legal repercussions. Seems like it can’t possibly be legal for the manufacturer of a computer (which is what the iPhone/iPad/iPod touch is, after a recent legal decision) to require that anything purchased on that computer provide them with a cut. I’ll be keeping my eyes on this one.

Copyright change in Spain pressured by US

Here’s just one example of why the Wikileak cables are important and deserve to be released, analyzed, and that transparency in government is valuable. From BoingBoing:

Spain’s Congress is about to vote on a new and extremely harsh copyright/Internet law. It’s an open secret that the law was essentially drafted by American industry groups working with the US trade representative.

….

The first 35 of the 115 cables have been released, and they confirm the widespread suspicion: the Spanish government and the opposition party were led around by the nose by the US representatives who are the real legislative authority in Spain.

Here’s a link to an English translation of the El Pais article.

Seriously, AT&T?

In preparation for ordering iPhone 4, I went about adjusting our AT&T plans this evening…the new tiered pricing actually works out for us, as Betsy rarely uses over 200Megs of data a month. As I was switching her over, I read this amazingly silly EULA from AT&T:

DataPlus 200 MB for iPhone

Terms and Conditions

DataPlus 200MB for iPhone may only be used for the following purposes: (i) internet browsing, (ii) personal email, and (iii) consumer applications. Using iPhone to access corporate email, company intranet sites, and/or other business solutions/applications is prohibited.

Bwahahahaha. Corporate email is prohibited? WTF? Talk about your unenforceable EULA’s….you can’t visit an intranet, for frak’s sake? Seriously, AT&T? Seriously?

And you wonder why people hate you.