1. joe on March 2, 2004 07:35 PM writes...

2. Cypherpunk on March 2, 2004 07:59 PM writes...

Yeah, I was wondering where DRM went, too. If you're going to do it with technical rather than legal means, a philosophy I support, you've got to use every tool in the kit. It's a hard problem! Taking away DRM for philosophical reasons, when it's fully voluntary and contractually supported, is going to make it much harder to argue that new legislation is unnecessary.

As for the proposed methods, insurance just shifts costs around and does not provide protection. And watermarking via fake entries and such is only a backup. Tethering can help, but some DBs may need to be provided locally (where DRM provides similar protection). And both tethering and DRM may still be vulnerable to leaking the information out of the DB a bit at a time.

Contract is the saddest case. It's basically what the DVD companies tried. They licensed the algorithm and keys, and made people promise not to reverse engineer. And then we know what happened. Everybody looked for loopholes for why DeCSS was legal. The promises weren't binding because they were shrink wrapped. Or they don't count in Norwegian law. I even saw suggestions that someone could have written a software agent that automatically agreed to any proferred license, without the human user taking any voluntary actions that would bind him to the agreement. Every slimy and slippery character on the net came up with ways that Jon Johanson could have pulled DeCSS out of the Xing player without violating the contractual agreements.

So I don't have a lot of confidence for contractual protection of IP in an internet application any more, not after the DeCSS debacle. That was a sad demonstration of the net community putting greed above principle, just like what's happening with file sharing. The same thing would happen again with a contractually protected database.

3. Ernest Miller on March 2, 2004 08:11 PM writes...

I didn't mention DRM, not because I don't generally favor it, but merely because I forgot. Contract is hardly sad. In the CSS case, the people who violated their contract was XING, which didn't take proper precautions to hide their key. Moreover, you don't want to be enforcing click-wrap contracts. If your database is so damn valuable, then use more binding individual contracts, or only contract with those who can pay damages for copying the database.

4. doogieh on March 2, 2004 09:46 PM writes...

This bill is the Smoot-Hawley tariff of the intellectual property world.

If this passes we are all in for a world of hurt. And you can quote me on that.

(1) How can you possibly do due diligence facts, when there is no registration of protected databases?

(2) How do you deal with the enormous transaction costs for information? Free markets thrive on open information, and the express purpose of this bill is to close off open information for use and anlaysis without a license.

(3) What is a substantial portion of a database? If its defined as an economically saleable portion, that could be as little as one entry! This would only result in massive consolidation in the information industry.

(4) How do you deal with contractual conditions on licensure of data? For example, now every piece of information I become aware of might come with it a restrictive license providing limits on my use of that data. How can I keep track of these limits over a lifetime, let alone as an attorney counseling my clients?

I'm convinced this law will be a disaster to the law's supporters as well as its detractors if it is ever passed...

5. kevin on March 3, 2004 04:19 AM writes...

C. Boyden Gray got a big write-up in the Journal as well today.