Economic and Game Theory |
"All that is necessary for the triumph of evil is that good men do nothing." probably not Edmund Burke | |||
The large media companies are up again to their usual mischief. Unhappy with file swapping and eager to put an end to fair use, they are proposing that Congress enact a new law further protecting their "intellectual property." Proving that neither political party is immune from graft, Senators Fritz Hollings (D-S.C.) and Ted Stevens (R-Alaska) have introduced the "Security Systems Standards and Certification Act" or SSSCA. You can find the draft of the Bill, dated August 6, 2001 here. This piece of legislation is so nonsensical and badly written, it is difficult to know where to start criticizing it. The substantive content of the bill is that the federal government shall require "secure technical means of implementing directions of copyright owners, for copyrighted material, and rights holders, for other protected content, with regard to the reproduction, performance, display, storage, and transmission such material or content" Notice that this is extraordinarily vague. Is this intended to cover existing content, for example by making the MP3 format illegal? Or is it aimed at content that does not yet exist, such as DVDs written to a new encryption standard? Is this to be limited to hardware devices installed on individual computers? Or does it include centralized "software registries" operated by a few large copyright holders? Does it imply that copyright holders would acquire the right to dictate the form in which their product should be stored by consumers? How broadly should the words "performance", "display" and "transmission" be interpreted? The particular technical means will be chosen by the following procedure "The Secretary [of Commerce] shall make a determination, not more than 12 months after the date of enactment of the Act, as to whether -- (A) representatives of interactive digital device manufacturers and representatives of copyright owners have reached agreement on security system standards for use in interactive digital devices; and (B) the standards meet the criteria in subsection (a)." if not "the National Institute of Standards and Technology and the Register of Copyrights, shall initiate a rulemaking" Who exactly the representatives are to be; how they are to be selected and who is to be represented is not specified. For example, the authors of this essay hold numerous copyrights, as does the Free Software Foundation - all of us oppose this legislation, as do many other copyright holders who want to see their "intellectual property" widely distributed. Are we to be represented? And how shall we choose our representatives? It is hard to avoid the guess that "representatives of copyright holders" actually means representatives of a few large media companies, who will presumably not represent our interests at all. Notice also that enormous power is delegated to the Secretary of Commerce with only extremely vague guidance. To what does this legislation apply? "any machine, device, product, software, or technology, whether or not included with or as part of some other machine, device, product, software, or technology, that is designed, marketed or used for the primary purpose of, and that is capable of, storing, retrieving, processing, performing, transmitting, receiving, or copying information in digital form." Clearly this applies to such things as the handheld MP3 players. Since general purpose computing devices have the primary purpose of "retrieving, processing, performing, transmitting, receiving, or copying information in digital form" it would appear to apply to all computers, ranging from home PCs, to business computers, to mainframes and supercomputers. Presumably it does not mean what it says, since it is hard to believe that federal intelligence agencies such as the NSA will agree to install such devices on their computers. We have already argued elsewhere that the very existence of copyrights, in their current form, not only curtails consumer freedom but makes little economic sense and is most likely damaging national welfare and security. The question we address in this essay is, even assuming current copyright legislation makes any sense (which, we repeat, it does not), whether mandating by law copy protection on general purpose computing devices is a good economic idea. To understand this, there are several distinctions that should be kept in mind. We should first be clear on the difference between a general purpose computing device, and a specialized device, such as a tape recorder or DVD player designed largely to play media content. Any harm done through copy protection to special purpose devices is largely limited to the value of the material that is supposed to be protected. That is, the harm of DVD players that don't work is limited to the economic value of DVDs. If general purpose computing devices fail to operate properly on account of copy protection, the harm is potentially equal at least to the economic value of computers - a value that greatly exceeds the value of the material that is supposed to be protected. To get some idea of the importance of the "intellectual property" versus the computer industry, we collected some rough numbers. (Here are some more detailed numbers that we have subsequently dug out.)
Based on reported sales, we see, for example, that the sales of just three major hardware/software makers generate well over 5 times the annual revenues of the entire global music market, and well over 15 times the annual revenue of the US market, which is all the SSSCA can hope to "protect." But notice that while music market revenues are a reasonable indication of what is being protected, the potential cost of interfering with the computer market can be expected to greatly exceed revenues. A recorded CD containing some music can hardly contain other materials and its economic value is therefore equal to the value of the music it contains. A PC, not to speak of a business mainframe, stores the product of hundreds, or even tens of thousands, of valuable hours of work. Personal records, programs, business accounts, personal software and so on. When the PC stops functioning, say because its hard disk if wiped out by some malfunctioning copy protection device, the value of those thousands of hours of work is gone. Think of a mainframe for some large business company becoming disfunctional even for a few hours or days. Millions of dollars of valuable services would be lost. It is this kind of comparison which should be kept in mind. By forcing the installation of copy protection devices on all our computers, the proposed Act would also force each of us, consumers and businesses alike, to live with the continuous threat of such gigantic loss. The music and movie industries, whose monopolistic interests the proposed piece of legislation aims to protect, are most certainly not willing to provide the rest of us with credible insurance should such a dramatic event take place. The second issue we should point out is that economic analysis focuses on efficiency: does a scheme have the property that no one can be made better off without making someone else worse off? This is a refined and often subtle concept. We will discuss efficiency issues. But we also will focus on a concept less common in economics, but more relevant in the policy arena, and that is the possibility of gross failure, or a major policy blunder. That is, leaving aside whether one scheme might be slightly better than another, some policies are not merely inefficient, but can do enormous economic damage because they are elaborated on the basis of false premises or, simply, on the basis of limited and often faulty information about how the real world functions. Economists have had substantial success in the policy arena by working effectively against major policy blunders, such as various trade protection policies. As we shall see, the SSSCA falls into the category of major policy blunder. Third, there are two distinct types of copy protection schemes. The first, which we refer to as advisory are schemes that label material as copyrighted combined with software that refuses to play unauthorized material. An example of such a scheme is the Serial Copy Management system mandated by law for digitial audio tapes. These schemes are ineffective if not mandated by law, since there is no reason to buy software or hardware that respects the advice. The second type of scheme we refer to as voluntary. Voluntary schemes encrypt content, and only software that knows the relevant algorithms and keys can unlock the encryption. An example of such a scheme is DVD encryption. Until the scheme was cracked, it was impossible to play a DVD without an authorized player. Notice that voluntary schemes do not require legal enforcement to be effective: media companies simply need to provide material in a format that cannot be played without a player that they authorize. Notice also that under the Digital Millenium Copryght Act (DMCA) it is already illegal to crack these schemes. The basic theme of this essay is twofold: advisory schemes will not work unless they are draconian in nature; if they are draconian in nature, they constitute a major policy blunder as opposed to merely a minor inefficiency. Second, voluntary schemes can be implemented either by the market or by law. From an economic perspective it is always better to let the market decide. Unlike the United States, the EU seems to have figured this out. We should admit that we are generally opposed to government enforced "intellectual property rights." But for the purpose of this essay we will take as point of departure the more common view among many economists that creativity and innovation will not occur without allowing for monopoly power in the markets for intellectual products. That is, even accepting the necessity of copyright, the conclusion is clearcut that the government should not mandate copy protection of copyrighted materials. Voluntary SchemesThe working of a voluntary scheme is simple. To the extent that the original producer of the medium can encrypt its content so that the latter can be accessed by a user only through some particular kind of tool (say software) which is also controlled and released by the original producer of the medium, then you can't play the music/video without the authorized tool (software, player, etcetera). This is the case, for example, with most video games. They require special software which resides only on consoles (produced and comercialized by the same company which manufactures the games) in order to be played. when you buy one such game you are aware that, without access to the specific additional tool, you will not be able to play it. The market for video games seems to be working fairly well without any mandatory legislation. Those consumers that like video games enough to pay also for the console buy the latter, those that do not, do not. Some people buy a video game without owning a console or planning to buy one. Evidently they rely on the kindness of acquaintances and friends to play the games on their borrowed machines. Should the federal government step into this market and mandate that anyone who buys a video game should also purchase the player to play it? This sounds insane, as we are all used to the current arrangement and understand it works quite well. Obviously there is no end to such insane possibilities for government regulation. For example - DATs are not selling very well - why doesn't the federal government pass a law specifying that everyone that buys a cd player must also buy a DAT recorder? Notice that voluntary schemes can easily link encrypted material to a particular computer or device. This is the case with Windows XP, for example. So even trading encrypted material can be foiled by a carefully designed voluntary scheme. Notice that a scheme that is mandatory requires everyone to bear the cost, regardless of whether they would choose to do so or not. For example, businesses use a substantial fraction of all general purpose computers, including all mainframes and supercomputers. It is hard to imagine many businesses would voluntarily purchase expensive and unreliable devices for their computers so that employees could spend their time at work watching copyrighted movies. Clearly it is economic nonsense to require them to do so. In fact, voluntary schemes are pervasive and extremely common, despite not being mandated by law. In fact, some of them are so familiar to us we do not even realize we are using them. So, for example, most rock bands sing in english and people in countries in which english is not the mother tongue have to learn english, at some cost, if they want to appreciate the lyrics. Nevertheless, the French government, for example, does not legislate that French consumers purchasing music with English lyrics should pass also a mandatory TOEFL test. They are intelligent enough to understand that, if their citizens are happy with just listening to the music and mumbling some distorted english word, then they should be permitted to do so. Academic economists, such as the authors of this essay, are also producers of copyrighted materials and have, in fact, adopted a voluntary scheme. We write our research articles in jargon, using a large amount of mathematical symbols and formulas. This encryption is very effective: the content of our research is accessible only to people that are willing to invest enough resources to acquire the skills needed to break the mathematical code. As a matter of fact, those skills can be acquired (in general) only by purchasing the services of academic economists, that is by enrolling in and successfully completing, a Ph.D. program in economics. Certainly, we would be most happy if the federal government decided to make a Ph.D. in Economics mandatory for anybody who purchases an economic book or journal or, (why not?) downloads a paper from an academic site. Nevertheless, we very much doubt this would be in the national interest. Unfortunately,the American Economic Association is not, yet, as powerful a lobby as the music and video industries, so it is unlikely that some benevolent congressman will ever propose such a doubtful piece of legislation. If these informal arguments do not convince you of the foolishness of mandating a voluntary copy protection scheme by law, we have produced a formal argument. To sum up: voluntary schemes work pretty well and are quite common. They are not based on government mandating consumers purchase certain devices as opposed to other. Rather, they let firms propose competing packages (my video games plus my console) and let consumers choose which of the competing packages, if any, they would like to purchase. Such schemes are already permitted by current law and in existence. Any copyright holder can elect to adopt one of them to "protect" its products and restrict its utilization only to people that are willing to buy into the "club". Advisory and Draconian SchemesAn advisory scheme is based on tagging content with advice on how it should be used, which the consumer is free to follow or not. Such schemes clearly will not work unless they are mandated by law. An example is the Serial Copy Management System mandated for Digital Audio Tape. DATs are not encrypted, and a DAT recorder can easily make copies unless it chooses to comply with the advice not to make a second generation copy. Another example is the watermarking scheme that was contemplated for CDs. A watermark simply labels the CD as copyrighted. It is possible for computer software to check for the watermark and refuse to play or copy to material if it is watermarked. But of course few people will choose this type of computer software instead of software that doesn't bother to check. The difference between an advisory scheme and a voluntary scheme is that a voluntary scheme uses encryption so that it is impossible to use the material without the proper device. An advisory scheme does not encrypt, so the only protection is legal protection. Advisory schemes have fallen out of favor, and is unlikely that even a legal mandate will bring them back. The reason is that legal enforcement is too limited: it is always possible to remove the advisory label, and then the material is unprotected. For example, even if the US passes the SSSCA, there is nothing to prevent overseas users from playing advisory material, or removing the advice and rereleasing unprotected material in the US. The same holds for existing computers which are not covered by the SSSCA. Indeed, the main reason watermarking schemes were dropped because they were too easily cracked. Even encryption schemes can be cracked. An example is the DVD encryption, which was cracked when an authorized but carelessly written piece of software revealed the encryption keys. The only protection against this is a draconian scheme that prevents software from even examining encrypted material without authorization. Like advisory schemes, such schemes cannot work without a legal mandate. It is unclear if such schemes are covered under the SSSCA. How would it be possible to prevent unauthorized software from even looking at encrypted material, given that it is transmitted over the internet and stored on hard disks? It would not be easy, obviously. At a minimum, it would require a complete rewriting of operating systems, and it would require computers that would only load "authorized" operating systems. The reason is that the operating system would have to check every program loaded, and make sure that the program is authorized to see encrypted data. The simple fact is that although people prefer not to have their computer broken into by hackers, and attacked by viruses, no one has yet produced an operating system immune to attack. No less a government agency than the NSA is working on a secure system. The level of success attained may be judged by the fact that they are now proposing to set up a new network not connected to the internet at all, solely for the use of secure government transactions. So if hardware and software together with the eager cooperation of the computer user have proven inadequate to protect content that the owner wants protected: what chance has a media company of protecting content on someone elses computer that the computer owner does not want protected? Indeed, this goes to the technical weakness of all copy protection schemes - at some point the purchaser will want to see the music or watch the video. What human being can hear or see, technology can record. So what is to be next? Mandatory copy protection for microphones? If a microphone detects a special "copyright watermark" will it refuse to record the offending material? So we can't make home movies if our neighbor is playing loud copyrighted music next door... The problems with draconian schemes are pretty obvious. Here are a few:
Fortunately, passing a draconian copy protection measure would be politically suicidal. Angry computer owners backed by money from businesses that manufacture and use computer software and hardware would quickly find clones of incumbent politicians who supported the scheme to run on a platform of "keep your grubby laws off of my computer." Of course this wouldn't be very good for the media companies, as such politicans would be unlikely to be as obliging to the media companies as are our current bunch. However, we do not think that even Disney can convince politicians to commit political suicide. | SSSCA Details CBDTPA Data |