ENFORCEMENT OF DMCA CRIMINAL PENALTIES SUFFERS SETBACK

March 2003

 

Under the Digital Millennium Copyright Act’s anti-circumvention provision there are criminal as well as civil penalties.  The first test of these criminal penalties was a case with important international implications:  U.S. v. ElcomSoft.[1]  In this case, a Russian company was charged with creating software that could remove the use restrictions contained in the Adobe Acrobat PDF files and files formatted for the Adobe eBook Reader and selling the software over the Internet.   Use restrictions might include reading aloud, which a visually impaired individual could well need.  Interferencd with such technological protections is prohibited under Section 1201 of the Copyright Act, known as the anti-circumvention provision.[2]

The anti-circumvention provision creates a cause of action for manufacturing, distributing or using devices (including software) that circumvent technological controls that a copyright owner may have attached to a work to control access of use of that work. The DVD decryption case[3] was brought under this statute, but ElcomSoft represents the first criminal prosecution.  Had the circumvention software been produced and marketed in the United States, liability would have been clear.  The problem in ElcomSoft was that the activity was performed in Russia and was not illegal under Russian law.

Dimitri Sklyarov was a programmer who worked in Russia for ElcomSoft, a company that has been in existence for a decade which produces a number of password recovery programs, and some of its largest customers are law enforcement agencies.[4]  Sklyarov wrote the program, a product known as the Advanced eBook Processor (AEBPR) which is a Windows-based program that basically “cracks” the eBook Reader by stripping away the restrictions imposed by the copyright holder.  This then permits a purchaser of an eBook Reader formatted electronic book to convert the format to one that is readable in any PDF viewer without any use restrictions which leaves the ebook in a "naked PDF" format that can readily be copied, printed and easily distributed electronically.  The uses that then might be made of the ebook may qualify as fair uses and not violate the copyright law at all.  On the other hand, the user could then make and distribute unlawful copies of the copyrighted book in either printed or digital format which would constitute copyright infringement.

Mr. Sklyarov, who undertook the research to produce AEBPR as a part of his doctoral dissertation as well as for Elcomsoft, was invited to Las Vegas to present a paper at the Defcon convention in July 2001.[5]   He was arrested after giving a speech about the weaknesses in Adobe’s software and served three weeks in jail.  Adobe initially supported Sklyarov’s arrest but ultimately backed away because of the public relations debacle spurred by the protest of computer programmers and others around the world.  Prosecutors eventually dropped the charges against Sklyarov in exchange for his testimony but the company was still under indictment and faced $2.5 million in penalties.  When it learned of Adobe’s concerns, the company removed the software from its website.  The ElcomSoft CEO, Alexander Katalov, worked for Sklyarov’s release and was confounded by a law that made it illegal to produce legal programs.  Katalov and others warned computer programmers that it was not safe to travel to the United States since they might be arrested for programming activity that was legal in their home countries but was not now legal here. 

Challenged by legal scholars as bad public policy, the anti-circumvention provisions protects material more broadly than does the copyright law.   Arguably, the United States is attempting to regulate the world since producing circumventing computer programs in any country can violate U.S. law if the code can be accessed in this country.  Lawrence Lessig, a law professor at Stanford said of Mr. Sklyarov during the time he was jailed that he must wonder how a free society can jail someone for writing computer code that was legal where it was written.

The trial was slated to begin in October 2002, but the U.S. Embassy in Moscow first refused to issue visas to Katalov and Sklyarov, to travel to the United States, so the trial had to be delayed until December.   During the trial, the Government stated that ElcomSoft had created  a tool for burglars, that the company was an affiliate of hacker networks and that it knew all along that selling AEBPR was illegal.  Katalov maintained that the software was not intended for illegal use but rather to permit purchasers of ebooks to exercise their fair use rights.  The defense argued that the company did not believe its AEBPR software was illicit when it offered it for sale. On December 17 the jury acquitted the company of all criminal charges in this crucial test of the DMCA’s criminal provisions.  The jury found that ElcomSoft employees neither knew that their actions were illegal nor intended to violate U.S. law.  Merely offering a product that might be used to infringe copyright is not enough, according to the jury.  Since criminal cases cannot be appealed by the Government, so the acquittal stands.

Some copyright watchers have postulated that the jury was not only deciding on this case but was stating an opinion about the anti-circumvention law itself.  Further, the outcome does not bode well for future prosecutions under the DMCA’s criminal provisions if courts and juries will consider the intent of code crackers rather than just the fact that they created tools which may be used for both legal and illegal purposes as the law requires.

In a similar case, the United States pressured Norway to file criminal charges against 19-year old Jon Johansen, one of the creators of the DVD decryption software, developed when he was only 15.  The DeCSS software permits the playing of DVDs on a Linux machine.  Norway does not have anti-circumvention legislation, but does have criminal digital piracy laws under which he was tried.   In January 2003, he was acquitted, marking another setback for copyright holders who seek to impose more and more controls on the access to and use of their digital works.  The court basically ruled that once someone purchases a DVD, the copyright holder no longer has a lawful right to control how the purchaser accesses that film. 

Do these two cases mark a turn around in the litigation that threatens the fair use of lawfully accessed materials to which the copyright owner has attached technological protections?  Stay tuned!