The “Three Strikes and you’re Out” law… Wrong assumptions lead to bad solutions and generate obnoxious laws!

I thought we would be out of the woods last April when the European Parliament rejected the idea of any form of “three strikes” laws across Europe. Unfortunately, here goes the French Senate again with the “Three Strikes and you’re Out” approach to address the issue of copyright and illegal P2P file sharing over the Internet. The basic argument underlying this is that Internet based P2P file sharing of copyrighted work will basically kill creativity and put the whole industry at risk or halt.

The planed law proposes a gradual and proportionate answer in three steps. The first step requires the ISP, on behalf of the HADOPI (Haute autorité de diffusion des oeuvres et de protection des droits sur internet), to warn the user by email. In case the user repeats the offense within six months a second warning is sent both by email and by registered mail. Finally, if the user does it again within the year after the second warning, HADOPI can either order the Internet access to be suspended for three months to one year or order the user to take measures preventing further infringements. ISPs in this context will have to comply to such new laws and not only spy on their subscribers but also collaborate with the legal authorities.

Several points need to be stressed about this :

First, this goes against the European Parliament positions on this issue arguing that it would go against civil liberties, human rights and the principles of proportionality, effectiveness, and dissuasiveness. A recent vote on the issue led to the position that it would require a court order to disconnect someone from the Internet. In the 21st century, Internet access has become a vital commodity like water or electricity. One cannot reasonably ban someone from the Internet ! People depend on it to work, bank, trade, find jobs, socialize, shop, telephone, etc.

Second, such a law will be totally ineffective. By the time it comes into force and can be applied there will already be dozens of ways to circumvent it technically using infrastructure outside national jurisdiction and encrypted networks.

Third and most notable is that we are working with the wrong paradigm. The whole industry is working under the assumption that the user is presumed criminal. The rights holders have barely accepted the idea of “managed copying“. The DRM technology providers basically implement what the industry tells them to do. Consequently, what can you expect from the public policies and legal framework : the above mentioned kind of laws.

The fundamental assumption is wrongly postulating that the threat comes from the user and consequently turns him into a presumed criminal. Under such hypothesis it is no wonder that DRM technology providers implemented DRM solutions based on strong cryptography shifting the load of the burden towards the users. The impulse coming from the media industry refusing to see the transformation of their industry as an opportunity rather than a threat, the requirements were naturally mapped on old patterns of copyright coming from the pre-Internet age.

In this context, it is no wonder DRM opponents and activists justifiably argue that DRM is “defective by design“. And I have to fully agree, even though I am a researcher in DRM, as long as the users will be considered criminals a priori.

So the true question is not how to ditch DRM and copy protection, as often argued by Cory Dotorow, but rather how to approach the problem with the right assumptions and consequently the right business models (e.g., Apple iTunes Plus DRM free content). Such an assumption postulates to put the user back where he belongs in the center of the model and to trust him (the criminals are not who the media industry thinks they are). In doing so, DRM can be approached in a totally different way. Enhancing user experience (which to the best of my knowledge is a key success factor in this industry). Work has been done in this area with models for managing exceptions in DRM environments, but the media industry just doesn’t want to see it and is still on a witch hunt trying to preserve an industry which has already changed whether they like it or not.

I want to close this blog post illustrating the negative impact of law on creativity quoting the brilliant TED Talk of Lary Lessig March 2007.
In law, there is a basic principle that often applies called the burden of proof (onus probandi) applicable to the plaintiff to prove his allegations.

In other words and in this context, shouldn’t lawful use be presumed, unless otherwise proven by the right holder ? But this is common sense “a rare idea in the law! ” quoting Lary Lessig.

5 thoughts on “The “Three Strikes and you’re Out” law… Wrong assumptions lead to bad solutions and generate obnoxious laws!

  1. Great entry. I think the recent approval of the French constitutional council of the revised three-strikes law is worrisome. There appears to be a slow shift in thinking the EU that, perhaps under the weight of the tireless efforts of the movie and recording industrie, seems to co-opt standpoints that are clearly informed by a pre-internet economy. Then again, this seems in line with the increasingly perceived necessity of expanding the surveillance apparatus.

  2. Pingback: Jean-Henry Morin » Blog Archive » 18 year old Swiss-Italian girl sentenced for illegal file sharing

  3. Pingback: Jean-Henry Morin » Blog Archive » Open Letter to DefectiveByDesign.org

  4. Pingback: Open Letter to DefectiveByDesign.org | Jean-Henry Morin

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s