A Homeopathic Remedy for Copyright Infringement
By Lincoln D. Stein
A long time ago, while I was still in elementary school, I ran a summer business out of my mother's kitchen. I would spend each morning baking ten loaves of bread, and then in the afternoon I'd sit in the center of our small village square selling them for a $1.50 each.
Despite its picturesque qualities, this business was actually profitable, and by the end of one summer I had amassed several hundred dollarsquite a lot for a child of my age. And my proudest acquisition was a $50 silver certificate that some tourist had asked me to change.
Silver and gold certificates, you might recall, were phased out when the USA went off the gold standard in 1933. While the standard was in effect, the government backed all its paper money with precious metals. You could, at least in theory, go to a Federal Reserve bank, give them a $50 silver certificate, and get a $50 ingot of silver in return.
I'm not that old. Silver certificates had long since lost their special significance by the time I got mine in return for a loaf of home made bread and $48.50 in change. Nevertheless it was a neat historical artifact, and probably worth more than its face value to a collector. So I took the $50 bill to our village bank (a small ivy-covered brick building with an impressive steel vault in the back) and deposited it, along with the rest of my earnings, in my savings account.
Imagine my horror then, when several months later I withdrew $50 and didn't get my silver certificate back! I'd thought that my money went into that big vault in the back where it was kept safe for me until I needed it. I didn't understand the essential difference between a bank account and a safe deposit box. Safe deposit boxes are for tangible goods, like birth certificates, wedding rings, and the physical object that is a silver certificate. Bank accounts are repositories of information: your birth date, your marital status, the $50 face value of that silver certificate. Sometimes it's the tangible symbol that we care more about; sometimes it's the information behind it that we value.
A Savings Account for Music
The story of my silver certificate came back to mind a few weeks ago when I read that a federal court had ruled in favor of the Recording Industry Association of America (RIAA) in its copyright infringement suit against MP3.com. (Read about the MP3 debate at the sites listed in "
Online.")
Earlier this year, MP3.com launched a service called My.MP3.com that streams MP3 recordings to users, letting them listen to songs over the Internet or download them to MP3 players like the Diamond Rio. The way the system worked was that MP3.com purchased a large number of commercial CDs (as many as 45,000 by some accounts), ripped them to recover the digital sound information, and compressed them using the popular MP3 encoding format. These digitized recordings were then stored in a vast database. Along with the recordings, MP3.com stored the original CD's signature, a unique code derived from the lengths of the gaps between tracks that is also used by the online CDDB database.
To gain access to an MP3 recording stored on My.MP3.com, users had to prove that they already owned a copy of the CD. They could do this in either of two ways. Under the "Instant Listening Service" users could buy the physical CD from one of MP3.com's online retail partners, in which case MP3.com would be notified that the user was now a legitimate owner of the CD. Under the "Beam-It Service," a user could briefly place the CD into his or her computer's CD player so that MP3.com software could read the CD's signature and confirm that the user had physical access to the disc. Either way, the user was then granted permission to log in to the My.MP3.com service and listen to the songs that CD contained.
Shortly after the service was launched, RIAA, which represents recording artists and many of the world's major record labels, launched a lawsuit claiming blatant copyright infringement. RIAA's central argument was that MP3.com made unauthorized copies of copyrighted works and distributed them to thousands of listeners via its servers without paying a penny of royalties to the artists or record labels. Three months later, in a terse ten-page opinion, U.S. District Judge Jed Rakoff ruled in favor of RIAA, opening the way for billion dollar damages and sending MP3.com's stock into a 40 percent decline.
The opinion, which you can find reproduced in electronic form on the RIAA Web site, makes for interesting reading. In its defense, MP3.com tried several arguments, including an appeal to the "fair use" doctrine, a convention that allows journalists and educators to make excerpts of copyrighted material for use in their own creative work, and an argument that they were in fact forestalling piracy by facilitating Internet-based music distribution. These arguments were dealt with at length by the judge and were ultimately dismissed.
MP3.com's most interesting argument, however, was its first and central one: that the service was equivalent to storing subscribers' CDs online so that they could access them conveniently over the Internet. The judge didn't buy this argument for a moment, and dismissed it with one sentence. After describing how My.MP3.com works, he wrote:
Thus, although defendant seeks to portray its service as the "functional equivalent" of storing its subscribers' CDs, in actuality defendant is replaying for the subscribers converted versions of the recordings it copied, without authorization, from plaintiffs' copyrighted CDs.
In other words, MP3.com tried to argue that it was running a safety deposit box service for its subscribers, which would not have violated copyright. Judge Rakoff saw through this, rightly seeing the service for what it was: a savings account in which only the information on ownership was stored, not the thing itself.
When Is a Bit Not a Bit?
After a little background reading on U.S. copyright law, including a wonderful cyberlaw module sponsored by Harvard University, I've come to the conclusion that RIAA and the district judge are probably right on this issue. You can't go around making copies of CDs and sharing them with others, even if you have pretty strong proof that they have their own copies (RIAA argued that people could borrow CDs from their friends long enough to use the "Beam-It" service, but that doesn't seem to have played a role in the court's decision). It may be legal for you to make a copy of a music cassette on your home tape recorder, but it isn't legal for a commercial service to make the copy for you.
However, there's a troublesome inconsistency hiding in the current copyright law, and you only need to push a little to find it.
Scenario 1: Say you've bought a CD, and you use a popular ripper and MP3 encoder to make a digital copy of one of its tracks for your own personal use. No problem. The copyright law lets you do this.
Scenario 2: You copy this track to your pocket MP3 player and take it with you while jogging. Still no problem.
Scenario 3: You copy the track to your personal Web server, and protect it with a password so that only you can get at it. Now by fetching the URL and providing the correct password, you can listen to the song from anywhere you want on the Internet. (Yes, you can do thisjust move the MP3 file into the Web server document tree.) As far as the law is concerned, this is still above board.
Scenario 4: The number of MP3 files you're storing on your home machine starts to get out of hand, so you upload your MP3 collection to a commercial service that rents Internet-attached storage space. Now you can listen to your MP3s from anywhere on the Internet without worrying that the next Love Bug virus is going to gobble up your files. This is getting trickier, but it's still OK. After all, if it weren't legal, then Internet-attached storage services would also be prohibited from storing copyrighted software and most other types of files.
Scenario 5: The storage service notices that hundreds of users have all uploaded MP3 files ripped from the same CD and encoded with the same MP3 encoding softwareidentical in every way. This is vastly inefficient, so the service uses a disk compression algorithm to consolidate the hundreds of copies into a single copy, and then makes links from each user's personal space back to the central copy. This is now looking less like a safe-deposit box system and more like a savings account. The distinction between each user's copy of an MP3 has been lost, and instead it is the ownership accounting information that matters. Has the line been crossed now? Surely not. At most the company can be accused of willfully destroying its customers' files, not of making unauthorized copies.
Scenario 6: The storage service one day notices that 99 percent of its service is used for clients' MP3s, and that in fact it has accidentally amassed a huge database of titles. The Spice Girls have just released a new album and the service knows from experience that it will see a great wave of uploads over the next week. Rather than accepting each upload one by one and compressing it into a unique copy later, the service takes the proactive stance of buying, ripping, and MP3-encoding the CD itself. Now, when users try to upload an MP3 that's already online, the service recognizes this fact and acknowledges the complete transfer as it's starting, simply recording the fact that the user deposited the MP3 into his or her account. Users are astonished and pleased that the service is so fast, and as far as they can tell "their" MP3 has been deposited to their account. Is this illegal? Damn right, because the court says so. This is exactly the sort of thing that My.MP3.com tried to do.
The bothersome thing about this is that Scenarios 5 and 6 have identical outcomes. In both cases the storage service maintains a file system filled with unique MP3 files and keeps track of who owns what. Yet Scenario 6 is illegal, while Scenario 5 is not. The legally minded among my readers will point out that it is possible for two people to reach the same station in life, one by honest work and the other by criminal activity, and that doesn't make them morally equivalent. But if the essential illegal activity in the last scenario is the "unauthorized copying" of the song files, isn't the company committing the same crime in Scenario 5 when it performs routine backups of its system?
What if, instead of ripping the Spice Girls album itself, the service just waited for the first user to upload his or her digitized copy, and then used that copy to satisfy all subsequent storage requests? This is somewhere between the two scenarios, and I can't for the life of me decide whether or not it's an infringing activity.
Homeopathic Law
To avoid falling into this type of reductio ad absurdum, the law has to make a distinction between "my" MP3 file and "yours." Even though the two files are identical in name and content, they're not equivalent and can't be interchanged without violating copyright law. It's the same thinking that led me to believe that my silver certificate would be held safe for me in the bank vault.
This reminds me not so much of legal hairsplitting as of homeopathic medicine. According to the principles of homeopathy, you can take a small amount of a drug and dilute it with water to such an extent that not a single molecule of the drug is left. Even though what you now have is essentially distilled water, it still retains the "memory" of the drug it once contained and is effective in treating a variety of medical conditions. The homeopathic remedy for copyright law suggests that every byte is sacredthat my bitstream and yours aren't equivalent even though they may be identical. This type of thinking may work in the short run, but as the legal system tries to grapple with the increasing fluidity of information in the Internet age, surely it will someday fail.
Do not take these ideas home with you; do not share them with your friends. Unauthorized reproduction is prohibited by law!
Lincoln is an M.D. and Ph.D. who designs information systems for the human genome project at Cold Spring Harbor Laboratory in New York. He can be reached at lstein@cshl.org.
