Digital Rights Management Conference

Select 'Print' in your browser menu to print this document.

Feb. 28
Andersen Auditorium, Haas School of Business

1:30-3:00
Impacts of DRMs on flows of information
David Wagner, Computer Science, UC Berkeley (moderator)
Hal Abelson, MIT
Edward Felten, Computer Science, Princeton University
Joe Liu, Boston College Law School (paper on DMCA and research)
Larry Lessig, Stanford Law School (paper on Creative Commons)
John Erickson, Hewlett Packard

Dave Wagner

We've got a great session for you here. My name is Dave Wagner, I'm from the computer science department here at Berkeley and I'm the moderator for the one-thirty session and we're going to be talking about the impact of digital rights management on information flows. We've got a fantastic lineup of speakers today. It's really wonderful as a moderator, it makes my life so easy. All I have to do is sit at the same table as them, they make me look great. So let me introduce you to our panelists, I'll introduce you in the order they are going to speak. I've asked them each to speak for ten minutes on the topic, and we should get a nice diverse set of perspectives that should leave some time for questions at the end.

At the far end, Hal Abelson will kick us off. Hal is a professor of computer science at MIT. His name is familiar to me as a computer scientist because he is one of the coauthors of one of the classic introductory textbooks of computer science. He is also a long-standing member of the computer science committee. He's done some great work. He's widely recognized for his teaching and other efforts. Second speaking will be John Erickson who is a principal scientist at HP Labs. He tells me he's been doing work on digital rights management since before it was called DRM. It's great to have industry's perspective and John will speak second. Third we have in the middle here, Joe Liu from Boston College Law School where he is a professor. He has a paper here in the proceedings addressing the impact of DMCA on researchers and on scientific research which I highly recommend to you and he'll speak on the topic here. And then Ed Felten will be speaking fourth in the row and Ed is a professor of computer science at Princeton University. You may know Ed; Ed is famous for many reasons. You may know Ed because he served as an expert witness in the Microsoft trial or you may know Ed because he's been threatened with a lawsuit because of a paper he wanted to publish. But I can tell you as a fellow computer scientist he has also done fantastic research in computer security and related fields so Ed will give us his perspective. He's been working lately, I suspect you've become more of an expert on the DMCA than you expected to be, and you're going to give us a perspective on some of the public policy impact of the laws, and then finally Larry Lessig will speak here at the end, and Larry is a professor of law at Stanford University and has written a number of seminal books in the field and is the chairman of the Creative Commons project and he'll be speaking about the Creative Commons, so I hope you can see we've got a great set of perspectives here from academia, and from industry, from the technology side, the public policy side, the law side, so without any further ado let me just hand things off to Hal who will get things started.

Hal Abelson

Ok, so Pam told all of us panelists that since there were tutorials yesterday we should not spend any time on background material, but I couldn't help putting up this nice picture of the Statute of Man where supposedly all of this recognition of the rights of the creators comes from. Pam also said that of the communities that are here, she'd like us to talk to the policy makers, so what I want to say to the policy makers is: watch out. You are surrounded here by two very dangerous, delusional communities: the lawyers and the computer scientists, who tend to suffer from the same delusion, and that delusion is that you make things better by making them more precise. So let's take a reminder of what it is we're trying to do. See, there's this thing called the public good and then the lawyers go and create laws about the public good, and already you see the legal code (Larry's word) is at best a fuzzy reflection of this thing called the public good, and then the computer scientists get into the act and they create these things called standards which supposedly implement some impression of what the law is, and while that's actually pretty bad, its hard to make a DRM standard that has fair use, so let's sort of not worry about that now maybe we'll get one in ten years and then the real joke happens. The computer guys really get into the game and they make supposed implementations of these standards, which are the biggest distortion of all. Ed made a very good career pointing out the difference between java implementations and java standards as it comes to security and this is ok, right, this is how the world is. It is not perfect; you're not going to get that last precision of law that reflects public good, you're not going to get that last precision of implementation that reflects standard and the real problem is now we come in and we put on this thing, the mattress tag, "do not remove under penalty of law," so let me say to the polity holders as you listen to these things about DRM, the key legal principle that is missing from this discussion is not fair use. That's a lawyer thing and we've been talking about it all the time.

The key legal principal missing is the de minimis principle, and when we design, when you look at these DRM designs and you evaluate them, you say, have you fallen into the delusions of the computer scientists and the lawyers, which is often expressed as, boy, it would be really great if we put up a system where practice has to conform to policy. It doesn't work that way and we have to look for the friction, the flexibility, the fuzz in these systems that avoids them from being these legal computer science wet dreams, that if we can only be very precise about everything, that will serve the pubic good. That's not really what I want to talk about. I wanted to selfishly tell you a little bit about my world and what copyright looks like there. This is all about copyright, where we're putting all these systems in. And I wanted to tell you what scientific publishing looks like from the prospective of the research universities. So the lawyers tell us that...this is about the world of scientific journals...the lawyers tell us that copyright is policy. So inventors, authors, scientists, are now invited to give their property away to the journals. Give it for free, or in some cases even pay journals to take it by paying page charges. The journals in turn now own this property and all rights to it forever. Well, limited time forever, but forever. And the journals in some arbitrary scheme that's totally up to them magnanimously give rights back to the authors. The university actually doesn't enter into this deal at all, and who knows about the public.

So i just wanted to show you for fun...looking at some of these contracts by which authors give rights to journals. Here's my association, the ACM. I give the ACM the property. It is now their property. And in their generosity, they allow me to post that for my own personal use on a website. But of course, my professional is pretty liberal here. We could look at a more standard thing like Elsevier, we're going to give Elsevier our property and Elsevier is going to give me the right to present my paper at a conference. Isn't that great.? Actually, Elsevier's not the worst either. I'm really glad I'm not a chemist if I were a member of the American Chemical society, I would have the right to send the paper to fifty of my colleagues and to post not the paper, but the title and the abstract and the figures from it. And of course all these guy are amateurs if we go look at the...The New England Journal of Medicine. The New England Journal of Medicine is not confused at all. The said this is ours, period. What we give you is...well, you get the same fair use rights that we have to give to everybody else. Now, why are we making this deal? We're making this deal because publishing is a serious business. This is a fascinating quote, right? This thing is either under the control of the journals or unknown individuals and we should not cede copyright to the individual authors. Where did these guys get the copyright from in the first place? So this is not the world that the Statute of Man ushered in. What you need to understand when we talk about digital rights...this is the world that the Statute of Man helped usher out, which is the world of the stationer's company. It's the stationer's fall in the early 17th century. And what that world is about...it is not about the creativity of the individual authors. It is about the right going to responsible parties who will exert sort of cartel control because they control the infrastructure. Now is that a good idea? Well sure, publishing is a serious business and we want all the great things that journals give us, but there's all sort of other stuff that we might want. We might want indexing. We might want integration into semantic web. We might want all sorts of things that nobody has thought of yet. This is the promise of the internet.

See, I can go on the internet; I want to learn about the hauksay gene in frogs...in zebra fish, right, and we put up google and there's all this wonderful stuff. Unfortunately, it's not the most wonderful stuff because the most wonderful stuff is locked up behind some publisher's wall. What kind of applications can we imagine? Well here's a nice one: it turns out you can go on the web and look at a concordance of the works of Henry James. So I might want to go look at the concordance of The Turn of the Screw, which you remember is this wonderful novel about evil so you might want to say how times does evil appear in Turn of the Screw and you hit this button. It turns out to be only seven and then I can look at any one of these places and I can see the context of where the word "evil' appeared. High school term paper heaven. And I can get that from Henry James and I can get that for Henry Way. I can get that for all sorts of things. No one, of course, after 1923 because the innovation has been stopped. So, the thing I want to leave you with is will the need for sophisticated access tools...will these tools be stillborn or, there's actually a flip-side, and the flip-side is that lots of people in this new stationer's company will make lots of investments for this but what they're going to create are network effects. And these network effects are not about the content. The content, I heard Bob Blakley say this is all going to go priced down to zero, this isn't the problem. The problem is that the content infrastructure is going to be owned. If I'm a publisher with a journal which has cross-indexed fifty percent of the literature, why would anybody want to go to another publisher to be a journal. So we have the opportunity here to use digital rights management with the force of law behind it to effectively recreate the role of the stationer's company. And I'm not kidding. Here's a quote from a publisher, and this is a marvelously paternalistic quote: "We're going to give scientists all the data they need, universities are going to license it and we're in charge and you should be happy." Probably half the people in the room can guess who that is. That's Elsevier. Clark Hank, head of Elsevier should be very happy because Elsevier Science runs at the 37 percent profit margin and their cost to the journals to the libraries has increased at a nine percent annual rate since 1991. The question is: are we headed for the world, are we headed back to the world, not forward. Are we headed back to the world where we have legally sanctioned monopolies that dominate the infrastructure? The question we should be asking is: is that world going to be ushered in and cemented for a very very long time by this approach of digital rights that we're taking? Ok, thank you.

John Erickson

What I wanted to focus on was the very beginning of what Hal was talking about when he had those overlapping bits and pieces getting fuzzy. Before I begin, I would like to thank Brian LaMacchia for his introduction yesterday, without his introduction my presentation would have to be an hour and ten minutes long. And also, John Manferdelli's presentation earlier on. I was sort of troubled in what I should call this, whether I should call it policy enforcement and the free flow of information or versus, and I think the ultimate, because its a cautionary note it needs to be called versus. And also, I wanted some thanks to Larry as well for this notion of code being defacto law. The kind of policies I am talking about, fundamentally are those that are expressed separately, although we should, yes policies are not code, not law but actually policies are code, they are just separate code, separately managed. The good parts version of this story is that we are seeing regimes come out where they are not being built in. We have had generations of in fact policies built with code, bits that are set or not set in digital stream, or simply formats, whether they are analog formats or digital formats that are used and controlled. By having separately expressed policies, they can be separately managed, they can be dynamically modified. Policies are used wherever a system has to make a choice, and DRM systems are obviously just a subset of that whole world. We are seeing also this emergence of trusted systems, trusted computing basis, platforms or stacks where policies can be enforced in reliable and deterministic ways. This could potentially be, I should also say we are having as more research is done in the expression of policies and the applications of policies we see potentially better ways to have policies apply to exact contexts of use.

So the upside is that, this concept of policy enforcement where policies are declaratively expressed, where policies are managed separately from applications, they are yanked out of the hard coded platform, or yanked out of the code, separately managed and applied where they can be studied, analyzed, improved, dynamically changed based upon context, where they can be transparent to what they do and also where the applications that apply them can be transparent, these are all good things. There is a potential to do things in a lot better ways then what they have be done. The scary and nasty bit is that where of course there is still code. We are limited by the way that the languages themselves are designed, their expressivity. We are limited by the choices that the people make when they write those policies, what they put in, what they leave out. We are limited by the ability of that thing which is going to make that choice about what policy do I apply of making that right decision. We are limited by that end system which is supposed to apply that, having that capability to actually do that, regardless of what the policy actually says. We are also limited by the ability, even the scalability of systems to determine whether or not they trust some other subcomponent which they may have to interact with.

There's another way to say a lot of what some of the concerns we have had both yesterday and today, is that policy enforcement regimes allow a sort of private law to be created. Because let's face it they are in fact detached from reality. They are what the implementers decide them to be. As I said in a previous slide, its what's encoded, what can be encoded, the decisions that people make, there's no governance into what goes into, there's no social governance into what goes into a rights expression language, for example. But there are other examples, privacy management languages; one exception might be health care, controlling health care information. But you can aspire to have these constitutionally inspired values in these things. I would say that as we look forward into these regimes, if we are to have these regimes, and I think it's a given that we are going to see these things increasingly, we have got to figure out how to include people in the loop. If you count on policy enforcement regimes, DRM systems, to make the right decisions without people as part of the loop, without people being encoded into the loop, without people being able to make their own decisions about whether they will themselves will accept liability if for example, text is exported from a secure format for them to use in like a review, or whatever, then we have got a problem. So we have to figure out as we establish policy enforcement regimes how to have escapes.

Another problem that is semi-related to this is DRM systems can make information opaque. DRM systems don't have a monopoly on this, lots of digital formats make information opaque, you can't see into it. You see the point that we have got to have as we consider these mechanisms; we've got to think of the ways that encourage the rules that enable enhanced usage of the information doesn't constrain the flow. We see here that metadata regimes that augment the deployment of information in various formats are absolutely essential; you don't have to look inside that opaque container, even if it's locked up. If you have got appropriate metadata regimes, you can find the right stuff; find out what you need, even if it is in a secure format. But you've got to have both the accessibility of formats and rules that allow you to use that stuff in appropriate ways. There's this notion of closed information spaces which are defined by built in policies, the formats that are used, the polices that are written. Examples of these include things like communities, and you know there are lots of examples of these, that don't work with certain browsers, they break. That's a policy decision, even though it may seem to be a technology decision; somebody decided that they were going to exclude a particular browser. Also, information control, the use of proprietary media formats, all these sorts of things. So finally how do we, this is borrowing from Larry, how do we challenge the code? How do we hook in reality into these systems? How do write policies and apply policies in a way that both can be processed in an automated and humanistic way? And that's the deal. Thank you.

Joe Liu

My brief remarks today are going to focus on a paper that I've written for this conference. The topic of the paper is the impact of the DMCA on academic encryption research and in the limited time that I have for today, I don't really have time to go through all the arguments but what I do want to do is a give a just a really quick, short background of the paper, summarize some of the basic findings and try to hook it up to some of the broader themes of today's panel, and this panel in particular. First some background. As you all know, and I am going to move really quickly through this because Pam covered a lot of this yesterday, Congress enacted the DMCA in 1998 as a response to perceived challenges presented by digital technology. And there are provisions in the DMCA, which are the ones we have been talking about, that impose liability for acts of circumvention and also impose liability for distributing technologies that facilitate circumvention. Now again, all of you know there has been a lot of debate over the wisdom of these provisions, they are very controversial, and in fact a lot of the discussion in both today's panels and tomorrow's panels will deal with this larger issue, whether this represents a sensible response to digital technology. My paper is not about that, it's not about this sort of broader debate at least directly. Instead the paper really takes a much narrower focus, and really looks at how this statute impacts a specific group of individuals, namely encryption researchers and even a subset of this group, namely academic encryption researchers. And the reason that I am doing this in this paper, is because this group is really a group that pretty much everyone agrees should be largely untouched by the DMCA, even people on the content side, people in Congress and people who oppose the DMCA have all at least said that this group should be largely unaffected by the DMCA. So what I want to do here is take a look at that and see exactly to what extent they are untouched by the DMCA. And so to some extent, referring back to Hal's presentation at the very beginning of it, this is sort of a case study on a sort of a violation of the dominion principle, sort of one example of what can go wrong in these circumstances.

When Congress was first considering the DMCA, there wasn't any exemption originally for encryption research and so encryption researchers testified before Congress, explaining that this was problematic because it could impose liability on them for certain activities that they routinely undertake when they are conducting this research. So in response, Congress enacted 1201(g) which is the Encryption Research Exemption which basically exempts good faith encryption research. That of course wasn't the end of the story, because a lot of encryption researchers subsequently objected that this exemption was a bit too narrow to really be of any good even after the DMCA was enacted. In fact there have been a number of cases since the enactment of the DMCA where researchers have been with threatened with suit. The most famous example would be the case of Ed Felton and his group of researchers who cracked the SDMI watermarking technology and then were subsequently threatened with a possible lawsuit under the DMCA. You have these concerns that this exemption isn't doing what its supposed to be doing, and at the same time other commentators basically suggesting that a lot of these fears are overblown, that in fact if you look at the exemption carefully, researchers really shouldn't be that worried and shouldn't fear liability to any real extent. That's really the background for the paper.

The paper itself, once again I'm going to summarize the main claims I'm making in the paper. There are essentially two claims: one's a descriptive claim and one a normative claim. The first descriptive claim has two parts: in the paper I basically argue that academic encryption researchers should still be able to conduct some research without significant fear of liability under the DMCA. But the DMCA will have a non-trivial impact on the conditions under which this research takes place. Taking the first half of this descriptive claim, basically again the argument is that if you look at the statute and look at the legislative history and you try to anticipate how courts are going to interpret the exemption for some academic encryption researchers there should be some area within which they should be able to conduct and publish their research without significant fear of liability. Now again, the details are in the paper, essentially what I do is go through the actual statute and employ the usual lawyerly tools of reading the cases and legislative history and all the rest, and I will refer you to the paper itself. But I think this is an important point to note, simply because I think there is a danger when faced with a new statue, and one that hasn't really been interpreted to see so many flaws in the statue that you really wind up censoring yourself more than you really need to, if you actually take a look at the amount of risk that you are facing.

At the same time, and this the second half, that really isn't the end of the story because the DMCA still, even for these folks who might fall within this category, will have a pretty significant impact on how the research is being conducted. This is because the exemption itself isn't a categorical exemption; it's phrased in a way that actually puts a lot of conditions on people who want to take advantage of it. What are those conditions and what sort of effects can we expect the DMCA to have on people who engage in this kind of research? Here are some of them, and these are based again both on a reading of the statute and also actual cases involving encryption researchers that want to publish their work and are dealing with the DMCA. I am pretty much going to list these rather than going into them in much detail in the interest of saving time. First, the DMCA is going to have an impact on limiting who can actually conduct this kind of research and that's because the DMCA itself, if you look at the exemption, gives a preference to folks who have a formal training in this area or are affiliated with a research institution, or some other institution like that, and this is despite the fact that a lot of research in this area is done by people who may not have that sort of affiliation. Second, it's going to impose additional hurdles that researchers have to go through before they can engage in this kind of research. First, initially because you need to probably consult a lawyer to make sure that what you're doing falls within the exemption. And Secondly, one of the requirements of the exemption is that a researcher must seek permission from the copyright owner before engaging in an act of circumvention. The statute doesn't actually say that you have to get permission, just that you have to seek it. And here, again, it's going to impose an additional hurdle. Third, it will very likely have the effect of limiting free communication about the results of you research and fourth, it may also limit the avenues for publicizing your research. And again, this is because the statute gives preference to folk who publish in a manner, quote, generally paraphrasing, "encourages the advancement of knowledge in this area as opposed to facilitating infringement. This exemption will also require notice and disclosure of result from copyright owners because that's another factor.

And finally, you can expect the DMCA to have an impact on the actual content of the published work itself. And this results from at least two things. First, to the extent that your paper contains actual code or very specific descriptions about how to circumvent a technology, it begins to look more like a technology or tool that others can use. And second, because the whole structure of this exemption gives notice to copyright owners during the research process and actually involved them in the process a little bit earlier and you can expect copyright owners then to ask for changes in the paper and changes that might be very hard to resist. So at the end of the day, basically in this part of the paper I'm saying that even though some research can still take place, the conditions under which this research is going to take place are going to be heavily regulated. Now, how should we think about this impact? Because the fact that there is an impact on this research may not be the end of the story because I suppose you could argue that these burdens are a reasonable burden that these researchers should bear in order to have some additional benefits. Well, on the normative front, this paper argues that this impact is in fact extremely problematic and something that we should be troubled about. I think the easiest way to see this is to sort of back up and consider just how far away we are from copyright infringement. We're here, right? I'm going to try this graphic. This graphic may tell you more about the limits of my graphic capabilities than what I'm trying to get across. Hopefully, it'll tell you a little more than that. Again, right, in this specific context, the DMCA is having an impact not on copyright infringement or even the devices that can be uses to commit copyright infringement, but here we're regulating basic research that can be used to create devices that can be used to commit copyright infringement. And so we're really quite a long distance away from copyright infringement. And when regulating activity this far upstream, I think you need to be really careful about the potential downstream impacts because potentially there may be all sorts of downstream effects that are unrelated to the problem that this is trying to get at which is namely copyright infringement. And so that's really sort of the main message in this paper, and the argument at the end of the day is that the DMCA itself really is not sufficiently careful about these downstream impacts, that in trying to get at copyright infringement it really is having this impact in this specific area, on some collateral area that really is quite unrelated, or can be unrelated, to copyright infringement. I'm actually out of time so I'll be happy to take additional questions later on. Thank you.

Ed Felten

I'd like to talk about the interaction between DRM and public policy but I'm not going to come at that from the ordinary direction saying what public policy should be about DRM. I want to talk instead about what the impact of drm is on the public policy process related to other issues, that is, my argument will be that drm not only is a public policy issue itself, but has a negative impact on the public policy debate. Basically this stems from the fact that drm strategies tend to take devices, whether they are computers or media players, and turn them into black boxes, black boxes that users are not supposed to, or allowed to, analyze or examine or understand. This goes under a lot of different euphemistic names; sometimes it's called a secure execution environment; sometimes people say that the device is an appliance, although that's also a misnomer, it's not like any normal appliance you might have in your house; sometimes it's called the robustness requirement. But all of these things really mean that the technology is supposed to be a black box, you're not supposed to be able to look inside of it. And this black box effect tends to grow over the scope of the system for example if you're talking about a computer system you might say well only the part that deals with the media has to be a black box the boundaries of that black box tend to grow because there's concern that the content will be grabbed off of the video card or the audio card that it would be grabbed off of the disk, that it will be grabbed as it goes across the system's IO bus and so on. And the result is that the entire device tends to get turned into a black box. There's a combination of technology and law that's used to try and make these devices into black boxes. The devices are engineered in a way that armors them so that it's difficult technically to analyze or understand what's happening inside the device.

The use of a particular kind of black box design may be mandated by law. That's essentially what the tech mandates as in the Hollings Bill would do. And possibly, the black box nature of the systems is backed by laws like the DMCA that tend to ban analysis or tinkering or discussion related to the device. So as a result of all of this, DRM and the things that come with DRM turn technological devices into black boxes. Now, the other side of this has to do with the interaction between technology and public policy. There are a lot of important policy questions that depend in an intimate way on understanding technology and understanding of the technology an important input to making reasonable public policy decisions. And this is especially true right now with respect to the things that are at stake with DRM. And so I'm going to argue that bans on understanding technology tend to cripple the public debate about these issues.

Now there are lots of examples of issue in which this is true and I want to give you three examples, but just to raise the degree of difficulty a little bit a hopefully help convince you that there are many many examples. I'm going to use that other people have already mentioned in the conference. The first one was mentioned by Dave Farber this morning, the Total Information Awareness Program. This is obviously a public policy issue that's very much at the forefront now. I managed to get a copy of their logo off another website instead of taking it down. The logo's not too popular. I imagine the name Total Information Awareness is likely to get changed to something like Next Generation Secure Information Awareness. So here's the public policy issue with TIA. Law enforcement and intelligence communities in the United States want to mine commercial databases. They want to do it for good reasons, to catch people who would like to blow us up. But there is a significant privacy issue involved here. The advocates of TIA say that we shouldn't worry too much about abuses by rogue agents, by rogue law enforcement personnel because methods like DRM, methods designed to prevent misuse of information or violations of policy, will prevent them. Is this true? Well, if you want to know, then you need to understand the black boxes, you need to understand the efficacy of DRM technology, whether it's going to work. You need to be able to take a skeptical look at this technology and understand how much can we count on it. And that's an important factor in any public policy decision that one might make about TIA.

My second example comes from Bob Blakely's talk this morning, it's the Girls Gone Wild video or, in particular, the attempt to black it. Another public policy issue before us has to do with blocking and filtering technology. For example, to block porn. So there are products out there that claim to block pornographic websites and they claim not to block non-porn content. Is this true? Should we use this technology is schools and libraries and homes and so on. The advocates of this technology claim that we shouldn't worry about over blocking because their blocking list, the list of sites to block is accurate. Is that true? If we want to know whether or not it's true we need to be able to open up their black box and see what their block list actually is. There's a law suit going brought by Ben Edelman, a researcher at Harvard, about this very issue under the DMCA. We need to look inside that black box in order to understand the accuracy of the block list and, again, that's an important input to the public policy decision that needs to get made.

My third example comes from a question that Barbara Sarmonds asked yesterday about electronic voting. This is an electronic voting machine. All electronic. You walk up to it, you push some buttons on the front and it records your vote. At the end of the election, it spits up a count of how many votes were cast for each candidate, or at least we hope it does that. So after the Florida 2000 election, there was a big push toward different voting technology, in particular computerized voting machines. Counties all over the place are looking at that. Santa Clara County, California is in the middle of a decision process and my own county, Mercer County, in New Jersey, is also in the throws of a decision about whether to go ahead with computerized voting or what kind of computerized voting. And you face a lot of tradeoffs there. There's no doubt that direct recording electronic, the all electronic machines are convenient to use and at the end of the election you get a count really fast. The big problem, though, is the risk of fraud. How do you know that the election result is right? How do you know that there hasn't been some sort of horrible mistake? Of course, this is a problem that has gone back a long time in elections, but we change it when we move to an electronic system. We change the kind o failure modes that we face. The advocates of these technologies, mostly the vendors, say don't worry about tampering, we use methods to seal the devices so that outsiders can't tamper, people at the polling place can't tamper with it. Thy claim to use methods that prevent even their own engineers from changing what the machines do. Is that true? Do the technologies they use actually prevent tampering? How difficult is it to tamper? Is it even possible to do that? We need to understand the black boxes that they're building and we need to understand black box technologies in general to be able to evaluate that. In all three of these cases, all three of the policy examples, we need to answer basic technological questions about black boxes in general and specific black boxes in order to make good public policy decisions. Given more time, I could go on and on and talk about other examples. There are lots of examples related to technology policy, to regulation of spectrum, and so on. Examples related to defense, and so on. But rather than go on, what I'll do is stop here and just point out that in my view this is a serious problem. People don't understand enough about technology. Technology, god knows, is hard enough to figure out. What we don't need to do is make it harder. Thank you.

Larry Lessig

Excellent. So, we've been talking about DRM forever. Forever. For as long as I can remember, and that's forever for me so forever we've been struggling with this issue of how are we going to confront the world where not only rights existed and were expressed strongly, but technology enabled people to enforce rights strongly. And after struggling with this forever, I'm increasingly convinced that we've got to reframe this problem because a lot of bright people have tried to figure out the answer to this problem, both on their side and our side and none of us have a good clue yet about how to solve this problem. So, reframe the problem. There are basically three kinds of people out there. Usually there are two, but I found out there were three. There are three kinds of people out there. There are basically people out there who believe in not controlling their stuff at all. We call them communists, you know, but there are people that say take my stuff and do with it what you want. Then there are people out there who say don't touch my stuff unless you ask my permission. Don't do anything with it at all unless you've got some affirmative rights from me. And then there's the rest of us in the middle who say, go ahead use it for lots of obvious reasons. Of course, don't make a Disney movie out of it, but for most reasons we're completely happy that you take and use and use my stuff. There are, therefore, the none, none of my rights respected, and the alls, I want all of my rights respected, and the somes, I want some of my rights respected.

Now in the beginning, the beginning of the internet, we had an architecture that essentially ratified the position of the nones. I didn't mean to have that sound like the people in black with little habits. Ratified the position of the nones, the people who said I don't want to control my stuff at all. We had a technology that enabled basically everybody to take everything that's up there and to share everything and to share it in the most extraordinary efficient way and that was great but that created a lot of complaints obviously from the people who are at least in the all category because their fear was that this architecture of the nones would increasingly shrink the space that the alls could adopt and also those out there putting stuff up in the some category too would have their rights shrunk if none of the rights that might be respected here would have been respected under the architecture of the none. So that was where we were and the problem from that perspective was there was an obvious political response and that was those with all the money are also those with all the rights and those that want to assert the rights and they would force on this world a shift in this architecture. They would try to flip the default way from a default that supported the none to a default that supported the all. So in the future, increasingly, they promise us an architecture which is the DRM architecture that takes this world where there are three categories and flips it from the default where none control to the default where all is the rule. Where all rights being controlled is the normal way in which we engage in interactions with each other and the consequence of that is the exact same consequence we've seen before but now flipped. It becomes harder and harder for the somes to actually be out there and express themselves in a way that says, here, take and share and use because they must embody and adopt these highly expensive and burdensome technologies to say do with my stuff as you wish so long as you respect the following rights. And also, it criminalizes the category of the nones out there, criminal nones running around, right, who are increasingly pushed off this space so that the default world of total control supported by total information awareness makes it possible for the alls to control, you got it, everything.

Now here's the problem. We've been solving for the extremes here. We've been thinking about the world as if there's either those who care not at all or those who care in the extreme. And the problem with that solution on either side is that it defeats the massive and most important category of people in the middle who would actually like a way to express the view that you should be able to take and share the content without suffering the deep burdens of DRM. So hat we need here is a way to recognize this middle. Now, there are two strategies that have been adopted to attempt to recognize this middle. The first strategy is the one we're familiar with because a lot of us have been fighting it, maybe all of us have been fighting it on one side or the other, I don't know, but we've been fighting it in the courts and congress to get them to say...regulate this world in a way so that the potential for the all to control to control everything is balanced. Restrict DRM in the following ways so that we can at least have fair use or ensure that the DRM technologies that go out there and make sure they don't displace the possibility of free content to be distributed.

That's a strategy. But increasingly I'm becoming convinced that that's not a strategy that going to work in time. And that forces, I think, us to consider a second strategy, which is increasingly the one I think we ought to be spending our time on. Instead of ways to fight or limit DRM, what we need is a strategy that expresses this middle space. So I and Hal and other people in this audience are part of an organization called the Creative Commons. The Creative Commons believes that we need to distinguish between this idea, DRM, and this idea, DRE. We have to understand that there are two separate issues here and we shouldn't be solving them together, at least not now. We ought to be finding a way for people to express, simply and easily, here is the set of rights that I'm happy that you respect, without building into that expression the technologies that make it so that those rights are automatically by machines enforced. Not because no one should be able to do that, let the alls do that, that's fine, but because most of us and most of the content out there is not content for which this extraordinarily strong mechanism of control is needed or valuable. The point is, for the green space in the center, these technologies of control are not just hassles, they defeat the opportunity for this content to be shared freely in a way in which the author plainly want. So we need a way to express digital rights without that expression forcing them necessarily. A technology to say here, that this is free, or at least this is sort of free, some rights reserved, not all rights reserved, and that's the role we believe Creative Commons in its first instantiation plays.

It says, we are going to build a layer of reasonable copyright law out there on top of this background of unreasonable extremism. We live in a world now governed by this unreasonable extremism and we can do something about that by expressing a reasonable middle, and this is a technology to do it, so that this background of control gets flooded by a default expression that says, go ahead a share in a certain way, without attempting say to them, the alls, you shouldn't be allowed to do what you do, but instead by enabling the rest of the world to create content that is shareable freely and can compete with those who insist on controlling all of their rights. Restoring, then, in this context, reasonableness through voluntary action. Now why is this important? Well, one story that's been told out there about why the Creative Commons project is important is that its going to be good for the incentives of certain artists. And we have artists how are out there who have begun to say, yeah, it's better for me to share my content in this way than to adopt the all rights reserved model. So Cory Doctarow, a hero of mine, published an extraordinary novel, Down and Out in the Magic Kingdom. On the same day it's in the bookstores, it's on the web under a cc license, download it, do with it what it as you wish. He sells an extraordinary number of books in the bookstores; he gives away a massively large number of books on the web. And what he's done, thereby, is increased the exposure of the world to Cory Doctorow's extraordinary writing, and he believes that will make it easier for him to be a successful writer in the future. I'm all for it. It's exactly what we should be enabling: this creative use of the net in a way that spreads culture broadly. But that's not the important, or most important reason, that people ought to participate in this expression of something different. The most important reason is we ought to begin to identify, to put our hands up around the world in a way that says, I believe in free here. The default is control, but I believe in free, or I believe in somewhat free, but I believe in it now and urgently because the shift that we've seen has radically transformed the opportunity of this technology of the internet to be used to develop something different, some expression in creativity innovation different from the innovation and expression controlled by that tiny little red box in the corner. Now when this battle began, people said, if it's either the nones or the alls, the alls are going to win. And when you think about the places where this battle can be fought, I believed we would lose if all we had to do was fight it in the context of congress because the alls have it all and they can go congress and get it all through the all that they have in the, this is a different kind of green here, a green form in which congress responds to the alls. So they were lobbying away which beats the nones in the middle position because of their power and so congress was a failure.

I was that naive person who believed that there was a place out there that we could argue this as a matter of ideals and principles to establish a balance here that I thought the framers of our constitution already gave us 210 years ago, right? I was wrong. I was wrong. People said they weren't ready, I said, yes they are. I was wrong. They were right. And the consequence of them being right and me being wrong is that the courts have backed out of this battle just at the time when they could have done the most good by expressing ideals that the best interpretation of our constitution says our us about the Statute of End. When I lost and we lost, a very kind lobbyist from the other side called and he said, you know Larry, look, all you had was ideals and principles on your side. They had, or we had, he said, all the money in the world. And he said to me, when is the last time ideals and principles won over all the money in the world. I thought, my god, racism, we were just fighting a bunch of racists. The 14th amendment was about the ideals of the civil rights movement, wasn't all the money in the world. When was the last time that ideals and principles won over all the money in the world? So, in the context of the court, I guess I don't have an answer for that. But I know that here and now, the question we ought to ask is not when's the last time, but when's the next time. When's the next time that ideals and principles win over all the money in the world and the next time it does is the time when we, all of us, begin to express in our every step an expression that says we believe in something different, we believe in this reasonableness, not the extremism, and we show reasonableness by building this balance in the space that marks the we're most familiar with, this extraordinary space of potential creativity we call the internet, and we can reclaim through voluntary efforts that say, we believe in freedom and we show it because our content expresses it and let them respect what we say. Thank you very much.

David Wagner

Thank you to all our panelists. This is great. We'll take questions from the floor or other panelists. So feel free to step up to the microphone. Are there any questions? Are there any questions the panelists would like to ask each other. Ok. For those of you who will be asking, could you introduce yourself, just state your name before you ask the question.

Kapin Ying (Question from audience)

I'm Kapin Ying, I'm from UC Berkeley. So I've been thinking about a lot of things and learning a lot from what's been said so far at the sessions of this conference. And I want to get at, something been bugging me, I actually really haven't been able to figure it out, honestly. I know this is going to sound like a weird question but I feel as though maybe you might have some insight on this, with your understanding of both economics and technology and your understanding of the law. So, as far as I can tell, Microsoft had a choice building its trustworthy computing initiative. It could have chosen to build a system that protected the interests of its customers against the damage that was caused by viruses and so on. Or it could have built a system that would protect the interests of the media companies against those customers. From those customers, I suppose. And what I learned yesterday is that they chose a system, the NGSEB system, that sides with the media. Given that, as far as I know, consumer electronics and technology industry is so much bigger than the entertainment industry, from what I hear, what motivated then to choose this? What motivated them to choose the media companies over their won customers?

Ed Felten

In my position of Microsoft Spokesman...I think it's a little more complicated than you're making it out to be. First of all it's not an either or choice whether to focus on preventing viruses and the like versus focusing on DRM-like features. Doing one doesn't prevent doing the other. There's some debate as to whether doing one in fact helps make the others stronger, probably there is some synergy between then first of all. And second, if you look at the DRM strategy that Microsoft seems to be following, I think it's also an oversimplification to say that it's about big media versus individual customers. It looks more like Microsoft is aiming to build DRM facilities that are as, I think John said this morning, designed for a wider range of customers, including you. If you are using a DRM-enabled product and you are sending an e-mail to someone or writing a document. Now you can debate whether that's a good thing or a bad thing, but I don't think it's quite right to say those features will be built in such a way that they are only useable by big media...Can I stay on permanently as spokesman?

John Erickson

I was going to add to that and basically echo what Ed was saying and I would say...you have to ask who's controlling, who's building the variety of applications that are going to be executing in those protected environments, taking advantage of those trusting computing bases and what policies are those systems going to be making their decisions based upon, and who is controlling their policies. So, with all due respect, I think it's presumptuous to say that it's all about one thing. You need to be saying, well jeez, if I had that kind of a base, what could I be using that for? Well, one obvious application is I could make a really restrictive entertainment content viewing regime, but another application is, I could build a system whereby I've got a really hard-ass way to control my private data and how it gets disseminated, how it gets used, when it goes way, how using mechanisms of recording policies, how it's being used. And I'm not being naive here, you know, one of the things that frustrates me is a lot of these, as professor Farber said earlier, a lot of these technologies, a lot of these concepts, have been around for quite some time. You know, they can be built into a variety of platforms, they can be experimented with. We could be frankly, and this comes from my own personal experience, having started a company a long time ago in the digital right management, back in 95, prehistory. There's a lot of things that could be done, a lot of things could be done in the open research environment, that haven't been done and we could know a lot more and frankly, we'd be a lot further along on a lot of these policy questions, policy application questions. So I think that, again, we need to ask what are the policies, who is controlling those policies, how are they being vented.

David Wagner

Shall we take a question from down here? We'll alternate.

Second Questioner

Thank you. I've been listening to, first of all my background. I'm an engineer and technologist. I work at the University of California. So I like technology and obviously technology can do interesting things. I've been listening to this dialogue the last couple of days and reading of course for years in the press all this stuff about digital rights management. And I've been increasingly troubled, particularly in the last couple of days by what I was hearing, very troubled, in fact, until I heard Larry's talk, which I though was absolutely fantastic. And I realized the reason that I was troubled was because we were taking the human being out of this whole equation. We've given up on the moral and ethical behavior of people and what we're doing is putting chastity belts on technology and I think that's wrong. I think we ought to think real hard about whether we want that to happen.

John Erickson

Make it technical chastity belts.

James Grimalman, Blomame

The Creative Commons Decision, it's really quite appealing in a sort of basic democratic way because if we all get together and just act reasonably, things will get better. But at the same time, just in this panel, it seems like it's in serious tension with what Hal and Ed were saying because Hal was talking about a situation in which a huge community of scientists is trying to be reasonable and publishing companies, together with the law behind them, have imposed pretty unreasonable standards on publication. And Ed's talking about major democratic issues that we can't really solve because we can't be reasonable and look inside what's going on. Is this a false tension, or how do you guys respond to each other on this?

Well, Hal's on my board, so if there's a tension, he's off. No, I don't think there's a tension. Here's why. The problem is policy makers have an extremely narrow view. They can't have more than two ideas in their head at any one time. So when they look at this current debate and they look at the other side from Jack Valenty, what is the other side that they see in their head? This picture of these, as Jack Valenty calls them, terrorists, there are children out there sharing and stealing content. So when that's the alternative, the only reasonable thing to do is the opposite, which is Jack Valenty's world. Now what I think we believe, and I think Hal believes this too, is let's build another position out there where millions of people, we've got numbers saying that we've got upwards of a quarter of a million people participating in the Creative Common Project right now. Um, millions of people begin to say here's the reasonable view and then when that size journal does the extreme that they do, you can say, you're an extremist, here's the reasonable position. And people can increasingly say that reasonable position is something we ought to be defending without forcing all of us, who have been defending that position forever, to make it sound like we're defending people who want to go download four-thousand copies of Britney Spears songs. I'm against those people too, right. Jack Valenty and Britney Spears thieves, well I don't want to get too far into that, but Jack Valenty and the other extremes are both wrong, they're both extremes. And what we've got to begin to say is that there's more than these lunatics at the extreme. There is what has been our tradition.

Ed Felten

I guess I'd like to briefly address the question about how my talk related to Creative Commons. I don't see there being a conflict. Creative Commons is not telling you what I'm not allowed to study, what I'm not allowed to write, or what I'm not allowed to say. It's not coercive in the way that some DRM systems are. The kind of DRM I was complaining about is the kind that Larry would put in the all category, which is not what Creative Commons is about.

Hal Abelson

Well, I just want to say there's no conflict at all between Larry and me and Creative Commons. We work on it together. I wanted to applaud this morning when Dave Farber resisted using the word "consumer" because I think that's the real difference. We're trying to make regimes that recognize the rights of people as creators. So the issue of that Creative Commons is I made some stuff, it is mine, I would like some say in how people use it that's not determined by the journals, that's not determined by the record company, that's not determined by all these curtails which in fact are not about rights of the creators. They're about preserving what I call the stationer's company, they're about owning the infrastructure to the point where the creators actually don't have a choice. And I think that's what this is about.

Questioner 3

This is a slightly more abstract question. A couple years ago I was really happy to see that we having more discussion about information interfaces and electronic spaces. And I see this debate as kind of taking us away from that wonderful focus of ideas that was happening. Is there anyway this debate could be giving us more information, helping us in some way to understand more. Or is it just a loss of time.

David Wagner

You lobbed a good one there. No one wants to field that.

John Erickson

I'm not sure what the debate...

Questioner

Sorry. Information technology. We've been solving a lot of technical problems and I heard increasingly more conversation about how do we deal with information in electronic spaces.

David Wagner

That sounds like a good discussion topic for the break after the...

Pam Samuleson

So yesterday when I was doing the tutorial, Alex Alben asked me a question which, because I'm not a technologist, I was not in a very good position to try to answer, but since there are several technologists on this panel who are interested in information flows. The question that was put to me was a question about whether it was possible to develop technologies that would allow circumvention for fair use or other non-infringing purposes. Is it possible to sort of think creatively about anti-circumvention laws that might allow some room for circumvention for fair uses without opening up the Pandora's box so that allowing these technology means that you've essentially repealed the anti-circumvention laws.

John Erickson

Yes and No. Well, the first part in my opinion I think that you can try to approximate and perhaps reach a reasonable compromise in how you write the rules that control how the systems operate. So that's one approach. And depending on how far you carry the discussions that lead to that compromise, and I would argue how you would include people, people in the loop, so that it's not a completely automated thing, you might be able to do some things. I don't want to talk to the other questions about the increasing of circumvention devices to do the fair use piece, but the one particular piece that I'd like to offer up as a maybe or a yes is the creation of good policy that includes people.

Ed Felten

I think this is one of the most important technical questions around DRM, whether we know, whether we can figure out how to accommodate fair use and other lawful use without opening up a big loophole. And the answer is, I think, right now, is that we don't know how to do that. Not effectively. A lot of people would like to know whether we can do that or how we go about doing it, but it's a big open question right now.

Hal Abelson

I'll give you a little piece of an idea I wouldn't necessarily advocate. This was a little system that was designed by a couple of students in a class I taught in the fall where the notion is that you did this digital right decision based on some combination of what's carried with the work and something that's asserted by the user, partly who they are and what their intent is. So you get something that sort of gives you increased extra access to this work. On the other hand, either you have some sort of way of saying something about yourself or some sort of way of testing the thing that goes into some record, that then it's challenge later you can point at. I don't actually think this is a workable solution, but it's the beginning of an idea.

Joe Liu

I will say something about the legal side of things. I mean, I don't, I clearly don't know anything, or very much, about how the technical question and technologically whether this is feasible. But on the legal side, in hearing about this debate, about whether we can effectuate fair use in some sort of technical way, I sort of thought about a thought experiment of what would fair use look like if we tried to implement it in terms of a legal regulatory framework. If we actually tried to spell out, in the law, in detailed manner, instead of the four factors, what exactly copyright and fair use would look like, and I think you would soon find a statute that would begin to resemble the tax code in its complexity because it would be volumes and volumes and volumes of very detailed regulations depending on who you are, why you're using it, which context, and all the rest. So I think, in sort of referring back to Hal's very initial picture, that first layer that's put on the sort of public interest, I think itself is really subject to a lot of these issues. And I think that's entirely understandable because people's interaction with information is a very complex thing and I think that it's just really hard to specify, even from a legal standpoint.

David Wagner

Question up there. Can I remind you to state your name?

Mark Lemley

Mark Lemley of Berkeley. This is a question for Larry Lessig primarily. So five years ago at this conference, Bob Gomulkiewicz of Microsoft pointed out a very nice sort of inversion which is that shrink-wrap licenses and contractual enforcement of big package software on uniform terms also turns out to be the legal basis to the extent there is one for the support of the open software movement, right. And one of the interesting things that that pointed out, in a contract sense, was that in order to make a judgment about whether regulation or freedom from regulation was the right choice, you had to look not just at what the big guys were going to do, but what the little guys were going to do. I guess I wonder why there isn't a similar kind of dichotomy and a similar issue that Creative Commons brings forward, right. It's very easy to write a set of legal rules that says everyone gets a certain set of rights. What you want to do, I take it, is to write a set of legal rules that says everyone gets a different set of rights, they can choose from among an infinite palette. But in order to implement that, it seems to me you need some kind of DRM or if you want to call in DRE that's fine. That requires you, though, to take a position about whether regulation of DRM by government is a good thing or a bad thing, right. And I guess what I wonder is whether a group like Creative Commons, that depends in some sense on the enabling features of DRM, is also going to facilitate by allowing DRM the problems that other people have mentioned at this conference with DRM not limited by consumer regulation, privacy regulation, whatever else we think is problematic.

Larry Lessig

So the only part that I want to really resist in the structure of your question is not that it begins with the word 'so,' I did that too, is the quickness with which you passed over the possible distinction between DRE and DRM. Because I really do think, I didn't think this originally so I hope this is progress in my thinking, but I really do think that there is a difference between DRE and DRM. And the reason isn't the static difference because, you know, in some sense DRM includes DRE, you've got a digital rights expression language within DRM and then it adds a dollop of control on top of it. That's not the difference. The difference is the dynamic effect it would have on this debate if we had a bunch of content out there that was efficiently expressing the freedom to use it in certain ways, and a bunch of people out there respecting how it can be used and how it can't be used, and a bunch of people building on that expression of freedom versus those who continue to insist on this extraordinary overhead of technology that gets built into their content before they share their content. I think those who adopt the DRE side would be in a competitively better position against the DRM crowd in selling and making their content available. They'd be able to say, I've got better content, not just because it's good content, but because it's freer content, right. So I want to enable that battle, that's what I want to do because I believe we're in a world where DRM is on the field. I would prefer to be in that world where DRM just wasn't getting on the field and so if five years ago we could have found some way to keep DRM of the field, then of course we wouldn't be here fighting for Creative Commons, right, there wouldn't be a need for it. But the fact is, if DRM is on the field and the default though is everything should be within some structure of DRM, and you allow them to suggest that those of us in the green some category should just adopt the DRM technology and open up all the permissions. If you allow them to suggest that that's the same, then I think that that world of that technology of control controlling and taking over more and more of the creative process is inevitable. And so what I want to do is just break that down. Now it's empirical, I don't know if it works, I don't know the consequence of it.

Mark Lemley

Let me just try one push. That argument makes sense to me. I guess I wonder what the impact is on regulation of DRM technology that might in other circumstances occur, right, for purposes of consumer protection. So Julie Cohen's got a paper that makes the very nice point that DRM is necessarily at odd with strong privacy protection. Isn't DRE also necessarily at odds with strong privacy protection for the same reasons and don't you find yourself in a position in which if we move to a DRE world, we're less likely to be regulation privacy protection.

Larry Lessig

Yeah, I don't think, I'd be interested, but I don't think DRE technologies have the same right to, problems that Julie articulates in the right to anonymity argument, I don't think it has the same problems. But the other side of this is, this is not a way of saying, we don't have to worry about the regulations that DRM affects. We've still got to worry about them profoundly and we've got to worry about DRM technologies restricting fair use and we've got to think creatively about how to carve that back and so that means pursuing Pam's question and finding a technological answer and figuring out how the law shouldn't be regulated. I'm not saying that these aren't important issues anymore, but I'm saying that it's going to be easier to make those arguments if the other side of the debate is not a picture of a child with forty billion songs on his or her hard disk. It's going to be easier if you can say, here's something different from your model of total control and total anarchy and one that I don't think runs into a lot of the same problems because, again, remember the DRE here is just enabling a simple way to identify so then I can make a decision about what I want to do with the content. So we want to build on top of the Google API so you can say, give me all the pictures of the Empire State Building available for non-commercial use. Bingo. There they are. And now that's content that I can decide to incorporate in my webpage or in my publication that competes with Microsoft's, I mean, sorry, Bill Gate's technology to have all of this content wrapped in DRM stuff. It competes with it. So I think that if we had a competition between freed and controlled, free would win in a large range of cases. Not all. I'm not saying that the red box should be eliminated, but not all. But I still think that it would generally win.

Edward Felten

There's an important distinction here between DRE, which gives a way to express the content creators' desires over how something will be used, so expression about permission versus the technological enforcement mechanism, which is what a lot of people are talking about with DRM. I think when you talk about rigid enforcement mechanisms, then you raise significant privacy issues. If you just want to give the content creator a way of saying what permissions they grant, then the privacy issues are much easier to deal with.

David Wagner

Ok, we have time for one last question.

Eddan Katz

Eddan Katz from Berkeley. This is a question also for Professor Lessig. In the spirit of avoiding the binary, I was wondering, I've heard you speak before about your own tensions between optimism and pessimism. I'm afraid and troubled by the fact that I leave your talk with, imprinted in my memory the courts and congress crossed out in red. And I'm wondering, because a lot of people are involved in those struggles, I'm curious particularly in the courts when you said we asked a question and we lost. In reframing the question, I'm wondering if the way the question was posed was the only possible way it to pose the question and if you could think of another way that the question could be posed so that those two channels could further be pursued.

Larry Lessig

So, you know, we're lawyers, we can't give up the courts, so we're going to be fighting lots of issues in the courts forever and Center for Internet Society at Stanford is fighting a lot of these questions, EFF is fighting a lot of questions. We'll continue to fight it. The fact is we lost in the Supreme Court because the Supreme Court-no, I mean, there's the uncharitable and the charitable. Let me be the charitable. Let me take the charitable. We lost in the Supreme Court because the average view in the Supreme Court is just like the average view of most Americans about these issues, right. So that means we have a lot of work to do so that most Americans begin to understand how this is a more complicated issue than the binary framing of it. Now I said, when we brought this case, Peter Yazi was the first person to say we're not ready. You know, a lot of people said this is great we're bringing this case. Peter Yazi said we're not ready, took a lot of heat for that, and then he turned around and what he did he wrote a brief and he fought like hell to make it so that we could win and the first day after we lost he sent me an e-mail and said, you know, I said we we're ready but this was the right thing to do and I'm glad you did it but the fact is that he was right: we were not ready. We were not ready because ordinary people didn't get it yet, right, but this is the optimism, ordinary people get it when you tell it to them and you explain it to them. They don't have a vested interest in the red control everything box, they don't. Ordinary people understand that when we can start thinking about digital creativity, when we can contrast the analogue consumer, that's the couch potato, with the digital consumer, that's the person who's taking content and remixing it and releasing it in this creative way, they can show them how this is possibly enabled by the technology, they'll be on our side. And the point is, this movement, not because of these lawsuits, but because of what thousands of people have done and lots of them here, is increasingly being, is salient out there among ordinary people. Now, I can shift into pessimism mood really quickly. I won't. Let's just end on the optimistic side. I think if you explain it clearly and repeatedly and over time they will get it and when they get it, we will win. But it's going to take a lot of work. It was easier to imagine the happiness of five votes than it will be to imagine the battle that is required right now, but, you know, we have no choice. It's got to be that battle right now. And I take the only solace from this loss to be the literally thousands of e-mails of people who wrote me and said, you know, we've going to fight this until we win. That's the solace, and so let's turn that into something productive and optimistic and I'll be happy to be proven wrong in my pessimism.