Date: Tue, 23 Oct 2001 16:16:09 +0100 (BST)
Alex Buell <alex.buell@tahallah.demon.co.uk> noted:
> Nothing there. Try again.
Hmmm, Oh, well, Here is the whole article then. Formatting will probably
suck on some mailers from line wrap though:
SSSCA gets a hearing Oct. 25 -- can it be stopped?
Friday October 19, 12:11 PM EDT [ Government ]
- by Tina Gasperson -
Senator Fritz Hollings will testify about his proposed SSSCA legislation before the Senate Commerce Committee on
October 25. While the Open Source community is acquainted with the potential effects of this bill on freedom from
government intrusion on our private activities, many businesses that use Open Source software, government agencies
who sponsor Open Source projects, and lawyers who specialize in technology issues either have not heard of the bill, or
do not understand its implications.
Eben Moglen, chief counsel for the Free Software Foundation, is succinct: "SSSCA is a deliberate attempt to destroy
free software."
Moglen believes that the industries behind the drafting of the SSSCA want to control information from the beginning to
the end of every event chain. "The content industries want to make a leakproof pipe that leads from their production
facility directly to the eyeball and eardrum of the consumer."
That pipeline must not be broken apart by any technology that is under the user's control, he says. "If the computer
closest to your eyeball and eardrum has a free software operating system, the whole rest of the pipe doesn't matter:
sound on its way to the sound card, or video on its way to the screen, can be copied or sent anywhere by the OS kernel.
"So the content industries cannot -- so long as they adhere to their present obsolete business models -- tolerate the
existence of any user-modifiable operating system for computers. Period."
And that's what's behind Disney's and other corporations' campaign contributions to Hollings and their subsequent
"urging" that Hollings, the chairman of the Senate Commerce Committee, draft the Security Systems Standards and
Certification bill, which states in part that "it is unlawful to manufacture, import, offer to the public, provide or otherwise
traffic in any interactive digital device that does not include and utilize certified security technologies." And while Disney
interests may be completely aware of the subtleties behind the SSSCA, Hollings may be unaware of the chain of effects
this could set off. "Although I cannot comment on the technical acuity of Senator Hollings," says Pat Stakem, a NASA
consultant who works with FlightLinux, a version of Linux that's running on unmanned space flights, "there have been
problems in the past with oversight and unintended consequences when a highly technical issue is legislated."
This isn't the first time that Hollings has sponsored highly technical legislation and tried to rush it through Congress. It is
ironic that it came at a time when Hollings appeared to be on the other side of big business, fighting for stricter Internet
privacy laws. Back in July, Hollings was testifying at another Congressional hearing in favor of more privacy legislation,
as opposed to the self-regulation that the Information Technology Industry Council (ITIC) favors. ITIC is populated by
big tech companies that normally are at odds with each other, like IBM, Microsoft, AOL, Amazon.com, Compaq, and
Dell. At that hearing, Hollings said, "Where did self-regulation get us?" as he urged Congress to take swift action on new
laws for privacy. Now that draft bill has disappeared, and Hollings seems to have switched sides, getting into bed with
the anti-privacy, anti-freedom corporate interests.
Hollings and company have turned deaf ears on requests for more information from NewsForge and from at least one
lawyer we spoke to. A representative from the office of Scott Draughon, an attorney who specializes in technology law
and policy, contacted Hollings office to request a draft of the bill and was rebuffed by one of his staff, who told her,
"attend the hearing."
But according to a report at WebNoize, that hearing may not be completely open. "Non-profit public interest groups
haven't been invited to the hearing, which has motivated them to take action," the report written by Mark Lewis states.
The Electronic Freedom Foundation issued an alert and is conducting a letter writing campaign to try to stop the
progress of the draft bill, calling it DMCA2, in a comparison to the restrictive digital copyright legislation that landed
Dmitry Sklyarov behind bars earlier this year when he gave a presentation on e-Book unencryption techniques at
DefCon.
The Association for Computing Machinery's (ACM) Public Policy Committee is also trying to persuade Hollings and
company of the dangers of the bill. "We urge you to recognize that there are many legitimate uses of technology that
would be impaired by additional copyright-protection measures," states a letter addressed to Hollings from Barbara
Simons and Eugene Spafford of ACM. "Already, we have seen an unintended chilling effect on computer security
research by the DMCA. Any law along the lines of the SSSCA might well have more far-reaching and damaging
effects, particularly as our nation attempts to enhance the security of our infrastructure and prevent acts of terrorism."
Simons and Spafford list some of their objections to the legislation:
Colleges, universities and trade schools throughout the United States would no longer be able to teach advanced
computer science and computer engineering.
The acts of writing basic operating system software or assembling simple computer systems in classes or as
assignments would be against the proposed law.
Research in computer security and protection would be further curtailed, as any such research would be required
to be done on (and not interfere with) whatever technology is imposed by this law. However, malicious actors do
not need to be so concerned. This has significant national security implications.
Researchers and hobbyists seeking new uses for innovative technology might well find their experimentation and
prototypes to be criminal under this law.
Devices as disparate as electronic cameras, wrist watches, electric pianos, televisions, ATM machines, cell
phones, home security systems, and medical equipment (among many examples) all process and display
information electronically. Under the proposed legislation, all would be required to support anti-copying protocols.
In most such cases, this is absurd and will raise costs unnecessarily.
Inclusion of anti-copying technology in general purpose equipment -- including real-time computing devices used
in traffic control, air flight control, medical equipment, and manufacturing -- adds to their complexity and potential
for failure. Unexpected interactions with other code, and accidental activation of protection protocols cannot be
ruled out in every case, and in many venues the potential for damage is extreme.
Photocopy machines, telephones and VCRs are now digital in form and can copy information. Forcing adoption of
anti-copying protocols on those machines will change accepted modes of use, at best, and may render them
unusable for their intended purposes.
Other countries will not have similar requirements in their laws and may actively fear the imposition of anti-copy
technologies; this will put U.S. products at a competitive disadvantage with other products manufactured
elsewhere in the world. At a time when electronics manufacturers in other countries are seeking an advantage
over U.S. firms, this could be catastrophic for the U.S. electronics industry.
In addition, the draft version of SSSCA would have significant negative impacts on foreign technology imports,
such as the Linux operating system, in direct violation of our obligations as a participating member of the World
Trade Organization.
Spafford testified before the House Committee on October 10 at the Full Committee Hearing on Cyber Security, saying,
"Legislation that is scheduled to be introduced into the Senate, the Security Systems Standards and Certification Act
(SSSCA), may further restrict what research is conducted in information security. Legislation against technology
instead of against infringing behavior can only hurt our progress in securing the infrastructure."
Though Spafford, Simon, and FSF lawyer Moglen are well aware of the dangers of SSSCA, other key elements may
only now be waking up to the potential consequences of such broad legislation. Draughon, who specializes in D.C.
doings in technology, was unaware of the draft and requested a copy from me when I contacted his office. Government
agencies that use Linux and other Open Source software are also largely ignorant of SSSCA, including the Army, Navy,
and the NSA, and have not been prepared to discuss the issue with NewsForge.
FlightLinux's Stakem was willing to take a look at the draft and share his initial impressions. "If the legislation, which
appears to be driven and influenced by big content-providers, does affect Open Source distribution, then we need to take
a long hard look." But Stakem is not overly concerned about potential danger to Open Source. "We have to make it [the
source code] freely available, but [the GPL] doesn't say it can't be encrypted.
"There is a need to reform intellectual property laws to bring them more into sync with new, unforeseen realities.
Unfortunately, those who can affect those changes don't necessarily understand the issues."
The Navy is preparing to experiment with Open Source software, "particularly Linux," and has signed a Cooperative
Research and Development agreement with the Open Source Software Institute (OSSI). But are they aware of the dark
clouds gathering around that scenario? John Weathersby, the director of the OSSI says, "SSSCA is typical of a
reactionary bill proposal. It is stimulated from one side of the spectrum. But it represents a work in progress."
Weathersby believes that the Open Source community has to take the saying "eternal vigilance is the price of freedom"
to heart. "I see issues like SSSCA as growing pains that we must wrestle with as we outgrow our protective shell and
realize that we are part of a larger more complex economic picture.
"I don't see how it can be adequately enforced. It's like trying to hold back the tide; you can do it for a while, but then the
open market, like Open Source software, will find its equilibrium."
Stakem thinks that perhaps the SSSCA will exempt government usage from its restrictions, but Moglen says there is no
such exemption in the current text of the bill. "But it's not only about specific applications government might write. If
SSSCA prohibits the Linux kernel, prohibits the Hurd kernel, prohibits any system with enough openness to permit users
to modify its basic behavior, the ability of one federal agency to publish one applications program more or less wouldn't
make the slightest difference.
"The software monopolist and the entertainment oligopolist are discovering that this can be the beginning of a beautiful,
but socially obnoxious and oppressive friendship."
-- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Oct 23 2001 - 21:00:38 EST