By Alex Salkever For more than a week now, the story of Dmitry Sklyarov has caught the spotlight of the technology media and raised the ire of civil libertarians and techno-activists. The Russian cryptologist stands accused of building a program designed to foil copyright protections in Adobe System's proprietary electronic-book publishing software, eBook Reader. The company Sklyarov works for, ElcomSoft, was selling his allegedly illegal program over the Internet.
Arrested in Las Vegas on July 16 by FBI agents after a tip from Adobe, Sklyarov is the defendant in the first case of criminal prosecution under the controversial Digital Millennium Copyright Act (DMCA). Charged by the U.S. Justice Dept. with a single count of violating the act by "trafficking in a product designed to circumvent copyright protection measures," the Russian programmer faces up to five years in jail and a $500,000 fine. His attorneys say he is innocent, and has been unfairly targeted in an attempt to intimidate software programmers.
The case has become a lightning rod for protests, with tech civil-liberty activists claim it is the latest and most extreme example of the excesses of the DMCA. They say that the law will harm innovative research and criminalize personal use of copyrighted material that was previously considered legal.
COPYRIGHT, COPY WRONG? The rhetoric surrounding the case belies a simple fact: Sklyarov may be a poor poster child for anti-DMCA fervor. He does not deny developing software aimed at giving consumers the capability to break copyright protections. That in itself is not a crime. Where he may have gotten into trouble is by allowing a company to offer the product for sale on the Internet.
"If you're marketing a product for the purpose of circumventing copyright prevention mechanism and the technology does not have other purpose, then there is a violation," explains Ian Ballon, an intellectual property lawyer at Mannatt Phelps & Phillips and the author of E-commerce and Internet Law.
Sklyarov's saga started on June 26, when FBI Special Agent Daniel J. O'Connell met with Adobe eBook Group Products Manager Kevin Nathanson at the company's headquarters in San Jose, Calif. Nathanson told O'Connell that Adobe had purchased a copy of ElcomSoft's Advanced eBook Processor (AEBPR) for $99 through RegNow, a shareware sales site.
IFS AND BUTS. Company engineers allege that, as advertised, AEBPR would allow users to convert protected eBook files to so-called "naked" files. These files, alleged Nathanson, could be easily printed or distributed via e-mail. Either act would be in violation of copyright provisions established by companies selling eBooks encrypted by Adobe's software.
According to the FBI statement, Sklyarov was listed on AEBPR's opening screen as the program's copyright holder. Adobe officials informed O'Connell that Sklyarov was scheduled to give a presentation on electronic-book security at DefCon, a hacker convention being held in Las Vegas the third week in July. After reviewing ElcomSoft's site and consulting further with Adobe officials, the FBI decided to arrest Sklyarov at DefCon, which the agents did after his presentation.
That sparked the wave of protests now underway. Alas, much of the outrage may be misguided, even though Adobe itself, perhaps bowing to the intensity of the response, appears to have backed off its desire to see Sklyarov prosecuted. Computer scientists have expressed the fear that Sklyarov's arrest will have a chilling affect on security research. That seems unlikely.
LEGAL PRECEDENT. True, immediately before his arrest, Sklyarov made a scientific presentation outlining security problems with electronic book copyright-protection measures. But neither the FBI nor Adobe expressed problems with the research or the presentation. In fact, according to Harvard Business School professor and copyright expert Constance Bagley, the DMCA contains specific exemptions for computer-security research.
Another beef activists have with the case is the fact that a Russian national was arrested for work he performed in Russia, where the DMCA does not apply. But Bagley and other attorneys say there is a legal precedent for the arrest. In a 1997 case, U.S. v. Nippon Paper Industries, a federal appellate court upheld a criminal price-fixing conviction against the Japanese conglomerate, even though the decision-making process occurred in Japan. The court based its ruling on the grounds that the activity, though it may not have been illegal in Japan, harmed U.S. consumers. Had ElcomSoft specifically warned downloaders that this product was illegal in the U.S., Sklyarov might not be sitting in jail.
To be sure, the stated purpose of Sklyarov's software makes logical sense. On its Web site, ElcomSoft said AEBPR gives eBook owners the ability to view the text on more than one electronic device -- a logical step since you can take a physical book anywhere and an eBook should be able to enjoy similar flexibility.
NEW MODELS NEEDED. That still doesn't give anyone the right to violate copyrights, if, in fact, that's what Sklyarov did. The courts will have to make that call. In the meantime, copyright holders can hardly be blamed for trying to save their business models and stave off what they fear will be a rising tide of piracy. But as copyrighted information migrates from stable formats, such as books, to less stable formats, such as PCs and silicon-based devices, companies need to figure out how to offer consumers the ability to shift their eBooks from one device to another.
It's too early to know what Sklyarov's legal fate will be. But anti-DMCA protesters may need to find a better case to convince the public that the law is misguided and should be rolled back. Salkever covers computer security issues twice a month in his Security Net column, only on BW Online