NRC/CSTB/Information Systems Trustworthiness Project
The World Wide Web Consortium is dedicated to 'Realizing the Full Potential of the Web'. One of the core principles behind that commitment is 'automatability': enabling rich meta-data and context to be associated with Web content so computers and humans can effectively find, communicate, and use information. Intellectual Property Rights (IPR) are an example of "rich" information. The W3C Technology & Society Domain has investigated issues related to IPR over the last two years, and we look forward to discussing some of the research challenges ahead for IPR Rights Management (RM).
Intellectual property on the Internet has been a contentious topic for a number of reasons. These include (1) does the nature of the technology require us to change the legal status of copyright as it stands now, (2) what rights should be associated with Web content, (3) how to technically express the rights, and (4) should the expression of the rights be used for notification, enforcement, or payment negotiation? The questions addressed towards this panel tend to focus on the later two questions with respect to technology. An important realization is that the answers to the latter two questions will be answered in part by the business models supporting their deployment, and the availability of actors/players to apply those business models in a successful manner.
In answering the following questions, we are either providing a reasonable expectation of what may occur; providing a range of what may occur; or asking further questions that elicit a better understanding of the problem. This exploration does not necessarily reflect official W3C positions.
To recognize and enforce various rights, we need three interlocking components:
W3C's own experimental agenda follows this layout. Our PICS work, and digitally-signed PICS label work addresses #1; we are developing trust management engines and languages through PICS-NG and in joint research with AT&T, TU-Graz, and MIT; and we plan to work with our 160 member organizations to understand the models behind #3 in our Intellectual Property Rights Activity Area.
An observation of this domain is that all rights management (RM) systems are breakable, the question is at what cost? Another observation is that the inherent value of content (and the associated intellectual property rights (IPR)) are different. With this understanding, we need techniques which make it cheaper for users to comply with IPR policies rather than circumvent them for any piece of content. Hence, we need to discuss and develop target scenarios for dealing with different types of content: library books, pay-per-view movies, home-page caching, etc. and their associated qualities: timeliness, scope, economic value, etc.
Only when we understand the applications of IPR can we fairly evaluate the security of the proposed solutions. For instance, at one end of the spectrum, we will need secure coprocessor hardware; at the other end of the spectrum, a mere advisory README files may suffice. [see 2.6 for further thoughts.] Finally, there is an additional consideration for online IPR management: the failure of an IPR protection scheme may be limited to a single instance (one copy is abused) or it may propagate to the failure of the whole mechanism (and innumerable instances of IPR abuse). RM protection ought to degrade gracefully (see 2.4).
Evolution, of course, is important in this open-standards arena. We expect to see vigorous experimentation at each layer of the model proposed in 2.1 (rights declaration, policy expression, and social models). But on what time-scale? In which direction? This is difficult to predict, but Internet RM activity is certainly gaining increasing attention during the past couple of years. We make a few comments about the nature and direction of the medium in Section 2.5.
Still, here is one possible course of events for Web RM, based on the hypothesis that each layer will stabilize in succession:
Certainly, online environments bring new opportunities for large-scale rights abuse. In the past, the very nature of the distribution media limited fraudulent dissemination (i.e. copy degradation, reproduction cost, traceability, etc). The Internet's low to no-cost for copying is key to the success of NetNews, FTP, and the Web -- and could also make it impossible to ever migrate high-value content to this medium.
To address the question in detail, we first ask the question of what can we trace when rights abuse is discovered?
Next, where else can we discover rights abuse on the Internet?
Finally, will any of this constitute "effective measures"? Again, there will be segmentation based on the inherent value of the rights: only some abuses are worth the expense of tracing.
We believe the technical trends might be separated from the economic models. While social and business models may gravitate towards bundled or sampled rights settlement, the medium itself may drive the technology towards micro-level rights management. For example, Alice may be charged a micro amount per page that she views, but the payments and settlement may actually be managed by her telecom provider; who conducts settlements on an aggregated or sampling (ASCAP, BMI) basis, even though Alice still receives an itemized bill that details each transaction.
In essence, the argument is that the Internet will always deliver information in discrete chunks, and each chunk will have to be labeled, audited, and transmitted whole -- even though settlement models may be decoupled. Unlike the Internet, rights management for traditional media (and the settlement options) have often been dependent on their respective media. Cable TV, for example, is a passive fire-hose of video data, and there is no micro level control -- so it evolved bundled channels instead of per-sitcom pricing. Telephones require explicit per-call circuits, which became the natural granularity for the transaction. Newspapers also bundled several different information products (news, weather, sports) together per-issue and over time (subscription).
Hence, to make this model more explicit, one should ask: 1) what are the boundaries between the agents of a transaction (user, merchant, content owner, content host, service provider, payment server, etc.), 2) what are the mechanisms involved (selection, payment, clearance, settlement, billing, etc.) and how do they relate to one another? (aggregation, sampling, bundling, etc.)
Definitely. The spectrum of needs is wide enough that we must generate a variety of strategies. All-out universal protection with its one-size-fits-all 'policy' (e.g. the DAT's second-generation copying lockout, proposed hardware PC usage meters, etc) will be completely unworkable as a single solution for the Internet. There are applications for rights notification, cooperative rights, licensing agreements, and cryptographically protected rights, with many more models in between, each of which have a place on the Internet.
Since the market needs mechanisms at different price points for each segment, technology should provide distinctly different costs for 1) labeling 2) distribution 3) enforcement 4) auditing 5) ownership identification 6) bad actor identification and more. This follows directly from our end-goal: to help enforce a range of societal rights protections. There are a range of penalties, and hence a range of techniques. In particular, we should expect variations in the level of cryptography, modes of distribution, amount of auditing and logging, and processing cost for publishing (e.g. watermarking) and for reading (e.g. decryption), since these technology decisions can affect the overall cost and value proposition.
We have attached copies of some additional material from our Web site. We are looking forward to becoming more closely involved in Intellectual Property and Rights Management issues in 1997, particularly with the addition of Joseph Reagle and Ralph Swick to W3C's Technology & Society team.
Networking technology is requiring us to rethink and reinterpret existing intellectual property law. For instance, digital networks cache copies of documents to improve performance -- is this infringement, should royalties be paid? If it isn't an infringement because it is temporary, how long is temporary? What happens if these cached copies decrease the hits a Web service sees, and consequently the revenue it generates from marketing? Does a link to an infringing copy of intellectual property constitute contributory infringement, or is this well within the bounds of fair use?
Intellectual property rights on the Internet is a contentious topic for a number of reasons. These include (1) does the nature of the technology require us to change the legal understanding or status of copyright as it stands now, (2) what rights should be associated with Web content, (3) how should the rights be expressed, and (4) should the expression of the rights be used for notification, enforcement, or payment negotiation? We expect the answer to these questions does not lie solely in technology nor policy, but the rational combination of both.
While there has been much heated debate regarding the questions raised on the Overview page, we expect the W3C can make a positive contribution by exploring two different approaches:
One can describe the first approach as a "social negotiation" protocol. This type of protocol can be used to address the problems of IPR and Privacy by leveraging PICS and PEP as the tools for conducting negotiations. For instance, consider the following scenario that the W3C may wish to address:
John is a Web disc jockey, and goes to his favorite online music store where he is told "Here is the copyright notice associated with this CD, notice that it costs $13.99 for personal use. If you'd like to license the capability to serve the CD from your own Web site, it will cost $450, plus $0.10 per hit. Fees that are due from Web hits should be paid to X."
See the Intellectual Property Rights Overview Page.
No products as of 17 December 96. Potential products could include an intellectual property rights PICS ratings system (vocabulary) and a demonstration of its integration with preference and payment negotiation protocols. These products may not be a direct result of this project, but other related projects such as the PICS, JEPI, and the Privacy and Demographics projects.
The W3C expects to have a briefing package available in this area in the second quarter of 1997. Joseph Reagle is tracking the IPR area and preparing a briefing package for this project. Our initial impression is that the requirements of this domain (as well as those of the Privacy and Demography domain) are well met by a PICS like protocol. See draft-reagle-pics-copyright-00.txt for an example of this approach.
In order to advance, the W3C must:
No public commitments as of 17 December 1996.
Networking technology is requiring us to rethink and reinterpret existing intellectual property law. For instance, digital networks cache copies of documents to improve performance -- is this infringement, should royalties be paid? If it isn't an infringement because it is temporary, how long is temporary? What happens if these cached copies decrease the hits a Web service sees, and consequently the revenue it generates from marketing? Does a link to an infringing copy of intellectual property constitute contributory infringement, or is this well within the bounds of fair use?
Intellectual property rights on the Internet is a contentious topic for a number of reasons. These include (1) does the nature of the technology require us to change the legal understanding or status of copyright as it stands now, (2) what rights should be associated with Web content, (3) how should the rights be expressed, and (4) should the expression of the rights be used for notification, enforcement, or payment negotiation? We expect the answer to these questions does not lie solely in technology nor policy, but the rational combination of both.
The W3C Intellectual Property Rights Activity Page describes how the W3C is addressing these questions.
Intellectual property rights (IPR) and the Web are newsworthy topics, such stories from 1996 include:
| Issues | Copyright has been the focus of protecting intellectual property on the Internet. As such, there have been both technological (IPR/encryption wrappers) and legislative efforts to continue incentives for authors to create useful works. Recent initiatives have been at the international level include at the OECD, and a conference (Dec. 96) hosted by the World Intellectual Property Organization (WIPO). |
| Resources | Basics of Copyright
Copyright FAQ INTERNATIONAL LAW Government Agencies The EU Green Paper in IPR EFG Intellectual Property Page Cryptolopes Liability Based on Traditional Forum Analogy Intellectual Property Implications of WTO and NAFTA Online Service Operator and Provider Liability for Contributory Infringement Is Still Uncertain |
| Issues | Contributory infringement (and the consequential liability) is one of the most contentious areas of the copyright debate. For instance, is an ISP liable for contributory infringement when it allows its users to link to hacker sites? If an ISP closed a user's account when informed by an IP owner, would the ISP be liable for the violation of civil rights or breach of contract? |
| Resources | EFG Intellectual Property Rights Page
Battle Sites: Online Service Operator and Provider Liability for Contributory Infringement Is Still Uncertain Computer Information Systems Law and System Operator Liability in 1995 |
| Issues Resources | InterNIC is not a Net cop
Trademarks and DNS Domain Name Legal Bibliography Remedies in Internet Domain Name Trademark Lawsuits | |
| Issues | Owners of fonts want to distribute them for different purposes at different prices. They fear that freely distributing fonts for reading documents might allow people to author documents without paying for additional rights such as redistribution. Neither a purely legal nor purely technical solution is likely to be successful. |
| Resources | Are Fonts Copyrightable - Copyright FAQ
Font Discussion and Protecting Embedded Fonts OpenType Initiative The Font Meeting at W5, Paris |
| Issues | Bandwidth on the network is limited, and continues to be so. The traditional technical solution , caching, is to allow copies to be saved at distributed points throughout the network. However, caching raises two issues. First, cached copies can be out of date yet still contain information which is time sensitive (such as prices or stock quotes). Second, some Web sites derive revenue based on the amount and kind of access to their servers, and they currently have no verifiable way of counting the number of accesses to their documents cached elsewhere on the network. |
| Resources | CACHING ON THE INTERNET |
Joseph M. Reagle Jr.,
INTERNET-DRAFT MIT
<draft-reagle-PICS-copyright-00.txt> December 1996 (Expires July 1997)
Using PICS for Copyright Notice and Control
Status of this Memo
This document is an Internet-Draft. Internet-Drafts are
working documents of the Internet Engineering Task Force
(IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by
other documents at any time. It is inappropriate to use
Internet- Drafts as reference material or to cite them other
than as ``work in progress.''
To learn the current status of any Internet-Draft, please
check the ``1id-abstracts.txt'' listing contained in the
Internet- Drafts Shadow Directories on ftp.is.co.za (Africa),
nic.nordu.net (Europe), munnari.oz.au (Pacific Rim),
ds.internic.net (US East Coast), or ftp.isi.edu (US West
Coast).
Abstract
This document presents an alternative expression mechanism
for the copyright status of Web resources. Specifically it
employs the Platform for Internet Content Selection (PICS)
[2] label format to associate web resources with their
copyright and usage information. This in turn can be used by
search engines, proxy servers, agents, clients, and users for
content selection or to aid in rights compliance. This
document employs the copy control system described in [1].
1. Introduction
Intellectual property on the Internet has been a contentious
topic for a number of reasons. These include (1) does the
nature of the technology require us to change the legal
status of copyright as it stands now, (2) what rights should
be associated with Web content, (3) how to express the
rights, and (4) should the expression of the rights be used
for notification, enforcement, or payment negotiation? This
draft only addresses the expression of rights and uses the
copy control method/rights found in [1]. We argue that PICS
is an effective method of communicating intellectual property
information about Web content.
Reagle Expires July, 1 1997 [Page 2]
Draft Using PICS for Copyright Notice and Control November 1996
2.1 Copyright Status and Control
How intellectual property rights should be expressed is
affected by the following questions. Are the rights human
readable, machine readable? Are the rights easily encoded,
efficiently encoded? Does this encoding change across
multiple media (ASCII, images, audio, video, etc.) where size
and speed considerations may be of importance? In this draft
we do not address these issues in detail, rather we use the
copy control system specified in [1] and use PICS to
associate the copy control information with Web content.
In [1], Daviel specified a system in which a Web document has
"Print", "Save", and "Quote" variables associated with it,
where ({0 = disallowed}, {1 = conditionally allowed}, {2 =
unconditionally allowed}). These permissions are associated
with a document by encoding them in an HTTP header, or HTML
META tag. PICS is a more effective means of associating Web
resources with their copyright status and control information
as demonstrated in section 2.3.
2.2 PICS Expression of Copyright Status and Control
Consider the case in which Mark Twain wrote the material at
http://www.twain.com/story.html . He also has a page
describing the copyright statement in fuller detail at
http://www.twain.com/IP-notice.html . He uses the copy
control system in [1] to create the following label:
(PICS-1.1 "http://www.wipo.org/v1.5"
by "Mark Twain"
labels on "1994.11.05T08:15-0500"
for "http://www.twain.com/story.html"
full "http://www.twain.com/IP-notice.html"
ratings (print 1 save 1 quote 2))
2.3 Benefits of Using PICS labels for Copyright Status and
Control
The benefits of using PICS labels for copyright status and
control include:
1. Detached labels can easily associate copyright information
with any web referenceable resource including audio and visual
content.
2. Multiple distribution methods (embedded within the document,
transported by the server, or distributed from a label bureau)
improve copy status and control management. Organizations can
control the use and access to their IPR from their server or
proxy. Organizations can also create "audit" spiders to
understand the distribution and use of their content on the
Internet.
3. Generic labeling (implicitly rates every URL for which the
specified URL is the prefix of) improves the management of the
copyright information, since one doesn't have to label every
document in a directory if the tree has a homogenous copyright
status. (Though as someone said, "The same thing as with robots
exclusion protocol. Regular expressions are needed, URL prefixes
are not enough.")
4. Capabilities for digital signatures are provided in the PICS
format.
5. PICS is being widely used in other domains.
3. Security Considerations
This document does not address the integrity of intellectual
property assertions, cases of unauthorized disclosure, nor
enforcement mechanisms. However, PICS labels can provide the
basic information that the advanced functionality operate
upon.
Author's Address
Joseph M. Reagle Jr.
Massachusetts Institute of Technology
Laboratory for Computer Science
W3C, NE43-350
545 Technology Square
Cambridge, MA 02139
Telephone: + 1.617.258.7621
Fax: + 1.617.258.5999
mailto:[email protected]
References
[1] A. Daviel, "Copy Control for Web Documents.", Vancouver
Webpages, INTERNET DRAFT, <draft-daviel-web-copy-control-
00.txt>, November 1996.
[2] PICS, "Label Syntax and Communication Protocols",
INTERNET DRAFT, "draft-pics-labels-00.txt", 11/21/95.