Meet the latest DRM Drones

The latest round of opposition comments in the Digital Millennium Copyright Act's (DMCA) exemption process shows which government entities oppose user freedom.

Back during the last round of the DMCA anti-circumvention exemptions process, we wrote about the DRM Drones who were opposing exemptions. These companies, along with the US Environmental Protection Agency (EPA), were trying to stifle the work of activists working to claw back a bit of freedom in the face of the DMCA's draconian provisions. A few years later, and it's a new round of the exemptions process, with perhaps some new faces, but the same old problem.

As we've often said, Digital Restrictions Management (DRM) is not about copyright, it's about control. And these opposition comments truly demonstrate that that is the case. The DMCA is allegedly meant to aid in copyright enforcement, but goes about its task in the worst way possible, creating legal penalties for circumventing DRM. By itself, DRM is harmful to users, who all have the right to control their own computing. Adding legal penalties only compounds the harm of DRM. Even if DRM were an effective tool for enforcing copyright (and if copyright were not already extremely excessive), it is unethical to place such onerous control over users.

So what does the US Food and Drug Administration (FDA), or the US Federal Aviation Administration (FAA) for that matter, care about enforcing copyright? The reality is that they don't, but they realize the nefarious power of DRM to lock down and control users for any purpose, using copyright as an excuse. Like the EPA, the FDA and the FAA are also trying to use DRM to enforce the laws and regulations they are tasked with upholding. The cause the FDA and FAA have chosen to champion is the ability to force users to buy particular feedstock for 3D printers.

These printers take simple materials and transform them into virtually anything a user can imagine, but you still need that base material (known as feedstock) in order to print anything. Companies want to use DRM on their 3D printers so they can lock users into only using their feedstock, believing that they thereby will reap a large financial benefit. The FDA apparently worries about users using non-approved feedstock to create 3D-printed medical devices. The FAA has the same concern for aviation parts. Do any of these purposes have anything to do with copyright? No, none whatsoever, except for the fact that the DMCA exists. Because the DMCA's anti-circumvention provisions prop up the use of DRM, these companies and agencies want to use it for all their non-copyright related purposes. DRM is a tool of control, and instead of just doing their job, the FDA and the FAA want copyright law to do it for them.

Their laziness is harmful to users, as the current exemption for 3D printers has a qualification that it does not apply to any software or device "which is subject to legal or regulatory oversight or a related certification process." A lawyer for Shapeways Inc. submitted the new exemption pointing out that as currently written, it renders the exemption as a whole useless, as virtually any use could be subject to some other non-copyright regulation. The Free Software Foundation (FSF) submitted the sole comment in support of the updated exemption. We are fighting to end DRM and the DMCA anti-circumvention exemptions process, but until we achieve that goal, we support every single exemption that is proposed. The FDA and FAA should join us in this goal, and stop trying to use the DMCA for their own purposes, and start supporting the rights of users.

Next up is the National Association of Secretaries of State (NASS), representing 40 different US state governments. NASS are apparently unfamiliar with the fact that security through obscurity is a recipe for disaster. They've submitted opposition comments trying to stop an exemption for security researchers. Being able to circumvent DRM's obstruction in order to test the security of a device or piece of software is one of the most important reasons why DRM is so damaging. How can anyone trust a device or piece of software if they can't pull it apart and study its internals?

NASS thinks that letting security researchers test the security of voting machines would somehow make those machines less secure. But as everyone else knows by now, you can't make a system secure by pretending it can never be cracked. The only way to verify its security is to test it, and to have lots of people test it. As in the case of the FDA and the FAA, there are other legal tools already available for punishing anyone who tries to damage or interfere with elections. So why try to rope copyright law into this entirely unrelated matter? Again, the only reason these government officials are getting involved is because they want the control that DRM provides, a level of control they have no ethical right to exert.

During the last exemption round, we were afraid that the EPA meddling in the DMCA anti-circumvention process was only the beginning. We worried that more and more, the government would seek to turn the DMCA anti-circumvention penalties and the DRM controls it supports into a further tool of oppression. This latest round of exemptions does nothing to dispel that fear. It's getting worse and worse. If we don't act now, government will begin to use DRM to control every aspect of our lives. If you thought having corporations controlling the keys to your digital life was a nightmare, it is about to get infinitely worse.

The time to fight back is now. Here is what you need to do:

If you microblog, please share the following messages (or your own) with the hashtag #DRMshame:

@US_FDA You should be ashamed of yourself for trying to use Digital Restrictions Management to do your job #DRMshame https://u.fsf.org/2k1

@FAANEWS You should be ashamed of yourself for trying to use Digital Restrictions Management to do your job #DRMshame https://u.fsf.org/2k1

@NASSorg Security through obscurity does not work, say no to Digital Restrictions Management #DRMshame https://u.fsf.org/2k1

We strongly suggest that if you use Twitter, you do it in a way that avoids using proprietary software.

Here's what else you can do: