DMCA: Taking a Number and Making it Illegal
Evan Lampley
CSC 540
The Digital Millennium Copyright Act (DMCA) is a United States copyright law signed into law by
Bill Clinton on October 28, 1998. Implementing two treaties enacted by the United Nation’s World
Intellectual Property Organization (WIPO), the DMCA formally criminalizes circumvention of copyrighted
works, distribution of copyright circumventing technology, and possession of copyright works outside
fair-use/possession guidelines. Outright possession of copyright circumvention equipment or
technology, however, is not illegal, nor is acquisition of said technology illegal. This creates a situation
where consumers with valid and legitimate reasons to circumvent copyright systems face a dearth of
tools under the pressure placed by the DMCA on distributors.
The first question one might ask about the DMCA and copyright circumvention is, “Why does a
controversy exist if breaking copyright is illegal?” Although US copyright law allows for limited fair-use
of copyrighted material, such as educational purposes, parody, and non-commercial time-shifting, no
provisions are specifically made to allow copyright systems to be circumvented for fair use. Even though
fair use laws may allow for the use of a certain segment of media, the DMCA prevents the copyright
system from being circumvented to allow access to the content for fair use. This shift the power to
determine what constitutes fair use to the copyright holders who usually side with themselves.
The creation of personal non-commercial back-up copies of purchased media is also not directly
addressed by the DMCA. Prior to the passage of the DMCA and advent of many DRM systems, it was
common for end users make personal copies of their purchased content for use across many different
systems or for archival purposes or simply to play it on their computer system whenever they like
without the copyright holder dictating how and when. Even then, such backups were a legal grey where
legality was implied by the lack of illegality. With the passage of the DMCA and criminalization of all
copyright system circumvention, personal back-ups are now by default illegal.
An illegal number is quite simply a number that contains illegal information. In the realm of
circumventing copyright software, illegal numbers are proprietary encryption keys (prime numbers) that
may be utilized to break (or crack) the rights management system and allow the user free access to use,
copy, and distribute as they please without loss of information or quality. The issue of illegal numbers
can also be extended further into criminal law as any computerized information deemed illegal may be
represented as an arbitrary number. Because interconversion or dissection of illegal numbers from their
“hidden” state into useable information is usually more difficult and less straight forward than obtaining
unrestricted executable files or plaintext files, illegal number are, more often than not, created and used
more in protest of the DMCA than in actual copyright circumvention.
One prominent case illuminating the nature and ethical controversy of illegal number was the
Advanced Access Content System (AACS) encryption key controversy which erupted after the
hexadecimal encryption keys for HD DVDs and Blu-ray Discs were posted online.
First appearing on HD DVD and Blu-ray Disc players in 2006, the AACS digital rights management
(DRM) standard restrict access to content by encrypting content under two layers of encryption set-up
to allow individual revocation of compromised encryption keys associated with specific player model
groups. In theory, this ability to revoke keys would allow AACS to block leaked keys from accessing
future released content by excluding the key from the updated DRM.
Encryption keys first began to appear on the internet in late 2006 and early 2007 after they were
discovered in the active memory of software players and unsecure players. The first key revocations
occurred on April 16th the same year, and broken again less than a month later before the any discs with
the updated DRM were shipped.
DMCA demand letters, presented on behalf of the Motion Picture Association of America
(MPAA), were first issued on April 17th to various US hosted websites requiring all instances and
postings of the hexadecimal encryption to be taken down under threat of copyright law. On May 1st,
user driven technological news site Digg.com began removing infringing posts and closing related user
accounts in compliance of the demand. The community’s response to the intrusion was swift. In
defiance of the administrators’ actions to hide and sanctions to silence the key’s postings, the website’s
userbase rose in open revolt by flooding the site’s user feed content system with content in allegory to
the key, inserting the key into various media, and flat-out reposting the key in an effort to disseminate
the information as widely as possible. Several users even created a ‘free speech’ flag of vertical
partitions defined as the RGB colors of the illegal number in hexadecimal:
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Unable to keep their website under control, Digg.com administrators’ quickly made an about
face on the issue:
“We hear you, and effective immediately we won't delete stories or comments containing the
code and will deal with whatever the consequences might be,”
It is estimated that by the conclusion of the controversy (3 May), over 700,000 pages worldwide
had published they key, up dramatically from 9,410 shortly before Digg.com began removing offending
posts: a particularly sublime example of the Streisand Effect
Prior to the development of the AACS encryption key standard or even HD DVD or Blu-ray Discs,
there was the Content Scramble System (CSS) for DVDs released in 1996. Using a much simpler and
straightforward encryption system than AACS, CSS systems relied upon a 40-bit key stored in the player
to authenticate and decode encoded content stored on the discs. Licensing and legal restrictions at the
time placed on CSS encryption drivers, however, limited the official availability of compatible software,
leaving some users unable to play movies on some operating systems, such as Linux.
In October 1999, Jon Lech Johansen and two other unknown authors released a closed-source
program that decrypts DVDs with CSS called DeCSS. After the source code was leaked, the program was
improved by a group called “DrinkOrDie” and released under the name “DoD DVD Speed Ripper”, which
is reported to have used a key acquired from a disassembled Xing DVD player object code.
Legal action against hosting website and the creators were swift and sever. Jon Lech Johansen,
still a teenager at the time of the release was arrested by Norwegian police and tried in violation of
Norwegian law. He was acquitted of all charges in early 2004. To evade authorities, DeCSS and its
clones were hosted on many different websites (mirrored). A perfectly legal program that strips
Cascading Style Sheets (CSS) tags from HTML pages of the same name was even create to bait the MPAA
into issuing a take-down notice on an innocent party. This happened at least once to a student’s
webpage hosting the legitimate program, garnering negative media attention.
Seeking to give a representative form of DeCSS an intrinsic property to allow open publication,
Phil Carmody generated a 1401-digit prime number in the form k·2562 + 2083 and then a 1905-digit
prime in the form k·256211 + 99 based upon the binary representation of the DeCSS C source code. The
second prime number of the two was large enough to be mentioned in the list of largest known primes.
49310 83597 02850 19002 75777 67239 07649 57284 90777 21502 08632 08075 01840 97926 27885
09765 88645 57802 01366 00732 86795 44734 11283 17353 67831 20155 75359 81978 54505 48115
71939 34587 73300 38009 93261 95058 76452 50238 20408 11018 98850 42615 17657 99417 04250
88903 70291 19015 87003 04794 32826 07382 14695 41570 33022 79875 57681 89560 16240 30064
11151 69008 72879 83819 42582 71674 56477 48166 84347 92846 45809 29131 53186 00700 10043
35318 93631 93439 12948 60445 03709 91980 04770 94629 21558 18071 11691 53031 87628 84778
78354 15759 32891 09329 54473 50881 88246 54950 60005 01900 62747 05305 38116 42782 94267
47485 34965 25745 36815 11706 55028 19055 52656 22135 31463 10421 00866 28679 71144 46706
36692 19825 86158 11125 15556 50481 34207 68673 23407 65505 48591 08269 56266 69306 62367
99702 10481 23965 62518 00681 83236 53959 34839 56753 57557 53246 19023 48106 47009 87753
02795 61868 92925 38069 33052 04238 14996 99454 56945 77413 83356 89906 00587 08321 81270
48611 33682 02651 59051 66351 87402 90181 97693 93767 78529 28722 10955 04129 25792 57381
86605 84501 50552 50274 99477 18831 29310 45769 80909 15304 61335 94190 30258 81320 59322
77444 38525 50466 77902 45186 97062 62778 88919 79580 42306 57506 15669 83469 56177 97879
65920 16440 51939 96071 69811 12615 19561 02762 83233 98257 91423 32172 69614 43744 38105
64855 29348 87634 92103 09887 02878 74532 33132 53212 26786 33283 70279 25099 74996 94887
75936 91591 76445 88032 71838 47402 35933 02037 48885 06755 70658 79194 61134 19323 07814
85443 64543 75113 20709 86063 90746 41756 41216 35042 38800 29678 08558 67037 03875 09410
76982 11837 65499 20520 43682 55854 64228 85024 29963 32268 53691 24648 55000 75591 66402
47292 40716 45072 53196 74499 95294 48434 74190 21077 29606 82055 81309 23626 83798 79519
66199 79828 55258 87161 09613 65617 80745 66159 24886 60889 81645 68541 72136 29208 46656
27913 14784 66791 55096 51543 10113 53858 62081 96875 83688 35955 77893 91454 53935 68199
60988 08540 47659 07358 97289 89834 25047 12891 84162 65878 96821 85380 87956 27903 99786
29449 39760 54675 34821 25675 01215 17082 73710 76462 70712 46753 21024 83678 15940 00875
05452 54353 7
Because both of Phil Carmody’s prime numbers were generated upon the basis of DeCSS’s
binary representation, both can be backwards converted from a base 10 number to binary and then to
an equivalent programmable code thus allowing this form of DeCSS to openly exist and be distributed
for its intrinsic value.
In final examination of the ethical issues presented by the DMCA and the “illegal numbers”
presented in both previous cases, consider that the end user’s motive, whether they intent to make fairuse of the content or infringe upon copyright laws, cannot be known by anyone except the user
themselves.
“Should users be entitled to full access of their content, even if it means breaking the law?”
Going beyond fair use and back to the legal grey area of personal non-commercial use, the ethical
situation is sketchy. When a consumer purchases a DVD or music CD, they feel like they are due a nonlimited entitlement to the media content as long as it is within personal bounds; however that’s not the
reality faced by ethical consumers. In one point of view, DRM may be considered a violation of private
property rights over an individual’s right to legally access content they purchased by restricting access or
otherwise preventing the user from modifying settings, that is if a physical copy is owned. As digital
copies are often licensed under strict terminable limited agreements, user access is usually strictly spelt
out and restricted.
The largest ethical concern regarding ownership vs. access is regarding loss of purchased media
either physically or via format incompatibility. With no personal gain aside from gaining access to
already purchased content, both situations are ethically sound, yet are illegal because such a process
would require the content’s DRM to be removed.
“Why are these numbers, essentially pieces of information used for whatever their purpose,
illegal? Specifically what makes them an illegal number?” Distribution of these numbers are illegal
because there exists a chance they may be used to infringe upon copyrighted content. These numbers
are or are derived from information used to break copyright systems, and thus under the DMCA, they
are illegal to distribute. The criminalization of these numbers, a seemingly arbitrary collection of
integers, can be akin likened to the criminalization of possessing of scrap metal because it could be used
to construct a dangerous weapon or a camera because it may be used to photograph and distribute
something indecent.
Consider the benign intangibility and continue that connection towards what they really
represent: programs designed to bypass DRM on locked content. If you consider the latter to be
ethically immoral, than you must consequently consider the former to be as ethically immoral: they are
one in the same in the end. Likewise, if you consider the former to be ethically moral, than you must
equally consider the latter to be as ethically moral.
References:
http://www.e-readinglib.org/bookreader.php/133502/Math_You_Can%60t_Use%3A_Patents,_Copyright,_and_Software.pdf
http://www.copyright.gov/legislation/dmca.pdf
http://en.wikipedia.org/wiki/AACS_encryption_key_controversy
http://news.bbc.co.uk/2/hi/technology/6623331.stm
http://news.bbc.co.uk/2/hi/technology/6615047.stm
http://web.archive.org/web/20070504012547/http://www.badmouth.net/free-speech-flag/
http://web.archive.org/web/20070610103122/http://www.darkreading.com/document.asp?doc_id=12
3127&WT.svl=cmpnews1_1
http://www.dvdcca.org/css.aspx
http://www.pigdog.org/decss/
http://www.lemuria.org/DeCSS/dvdtruth.txt
http://primes.utm.edu/primes/search.php
http://chillingeffects.org/anticircumvention/faq.cgi
https://ojs.lib.byu.edu/spc/index.php/PrelawReview/article/download/13672/13549
http://info.legalzoom.com/dmca-backup-copyrighted-content-22827.html
Phil Carmody’s prime number in the form k·256211 + 99:
49310 83597 02850 19002 75777 67239 07649 57284 90777 21502 08632 08075 01840 97926 27885
09765 88645 57802 01366 00732 86795 44734 11283 17353 67831 20155 75359 81978 54505 48115
71939 34587 73300 38009 93261 95058 76452 50238 20408 11018 98850 42615 17657 99417 04250
88903 70291 19015 87003 04794 32826 07382 14695 41570 33022 79875 57681 89560 16240 30064
11151 69008 72879 83819 42582 71674 56477 48166 84347 92846 45809 29131 53186 00700 10043
35318 93631 93439 12948 60445 03709 91980 04770 94629 21558 18071 11691 53031 87628 84778
78354 15759 32891 09329 54473 50881 88246 54950 60005 01900 62747 05305 38116 42782 94267
47485 34965 25745 36815 11706 55028 19055 52656 22135 31463 10421 00866 28679 71144 46706
36692 19825 86158 11125 15556 50481 34207 68673 23407 65505 48591 08269 56266 69306 62367
99702 10481 23965 62518 00681 83236 53959 34839 56753 57557 53246 19023 48106 47009 87753
02795 61868 92925 38069 33052 04238 14996 99454 56945 77413 83356 89906 00587 08321 81270
48611 33682 02651 59051 66351 87402 90181 97693 93767 78529 28722 10955 04129 25792 57381
86605 84501 50552 50274 99477 18831 29310 45769 80909 15304 61335 94190 30258 81320 59322
77444 38525 50466 77902 45186 97062 62778 88919 79580 42306 57506 15669 83469 56177 97879
65920 16440 51939 96071 69811 12615 19561 02762 83233 98257 91423 32172 69614 43744 38105
64855 29348 87634 92103 09887 02878 74532 33132 53212 26786 33283 70279 25099 74996 94887
75936 91591 76445 88032 71838 47402 35933 02037 48885 06755 70658 79194 61134 19323 07814
85443 64543 75113 20709 86063 90746 41756 41216 35042 38800 29678 08558 67037 03875 09410
76982 11837 65499 20520 43682 55854 64228 85024 29963 32268 53691 24648 55000 75591 66402
47292 40716 45072 53196 74499 95294 48434 74190 21077 29606 82055 81309 23626 83798 79519
66199 79828 55258 87161 09613 65617 80745 66159 24886 60889 81645 68541 72136 29208 46656
27913 14784 66791 55096 51543 10113 53858 62081 96875 83688 35955 77893 91454 53935 68199
60988 08540 47659 07358 97289 89834 25047 12891 84162 65878 96821 85380 87956 27903 99786
29449 39760 54675 34821 25675 01215 17082 73710 76462 70712 46753 21024 83678 15940 00875
05452 54353 7
Advanced Access Content System (AACS) encryption key leaked on Digg.com:
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0