ACTA and the Anti Circumvention Clause
This citation concerns you:
“Each Party shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors, performers or producers of phonograms in connection with exercise of their rights in and that restrict acts in respect of, their works, performances and phonograms, which are not authorized by the authors, the performers or the producers of phonograms concerned or permitted by law”.
Do you recognize it? If you’ve been following the recent ACTA (Anti-Counterfeiting Trade Agreement) news, and went through the agreement, you’d know that this is taken from Section 5, article 27, paragraph 5. So how does this concern you?
At a first glance, this paragraph seems to be targeted at the music industry, however the proposed agreement does not define “authors” anywhere in the document. An individual who writes software is an author, and I am therefore concerned that this might also apply to us who work in security – and if this is the case, it can actually cause a lot of problems. If the clause does exclude legal usage, meaning that reverse engineering malware – which is using obfuscation techniques might not in itself be illegal – can the same be said for the tools we depend on to do our job?
Point six states that any tool designed for the purpose of circumventing an effective technological measure, or has only a limited commercial significant purpose other than circumventing an effective technological measure, should be deemed illegal. This also appears to cover disassemblers and other similar analytical tools that are essential for the reverse engineering of malware.
I may be wrong, but if this is the case, I believe it will also be a threat for free software because if reverse engineering, or the software that is required to perform it, is deemed illegal, it would be impossible for free software to allow interoperability. Even worse, without reverse engineering we cannot have antivirus definitions and no Intrusion systems detection rules, as these also depend on malware analysis.
Since this is a treaty, and each country has to enact legislation to comply with the treaty, it is extremely hard to get clear-cut answers. Reverse engineering and disassembling have long been a big issue for developers. Console manufactures have a strong interest in ensuring that any Anti-Circumvention law will apply to consoles as well. All this adds to my concern that the treaty may have negative repercussions on the security industry and those who work in it.
I would like to hear the perspective of admins and other IT professionals who might be affected by the terms of the treaty. What are your views on the subject? Are you worried or do you think any legislation is unlikely to have an impact on your work?
Well, we don’t (or at least I don’t) live in the “Federal United States”. So right off the bat I would just tell them to suck an egg. lol. Good Samaritan type laws could apply. lol.
The hackers are going to sue for copy right infringement or claim to be an injured party and file a complaint?
Prosit Leli, jidher li l-ACTA hija intenzjonalment hekk biex thalli il-bieb miftuh ghal interpretazzjonijiet differenti.
ScotM, ACTA extends far beyond the United States, including the European Union and Australia among others. It’s dangerous, widespread legislation that sounds good for its intended purpose but goes far beyond into the realm of giving governments dangerous carte blanche into what they can and can not do on the internet. Reverse engineering is an important part of advancing technology, and I’m against any company that gets their pants in a bunch over it.
Tell all these to human rights, civil and digital rights activists. Most of them are against Anti-Counterfeiting Trade Agreement. For me personally, ACTA is a so – so thing, for now. I’ve been an IT manager for a medium size business here in Florida and so far it did not and does not affect my work and my company’s growth.
I’m one of those techy people who were elated by the said treaty when it was planned and drafted. But since ACTA was signed on October 1 last year, I have not seen any obvious benefit it gave to the Internet, much more to the general public.
YES – pirated copyrights is one of the World Wide Web’s biggest issues now – but this problem needs more than just ACTA. And if China and Russia will not join, it will take some time for ACTA to prove its worth.
This issue is not and should not be viewed simply from within the USA – this has even more impact when you look at the issue on a global level. Our country’s government has already blithely signed up to this.
ACTA is not just a United States Law, it also is being pushed in the EU, Australia, Canada, Japan, Mexico, Morocco, New Zealand, Korea, Singapore, Switzerland.
I do not expect the writer of some major destructive virus to file a lawsuit against an AV vendor, but where there is money people will try to scam and such laws might give them the tools they need. Just like some people scam insurances by faking accidents, I can think of different ways how a scammer can trick an AV in reverse engineering a virus without breaking the law themselves. Viruses are not illegal, they are just a piece of software. It is the releasing of the virus that breaks the law; so if a scammer writes such a fake viruses, finds out a honeypot of an AV vendor, submits the virus to that honeypot without ever releasing the virus in the wild and then tests the AV until it can detect his/her virus s/he can then sue that AV safely as the malware writer him/her would not have broken any laws. This all depends on how the Law is formulated obviously with any luck it will ensure that such events do not occur.
However, from the way ACTA is being pushed I fear the right people who understand these scenarios might end up not being consulted.
All I have to say about ACTA is this: BRAINLESS! I didn’t bother to read the whole of it but I think I got the spirit. What they are trying to do is similar to giving a gun to a mad person and telling him or her to go on the street and shoot. After some random shooting, it is quite probable that at least one the victims will turn to be a criminal. The same with ACTA – shoot randomly and sooner or later we’ll find a hacker/copyrighted material thief. ACTA will not protect copyright, it will put a huge obstacle on the way of progress, not to mention human rights. I hope ACTA is trashed soon and goes to history textbooks as an example of completely inadequate legislation attempt.