(by Wilson D. Scarbeary, Colorado Law 3L)
Section 1201 of the Digital Millennium Copyright Act (DMCA) prohibits the circumvention of technological protection measures (TPMs) that control access to copyrighted works. Every three years, the Copyright Office holds a rulemaking to consider temporary exemptions to this prohibition on circumvention of TPMs for noninfringing activities such as accessibility, repair, and security research.
Security research has become a critical aspect of our modern cybersecurity architecture, and renewing and expanding this exemption is critical to enable security research into devices ranging from voting machines to personal devices. The TLPC took part in the development of an early temporary exemption for security research in 2008, and has participated in each triennial review since then. This cycle, the TLPC worked on behalf of our client, Professor J. Alex Halderman of the University of Michigan, along with the Center for Democracy and Technology and the United States Technology Policy Committee of the Association of Computing Machinery.
Continue reading “TLPC Advocates for Expansion of Security Research Exemption to Section 1201 of the DMCA”
Today, the TLPC filed a series of comments in the Copyright Office’s Eighth Triennial Review of exemptions from the anticircumvention measures of Section 1201 of the Digital Millennium Copyright Act. Section 1201 prohibits the circumvention of technological protective measures (TPMs) that control access to copyrighted works, but allows stakeholders to apply for and receive broader temporary exemptions for a variety of noninfringing uses. The TLPC filed comments on four exemptions, one focused on security research and the other three on various accessibility purposes.
Continue reading “TLPC Files Comments in the Eighth Section 1201 Triennial Review”
(by TLPC student attorneys Parker Nagle, Andrew Leddy, and Kennedy Smith)
On behalf of a coalition of independent network security researchers and public interest organizations, the Samuelson-Glushko Technology Law and Policy Clinic at Colorado Law filed reply comments on the FCC’s 2019 National Security Supply Chain Order and Further Notice of Proposed Rulemaking calling for greater cell network security. The TLPC worked with the coalition to draw attention to the many vulnerabilities plaguing cell networks that the Order did not address and to outline the broad but underutilized, authority the FCC has to advance meaningful solutions. The coalition included CU-Boulder researchers Dr. Eric Wustrow, Dr. Dirk Grunwald, and Dr. Sangtae Ha, mobile security researchers Joseph Hall, Yomna Nasser, Marcus Prem, and Ashley Wilson, and public interest organizations Electronic Frontier Foundation (EFF), Public Knowledge, and Eye on Surveillance.
Continue reading “TLPC Partners with Network Security Researchers and Public Interest Organizations to Call for Greater Cell Network Security”
On October 26, 2018, based upon the recommendation of the Acting Register of Copyrights, the Librarian of Congress adopted exemptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits circumvention of technological measures that control access to copyrighted works. On behalf of its clients Ed Felten and Alex Halderman, and working together with the Center for Democracy and Technology, the TLPC helped secure a set of important changes to a pre-existing exemption for good-faith security research, expanding the ability for security researchers to legally test device and system software for cybersecurity vulnerabilities without violating the DMCA and risking criminal liability.
Important caveat: this post is intended only as general information and does not constitute legal advice. If readers wish to utilize the new exemptions granted by the Librarian, they should consult independent legal counsel before doing so.
Continue reading “Section 1201 Security Research Exemption”