FRAMINGHAM (10/16/2003) - Consider the following scenario: You are the CEO of a 3-year-old start-up company in the business of developing, according to your Web page, "entertainment technology that guards the content ownership rights of publishers, artists and record companies without getting in the way of the listening experience." Your product has just been adopted by a major company in your area and has started shipping to great publicity. The product seems almost too good to be true and, if the reports are to be trusted, everyone loves it. The future looks bright indeed.
Then along comes some geek who tells the world that your technology can be defeated with the little finger of the left hand. Not only does the emperor have no clothes, the underwear is also missing. What should you do? It is far too late to have developed a product that did what the hype said it would do. You are in a bind. The future of the company depends on your next move. If you are the CEO of SunnComm, you reach for the stupid juice and take a big swig.
When this story broke it was hard to believe. A brand-new copy-protection scheme, shipped with great fanfare on a new music CD distributed by one of the biggest companies in the music business, could be defeated by holding down the shift key when inserting the CD into a PC. How could any company be so clueless as to think that this would not be very quickly figured out and the exploit would become instantly well known? When I first heard of it I dismissed the story as untrue because it was just too improbable.
But a day or so later comes the bombshell. It turns out that the story was true. Not only was the story true, but the CEO of SunnComm, the company that developed the "protection" system, was going to sue the student who revealed the work-around. (I have to put the word "protection" in quotes because they must have a different definition of the word than I do.) He said the company was going to sue the student for maligning its reputation and refer the case to federal authorities because the student violated the Digital Millennium Copyright Act's (DMCA) probation of distributing tools for circumventing copy-protection systems. (The CEO must have thought the student was shipping out boxes of little plastic fingers to be used to push the shift key.)
I suppose that there could be a more perfect example of what is wrong with the DMCA and the companies that support it than this case, but it would take some real expertise to develop it. The DMCA, when used this way, tries to protect the stupid. If the aim actually had been to protect the music, the law would have encouraged researchers to find and report flawed protection technologies. Whatever protection the DMCA offers will be, at best, temporary. Good technology might be hard to develop but hiding flaws is not the same as ensuring there are fewer flaws.
In SunnComm's case the stupid juice wore off the next day and the CEO dropped the idea of calling out the lawyers, but not before he became a poster child for those who think that putting on blinders means the real world goes away.
Disclaimer: Harvard researchers many years ago showed that long before children reach the age when they can talk they realize that hiding things does not make the things go away. But I did not talk to the researchers, or the kids, about the DMCA example of arrested development.
Bradner is a consultant with Harvard University's University Information Systems. He can be reached at email@example.com.