If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
What if there was a way for a business to transform any conduct it disliked into a felony, harnessing the power of the state to threaten anyone who acted in a way that displeased the company with a long prison sentence and six-figure fines?
Surprise! That actually exists! It's called Section 1201 of the Digital Millennium Copyright Act, the "anticircumvention" clause, which establishes five-year sentences and $500k fines for anyone who bypasses an "effective access control" for a copyrighted work.
Let's unpack that: every digital product has a "copyrighted work" at its core, because software is copyrighted. Digital systems are intrinsically very flexible: just overwrite, augment, or delete part of the software that powers the device or product, and you change how the product works. You can alter your browser to block ads; or alter your Android phone to run a privacy-respecting OS like Graphene; or alter your printer to accept generic ink, rather than checking each cartridge to confirm that it's the original manufacturer's product.
However, if the device is designed to prevent this – if it has an "access control" that restricts your ability to change the software – then DMCA 1201 makes those modifications into crimes. The act of providing someone with a tool to change how their own property works ("trafficking in circumvention devices") is a felony.
But there's a tiny saving grace here: for DMCA 1201 to kick in, the "access control" must be "effective." What's "effective?" There's the rub: no one knows.
The penalties for getting crosswise with DMCA 1201 are so grotendous that very few people have tried to litigate any of its contours. Whenever the issue comes up, defendants settle, or fold, or disappear. Despite the fact that DMCA 1201 has been with us for more than a quarter of a century, and despite the fact that the activities it restricts are so far-reaching, there's precious little case law clarifying Congress's vague statutory language.
When it comes to "effectiveness" in access controls, the jurisprudence is especially thin. As far as I know, there's just one case that addressed the issue, and boy was it a weird one. Back in 2000, a "colorful" guy named Johnny Deep founded a Napster-alike service that piggybacked on the AOL Instant Messenger network. He called his service "Aimster." When AOL threatened him with a trademark suit, he claimed that Aimster was his daughter Amiee's AOL handle, and that the service was named for her. Then he changed the service's name to Madster, claiming that it was also named after his daughter. At the time, a lot of people assumed he was BSing, but I just found his obituary and it turns out his daughter's name was, indeed, "Amiee (Madeline) Deep":
Aimster was one of the many services that the record industry tried to shut down, both by filing suit against the company and by flooding it with takedown notices demanding that individual tracks be removed. Deep responded by "encoding" all of the track names on his network in pig-Latin. Then he claimed that by "decoding" the files (by moving the last letter of the track name to the first position), the record industry was "bypassing an effective access control for a copyrighted work" and thus violating DMCA 1201:
The court didn't buy this. The judge ruled that pig Latin isn't an "effective access control." Since then, we've known that at least some access controls aren't "effective" but we haven't had any clarity on where "effectiveness" starts. After all, there's a certain circularity to the whole idea of "effective" access controls: if a rival engineer can figure out how to get around an access control, can we really call it "effective?" Surely, the fact that someone figured out how to circumvent your access control is proof that it's not effective (at least when it comes to that person).
All this may strike you as weird inside baseball, and that's not entirely wrong, but there's one unresolved "effectiveness" question that has some very high stakes indeed: is Youtube's javascript-based obfuscation an "effective access control?"
Youtube, of course, is the internet's monopoly video platform, with a commanding majority of video streams. It was acquired by Google in 2006 for $1.65b. At the time, the service was hemorrhaging money and mired in brutal litigation, but it had one virtue that made it worth nine figures: people liked it. Specifically, people liked it in a way they didn't like Google Video, which was one of the many, many, many failed internally developed Google products that tanked, and was replaced by a product developed by a company that Google bought, because Google sucks at developing products. They're not Willy Wonka's idea factory – they're Rich Uncle Pennybags, buying up other kids' toys:
Google operationalized Youtube and built it up to the world's most structurally important video platform. Along the way, Google added some javascript that was intended to block people from "downloading" its videos. I put "downloading" in scare-quotes because "streaming" is a consensus hallucination: there is no way for your computer to display a video that resides on a distant server without downloading it – the internet is not made up of a cunning series of paper-towel rolls and mirrors that convey photons to your screen without sending you the bits that make up the file. "Streaming" is just "downloading" with the "save file" button removed.
In this case, the "save file" button is removed by some javascript on every Youtube page. This isn't hard to bypass: there are dozens of "stream-ripping" sites that let you save any video that's accessible on Youtube. I use these all the time – indeed, I used one last week to gank the video of my speech in Ottawa so I could upload it to my own Youtube channel:
Now, all of this violates Youtube's terms of service, which means that someone who downloads a stream for an otherwise lawful purpose (like I did) is still hypothetically at risk of being punished by Google. We're relying on Google to be reasonable about all this, which, admittedly, isn't the best bet, historically. But at least the field of people who can attack us is limited to this one company.
That's good, because there's zillions of people who rely on stream-rippers, and many of them are Youtube's most popular creators. Youtube singlehandedly revived the form of the "video essay," popularizing it in many guises, from "reaction videos" to full-fledged, in-depth documentaries that make extensive use of clips to illuminate, dispute, and expand on the messages of other Youtube videos.
These kinds of videos are allowed under US copyright law. American copyright law has a broad set of limitation and exceptions, which include "fair use," an expansive set of affirmative rights to access and use copyrighted works, even against the wishes of the copyright's proprietor. As the Supreme Court stated in Eldred, the only way copyright (a government-backed restriction on who can say certain words) can be reconciled with the First Amendment (a ban on government restrictions on speech) is through fair use, the "escape valve" for free expression embedded in copyright:
https://en.wikipedia.org/wiki/Eldred_v._Ashcroft
Which is to say that including clips from a video you're criticizing in your own video is canonical fair use. What else is fair use? Well, it's "fact intensive," which is a lawyer's way of saying, "it depends." One thing that is 100% true, though, is that fair use is not limited to the "four factors" enumerated in the statute and anyone who claims otherwise has no idea what they're talking about and can be safely ignored:
Now, fair use or not, there are plenty of people who get angry about their videos being clipped for critical treatment in other videos, because lots of people hate being criticized. This is precisely why fair use exists: if you had to secure someone's permission before you were allowed to criticize them, critical speech would be limited to takedowns of stoics and masochists.
This means that the subjects of video essays can't rely on copyright to silence their critics. They also can't use the fact that those critics violated Youtube's terms of service by clipping their videos, because only Youtube has standing to ask a court to uphold its terms of service, and Youtube has (wisely) steered clear of embroiling itself in fights between critics and the people they criticize.
But that hasn't stopped the subjects of criticism from seeking legal avenues to silence their critics. In a case called Cordova v. Huneault, the proprietor of "Denver Metro Audits" is suing the proprietor of "Frauditor Troll Channel" for clipping the former's videos for "reaction videos."
One of the plaintiff's claims here is that the defendant violated Section 1201 of the DMCA by saving videos from Youtube. They argue that Youtube's javascript obfuscator (a "rolling cipher") is an "effective access control" under the statute. Magistrate Judge Virginia K DeMarchi (Northern District of California) agreed with the plaintiff:
Remember, DMCA 1201 applies whether or not you infringe someone's copyright. It is a blanket prohibition on the circumvention of any "effective access control" for any copyrighted work, even when no one's rights are being violated. It's a way to transform otherwise lawful conduct into a felony. It's what Jay Freeman calls "Felony contempt of business model."
If the higher court upholds this magistrate judge's ruling, then all clipping becomes a crime, and the subjects of criticism will have a ready tool to silence any critic. This obliterates fair use, wipes it off the statute-book. It welds shut copyright's escape valve for free expression.
Now, it's true that the US Copyright Office holds hearings every three years where it grants exemptions to DMCA 1201, and it has indeed granted an exemption for ripping video for critical and educational purposes. But this process is deceptive! The exemptions that the Copyright Office grants are "use exemptions" – they allow you to "make the use." However, they are not "tools exemptions" – they do not give you permission to acquire or share the tool needed to make the use:
Which means that you are allowed to rip a stream, but you're not allowed to use a stream-ripping service. If Youtube's rolling cipher is an "effective access control" then all of those stream-ripping services are wildly illegal, felonies carrying a five-year sentence and a $500k fine for a first offense under DMCA 1201.
Under the US Copyright Office's exemption process, if you want to make a reaction video, then you, personally must create your own stream-ripper. You are not allowed to discuss how to do this with anyone else, and you can't share your stream-ripper with anyone else, and if you do, you've committed a felony.
So this is a catastrophic ruling. If it stands, it will make the production of video essays, reaction videos, and other critical videos into a legal minefield, by giving everyone whose video is clipped and criticized a means to threaten their critics with long prison sentences, fair use be damned. The only people who will safely be able to make this kind of critical video are skilled programmers who can personally defeat Youtube's "rolling cipher." And unlike claims about stream-ripping violating Youtube's terms of service – which can only be brought by Youtube – DMCA 1201 claims can be brought by anyone whose videos get clipped and criticized.
Is Youtube's rolling cipher an "effective access control?" Well, I don't know how to bypass it, but there are dozens of services that have independently figured out how to get around it. That seems like good evidence that the access control is not "effective."
When the DMCA was enacted in 1998, this is exactly the kind of thing experts warned would happen:
And here we are, more than a quarter-century later, living in the prison of lawmakers' reckless disregard for evidence and expertise, a world where criticism can be converted into a felony. It's long past time we get rid of this stupid, stupid law:
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality
Anya is LIVE right now
FREE
Free to watch • No registration required • HD streaming
We're getting a lot of complaints from commuters who were routed onto a coaster, but the theme park patrons who spent hours stuck on an intercity line are also not happy.
Interoperability [Explained]
Transcript Under the Cut
[A close-up shot of Black Hat from the shoulders up]
Black Hat: Compatibility and interoperability are so important.
[A zoom out reveals that Black Hat is standing in front of and pointing at a diagram showing a commuter subway car and a rollercoaster car, and the tracks they both run on. Standing next to him are Cueball and Hairbun]
Black Hat: For example, most subway rails are 143.5 cm apart. But many roller coasters use a narrower 110 cm gauge.
[This panel shows only Black Hat]
Black Hat: For the last few years, our company has been quietly retrofitting roller coasters to use 143.5 cm tracks.
[Black Hat now has his fists raised]
Black Hat: Soon, we can begin phase 2.
Voice from off-panel: Maybe interoperability is actually bad.
Black Hat: If you listen to the destination announcement while boarding, you'll be fine.
This is an increíble thing that happens when trying to follow that subscribe link to the newsletter
yeah I know that's the joke
actually lemme explain the joke cause this is genuinely useful information and probably a ton of people just don't know about this anymore:
So this is what's called an RSS Feed
it looks like a bunch of data code nonsense because that's exactly what it is: a series of big blocks of data that tell you things like: what each of the last [number] of blog posts are, what the title of each is, what the date for each is... and actually I think I serve the entire content of each post through the feed so there's also a bunch of html formatting in there, image files, and so on. for the record, it doesn't look like that for me because I have a plugin (RSS Preview on Firefox) that can take that data and render it like this:
RSS files are just periodically updated documents--text docs, you can write them in notepad if you really wanted to!--that lives at a url on your website. Plug that URL into a "reader" and it'll periodically call my website up and check if there's changes to the data in the feed. if there's a new entry, it'll drop that into your feed and alert you to the fact that I've posted a new article. I've seen a few different claims of what RSS stands for but the one I like is "Really Simple Syndication". because it is really simple! I just have a bulletin board on my site that posts new information, and then your little robot goes around town checking all the bulletin boards and bringing the information back to you. you may instead visualize this as a kobold, army of hypno drone minions, &c, whatever's your fancy.
the best part from my perspective is that I don't need to have your email or deal with your service provider's (probably google's) opaque spam policies. if it's on my feed, you or anyone else can just call up the url whenever you want and find my stuff. it also means I don't have to update at a particular time on a particular day of the week and the feed keeps working months or years between updates, which gives this major major advantages over sticking a website into a bookmark folder somewhere on your browser and just reminding yourself to check it periodically. we have robots (kobolds &c) to do that for us! so, the joke here is that you can "sign up for my substack newsletter" by just... putting a url, into your program of choice, without worrying about whether I'm going to sell your email. it's just one of many things that makes blogs better than substacks.
the big question that I don't have a great answer for is what you do with the url. there's a LOT of readers out there, but there was sort of a collapse of the ecosystem and blogging as a whole after the fuckers at google obliterated Google Reader, which was the eponymous rss reader, from the eponymous google. it's like the fourth worst thing they've done after replacing their own search with LLM slop, monopolizing the ad market, and worst of all discontinuing Google Wave. that said, the fact that the market is quite fragmented is imo an opportunity to play around and find a reader that works for you. I'm using a fork of a fork that you can only get through github that looks like it was programmed in 2006 because it probably originally was, but I also just started parsing my gmail through firefox's email frontend Thunderbird, and that has a web calendar (also like rss--you can read about that here) AND an RSS reader built in, so I want to explore that and see if it's a solid modern alternative. I tend to gravitate towards programs that let me be a power user--because these feeds have a ton of data potentially you can do things like automatically discard, say, news articles with tags you're uninterested in, or move some articles to a particular "inbox" folder to make sure you see them, and a really powerful reader will let you automate that process.
that said if all you want is a simple reader that lives in the cloud and syncs up your webcomic library... there's definitely options for that!
and oh yeah, did I forget to mention? a LOT LOT LOT of webcomics still use RSS. it's actually the biggest thing I use my reader for, and why I'm keeping up with so many more webcomics again.
not that they always make it easy to find. dumbing of age for example has the rss feed aaaaall the way at the bottom:
Kill Six Billion Demons has it right at the top, but you might not recognize it. it's that orange icon at the end that looks sorta like a cartoon radio transmitter:
once again I recommend using the RSS Preview extension, which helpfully adds a little icon to my firefox url bar when it detects a link to an RSS feed. it makes it way way easier to find these things than having to hunt around all over a page for that little orange icon or a link that just says "Subscribe". it's not a perfect tool (I just noticed it doesn't detect the rss feed on Gwyn's blog despite it having a big link at the top of the page saying "RSS"!) but for someone just starting to set up a library it's invaluable imo
oh and fun fact: for a long time substack *was not aware* that if you followed a blog through rss... they were just serving paywalled content directly over the feed. like, I was just casually reading through paywalled articles without a care in the world, right there in my reader. they caught on to their screwup sadly but it was fun while it lasted. and hey, it still works for bypassing all the intrusive ugly bullshit that a substack throws at you when you're reading on their website.
so in a very real way, rss IS a way to subscribe to a substack!
so everyone go out and sign up for my substack newsletter today:
We really could get so much more out of computers and our massive digital footprints if there were any incentive for software developers to make programs that work together. But everyone just wants to capture the market, be the “everything app” not realizing that the real “everything app” is open source, open protocol and a probably government mandated requirement to foster interoperability. We get little glimpses of the future when some of these things align but greed keeps every dev shackled.
If you want to make money off of people using software you are a part of the public “everything app” that is called “the internet” for the privilege of using this lucrative public space you must follow basic rules. Mostly: either make your application compatible w/ similar applications, or pay an isolation tax. The unregulated public digital commons has been enclosed! it’s time to roll it back! There is no natural market incentive to solve these problems except monopoly and do we want that? no!
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality
Anya is LIVE right now
FREE
Free to watch • No registration required • HD streaming
A bit excited about this promise from @photomatt! ActivityPub, for those not in the know, is a decentralized social networking protocol. (Its best-known implementation is in Mastodon.) With the murder implosion of Twitter, this has not only cross-platform posting and viewing implications, but also the potential for self-hosted Tumblr servers. Fascinating.
Hey friends! 🌐 Check out this eye-opening blog on the game-changing #DeFi revolution, featuring current benefits and exciting future directions. Explore #financialinclusion, #privacy, #governance, and more in the future of finance! 🚀
In the rapidly evolving landscape of the financial world, a disruptive force has emerged, challenging traditional banking systems and revolutionizing how we handle money. Decentralized Finance, commonly known as DeFi, is an innovative concept built on blockchain technology that empowers individuals with greater financial autonomy, transparency, and inclusivity. In this blog, we will explore the…
🚨Libonomy Team wishes you a great weekend. But first - how about interoperability? Libonomy provides full on-chain interoperability — Bitcoin, Ethereum...
