May 25, 2007 | By Danny O'Brien

Effective Technological Measures: It Means What It Says, Says Finnish Court

Effective Technological Measures: It Means What It Says, Says Finnish

It's the phrase that rules over both the DMCA and Europe's equivalent, the European Copyright Directive EUCD. Under both it's illegal to circumvent "effective technological measures" used by rightsholders to restrict access to their works.

But what happens when the measures don't measure up? Part of the irony of the DMCA in the United States has been that generous court interpretations of "effective" has led DRM designers to craft the flimsiest of programming tricks to control access. (Some have even gone so far as to suggest that the DMCA would extend to simple ciphers, such as ROT13). Those companies then hide behind the DMCA's provisions that eliminate public discussion of the measure's flaws. In the absence of criticism, rightsholders are gulled into believing that such snake-oil will save their works from commercial piracy, even though circumvention is often trivially simple.

In Finland, at least, that absurdity has been challenged. In a case in the Helsinki district court, activists running a site offering DVD decryption code were prosecuted under Finland's implementation of the EUCD, and successfully defended their case on the argument that DeCSS was an ineffective protection.

The court agreed (PDF), saying:

"...since a Norwegian hacker succeeded in circumventing CSS
protection used in DVDs in 1999, end-users have been able to obtain with ease
tens of similar circumventing software from the Internet even free of charge.
Some operating systems come with this kind of software pre-installed CSS
protection can no longer be held 'effective' as defined in law."

It's a refreshing example of how the practical realities of copy-protection can be accepted by a court, in an attempt to work out a reasonable way to apply anti-circumvention law. If a copy access is so vulnerable that it can be broken in a few lines of easily conveyed code, or the act of pressing the shift key when rebooting, or by obtaining a key that is on thousands of sites across the globe, is it really the legal system who should bear the impossible burden of protecting the unprotectable?

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Backdoors have been discovered in Arris cable modems. This is why we need a security research exemption to the DMCA.

Nov 27 @ 2:15pm

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all:

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter:

Nov 25 @ 3:50pm
JavaScript license information