

The White House is asking us to give them ideas on what is blocking innovation in America. I thought I'd give them an honest answer. Here it is: Current intellectual property laws are blocking innovation. President Obama just set a goal of wireless access for everyone in the US, saying it will spark innovation. But that's only true if people are allowed to actually do innovative things once they are online.



You have to choose. You can prop up old business models with overbearing intellectual property laws that hit innovators on the head whenever they stick their heads up from the ground; OR you can have innovation. You can't have both. And right now, the balance is away from innovation. Let's take some specific examples to show why that is so. When Napster first showed up, it was innovative. Heaven knows it changed the world. And instead of letting this creativity flourish, make money, and create jobs, the law was used to kill it. And kill it it did. The law is still trying to kill or at least marginalize peer-to-peer technology, and so it has never been used to the full. To understand why that is a loss to innovation, you might want to watch this 2005 panel discussion on peer to peer software, "P2P: Pirates, Producers, & Purchasers: Toward a New Ecology of Music and Entertainment," one of the most depressing you can watch if you actually care about innovation. You can view it as a video here. It was at a conference on innovation and IP law that I attended that was sponsored by the University of North Carolina, and I'll never forget Gene Hoffman, who had been the CEO of eMusic, who talked about how innovation was being restricted and contained by the law and pointed out how much money could have been made with the new technology for enjoying music if fear had not blocked innovation. He and others on the panel also talk about some economic advantages of peer to peer and how it can reduce the costs of bandwidth in distribution, which is a real factor that could help independent startups. Today, thanks to the heavy hand of the law, not much new was allowed to happen, and eMusic's customers are of an average age of 39, and of course it's young people who can make a music business hugely successful. Trying to figure out how to offer music legally and also in a way that will appeal to young people hasn't yet been completely solved, mainly because no one is trying to, and most all the innovation has been going into trying to block piracy instead of thinking about ways to appeal to customers, and it's holding innovation back. Peer to peer, as one panelist points out, makes it possible to offer esoteric music that is not otherwise made available for cost reasons. The panel convinced me that shortsightedness was a block against innovation, and it's even more depressing to view today than it was five years ago. When Grokster was decided in 2005, it really was a death knell for a certain kind of innovation in the music space. That was a choice that America made. They could have changed the law, if they had had the foresight to realize this was a new way to make money from technology and for artists, but instead it chose to protect the old business model. So it used a legal hammer to force technological innovation to cease, go underground, or self-limit what it could otherwise do. Now, you can make that choice. It's up to a society to decide such things, and it's not for me to tell anyone what to choose. Personally, I try to keep the law, no matter what I think of it, because that is what civil society means. But it was a cross-roads moment, and America didn't choose innovation. If you really want innovation, you have to let it breathe legally. Lobbyists aren't in place for innovation, of course. If politicians listen only to RIAA lobbyists, you will never have any technology innovation, except perhaps in DRM, because lobbyists aren't about that at all. US CTO Aneesh Chopra acknowledged that tension in this CNET interview last September (at around 7:45). Innovation comes from some college kid in his dorm room. And he can't lobby. He doesn't even know he needs to, let alone how. So part of the answer, if you really want innovation, is not to follow the money. You have to be able to visualize it from the innovation, not just put it in your pocket. Let's think about DRM in this context. That reminds me that you can watch a video of Cory Doctorow's talk on DRM at that same NC conference here. It's funny and true at the same time. And please read DRM and the Death of Culture by Simon Phipps, if you missed it earlier. He responded to a comment on DRM in the context of the discussions at the time about GPLv3, which was at the time being revised: A comment writer (Christopher Baus) said of DRM: I might be the only technologist on the other side of the DRM fence. To me it is like checking my lift ticket when I get on the ski lift. I might find that a bit annoying, but if ensures the resort can stay in business from collecting ticket money, then that is a net good thing for me. If the ski resort goes out of business I can't go skiing, and I would resent those who got on the lift w/out paying. I think there are quite a few people around who have Christopher's view, which is unfortunately rather simplistic. DRM - the imposition of restrictions on usage of content by technical means - is far more than that. It's like checking the lift ticket, yes, but also the guy checks you are only wearing gear hired from the resort shop, skis with you down the slope and trips you if you try any manoeuvers that weren't taught to you by the resort ski instructor; then as you go down the slope he pushes you away from the moguls because those are a premium feature and finally you get to run the gauntlet of armed security guards at the bottom of the slope checking for people who haven't paid. Seriously, will innovation flourish in an atmosphere like that? What is it teaching young people? And do you remember when Adobe released a digital copy of Alice in Wonderland with a restriction that computers couldn't read it aloud? Alice in Wonderland. It's in the public domain, but they actually thought is was acceptable to restrict it that way. The law may let them, but how is that going to encourage innovation, a law that lets you do that to a public domain work? DRM also restricts access to knowledge, which ipso facto means it works against innovation, in the same sense that lack of access to the Internet does, as the President pointed out. What about the DMCA? Now, Congress and the US Copyright Office were warned about the effect the DMCA would have on innovation and on research. But they didn't care about that as much as they cared about protecting businesses already in place. So they passed it. What are the results? Innovation has become dangerous. Research has been chilled. Researchers won't even attend US conferences any more, let alone do research here, because they are afraid of being attacked by DMCA-wielding companies or prosecutors. Some won't even tell when they notice vulnerabilities. Research projects were shut down in fear of the law. And after the government and Adobe went after Sklyrarov, after what happened to him, can you blame them for being afraid? Why fear? Elcomsoft, who employed him, raised one issue in a court filing that still hasn't been answered -- namely, how do you know what is and isn't allowed?: The government's Opposition provides absolutely no insight into the significant questions presented by Elcomsoft's Motion to Dismiss the Indictment for Violation of Due Process. The most serious of these questions -- how does the maker of a circumvention device know when he or she is designing or marketing a prohibited tool-- is ignored altogether. This is troubling given that the government apparently concedes that Congress did not forbid circumvention devices altogether; and that Congress intended to permit the circumvention of usage control technologies for the purpose of fair use or other non-infringing uses once a copyrighted work had been lawfully obtained and accessed. Although the government refuses to address the ambiguities of the DMCA, this Court must. Elcomsoft produced a product -- AEBPR -- for the purpose of allowing legitimate non-infringing uses of works that have been lawfully accessed. Based on the government's interpretation of Section 1201(b), (Opp. Mem. at 32:11-24), any person who makes any circumvention technology is subject to criminal prosecution because the government believes that there is no constitutional requirement that the technology be designed or marketed for an unlawful purpose -- specifically, infringement of a copyright. In fact, under the government's view, password recovery tools that Elcomsoft has manufactured for years -- and that heretofore have been applauded by law enforcement and others -- could subject Elcomsoft and manufacturers of similar products to prosecution because such products could circumvent copy controls placed on word processor and PDF files containing copyrighted works. See section II.B., below. Simply stated, Section 1201(b) is impermissibly vague because there are no standards by which legitimate manufacturers of technologies which can circumvent copyright usage controls are able to determine if their product is lawful or unlawful. There are no standards to guard against the arbitrary enforcement of the DMCA. The government becomes the arbiter of lawfulness after the conduct occurs. Section 1201(b) cannot and does not provide the kind of advance notice that will protect an individual from being prosecuted. For these reasons, Elcomsoft respectfully requests that the Court grant its motion to dismiss.... Indeed, as the government does not contest, Elcomsoft and other software manufacturers face the ultimate "Catch 22." Consistent with clear and abundant legislative history, Elcomsoft manufactured and marketed a device that circumvents protection afforded by a technological measure in order to allow lawful uses. Notwithstanding, after Adobe complained about a "Russian hacker company" and its product, the government was able to take advantage of the broad language of Section 1201(b) and press charges without regard to Elcomsoft's purpose, as the statute makes no distinction between devices made or marketed for lawful purposes and those made or marketed for unlawful purposes. The government became the arbiter of lawfulness after the conduct had already occurred. Plainly, the DMCA does not provide the kind of advance notice that will protect an individual from being prosecuted; retroactive notice in the form of an indictment is no notice at all. How does that help innovation, to make people afraid? Maybe you could make an argument for it, if every country on earth had one law. But they don't. So in some countries, research can flourish. And in the US it can't. Where do *you* think innovation will come from now? And if you are concerned about cybersecurity, which countries will have an edge, those with the DMCA or those free to know whatever they can? Again, it's not for me to tell anyone what to do, but if you want to know why innovation isn't flourishing in the US, this is at least a big part of the answer. It's a choice. Innovation or protection of previously established corporate interests. Then there's patent law. When America decided to allow software patents, was the goal innovation? They always say so. But look at the results in the field of software. As Ben Klemens pointed out in his book, Math You Can't Use, software isn't a product like tractors, where patents might make some sense: If a technology needs a centralized group to help it advance, then it makes sense to design a mechanism to support those few specialized experts who push forward the frontiers. In such a field, the patent-thicket problem is not a problem because there are only a few actors in the business, so the transaction costs of negotiating exchanges are low. But this story is entirely removed from the reality of software. A third of the industry consists of centralized organizations that only write software while the rest is largely a decentralized body of workers supporting themselves and their innovations through immediate, direct application rather than waiting to put out a product in the near future. As far as Coasian arguments about transaction costs are concerned, this is absolutely the worst case, since buyers and sellers are distributed across the planet. Because every patent is unique, there is no easy way to create a simple market to make patent trading cheap. The rule that independent invention is not a defense in infringement claims makes sense in a centralized industry. Patents are public record, and it is reasonable to assume that every tractor manufacturer is exerting some effort to watch every other such manufacturer. In the decentralized software industry, this does not make any sense at all: should the sofa company spend time and effort on monitoring Microsoft and Novells patent portfolio? Add in the software patent search problems from chapter 5, and the assumption that everyone has full knowledge of the patent playing field becomes still more tenuous. In short, patents in a decentralized market are Coases worst nightmare: every player needs to expend vast quantities searching for the owner of every part of every program, meaning transaction costs piled upon transaction costs. These costs will always exist in every field, but they are magnified in a dense, decentralized network of actors. So, with software patents, the drain on innovation is real. It's particularly oppressive and counterproductive with Free and Open Source software development. Red Hat explained why in its amicus brief submitted in the In Re Bilski appeal to the US Supreme Court: Open source software is now ubiquitous, touching the lives of the millions of Americans who do web searching, email, online shopping, banking, and many other everyday activities. It provides the technological backbone of many large corporations and is critical to the technology operations of the U.S. and many state governments. It is playing an important role in economic development across the globe. Even so, its nature and significance are still not widely understood. The open source model produces software through a mechanism of collaborative development that fundamentally relies on communication of ideas by large numbers of individuals and companies. To understand this model, it is helpful to understand how software is made. Software begins as plain text "source code." Programmers write and edit source code in human-readable programming languages that allow specification of software features and behavior at a high level of abstraction. Software is commonly distributed in machine- executable "object code" form, produced by "compiling" the source code of the software. Since object code consists of unintelligible strings of 1s and 0s, software is effectively unmodifiable unless one has access to its source code. A good example of an open source project is the Linux operating system kernel, which is one of the most commercially-important open source programs and which is a core component of Red Hat's flagship product, Red Hat Enterprise Linux. The Linux kernel contains several million lines of source code. A worldwide community of hundreds of contributors, including many employees of Red Hat, collaborate via the Internet in developing and improving the Linux kernel. Open source uses a combination of technological and legal means to facilitate collaborative development and commercial exploitation. Typically, an open source package originates as a community-based project that makes its software publicly available in source code form, under licensing terms that grant very broad, royalty-free copyright permissions allowing further use, copying, modification and distribution. The Linux kernel, for example, is licensed as a whole under the GNU General Public License, version 2, the most widely-used open source license. In making source code available and conferring broad copyright permissions, open source differs significantly from traditional proprietary software. A vendor of proprietary software generally develops the software entirely in-house and provides only object code to the user under severely restrictive licenses that allow no rights to copy, modify or redistribute that code. Such vendors retain the source code as a trade secret. The open source development model has proven to be highly effective in producing software of superior quality. Because there are many developers working as collaborators, innovation happens rapidly. Because of the many who volunteer their time, and the availability of the source code under royalty-free licenses granting generous modification and distribution rights, the cost of producing and improving software is low. Software bugs and security problems are quickly identified and remedied. Moreover, because users have access to the source code, those users can diagnose problems and customize the software to suit their particular needs. The open source development model originated in the early 1980s. From that time to the present, open source software has been in a constant state of innovation. Software patents, however, have not in any way promoted the innovations of open source. At the time when software was first released under open source licenses, software patents were relatively few in number and case law appeared to limit their availability. See Diamond v. Diehr, 450 U.S. 175, 18586 (1981). By contrast, it was settled that copyright law covered software. Thus the early innovators of open source software had no reason even to consider obtaining patents on their work. Moreover, since at least the early 1990s open source developers have been broadly united in their opposition to the patentability of software. This widespread opposition is not surprising, because the open, collaborative activity at the heart of open source is fundamentally at odds with the patent system. Patents exclude the public from making, using, or selling patented inventions. An open source developer seeks to contribute code to the community -- not to exclude others from using the code. The exclusionary objectives of the patent system are inherently in conflict with the collaborative objectives of open source. This conflict is more than theoretical. Open source software developers constantly face the hazard that the original code they have written in good faith might be deemed to infringe an existing software patent. It is impossible for a developer to rule out this possibility, because there are now more than 200,000 software patents, and those patents cannot possibly be searched and cleared at reasonable cost. Because of the abstract nature of software patents, determining whether even a single software patent claim is infringed is particularly difficult, even for experts in computer science, and experts often disagree. See, e.g., J. Bessen and M. Meurer, Patent Failure 201-03 (2008). The complexity of software projects (open source and otherwise) is such that a single computer program is likely to implement numerous forms of functionality that could possibly be deemed to infringe large numbers of unknown patents. Since code may infringe any number of patents, there is always some possibility of a patent lawsuit that could cost millions of dollars in attorneys' fees and that could result in court orders that effectively nullify the broad grant of rights in open source licenses. In short, the patent system is not the source of innovation in open source software. Because the system does not reward open source innovation and creates litigation risks for the innovators, the system can only hinder innovation. Thus innovation in open source software continues in spite of--not because of-- the patent system. The successes that have been built on the open source model are likely to continue. It is, however, an opportune time to address the standards that govern the subject matter limitations on patentability, because clarification of those standards will unquestionably influence the future of open source software, and the future of the software industry generally. It may be that clarification of those standards will benefit open source by reducing the risk of lawsuits and encouraging greater participation in the open source community, with associated benefits for the economy and society as a whole. Let's take Android. It's something new and the world is loving it. So what happened once it became a hit? Patent and copyright infringement lawsuits up the kazoo. Is that going to encourage innovation? And it's not just Android. It's any successful technical product. They all have to spend millions in litigation. And it's a drain on the economy too, because when the plaintiffs win, that money isn't a win for innovation, not when the law allows patents to be owned and litigated by entities that make nothing at all but litigation. See what I mean? When the law overprotects, it kills innovation. That's what protection means. It means protection from innovation. Let's call a spade a spade. Speaking of overprotection, how about the law allowing a company like Sony to sell products with a certain capability, and then after it takes people's money, letting it take away that capability -- and without a refund. Because that is what happened. Sony sold Playstation 3s with OtherOS capability, so people who like to use Linux could play with it or work with it. Then, because of a hack that allowed homebrew games to be played on Playstation 3, it announced a required "upgrade" if you wanted to play on the Playstation Network that took away that capability. There is litigation pending on that, and Norway's Consumer Council has already criticized such behavior, but what happened here in the US? What happened was a brainiac kid figured out a way to restore that capability, and he's now being sued into the ground at this very moment by Sony, and the law is all on its side, helping Sony destroy this kid's reputation, his career, his work. Well, it's a choice. But this kid is into research. He's the guy who figured out how to jailbreak the iPhone when no one else could. And the Library of Congress recently decided [PDF] that it was allowed, making an exception for jailbreaking phones. They didn't do it to encourage innovation, though, but because there are practical reasons why you might need to do it. But Hotz has stated that he thought his work on OtherOS was allowed. He has categorically stated he wasn't trying to enable piracy. Here's something wonderfully innovative that OtherOS on a Playstation made possible before Sony shut it down: The US Air Force Research Laboratory (AFRL) recently unveiled a supercomputer made out of 1,760 PlayStation 3 consoles. (They used older PS3s instead of PS3 Slims due to the Slims lack of Linux support; looks like that wasnt just a fringe Slashdot-type issue after all.) Dubbed the Condor Cluster, the Air Forces new computer has some serious specs  500 TeraFLOPS, with 168 separate GPUs and 84 coordinating servers. According to the Air Force, at $2 million, the system costs only five to ten percent as much as a comparable system made from separate components, in addition to consuming one-tenth the energy. Innovation. Yes. And can you think of other uses for supercomputers that can be strung together like this? I can. But no more. Can't be done legally. The hammer is always there, ready to hit innovators on the noggin. It's a serious issue. But what are companies supposed to do about piracy? There are malicious folks out there. They have to do something. For example, Sony has legitimate concerns about how to protect gaming, so that when folks show up to play games on their Playstation 3s, cheaters can't take advantage. Here's an example of what one successful company, Google, does about hackers -- it puts them to work and pays them to tell them what to fix: Last year, after two full days of hacking, only one web browser emerged from Pwn2Own unscathed: Google Chrome. IE8, Safari 4, Firefox 3, and even Safari on iOS actually all fell after just one day, but no one could seem to penetrate Chrome. In fact, despite a $10,000 bounty to crack their sandbox, no one even tried, likely figuring it was futile. And so this year, Pwn2Own wasnt even going to invite Chrome back. Then Google stepped in with wads of cash. You mean Google is asking to be hacked? Of course. Don't you want to know where the vulnerabilities are so you can fix them? Specifically, Google worked with the conference to come up with rules for hacking the code found in Chromium (the open source browser on which Chrome is based). On day one, if anyone is able get nail a working exploit of Chrome (again, cracking the sandbox), Google will pay them $20,000. On day two and three, the same $20,000 will be paid out for bugs in the kernel, device drivers, system libraries, etc, but Google and the conference will split the cost of that reward (since Google says it cares more about the first variety). It says a lot that Chrome was the one browser not hacked last year. It says even more than this year theyre sponsoring their own participation and doubling the reward. But its standard business now for Google to dish out cash rewards for people who find issues with their browser. And its a really smart idea. Indeed. And it's so much cheaper than suing someone for bypassing your security, when you could strengthen it instead. Sometimes the hacker community offers to show companies how to fix their vulnerabilities. You know what happens sometimes? They get sued. George Hotz offered to show Sony how to fix its security, and they used it to accuse him [PDF] of hacking to angle for a job with Sony (see footnote 1). He says he wasn't and I believe him. Some people just like to solve difficult computer puzzles with their brains. Maybe you enjoy crossword puzzles? Or you like to do math problems? Or you like to mod your car? It's in that same area of fun, just much harder and more complex. If the country wants to encourage innovation, couldn't it view Hotz as a national treasure in the rough and give him something to do that will result in more jobs and a healthier economy? And do you not see that someone like this could be useful in strengthening the US's cybersecurity? Some things are just obvious. So, while I'm not a political person and I'm not a policy person -- nor do I have such ambitions -- and I surely don't know how to solve the tension between locking down everybody and letting us all roam free in a fertile field of technological possibilities, I'm trying to answer the question asked -- what is blocking innovation in the US -- and the answer is that all the energy has been going into locking everything down, with the law tilting away from users and innovation, and that's not creating a fertile field for innovation.