Today, that all changed as the countries behind ACTA finally released a consolidated draft text (PDF) of the agreement. Though billed as a "trade agreement" about "counterfeiting," ACTA is much more than that: it's an intellectual property treaty in disguise.
Tucked inside the draft are provisions that will prevent people from bypassing digital locks on the items they buy, that will force ISPs to shoulder more of the burden in the fight against online piracy, and that bring US-style "notice-and-takedown" rules to the world.
Well, not to the world, exactly. ACTA is more like a select club of countries: Australia, Canada, the European Union countries, Japan, Korea, Mexico, Morocco, New Zealand, Singapore, Switzerland and the United States of America. But the treaty it develops is really just the next rung on a ladder stretching back to 1886, and it will certainly be wielded like a weapon on the rest of the world in the future.
The text is not final—that is due to happen later this year—so if you want to see changes made, the time to act is now. After a year of partial leaks and finally complete leaks, ACTA's basic outlines are familiar.
We'll start our ACTA deep dive with an overview of the key provisions, especially as they relate to the Internet. Stick around afterwards to understand how and why we have ACTA at all, some likely effects of the treaty, and thoughts on the negotiating endgame.
A quick word of thanks to the negotiators who finally heard the dull but growing roar of a disenchanted public and released the ACTA text: it's too late to qualify as "transparency," exactly, but it does inaugurate a new stage and a new start. It's now time for the real arguments to begin.
The EU has already made its case that ACTA won't affect ordinary citizens. And it takes particular aim at the groups which have loudly condemned ACTA: "The negotiation draft shows that specific concerns, raised in particular by the civil society, are unfounded. No party in the ACTA negotiation is proposing that governments should introduce a compulsory '3 strikes' or 'gradual response' rule to fight copyright infringements and internet piracy. Similarly, ACTA will not hamper access to generic medicines."
Our own investigation shows that several of the most controversial provisions have been tweaked for the better, though problems remains. Let's take a look.
ISP immunity/three strikes
Under ACTA, ISPs are protected from copyright lawsuits so long as they have no direct responsibility for infringement. If infringement merely happens over their networks, the infringers are responsible but the ISPs are not. This provision mirrors existing US and European law.
Two key points need to be made here, however. First, the entire ISP safe harbor is conditioned on the ISP "adopting and reasonably implementing a policy to address the unauthorized storage or transmission of materials protected by copyright." (This is much like existing US law.)
An earlier footnote found in a leaked draft provided a single example of such a policy: "Providing for termination in appropriate circumstances of subscriptions and accounts in the service provider's system or network of repeat infringers." In other words, some variation of "three strikes." That footnote is now gone from the text entirely.
New to this draft is an option, clearly targeting European law, that would explicitly allow Internet disconnections. Countries will be allowed to force ISPs to "terminate or prevent an infringement" and they can pass laws "governing the removal or disabling of access to information. So, basically, Internet disconnection and website blocking.
The option also allows rightsholders to "expeditiously obtain from that provider information on the identity of the relevant subscriber" and it encourages countries to "promote the development of mutually supportive relationships between online service providers and right holders." This option has not been approved by all ACTA members.
The ACTA draft also makes clear that governments cannot mandate Internet filtering or affirmative action to seek out infringers.
Second, the ISP immunity is conditioned on the existence of "takedown" process. In the US, this is the (in)famous "DMCA takedown" dance that starts with a letter from a rightsholder. Once received, an ISP or Web storage site (think YouTube) must take down the content listed in order to maintain its immunity, but may repost it if the uploader responds with a "counter-notification" asserting that no infringement has taken place. After this, if the rightsholder wants to pursue the matter, it can take the uploader to court.
This will strongly affect countries like Canada, which have no such system.
Anti-circumvention/DRM
While the ACTA draft adopts the best part of the DMCA (copyright "safe harbors"), it also adopts the worst: making it illegal to bypass DRM locks.
ACTA would ban "the unauthorized circumvention of an effective technological measure." It also bans circumvention devices, even those with a "limited commercially significant purpose." Countries can set limits to the ban, but only insofar as they do not "impair the adequacy of legal protection of those measures." This is ambiguous, but allowing circumvention in cases where the final use is fair would appear to be outlawed.
Fortunately, a new option in this section would allow countries much greater freedom. The option says that countries "may provide for measures which would safeguard the benefit of certain exceptions and limitations to copyright and related rights, in accordance with its legislation."
iPod-scanning border guards?
Early ACTA commentators often complained that the agreement might give customs officials the right to rifle through your bags and search your iPod, confiscating it if they determined that it contained any infringing songs. Border guards might become copyright cops, turning out the bags of anyone who has visited China, say, to see if they might be bringing home any illicit copies of movies or software.
This was always a strange idea; ACTA's backers are hunting bigger game than iPods. The draft text contains a "de minimis" provision that allows countries to exclude from ACTA enforcement " Small quantities of goods of a non-commercial nature contained in travelers' personal luggage."
The real copyright cops
ACTA contains "ex officio" language that allows customs officials and border agents to hold infringing shipments of goods without needing a rights holder to complain first. Several options are still being considered in the draft, but all give the authority's rights to "act upon their own initiative" in releasing suspected goods at customs checkpoints.
Camcording rips
Think twice about camcording a movie off the big screen. ACTA now requires all signatories to make this practice a criminal act, not merely a civil matter. The draft does note that "at least one delegation has asked for the deletion" of this section, though, so it may be an easy target for removal before the final version.
Imminent infringement
Several sections of the ACTA draft show that rightsholders can obtain an injunction just by showing that infringement is "imminent," even if it hasn't happened yet.
P2P without financial gain
ACTA requires criminal penalties against "willful copyright infringement" when done "on a commercial scale." Early drafts explicitly mentioned online piracy, and that still seems to be in view. Though this section remains under negotiation, the draft shows that this may apply to infringements "that have no direct or indirect motivation of financial gain."
In other words, P2P distribution, where this exact issue of financial gain has come up in numerous court cases.
Proportionate penalties
At least one enterprising ACTA country has managed to insert this interesting line into the section on "enforcement procedures in the digital environment":
"Those measures, procedures, and remedies shall also be fair and proportionate." A dig at Internet disconnections and three strikes remedies, which are often criticized on these grounds? Who knows—and it's still under debate.
Now: how did we get here?
The long road to ACTA
ACTA began in Berne, Switzerland on September 9, 1886. European countries came together and signed one of the first major copyright treaties, the Berne Convention for the Protection of Literary and Artistic Works, in part due to the influence of French novelist Victor Hugo.
Berne was revised many times over the next few decades, but it largely stuck to its original mission of dealing with copyright in books and artwork. In 1961, the Rome Convention for the Protection of Performers, Producers of Phonograms and Broadcasting Organisations added a major new set of copyright guidelines to address the needs of TV and record producers and actors—a case of the law changing with the times.
When the Internet crashed in upon the analog world of copyright in a terrifically disruptive wave, rightsholders wanted Berne and Rome updated for this strange new digital era. It was an era when merely saying "Don't do it!" and relying on the great expense of reproduction equipment was good enough; any commercial pirates were of necessity large operations that were easier to find and prosecute.
But this new digital world—it put copying technology into the hands of the public, and the public went to town. As Columbia law professor Jane Ginsburg describes the moment in a 2005 paper (PDF):
"When digital media changed the technological balance, they also altered legal relationships, for now economically significant infringing acts were no longer the sole province of entities higher up the distribution chain. To redress the shift, it might be necessary to reinforce the legal prohibition with a layer of technological protection, disabling end users from availing themselves of some of the copying technology’s potential for reproducing and redistributing copyrighted works."
Users could find crafty ways around these digital locks, and the logic of the situation led, inexorably, toward the idea of "anti-circumvention." Now it would be illegal to perform certain computational operations on certain collections of bits—an odd philosophical concept in one way, but something that had precedent in US law. 1992's Audio Home Recording Act brought the wonders of SDMI to digital tape, for instance, and the war against satellite descramblers has a long and fascinating history, along with plenty of colorful characters.
But who would pass such anti-circumvention rules into law? Going country by country was a huge amount of work; much better for rightsholders to write the idea into an international agreement, get the world to sign on, then sit back as countries around the globe began enforcing anti-circumvention rules and DRM proved (ahem) its worth.
Thus, the WIPO "Internet treaties" of 1996. The organization that administered the Berne Convention, a group with the unfortunate acronym BIRPI, eventually joined the United Nations and became WIPO—the World Intellectual Property Organization.
In 1996, WIPO oversaw the approval of two treaties that continued the process of adapting copyright law to the times—in this case, to the Internet. The Berne Convention was updated and supplemented by the WIPO Copyright Treaty, while the Rome Convention was updated and supplemented by the WIPO Performances and Phonograms Treaty.
Both treaties include language on anti-circumvention, under the reasoning that this was the necessary protection rightsholders needed in order to offer their work on the Internet at all (the later example of the music industry would put the lie to this argument, but it sounded good at the time). There was just one hitch: the countries at WIPO weren't willing to go along with the super-strict rules that some rightsholders wanted.
Pam Samuelson, a prominent law professor at the University of California-Berkeley, describes the moment this way:
"The Clinton Administration was proposing that a virtually identical anti-circumvention rule be included in a draft treaty on digital copyright issues scheduled for consideration at a diplomatic conference in December 1996 at the headquarters of the World Intellectual Property Organization (WIPO) in Geneva. Even though the draft treaty included a White Paper-like anti-circumvention rule, shortly before the diplomatic conference commenced, the Clinton Administration decided not to support the draft treaty proposal because there was such strong domestic opposition to the White Paper-like provision.
"US negotiators to the WIPO diplomatic conference were under instructions to support a more neutral anti-circumvention rule which called upon nations to provide 'adequate protection' and 'effective remedies' to deal with circumvention of technical protection systems used by copyright owners to protect their works. The WIPO Copyright Treaty (WCT) adopted this approach to anti-circumvention regulation."
The final treaty text said, "Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention and that restrict acts, in respect of their works, which are not authorized by the authors concerned or permitted by law."
Clearly, much would depend on how each country implemented this, as it allowed for circumvention in any way "permitted by law." This was hardly the ironclad anti-circumvention rule that rightsholders wanted.
The US implementation of these treaties was the Digital Millennium Copyright Act (DMCA) of 1998, the law that brought anti-circumvention from WIPO's Geneva HQ into your living room. Bypassing DRM was forbidden to most Americans (as were the devices that could help), but again, rightsholders had to accept a host of limitations: a bunch of targeted exceptions for security researchers and others, and a triennial DMCA review by the Library of Congress that could approve more exceptions. Again, a blanket ban was out of reach.
In addition, the DMCA got huge pushback from the growing ISP industry. We can't possibly be responsible for what users do with our pipes! they argued—and managed to stall the bill in Congress. The Clinton administration had originally argued for ISP liability for user infringement, but it eventually had to accept the major new "safe harbor" principle: if you don't know anything about the infringement and don't encourage it, you're not liable.
Samuelson again: "Once the [ISP] compromise broke the legislative logjam, it was clear that the DMCA was going to be enacted. Although the anti-circumvention regulations continued to breed controversy, telcos and OSPs had spent virtually all of their political capital on the safe harbor provisions."
And those "safe harbors" did include the provision that ISPs create "a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers." We'll return to this point in a moment.
The DMCA passed in 1998, but to understand why it wasn't enough for some rightsholders, look at the 12 years since. While the EU passed a wide-ranging anti-circumvention law, some nations did not; Canada has yet to even ratify the 1996 treaties.
And the WIPO treaties remain ambiguous. As Canadian law prof Michael Geist argued in a February 2010 speech, Canada could well ratify the treaties—but still allow circumvention where the intended use was legal. "The WIPO treaties offer considerable flexibility in how to implement anti-circumvention rules," he said, and supported the idea of a "cleaner, simpler, more balanced approach that linked circumvention to copyright infringement. With that approach, we would comply with WIPO (the Liberal bill passed muster with the Department of Justice), no need for specific references to technology, no long list of exceptions, and we would still target clear cases of infringement."
But that's an exception that Hollywood et al. simply won't countenance; it's big and messy. So the challenge remains for rightsholders: how to get countries like Canada to go along with the WIPO treaties and to do so in a way that prevents expansive interpretations?
Well, you could pass another international treaty with tougher terms. But WIPO—why, there's too many nations who won't go along with further copyright restrictions, the whole process is (relatively) open and involves NGOs, and it's slow. These are all drawbacks. Instead, what about a smaller and separate process, with no unnecessary oversight, little transparency, and a "coalition of the willing"? Oh, and if you can set it up in such a way to avoid legislatures in countries like the US, that would be a big bonus.
Welcome to ACTA.
The above history helps to explain why, when the ACTA Internet chapter leaked, it didn't just repeat the WIPO formulation on anti-circumvention. Instead, it would ban "the unauthorized circumvention of an effective technological measure that controls access to a protected work, performance, or phonogram." It also banned circumvention devices, even those with a "limited commercially significant purpose."
Countries could set limits to the ban, but only insofar as they do not "impair the adequacy of legal protection of those measures." This is ambiguous, but allowing circumvention in cases where the final use is fair might well be outlawed. In other words: forget it, Michael Geist!
The process is rotten and illegitimate, yet there is a risk it will succeed.
"ACTA is therefore viewed as a mechanism to win the policy battle lost in Geneva in 1996," wrote Michael Geist recently. " It would force countries like Canada to adopt the US approach, even though the treaty explicitly envisioned other possibilities." (Fortunately, one of the options in the new treaty waters this down quite a bit and gives countries more flexibility; we'll have to see if it is actually adopted.)
ACTA also could be used to push the DMCA's balance between safe harbors and "terminations." Though this hasn't yet led to massive Internet disconnections in the US, it certainly wouldn't hurt rightsholders to have such language stuck into legal codes around the world; it would definitely help convince judges that such terminations were legal when such cases arise, and it could be used to pressure ISPs who aren't doing what the big copyright industries want. (Again, the current draft has toned this down a bit, though countries are still explicitly allowed to disconnect users and block websites.)
And it could be done in a more secretive environment, a benefit given that the public always seemed to balk at super-strict anti-circumvention rules. I asked Pam Samuelson about the results of this process. She characterized it as the latest battle in a long-running war waged by those with a "high protectionist agenda."
"Ever since that [WIPO] treaty was concluded," she said, "US officials and US copyright industry groups have been trying to persuade legislatures and trade officials around the world that the treaty requires a high level of protection versus circumvention and no limiting rules—although several limits are built into US law. Not having been able to succeed through the democratic process, the high protectionist forces are using backroom negotiations at ACTA to accomplish the restrictions the entertainment industry says it needs.
"The process is rotten and illegitimate, yet there is a risk it will succeed unless the IT industry and user base find a way to bring its unbalanced agenda to light." Given the changes already made to ACTA in the last several months, that pressure appears to have had some effect.
ACTA's effects
How will ACTA be used? Probably in the same way that the DMCA has been used: as a worldwide stick to beat through a US-centric version of copyright and IP law. This is especially true of the Internet section, which the US drafted.
When the DMCA was considered back in 2005, its lead architect Bruce Lehman appeared before Congress to explain how the law could be used.
"When that legislation is in effect, then we will have a template that we can use, that the Trade Representative can use, that we in the Commerce Department can use, the State Department can use, when we are in negotiations with other governments to advise them as to what they need to do to implement their responsibilities in these treaties to provide effective remedies... the moment we pull up on the pressure, usually, there's a sliding back."
He later commented, "I should say that for the most part these treaties will cause other countries to bring their laws up to US standards even, for example, in countries that have fairly extensive protections, such as European countries. They have concepts in their law that make it easier in a digital environment to make unauthorized use of a copyrighted work."
ACTA will certainly be used the same way. It's being considered by a handful of countries and does not even include the main sources of "counterfeiting." But with the agreement in place and a permanent ACTA committee set up to administer it and accept new members, the treaty will be extended to the rest of the world—pre-negotiated.
As the group IP Justice warned back in 2008, "After the multi-lateral treaty's scope and priorities are negotiated by the few countries invited to participate in the early discussions, ACTA's text will be 'locked' and other countries who are later 'invited' to sign-on to the pact will not be able to re-negotiate its terms. It is claimed that signing-on to the trade agreement will be 'voluntary,' but few countries will have the muscle to refuse an 'invitation' to join, once the rules have been set by the select few conducting the negotiations."
That's not all bad; ACTA's process issues have been well-documented, but at least it's not totally one-sided. The ISP safe harbor provisions have been terrifically useful in the US, and the negotiators have worked to develop de minimis provisions that will keep border guards from confiscating your iPod if they suspect it to hold an infringing song. "Three strikes" isn't mandated. But problems remain.
Take Internet disconnections, for instance. Although the three strikes rules are not mandated by ACTA, early leaked drafts of the Internet chapter showed a footnote in which Internet disconnections were the only suggested way of implementing the the provisions. They aren't required, but they were clearly in view; even in the current draft, ACTA does force ISPs to get more involved in the process of dealing with online infringement. In some countries, that's a big change.
As we've already mentioned, the anticircumvention rules in ACTA still may be more strict than those in the earlier WIPO treaties, and leave countries with less wiggle room in implementation.
And provisions like the notice-and-takedown rule will certainly change the practice in countries like Canada, where no such requirement exists and "notice-and-notice" (an infringement notice is forwarded on to the alleged infringer, not simply acted upon) is the current standard.
But let's step back for a minute and look at the larger view. Yes, in general the Internet provisions are an attempt to standardize the world on the DMCA approach to copyright issues online. The law does have problems, but it has certainly not put an end to Internet innovation in the US.
ACTA doesn't export all of US law in this area, though; the world doesn't get huge principles like fair use (which many countries don't have) and key judicial decisions (like the Sony Betamax case which found that a device with "substantial non-infringing uses" could be sold so long as the manufacturer was not inducing infringement). Countries could adopt these, but they aren't requirements.
David Sohn, a lawyer with the Center for Democracy & Technology, describes it to me this way: ACTA is about "exporting all the liability, but not exporting any of the limitations on that liability."
In his view, there's a big risk involving secondary liability. Even ACTA's vaunted safe harbors are a bit sketchy. Leaked drafts required signers to provide "limitations" on the scope of civil remedies. This is apparently intended as an analog to the DMCA's safe harbor rules, but "what the DMCA safe harbor says is that there shall be no monetary liability" for ISPs. ACTA merely says that there must be limits on that liability. What limits? It's up to the countries.
Even exporting more US law, like fair use, wouldn't solve the problem, since many key copyright provisions are judicially defined. "What keeps secondary liability law in the US in check are a set of judicial decisions," says Sohn, but those are difficult to export.
Gary Shaprio, head of the Consumer Electronics Association, said last week, "Perhaps ACTA's most unfortunate provision is the imposition of 'secondary liability'... [ACTA] contains no protections for substantial non-infringing uses, meaning a manufacturer of an MP3 player could be liable for copyright infringement by a single user, even if 3 million other users committed no infringement at all. This is a business-threatening concern for the 2,000 consumer technology companies who are members of CEA."
Though the US does have existing protections in this area, signing onto ACTA may now limit our own ability to change course. For instance, altering the DMCA's anti-circumvention provisions currently requires Congress to look at the 1996 WIPO laws and make sure any change is compliant with our obligations; a more restrictive ACTA approach to anti-circumvention might mean that Congress could no longer allow circumvention in cases where the intended use is legal—like format-shifting your DVD collection to your iPod.
As Shapiro put it, "ACTA end-runs Congress by changing US copyright law and stripping Congress of authority to fix problems with copyright statutes."
But the real effects will be felt in other countries, which can now look forward to stricter anti-circumvention rules, the possible requirement for statutory damages (still being debated in the ACTA draft), notice-and-takedown, and more.
The endgame
ACTA hasn't passed yet, though. Negotiators have publicly said they hope to wrap it up in 2010; the next round of talks happens this summer, in Switzerland, but with the release of the draft text, it's clear that the process is well advanced.
Is there enough time left to make any substantive changes, or did the negotiators run out the clock on the public, going "transparent" when it was too late to make real changes?
In the US, ACTA is being negotiated as an executive agreement rather than a treaty. This avoids the need for Senate ratification, but it does put dramatic limits on what can be negotiated. Some concern from Congress has been visible, but with two wars, a recession, and financial reform on its plate, ACTA has not yet become a major issue.
The situation is different in Europe, though, where institutional dissent has flourished. The European Parliament has loudly resisted the ACTA process and is demanding input into the agreement. The resolution passed overwhelmingly.
European Data Protection Supervisor Peter Hustinx recently issued an extraordinary opinion in which he "regrets that he was not consulted by the European Commission on the content" of ACTA.
Hustinx goes on to say that Internet disconnections are "disproportionate" and "highly invasive in the individuals' private sphere. They entail the generalised monitoring of Internet users' activities, including perfectly lawful ones. They affect millions of law-abiding Internet users, including many children and adolescents. They are carried out by private parties, not by law enforcement authorities."
I contacted Jérémie Zimmermann, who heads French advocacy group La Quadrature du Net, to get his perspective. Zimmermann was a key figure in the French battle over "three strikes" rules (the HADOPI law that goes into effect later this year), and he has taken a keen interest in ACTA. In fact, his group leaked the first complete ACTA draft the world had ever seen.
While admitting that transparency is "an important step," Zimmermann says that "all previous leaks showed provisions incredibly dangerous for our fundamental rights, the rule of law, the internet, access to medication, and innovation." And he loathes the fact that such changes are being pushed through a trade agreement, not the Parliament.
Christian Engström, a Pirate Party MEP from Sweden, calls the release of the ACTA text "a step in the right direction, and should be welcomed... But many battles still remain. Once we have access to the text, we can start discussing the content in earnest. And on the content of the ACTA agreement, we have no reason to think that it will be anything near acceptable."
Indeed, the real discussions can finally begin. Up until now, those who knew what ACTA contained were bound by NDAs, or they little light on leaks that were already outdated when they appeared. Negotiators from each country would say nothing of importance on the record, responding only to the most general inquiries.
Now, with the "transparency" arguments out of the way, real public debate can begin at last. Negotiators can finally explain to a skeptical public what they've been up to and make their best pitch for why ACTA is needed—and the public can do some "explaining" of its own.
Posts
