What is a Technological Protection Measure
A technological protection measure is a system put in place by the owner of a piece of copyright material which can be used to restrict access to the piece of copyright material. This is protection for a copyright work in addition to the standard legal copyright protection. It is an offence to by-pass the technological protection measure without permission. The protection for the technological protection measure under law is stand alone and therefore infringing it is an offence in addition to any copyright infringement that may occur after by-passing the technological protection measure.
The legal definition of a technological protection measure is given under Article 6(3) Directive 2001/29/EC of the European Parliament otherwise known as the ‘Infosoc Directive’. This basically states that a technological protection measure is any technology (software or hardware) which restricts access to a copyrighted material without the consent of the copyright holder.
Examples of a technological protection measure could range from a piece of software requiring a password to gain access to a website containing scientific papers to a chip in a games console that only allows that consol to run games from a given geographical location.
The strict definition requires that the technological protection measure is effective, meaning that it not easily circumvented. Bypassing a technological protection measure is an offence in addition to any copyright infringement carried out.
When is a technological protection measure effective?
The effectiveness of a technological protection measure will vary depending on who it is meant to keep out. For example a computer hacker will find it easier to bypass a software security system than the average computer user. It is also possible that a technological protection measure looses effectiveness over time. This is obvious when considering the amount of computing knowledge the average person in the country will have. Case law has shown that the courts will consider both these as valid arguments (for example Helsinki District Court, 25 May 2007 case number R07/1004). The conclusion that has to be drawn is that the effectiveness of the technological protection measure is considered in relation to the average user at the time of the alleged infringement.
Does a technological protection measure have to protect a valid copyright work?
There is an inherent problem with the wording in Article 6(3) of the Infosoc directive in that a number of approaches can be taken in interpreting it. If the technological protection measure had stand alone rights against bypassing, it could essentially lead to protection for subject matter that does not warrant protection as such, by erecting a fence around the subject matter that cannot be overcome. This doctrine is known as Absolute protection, and obviously leads to unwanted effects in the exploiting of technological protection measures
Another approach interprets Article 6(3) of the Infosoc directive as requiring the technological protection measure to be protecting a valid copyrightable work. This is known as the Copyright Nexus Approach. In the UK this position is still uncertain, however, the Nexus approach was successfully tried in the case Sony v Ball in 2004
Legitimate by-passing of technological protection measures
One consequence of allowing technological protection measures to be put in place is that they may prevent the legitimate use of a copyright work by a person making use of one of the exceptions, for example.
The Infosoc directive provides means for the legitimate by-passing of technological protection measures even if they are effective under Article 6(4). It states that in the absence of voluntary measures taken by copyright owners, countries abiding by this law shall take appropriate measures to ensure that copyright owners make the copyright work available to legitimate users by providing access past any technological protection measures.
In the US and Australia this is done in the form of a defence, meaning the user would necessarily have to by-pass the technological protection measure and, if sued, use the exception as a defence. In Europe the method is slightly different. It requires the technological protection measure owner to make provision for legitimate user to access the work without the need to by-pass illegally.
Within the European method a number of problems can arise that can lead to protracted argument in court:
“In the absence of voluntary measures”
The above phrase means that as long as there is some attempt to allow legitimate users of the work access through the technological protection measure, then the State does not have to get involved. This can lead to the technological protection measure owner creating a system that cover most of the legitimate users but not all of them which would in turn exclude legitimate users of the copyright work from accessing it. This is clearly not what the law intends as, in a way, it adds additional protection to works which may not deserve that level of protection. It also has the potential to give the copyright owner more power over who has access to their work above that which copyright law normally allows.
Article 6(4) of the Infosoc directive does not make mention of any time constraints for the access to be granted, and likewise there are no time constraints on when the member state should get involved to sort out any abuses of a technological protection measure. Further, there are no guidelines as to how appropriate the voluntary measure must be. This seem to leave a large scope for technological protection measure owners to provide what at first glance looks like a usable circumvention for legitimate users, whilst actually taking longer than necessary to provide access and possibly even refusing access where it should be granted.
Under UK law if the technological protection measure owner does not provide for the ability to by-pass the technological protection measure a person with a legitimate right to access the protected material may a ‘notice of complaint’ to the Secretary of State.
Both the problems highlighted above are on-going and have yet to be fully resolved, but persons dealing with technological protection measures should be aware of the arguments.