[Opensim-dev] Interrelated difficult problems related to asset portability

[Antti Ilomäki]

Kyle: "You have completely ignored the questions I asked, and the point that
I brought up.  There are situations where there is not only a single
instance of 'entity with the right to copy' (a partnership, for
example, which then dissolves -- but every partner still has the right
to copy and the right to bind the other partners to a license
granted).  How would your system handle that circumstance?"

Sorry if I've missed your questions, but do note that I was somewhat impolitely cutting in to another discussion in the message you replied to and I think I tried to answer some of your earlier questions elsewhere. Maybe. If I remember correctly. Which I probably don't.

"You've stated before that you are not a 'data security professional'.
You're trying to engage in discourse about your design, and I'm trying
to tell you, as gently as I can, that any and all DRM systems are
flawed in one or more major regards -- including your proposal.  Have
you ever heard of Gödel's Theorems of Incompleteness?  In this case,
they essentially boil down to "if you try to build a model of possible
valid states in an already-existent system, your model will
necessarily invalidate some already-valid states.""

The theorems sound vaguely familiar, but again even though in theory I should have learned quite a bit about data security stuff, my knowledge is superficial at best. That's why I'm interested in raising discussion in a topic I find quite interesting so that the people who see the discussion can start dropping useful ideas if there are any. This might not be the most appropriate forum, but the discussion should be public.

"Furthermore, related to 'derivative work'... determining if something
is a derivative work is something which is in the exclusive domain of
the courts.  Evidence may exist in the global asset cache, but even
then there's no trustable timestamp from anywhere which leaves the
precise ordering up to interpretation."

Yes, determining derivative work is something done by humans exclusively. Bit data can be useful in some instances, but derivative works would probably be decided between the involved parties and the service providers (whoever they may be) and then in hte courts.

"My system relies as little as possible on 'trustworthy data' -- in
fact, the only 'trust' that's given is credence to the squawk URL
(which is added to the set of URLs to notify, regardless of whether
it's good or not) and the actual content data (and its provable
derivatives, the content hashes).)"

I wouldn't want to bother you so much as to explain in detail your ideas and how your system works, but if you have some documents readily available it would be interesting to take a look at them.

"Even in the greater Web, these types of problems have not been
adequately addressed -- there have been some experiments with
community reputations, but they haven't worked as well as anyone
hoped."

Exactly. I have seen some systems that work pretty well, but they rely on some valuable asset that can be lost (for example a game character with lots of experience or the right to browse forums that is tied to a magazine subscription and real name and ID) in addition to heavy moderation. In general it's the wild, wild web out there whenever two or more people interact over the net. Since interaction between users and the social and community aspects of the experience are so important for virtual worlds' user experience, the issue is at the same time more difficult to manage and more important. Solution to this problem would be valuable, but it's not easy. That's to be expected, however, since solutions to simple problems are usually neither interesting nor valuable.

"But -- the idea of licenses such as public-domain or pay-to-use would
be stored in the database, you say.  Where is that information
propagated from?  The initial uploader?  That presents a potential
denial of service attack to content owners who are trying to delay a
release to correspond with external factors.  (for example, a CD
that's ripped and uploaded ahead of retail release.  While currently
there's no 'music' asset type, that doesn't mean that there won't be
down the road, and I'm trying to keep the lessons learned from the web
firmly in mind in the design of a content protection system that
doesn't rely on secrets being kept or capabilities being lost.)"

Well for music there already are existing ways of handling ownership issues and since music is something that works outside the virtual reality, it's a bit different from for example avatar clothing. It would be pretty interesting to see how going to media 3.0 or something, where just about anyone can be a content producer with good distribution channels, would do to the industry, but that's somewhat slightly off topic already. Anyway, the initial uploader would have a lot to say about distribution rights as you assumed. I've thought of the database system as mostly based on ID of single entities such as users and perhaps stores etc. and it would complement existing IP rights management systems or rather be a tool, not the deciding entity. In the aforementioned cases it would be up to service providers and courts to decide what to do.

Hmm. I'm probably not communicating very clearly (I'm not even a native English speaker if that's not completely obvious already), since many of our ideas sound so similiar yet we're still so far apart. I think we both share the wish of having a way to find out about copyright (and perhaps other ownership right) violations in virtual goods trade? The difference is in what to do when such a violation is (allegedly) noticed, I propose some automatic systems that could also be used to auto-moderate content on the sites and if I've understood correctly you would prefer to inform some entity (the author of the goods?) of the IP theft and then rely on the existing court systems to step in? IF that's the case, we're already pretty close to agreement, since having a system that would recognize intellectual property issues at all would already be a nice step forward in my opinion. A system that would make it possible to auto-moderate stuff people bring into virtual worlds would be even more interesting for me, however.

"Further, if the data is being stored in the database, there comes the
temptation to try to encode the use of the information -- remember,
one of the rights of copyright is "the right to create derivative
works".  Would that be a 'modify' permission on the asset?  How would
the possible rights -- and possible restrictions thereon -- be
encoded?  Would there be any attempt to enforce them?  (hint:
'enforcement' is something that the system really cannot do, not
without stepping into the domain of the courts.)"

Since the objects (and perhaps mobile scripts as well?) would have to exist on the users' computers at some point, modification would be pretty difficult to prevent.  And to make the system less annoying during "DRM" data server crashes, the fallback (and default settings on some servers) would probably be to assume everything is under quite liberal use rights anyway, so we can only assume that the objects would be available to examine and modify anyway. Actually at the moment realXtend avatar stuff is stored on an inventory server that can be hosted on the user's own computer if he so wishes. Perhaps the right to modify objects would have to be taken as the way things just are in virtual worlds and then if someone uploads an almost bit-perfect copy or less apparently derivative work to the system (and someone notices it), the service providers and finally courts can settle the issue.

"Regardless of whether the 'avatar' and 'authentication' services cross
grid boundaries, the fact is that those services don't touch the
assets.  The assets are the only things that truly matter in this
environment.  (Since 'asset' and 'inventory' are two separate things,
even having a cross-grid inventory service wouldn't really help.)"

The inventory is actually a separate object and cross-grid and as such does touch some IPR related issues, world objects and other stuff are stored on the world servers. I think. It may be irrelevant to the matter, though, unless someone has other ideas?

"The only real chance to notice these things is in the actual loading
of the scene -- be it on the region server or by the viewer.  The
region is only ever able to see itself and its own grid; the viewer is
the only piece of the puzzle which can see assets in a manner that
transcends grid boundaries."

The grids don't affect each other, but they're a decent place for many of the "DRM" checks. First of all, if at all possible, many sites might place restrictions on things people can bring in (flying dildos forgotten from the Church of Non-pornography for example). Then again if the biggest sites choose to use the "DRM" checks, their mass may be enough to make purchasing stuff a good option. One more thing that's, of course, pure speculation at this point, is the involvment of payment organizations. It might be another factor against piracy if the virtual payment organizations refuse to accept transactions from sites that have ownership rights checks in place.

By the way, does anyone reading this rambling know details about how Live Gamer and Twofish operate or who I should contact for more info if I happen to be interested?

"As for "would be to support the market of virtual goods": I challenge
you to come up with one single instance where the availability of a
DRM system has improved the market.  The only thing that DRM systems
have done is made certain skittish content producers willing to put
their catalogs on the services that use it -- but the only truly
successful one of those has been iTunes, and that's only because they
never tried to open it up to anyone else -- and it is actually Steve
Jobs who wrote, "DRM relies on keeping secrets."  Microsoft's WMA DRM
scheme, "PlaysForSure", was an abject failure.  (I should know.  I'm
one of the PlaysForSure victims.)"

Well I hate to say this, but some of the more malicious copy protection programs have apparently been quite effective. They have bought valuable weeks and even months for publishers, but then again they probably and hopefully put off many people who don't want malware on their computers.

"One of the things that I firmly believe is something that Jim Baen
(may he rest in peace), founder and publisher of Baen Books, bet his
business on.  "Most people would rather be honest than dishonest."
(Baen Books was the one company which had a successful electronic book
program which added to the bottom line -- simply because of a lack of
DRM in any of the electronic titles.)  For more information about the
Great Experiment (also known as the Baen Free Library) which ended up
adding to the authors' bottom lines, please check
http://www.baen.com/library/ ."

Sounds nice, I'll have to check it out sometime.

"Eric Flint, the Librarian of the Free Library, made a rather crude
analogy.  "Any retailer in the world, after all, can put an ABSOLUTE
stop to ANY shoplifting INSTANTLY. Just require your customers to
undergo a full search when they leave your premises -- including body
cavities. Yup, no more shoplifting. Congratulations.  Oh -- and, yup.
No more customers. Congratulations.""

This is exactly why any authentication schemes need to be reliable and lightweight, or they don't really have a chance.

"Regardless of whether there's a "professional distribution site"
outside the realm of current enforcement, anyone within the reach of
the current IP law who buys a digital "gray-market" copy is going to
end up with that copy in an area which is within the reach of
enforcement.  That person can be tapped for proper licensing, perhaps
with a good-faith discount if they didn't know they weren't buying
from someone authorized for it."

Another model that this would support would be a "try-before-you-buy"
approach, that could be followed up, and followed up afterward with
the "DMCA Hammer of Doom" to forcibly remove it if the person doesn't
actually want to license it.

At this point, I've restated my point over and over again: DRM does
not work, DRM is a long dark scary road to nowhere, DRM simply fails
to do what it's supposedly designed to do.  DRM stands for 'digital
rights management', but its true nature is better stated by a
different acronym expansion: 'digital restriction mandate'.  It is an
attempt to limit capability, rather than expanding capability.  I am
not interested in limiting the capability of any project I work with.
A friend of mine says, "My feeling has always been that every dollar
added to technology for the purpose of subtracting capability has been
a complete waste. I'd actually be curious to know how many tons of
coal have been burned to fuel electricity to compute AES keys in
schemes like AACS."

I want data to be freely accessible.  I also want content owners to be
able to get paid for their work, and to be able to use the legitimate
systems that already exist to enforce it.  Court systems exist for
enforcement, at least within their own jurisdiction.  This means that
people in those jurisdictions can be made to pay, or made to stop
benefitting from the copies they made.  The rest of the world?  Sooner
or later, it will catch up.  Or it won't.  That is completely outside
the scope of the problem."

I think the involvment of the court system is the biggest difference in our way of thinking. I'd like to add an automated layer that reduces the amount of the most commonplace misuse without involving courts or other heavy and costly organizations. I don't know much about the world outside this little spot of land, but AFAIK courts are as powerless as they are uninterested in stopping distribution and illegal download of music, movies and software and in the aforementioned cases we're often talking about hundreds or thousands of euros worth of illegally obtained goods per one downloader, in any case amounts that will for some time exceed the funds invested in virtual worlds merchandise. Especially peer to peer networks are difficult to handle and that's what virtual worlds pretty much are. The number of individuals engaged in virtual goods piracy will be way too high and the monetary value of any individual's virtual goods too low to raise any real interest. I would personally leave single users' use rights issues to an automated system that can actually handle the volume of events and users and involve the court in more rare and professional violations.

Anyway, thanks for the interesting discussion.