Newspaper Paywalls and the Absurd Overreach of Conservative Copyright Reform
I’ve been thinking through how to write this post for a while. I hope I don’t regret it. But recently a commenter forced the issue, and I had to censor her (his?) comment, and since I don’t like doing that without explanation, I suppose that’s what I’ll do today. Today is a three-part story about the Harper regime’s excessive attempts to punish responsible and harmless actions by normally law-abiding Canadians.
On that note, the first part of our story are the new reforms to the copyright law, contained in Bill C-11, also known as the Copyright Modernization Act. (For those who don’t want to pore over dry legalese, Lawyers’ Weekly has an accessible summary.) Among other things, Bill C-11 outlaws any attempt to avoid, bypass, remove, deactivate, or circumvent a “technological protection measure” — itself defined as “any effective technology… [that] controls access to a work.” This means, for instance, that it is now illegal to make a copy of a DVD, even if it is a DVD you already own and you’re not planning on giving the copy to anyone else.
The bill is schizophrenic in its approach to copyright protection. On the one hand, it lays out a variety of new fair dealing rights, clarifying that Canadians usually can, for instance, make backup copies of copyrighted works that they already own. (But you can’t distribute them.) But the bill also sets out this new category of technological protection measures. If a work has a “technological protection measure” on it — if it’s encrypted, or has a digital lock, like an e-book, for instance — then you can be taken to court for copying it. Even, presumably, for personal purposes. For the record, all commercial DVDs are (very weakly) encrypted.
Which brings us to part 2 of my story: newspaper paywalls. Newspaper paywalls are becoming disturbingly commonplace, and will likely be universal among major papers a few years from now. We’ll take just a hypothetical example of how these newspaper paywalls work. We’ll call it by a hypothetical name: the Map and Parcel.
Now, when you visit the hypothetical Map and Parcel‘s website, as near as I can make out, the newspaper’s website uses a technology protection measure. It installs what is known as a cookie on your web browser. That cookie counts the number of times you go to the paper’s website and read an article. When you reach an arbitrary limit — let’s say, 25 articles per month — then the cookie flags you as having maxed out your free articles for the month. Then, every time you try to read an article, the paper’s website puts up a warning saying you’ve reached your limit for the month and, if you want to keep reading, you’ll need to buy a subscription.
This is, as near as I can make out, a technological protection measure. To use the language of the new law, it’s a piece of code which, “in the ordinary course of its operation, controls access to a work.” That’s the definition of a technological protection measure. So you certainly shouldn’t do anything to “avoid, bypass, remove, deactivate or impair” the Map & Parcel‘s cookie system. That would, as near as I can make out, be illegal under the new law.
Which brings us to part 3 of my story. Cookies are a security risk. They’re not executable code, so they won’t contain viruses; but they do allow websites you access to track your visits and what you do on those sites. That’s part of the benefit of cookies. Websites can track your personal preferences; they can recognize that you’ve visited before, and not require you to go though a full login, for instance. On the other hand, there are obvious privacy implications. So all major Web browsers allow you to block cookies — either across the board, or at specific sites that you choose not to accept cookies from.
Here we arrive at the crux of the matter. A common-sense security measure built in to all modern Web browsers — blocking cookies that could be used to invade your privacy or, in a few unlikely but plausible scenarios, compromise your computer’s security — also has the side effect of blocking a Map & Post-style technological protection measure, thus enabling you to surf the website to your black, law-breaking heart’s content without encountering an article-limit warning.
So the obvious question is, has the federal government potentially made blocking browser cookies illegal?
I don’t know the answer to that question, but I suspect the answer is yes, so I would be a little bit hesitant about taking some fellow bloggers’ advice and trying to break the paywall barriers of newspapers like the Map and Parcel.
Tweet
Troy
Wouldn’t the html programmer just add an ‘if’, then’ command?
If browser changes, declines, or blocks cookie, then don’t show the website.
I do agree, though, this piece of legislation is overreach. It seems too damn expensive and troublesome to enforce. Will the Map and Parcel have the RCMP knocking on people’s doors, with the accusation, “We know you’re in there, getting your news articles for free!”
If the Map and Parcel were really serious about recouping revenue, online, then probably the only method would be to challenge Google’s monopoly on ad revenue.
Anon
Good point. If I set my browser to automatically delete cookies when I exit th browser, then who is breaking the law? Me, for selecting the option, or the browser manufacturer for creating the option? Will the GoC send department of justice lawyers and the RCMP around the world to prosecute all the browser manufacturers who implement this cookie deletion functionality?
It is an absurd law that cannot be effectively enforced.
pogge
all major Web browsers allow you to block cookies
And operating system cleanup tools and any number of utilities for fighting malware make deleting cookies a routine part of their operations. So any number of software vendors could be complicit in violations of this law.
If I have to fight a malware infection and clean out cookies in the process, am I morally obligated to avoid every media site that has a paywall system like the one described for the rest of the month? What if the cycle doesn’t correspond to the calendar month — how would I know how long I should restrain myself? What if I didn’t realize there was a paywall in effect and was just about to bump into it when I coincidentally deleted the cookie?
It’s a mess.
jrkrideau
I’m not sure I understand this argument. I am not breaking any technological encryption–I am simply removing a piece of unwanted and un-asked-for software from my computer.
Sixth Estate
The law doesn’t say breaking. It says breaking, bypassing, or impairing. It also doesn’t say encrypted. It says anything that controls access. In this case there’s a system in place which involves a piece of software on the server and a cookie installed on your computer, which collectively controls access to the website of the newspaper.
Deleting the cookie would appear to be an instance of bypassing or impairing that control system.
Sixth Estate
Troy — You’d think they would consider that. However, in my hypothetical example, they have not.
I did think of that, too.
Sixth Estate
Anon and pogge — Under the law, the person who makes a circumvention program is only guilty if it has no practical legal utility other than for breaking digital locks. Browsers obviously wouldn’t fit that definition.
me-me-me-its-all-about-me
An interesting comment on newspapers and pay walls.
My own take on it is that our friendly Map and Parcel actually isn’t interested in making it too difficult to get into their website. If they were, there is technology out there that they could use that would keep most of us out. (Okay, Hackers Anonymous might get in.)
Rather, they want to keep their site numbers up while at the same time getting some (or most) people to fork over the money. Hence the security is there to annoy us, rather than to keep us out.
At some point in the future, pay walls may become common enough that they feel they can adopt some industrial-strength protection. But for now they are happy to use “loosie-goosie” security measures.
So are Vic Toews’ Internet Security Police going to be coming after us?
Probably not as (per above) one or two people being hauled into court would certainly frighten away a lot of people from the Map and Parcel’s website.
But it is an interesting question as to whether bypassing some rather feeble security locks (and yes, our friendly Map and Parcel would have people on staff who would be quite well aware of the limitations of its security arrangements) constitutes a crime.
One could imagine a conviction or a judge ruling that the language is overly broad in that it criminalizes rather innocuous activities such as deleting your cookies.