CIPPIC replies: Russell McOrmond (Webmaster for

I was not a candidate in the previous election, but I believe it would be useful for people actively involved in technology law issues to offer their own thoughts on the questions for parties and candidates from the Canadian Internet Policy and Public Interest Clinic (CIPPIC).

Unlike the people at CIPPIC I am also not a lawyer or law student,
although I very much enjoy hanging out and discussing technology law
and policy with these groups. I have noted that my views on
technology law questions are different because I look at these issues
not strictly from a legal standpoint.

I am a technical person, running my own consulting company, FLORA
Community Consulting
, that includes system administration, ISP
and business/policy analysis. Part of this work includes creating new
software, as well as customizing or updating software authored by
others. Like any other creator I am dependent on copyright for my
business, but unlike some traditional creators I am part of the Commons-Based Peer
movement. The software I use, support, create or
modify is licensed under Free/Libre and Open Source Software (FLOSS)
licenses, and my non-software works are licensed under Creative Commons (or similar) licenses.

I believe it should be the creator, and not the government or
large industry associations, that determine what business model will
be used to exploit a work under copyright. My business models do not
rely on seeking monopoly rents (royalty payments), but rely on other
forms of incentives. Any imposition of monopoly rent seeking business
models onto my work would considerably discourage my creativity,
assuming I would bother to create at all in that environment.

More important than business models, I am far more concerned about
protecting follow-on creativity than I am about rewarding past
creativity. I believe that copyright is to creativity like water is
to humans: too little and you dehydrate and die, and too much and you
drown and die. I believe that the direction society is being pulled
by self-called creators' rights groups and their content industry
associations is death by drowning. I am far more concerned about
these groups harming creativity than the far less credible "sky
is falling" rhetoric from these groups about private citizens
infringing copyright causing death by dehydration. I do not apologize
for people who "share" the works of others in violation of
copyright, but feel this is a far less harmful activity to creators
and creativity than what is being proposed to solve this problem.

The following are the questions questions
, linked to the background information they use to
introduce the issues.


I believe it is critical to divide this into separate component
questions. Not all file-sharing is unauthorized, and some musicians
explicitly authorize music file-sharing. One example I know well is
Fading Ways Music, an independent label in Toronto that actively
participates in the Digital Copyright Canada forum. In 2004 they
started to license their new
releases under the Creative Commons
. All of this non-commercial
peer-to-peer (P2P) distribution is legal, and thus any conversations
claiming all Music File-sharing is illegal is simply nonsense. Any
claims that file-sharing utilities should be made illegal is also
similarly nonsense as there are clearly non-infringing uses for all
file sharing utilities.

Of the music where file sharing is not authorized by the copyright
holders, this needs to be divided into two activities: there is
receiving music (downloading) for private use, and then there is
sending music (uploading). While these two activities happen at the
same time as someone sends in order to have the other person receive,
the activities are different as far as who is authorizing them. If
you are sending music to other people when the copyright holder did
not authorize you to do so, this is currently illegal. I happen to
believe that this should stay illegal and require authorization,
although I believe that it should be treated by the courts as a minor

Thanks to the lawyers and lobbiests of the recording industry in
Canada, receiving music for private use is legal. This is part of the
Private Copying regime, part VIII of
the Canadian copyright act. In exchange for legalizing these
activities the recording industry, though the Canadian
Private Copying Collective
, receives a levy on blank audio
recording media.

There has been much hype about a recent court case involving
Canadian Recording Industry Association (CRIA), with the recording
industry invalidly claiming there is a hole in the copyright act. If
you read the decision by the Honourable Mr. Justice von Finkenstein
you will note that there is no hole in the copyright act, but if
there is one it is the private copying regime which CRIA asked for in
the first place.

If CRIA had offered any evidence of unauthorized music uploading,
a basic requirement in a music copyright case in Canada, then they
would likely have won the case. The recording industry made
"downloading" legal, they don't need a "making
available" right (which the industry would likely abuse to stop
musicians from distributing their own work, creating additional
layers of authorization requirements), and they didn't provide
evidence of "uploading". The failure of CRIA in this case
is entirely the fault of CRIA, and not a hole in the copyright act.

Most people have not read the decision. Copyright law is overly
complex, and has become as bad as tax law. As a non-lawyer I am in
strong support of simplification of copyright to make it clear what
is covered by copyright, and to make sure that is has clearly
understood limits (fair dealings, term, etc).

The private copying regime is one of those complications I am
opposed to.

In the copyright act where Collective Societies are defined, it
clarifies that these societies can collectively license "in
relation to a repertoire of works". This was a great concept,
efficiently allowing creators to join a collective and allow
customers to purchase licenses that would apply to many works of many
authors at one time rather than negotiating licenses individually.

The private copying regime is an exception. Rather than applying
to a repertoire of works of creators who chose to become part of a
collective, and customers who chose to negotiate licenses with a
collective, the mandatory private copying regime applies to all music
and applies to all users of blank audio recording media. I consider
this an extreme exception to the copyright act which disenfranchises
both musicians and their customers by disallowing a free market to
determine what music will be purchased. It also adds a complexity to
the copyright act such that now many Canadians believe that
unauthorized music distribution is legal in Canada, when this is not
at all what was said in the court judgment.

Ironically Access
, a Collective Society for publishers and creators of
written works, if often heard commenting against exceptions to
copyright, but has an obvious double standard when it comes to this
type of exception which benefits them financially.

Alternatives to the exceptions to the copyright act promoted by
the Collective Societies exist. An obvious example would be to have
collectives offer blanket licenses to private citizens to have full
access to the repertoire of the collective. People who are not
subscribers to this license, or in relation to works not part of the
repertoire, would still be infringing copyright if they "shared"
without authorization.

Rather than paying a mandatory levy on blank media, those
customers that wish simplified access to and the ability to "share"
music outside of their home with their friends should (along with
their friends) subscribe to appropriate collectives and pay a yearly
fee to do so. This would, for instance, authorize non-commercial P2P
distribution of the most standards compliant version of a file
(standard file formats like MPEG/MP3, OGG, etc, rather than
non-standard DRM files). This proposal
was also promoted by EFF
in the USA, and Canada has a head-start
in that many of the required collectives are already formed if only
they modernized their thinking.

The collectives have not yet offered this obvious option. They
have gone to great lengths to avoid taking the obvious easy route,
including trying to create a mandatory levy on ISPs which the Supreme
Court recently rejected

While the recording industry continues to claim that Internet
users are infringing their rights it should be remembered that the
ball has always been in their court to remedy the problem. No
legislative changes are required for them to move forward with modern
business models, and end the "cold war" they started with
music fans.

Protection of Copyrighted Materials:

This was the issue that brought people together under the banner
of "Canada DMCA Opponents" that later became the Digital
Copyright Canada forum. We collectively sent in approximately 650
replies (out of 700) opposing importing the USA's Digital Millennium
Copyright Act (DMCA) and its legal protection for TPM in call for
submissions in the summer of 2001.

I have written many articles over the past few years clarifying
why I am so strongly opposed to legal protection for DRM (Digital
Rights Management). I do not consider it to be a protection of
copyright, but a replacement of copyright where the rules about what
you can and can not do are authored by monopoly software vendors and
media companies rather than parliaments. This is not a regime that
can possibly help creators, but unfortunately most creators are not
technology law people and thus don't recognize the dire consequences
of this regulation of technology. They believe they will be in
control of the DRM, when in fact DRM will be used as a way for these
software/media monopolies to take control away from creators and
their audiences.

I believe that any 'hardware assist' for communications, whether
it be eye-glasses, VCR's, or personal computers, must be under the
control of the citizen and not a third party. I believe that being in
control of these tools for lawful purposes is part of the ownership
rights associated with these tools, and consider the revoking of this
control to be a form of theft.

I wrote about this in a few of my open
letters with traditional author Susan Crean
. (See April 26,
2004). I also spoke about this in a recent intervention
before the Standing Committee on Industry, Science and Technology

Use of Internet Materials:

I believe this is another area where lawyers collide and come up
with answers different than make sense to me. The educators wanted to
get clarification about what they can do with works on the Internet.
As most copyright holders on the Internet are not lawyers, nor are
the teachers in the classroom, some simple non-legalistic
clarifications were needed.

Unfortunately when lawyers look at the copyright act they see
black-and-white: what is not authorized by the copyright holder is
prohibited, and the only way to authorize something is by a complex
legalistic copyright license agreement which few other than lawyers
understand. They see trying to clarify the royalty-free usage of
Internet materials as an exception to the copyright act.

As a non-lawyer who has been publishing materials on the public
Internet for more than a decade, mostly without any copyright license
at all, I see the issue very differently. When a copyright holder
publishes on the public Internet, whether they use a license
agreement or not, they understand that they are authorizing
royalty-free verbatim distribution. Much of the Internet functions by
making copies from one node on the Internet to another, and in many
cases such as the public World Wide Web there are very high-profile
sites like Google and the WayBack
that republish these works verbatim. If a copyright
holder did not want to authorize royalty-free verbatim distribution
of their works, then they must put their works on the private part of
the Internet.

The Heritage
Committee discussed the question
about what the Public Internet
was, and came up with the following recommendation in their Interim
Report on Copyright Reform


The Committee recommends that publicly available material
be defined as material that is available on public Internet sites
(sites that do not require subscriptions or passwords and for which
there is no associated fee or technological protection measures which
restrict access or use) and is accompanied by notice from the
copyright owner explicitly consenting that the material can be used
without prior payment or permission.

This recommendation is close, but not quite correct given most
copyright holders publishing on the Internet are not lawyers and they
do not accompany their materials with a notice. In order for this
solution to be workable the lawyers need to back down and recognize
that the "and is accompanied by" needs to be changed to "OR
is accompanied by". Any material published by a copyright holder
on the public Internet is authorized for royalty-free verbatim
copying, and any notice that tries to claim royalties or prohibit
verbatim copying should be considered invalid by the courts.
Materials on the private Internet (sites that use passwords or other
technological protection measures which restrict access or use) may
also be accompanied by a notice such as a Creative Commons license
which authorizes royalty-free distribution.

Unfortunately thus far the lawyers have won out in the Heritage
committee. Rather than offering a clarification about the
royalty-free status of the Internet, they suggested yet another
exception to copyright. Like the exception that brought us the
Private Copying regime, Heritage committee wishes to authorize
collective societies such as Access Copyright to collect outside of
their repertoire and collect a mandatory levy from educational
institutions for the use of royalty-free Internet distributed works.

As a copyright holder who uses business models outside of royalty
collection I will never be a member of Access Copyright. These
collective societies are calling for these exceptions to copyright to
allow them to collect royalties on my work. I have yet to have an
adequate explanation of how this exception is different than what
they would otherwise call "commercial piracy".

ISP Liability for
copyright infringement:

This is another area where the lawyers need to remember than most
of society are not lawyers. I consider the "notice and
take-down" proposal to really be the "claim and censor"
proposal. ISPs are not in a position to be able to determine if a
letter received is from a legitimate copyright holder with a
legitimate infringement claim. As an ISP who spends time analyzing
technology law, I am aware that there is debate among lawyers as to
what is copyright infringement (witness the misconceptions about the
CRIA music file sharing case).

Even without the considerable room for error and abuse, I consider
the harm to charter rights (freedom of speech) of removing legal
works from the Internet to be far greater than the harm of delaying
removing copyright infringing works until a court order is served.
For copyright infringement there is the ability to deal with
compensation in a remedy stage of a court case, where receiving a
remedy from a false accusation of copyright infringement would be far
harder for a citizen to fight to receive.

ISPs should be considered mere conduits for communication,
something that the Supreme
generally agrees with. I do not believe, however, that
Internet packets are the only type of communication that ISPs should
be conduits for.

I believe that ISPs should be required to work as a communications
intermediaries between their customers and copyright holders. The
copyright holders do not have an efficient way to connect materials
on the Internet with the ISP customers that are publishing them. This
is the "Notice and Notice" system, which may even be
appropriate to be called the "notice+notice,
acknowledge+acknowledge" system given there is a need to ensure
that an acknowledgment to the claim of copyright infringement is
relayed from the customer back to the copyright holder. The copyright
holder should be able to know that the customer received the
allegation of copyright infringement, and that if the customer does
not remove the material that the customer can not claim they didn't
realize it was infringing in a later court case.

Open Source

I am the co-coordinator of GOSLING
(Getting Open Source Logic INto Governments). I go further than just
supporting the additional use of Open Source in government, but
believe this to be a basic accountability issue. I agree with
Lawrence Lessig and others who
suggest that "code is law", going so far as to call myself
a "software paralegal" in a recent

I look at software as a form of policy, and then apply existing
government policy to this. I believe that all citizens should have
the following rights with respect to non-classified software
acquired, used, created and distributed by government:

  • The right to run the program, for any lawful purpose (right 0).

  • The right to study how the program works, and adapt it to your needs (right 1). Access to the source code is a precondition for this.

  • The right to redistribute copies (right 2).

  • The right to improve the program, and release these improvements to the public, so that the whole community benefits (right 3). Access to the source code is a precondition for this.

Right 0+1 are simple transparency and accountability in government
policy, given "code is law" (software is the policy that
governs the operation of computer hardware).

Right 1 is also a critical accelerator for education, the ability
to study existing software being important for learning how to create
new software. Imagine law students not being allowed to read laws or
precedent, and you can see some of the problems in software

Right 1+2 also serves the same accountability roll as other
"access to Information" laws.

Right 2+3 are advanced forms of economic accelerator policies. I
believe this would be far more beneficial to our economy than current
National Research Council's Industrial Research Assistance Program
(NRC-IRAP) or related
government programs which often cost more money.

These rights also happen to be a rewording of the Free
Software definition
from the Free Software Foundation.


I believe this is primarily a technical and not a legal issue.
Current email traffic on the Internet is anonymous. You can not trust
the envelope addresses, nor any of the addresses within the message.
There are technical projects underway such as Sender
Policy Framework (SPF)
to standardize on ways to make the from
address on the envelope more trustworthy. This will make tracking
SPAM easier, but is not some final solution.

This is like caller-ID is for a telephone: it does not stop
telephone markers from phoning you, but it does allow you to set up
filters to not ring your phone for anyone not willing to tell you
their ID. It allows you to set up a whitelist (a list who you want to
receive calls from) and a blacklist (list who you never want to
receive calls from).

It is unfortunate, but the only complete solution involves user
education and digital signatures. People will need to learn how to
use software which will check the signatures of messages, and do
different things with a message depending on whether the sender is a
known or unknown person. This will make contacting someone "out
of the blue" far harder than it is today, but this is a balance
that people need to consider.

Once email can be easily tracked back to a sender, existing laws
such as harassment laws can be applied.

ID cards:

As you read this article you can likely tell that I believe that
current policy makers are not generally aware of how technology
works. We have many examples of failed IT projects like the gun
registry, and Chapter 1 of the 2003
Auditor Generals Report
(Information Technology: Government
On-Line) which I believe represented more government waste than
chapter 3 (sponsorship program).

I do not consider the gun registry or
government on-line to be failed policy, but they are definitely
failed IT project showing the inability of current governments to
manage what are relatively simple IT projects.

I do not believe the government
can be trusted to protect the privacy of Canadian citizens in the
case of National ID cards and associated databases. There may be the
best of intentions in having a single National ID card, but we as a
society are simply not advanced enough to be able to manage this. The
privacy problems are considerable, room for mismanagement
considerable, and the benefit minimal.

Article also on:

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

OpenSource protects the public interest

Regarding the protection of public money in relation to investments in
technology it should be emphasized that governments should not invest in systems which require them to place the public's information into
proprietary, non-open systems which then tie the government to a
specific vendor over the long term and therefore restrict the public's
ability to access information without paying fees to 3rd a third party.

Specifically, if the government uses a proprietary technology to store public information, the public is then, from that day forward required to pay the vendor which holds the rights to the technology in order to gain access to it's own information. In effect, the vendor now "owns" the public's information because it is trapped in a "secret" proprietary format which requires license fees to access it.

The vendor could therefore hold the public's information "hostage"
requiring it to pay higher fees and so on.

On a related topic, when the government pays to have software developed using public money the resulting technology should be available for the benefit all Canadians.

This concept has wide precedent in most area's of government. When the
government pays for reports those reports (and the knowledge they
contain) are available for free (or at a nominal charge) to all
citizens. The concept applies equally well to technology. By releasing
the software to the public the public can continue to benefit from the
investment outside of the original scope of the project. Furthermore the government may very well benefit from others contributing to the code.

I will cite two specific examples where this may apply.

1) Elections Canada: I have just finished a stint working for elections Canada in a returning office (in fact in Reg Alcock's riding). The software which has been developed (at large expense) by elections Canada for Revisions Systems is quite good and does its job reasonably well. If this software was made available to the public at large it is reasonable to imagine that other jurisdictions could benefit from its use.

Certainly the provinces and cities could utilize the system to manage
their own elections. As it stands, each jurisdiction is required to
develop their own systems which have duplicate functionality.

Should the the public really be expected to pay for the same system to
be developed multiple times simply because one level of government does not share with another?

Furthermore, the federal government stands to reap enormous benefit from the wider use of its software. The more users of the software there is the more bugs are found and fixed. As many of these other users have considerable resources of their own it is likely they will make enhancements and fixes to the code which will continue to improve the software for the benefit of all Canadians.

2) Gun Registry: In my view it is very likely that the technology
companies involved in developing the software for the Canadian Gun
Registry far exceeded their budget because bureaucrats which were
assigned to procure the software lacked expertise in the software
development field.

If the software was "public", independent software experts could
evaluate it and keep the contractors "honest" about what was delivered
and for what price.

Additionally, it is not inconceivable that this software could be
adapted to other uses of a similar nature. While their might not be any other need for national gun registry software, all kinds of
organizations have requirements for registration software. As there
would be many similarities between registration systems why not allow
other groups to use these systems as a starting point for their own
development if applicable?

These are just two examples but their are many many more.