Gouvernement du Canada | Government of Canada
Symbole du gouvernement du Canada

Liens de la barre de menu commune

Archivée - Digital Security Coalition

Information archivée dans le Web

Information identifiée comme étant archivée dans le Web à des fins de consultation, de recherche ou de tenue de documents. Elle n’a pas été modifiée ni mise à jour depuis la date de son archivage. Les pages Web qui sont archivées dans le Web ne sont pas assujetties aux normes applicables au Web du gouvernement du Canada. Conformément à la Politique de communication du gouvernement du Canada, vous pouvez la demander sous d’autres formes. Ses coordonnées figurent à la page « Contactez-nous »

Avertissement

Toutes les soumissions ont été affichées dans la langue officielle dans laquelle elles ont été reçues. Tous les renseignements personnels ont été supprimés, sauf le nom du signataire.


October 13, 2009

VIA Email (info@copyrightconsultation.gc.ca)

The Honourable Tony Clement, P.C., M.P.
Minister of Industry
5th Floor, West Tower, C.D. Howe Bldg.
235 Queen St.
Ottawa, Ontario
K1A 0H5

The Honourable James Moore, P.C., M.P.
Minister of Canadian Heritage and Official Languages
15 Eddy St.
Gatineau, Quebec
K1A 0M5

Dear Ministers:

Re: National Consultations on Copyright

The Digital Security Coalition (DSC) is a coalition of leading Canadian digital security companies. The Digital Security Coalition's mandate is to advocate on behalf of its members and on behalf of all Canadians for sound public policies and laws affecting digital security technologies.

The Canadian security research community has historically operated in an unregulated environment. In our view, Canada has been well-served by that policy. Canada's security community is among the most vibrant and entrepreneurial in the world; innovation and creativity thrive. We develop world-class technology, and in the process develop and employ world-class researchers.

We write to you in response to the call for submissions from Canadians who are concerned with copyright. Our submission to your committee addresses issues related to Technological Protection Measures (TPMs). Anti-circumvention rules should not apply in non-infringing circumstances, so they do not inadvertently impede ongoing research and innovation. The risk is in harming emerging Canadian digital security companies, and putting a "liability chill" on research in this area. Our concerns are summarized in three points:

  1. the need to avoid adopting harsh measures that would result in a "liability chill",
  2. the need to recognize that harsh measures may have the unintended effect of bolstering online threats and thereby result in a loss of consumer confidence in ecommerce and internet communications as well as other new technologies, and
  3. the need to eliminate the competitive disadvantage created by the narrow defence of fair dealing for legality of reverse engineering and security research.

It is our hope that this submission details the role Canadian security researchers play in realizing Canada's commitment to fostering an innovation economy.

1. Canadian copyright law should facilitate innovation and creativity

Security firms address security weaknesses by circumventing technological protection measures. Rigid copyright or Anti-circumvention laws, such as the Digital Millennium Copyright Act (DMCA), create barriers for security researchers addressing these weaknesses. The DMCA, which has had a demonstrably negative impact on security research in the United States, would have an equally negative impact in Canada. Graduate students1, academics,2 and researchers3 who made their research public have been the target of DMCA related litigation. Liability concerns are cited as the reasons some researchers choose to withhold research4. No one will benefit from the "liability chill" these laws will create. Researchers may decide against trying to build stronger TPMs for fear of getting sued or charged; they will simply move on to another area of research. In our view, bona fide security research should never infringe copyright or Anti-circumvention laws, nor should it have to operate under the shadow of the law and fear of liability. Should this government elect to enact Anti-circumvention laws, it should do so in a manner that facilitates innovation and creativity, not hinders it. This would include a provision to exempt security research activities from legal liability.

2. Security research help foster consumer confidence in new technologies

Canadians consumers must trust and have confidence in ecommerce and internet communications as well as other new technologies if Canada is going to position itself as a leader in the global digital economy. Security research and related mechanisms play a central role in fostering consumer confidence, especially as malware authors become increasingly sophisticated computer crime grows exponentially. Implementing broad Anti-circumvention laws may inadvertently protect and provide opportunities for spyware distributors and virus writers5 and would undermine consumer confidence.

3. Modernize copyright law by modernizing fair dealing.

Canadian innovators rely on an unacceptably narrow defence of fair dealing for the legality of reverse engineering and security research not faced by its competitors in the global marketplace. The failure to introduce greater flexibility within the fair dealing framework hampers Canadian innovation and leaves us behind a growing list of countries with more a flexible statute. Canada should address this competitive disadvantage by modernizing fair dealing.

Conclusion

We thank you for giving us the opportunity to offer these submissions for your consideration. We trust that you will find them helpful. The DSC accordingly offers its experience and expertise to government policy-makers. We would welcome the opportunity to engage with you further about Canada's security research community and the policies that support it.

Yours truly,

Brian O'Higgins


About the Digital Security Coalition

The Digital Security Coalition is a coalition of leading Canadian digital security companies. The Digital Security Coalition's mandate is to advocate on behalf of its members and of all Canadians for sound public policies and laws affecting digital security technologies.

Members

AEPOS Technologies Corporation
Black Arts Illuminated Inc.
Bob Young
Borderware Technologies Inc.
Bridon Security & Training Services
Certicom Corp.
CMS Consulting Inc.
Digital Defence Inc.
Elytra Enterprises Inc.
Innusec Inc.
Klocwork Inc.
Priosec
Q1 Labs Inc.
Random Knowledge Inc.
Borderware Technologies
Rigel Kent Security and Advisory Services
Security Objectives
Technical Security & Intelligence
Titus Labs Inc.
Third Brigade Ltd.,
VE Networks Inc.


[1] John Borland, "Student faces suit over key to CD locks," CNET NEWS, Oct. 9, 2003 news.com.com; David Becker, "Testing Microsoft and the DMCA," CNET NEWS, April 15, 2003 news.cnet.com;

[2] Pamela Samuelson, "Anticircumvention Rules: Threat to Science," 293 SCIENCE 2028, Sept. 14, 2001; Letter from Matthew Oppenheim, SDMI General Counsel, to Prof. Edward Felten, April 9, 2001 cryptome.org/sdmi-attack.htm Felten v. RIAA: EFF Case Archive www.eff.org.

[3] Declan McCullagh, "Security Warning Draws DMCA Threat," CNET NEWS, July 30, 2002 news.com.com; Niels Ferguson, "Censorship in Action: Why I Don't Publish My HDCP Results," Aug. 15, 2001 www.macfergus.com;

[4] Niels Ferguson, "Censorship in Action: Why I Don't Publish My HDCP Results," Aug. 15, 2001 http://www.macfergus.com/niels/dmca/cia.html; Robert Lemos, "Security Workers: Copyright Law Stifles," CNET NEWS, Sept. 6, 2001 news.com.com.

[5]United States Computer Emergency Readiness Team issued the following advisory about the problems created by Sony's use of the XCP Digital Rights Management software. www.us-cert.gov