Tangled in the Threads

Jon Udell, October 4, 2001

Book Review: CyberRegs

A guide to web property, privacy, and patents

Bill Zoellick's book is a must-read not only for managers of Internet businesses, but for technologists who need to understand complex and evolving legal frameworks.
CyberRegs: A Business Guide to Web Property, Privacy, and Patents
Addison-Wesley, 2001
ISBN 0-201-72230-5
$39.99

Very occasionally, I use this space to review a book that is of unusual quality and importance. Bill Zoellick's CyberRegs: A Business Guide to Web Property, Privacy, and Patents meets those criteria. Those of us who ply our trade as developers of Internet software, and purveyors of Internet content, increasingly face issues which -- as technologists rather than lawyers -- we are ill-equipped to understand. Zoellick surveys four of the major ways that Internet-oriented business intersects with evolving legal frameworks: copyright, patents, electronic signatures, and privacy. In each of these cases, this superbly well-written book asks and answers three key questions. First, what is the pertinent legal framework, and how did it evolve? Second, what does this mean for your Internet-oriented business today? Third, where are things headed, and how should you align your interests with -- or try to influence the development of -- the coming regimes?

Copyright versus innovation

Zoellick beings by chronicling the saga of Napster, the lightning rod that made clear just how dramatically the Internet transforms the age-old struggle to balance the conflicting needs of producers and consumers of content. We tend to think that copyright protects the rights of authors, or creators, of content. But as Zoellick reminds us, that was not always so. Copyrights were in fact originally owned by booksellers, not authors, and served to create a limited monopoly for the booksellers. The idea of authorial rights was, says Zoellick, a politically-motivated feint:

Foreshadowing today's assertions by the record companies, it was the bookseller who argued that copyright was important in protecting the author from villains who would otherwise appropriate his work...

In the eighteenth century, as is true today, it was much more politically effective for publishers to argue on behalf of the authors than on behalf of their own interest in monopoly rights."

The romantic notion of authorial rights was never the focus of US copyright law. Rather, the US Constitution stressed a utilitiarian social benefit -- "To promote the progress of science and useful arts" -- and accordingly sought to limit the copyright holder's control by providing for "fair use" copying of material.

Most of us would agree that the kind of wholesale appropriation of music that Napster enabled went far beyond any reasonable definition of fair use. But most of us would also agree with Bertelsmann CEO Thomas Middlehoff, who said of Napster's 40 million users: "They can't all be criminals." The lesson to be drawn from this conundrum, says Zoellick, is that neither rigid application of existing copyright law, nor hasty adjustments to it -- as seen in the Digital Millenium Copyright Act of 1998 -- are likely to help us strike the right balance among competing interests, as we ride the inexorable wave of Internet-enabled content distribution. The right way forward, Zoellick argues, just isn't clear, so let's try to buy some time. The Bertelsmann/Napster deal, which did just that, earns his praise:

Perhaps the most powerful and important lesson that can be drawn from the Napster story is that active, enlightened business leadership can initiate solutions to the copyright versus innovation dilemma that are simply beyond the reach of the courts.

The section on copyright concludes with a case study drawn from Zoellick's own experience running a business that delivered Web-based reports to clients. The lessons he learned there closely parallel those I myself have learned as a developer of the Safari online books service. It's possible to employ a range of strong protections that lock up the content, tie it to specific devices, prevent it from being printed, and so on. But the result will be an unecessarily adversarial relationship between the producer and consumer. Instead, Zoellick opted for weaker protections of content that was licensed rather than sold outright. The business became a subscription service, delivering an evolving stream of content. Securing a licensing agreement is, Zoellick points out, more complicated than just making a one-time sale. But that may be changing. The Uniform Computer Information Transactions Act (UCITA), if widely adopted, could make click-wrap agreements enforceable as contracts.

In the end, Zoellick suggests, information producers will best profit from electronic delivery of content not by locking it up, but by entering into ongoing relationships with consumers. Through such relationships, new opportunities emerge. For example, a Bertelsmann/Napster music service could also be a vehicle for selling concert tickets.

During Napster's heyday, it seemed for a while that Internet delivery of content might tilt the scales heavily in favor of consumers. In fact, says Zoellick, producers may soon find themselves in a stronger position than ever before. All consumption of digital content is mediated by computers and software, creating the opportunity for controls that were never possible in the era of analog content. Licensing agreements also favor publishers, since users can be persuaded to sign away the rights (ownership, resale) normally associated with the purchase of copyrighted material. As we negotiate our way across this newly-changed landscape, we should all heed Zoellick's thoughtful restatement of the basic principle underlying copyright:

We all consume and process more information than we produce. The book you are holding inyour hands is an example of that fact. It is a unique and, I hope, useful integration and analysis of a great deal of information that I have assembled from other sources. I certainly hope to preserve the rights that my publisher and I share in this work so we can profit from it directly. But the work would not be here in the first place if I had not had broad access to enormous amounts of other information at reasonable cost. It would not be available if I had been constrained in citing, critiquing, and in other ways building upon the work of others.

The same is true for most of the work we do. The framers of the Constitution did not put it this way, but they were concerned with the same basic truth: increasing the velocity of information exchange and reuse benefits business and society as a whole. We need to make sure that, in our zeal to protect information, we do not diminish its broader utility.

Are software and business-method patents evil?

The W3C's patent policy framework (PPF, August 2001) is now coming under intense scrutiny. UserLand's Dave Winer characterizes it as a power grab by Microsoft, Philips, Apple, and Hewlett-Packard. The PPF document lays the groundwork for a distinction between infrastructure that is implementable on a royalty-free (RF) basis (patents are freely licensed), versus infrastructure that is implemented on a reasonable and non-discriminatory (RAND) basis (patents are not freely licensed). Says the document:

In developing a new patent policy for W3C Activities, our goal is to affirm the Web community's longstanding preference for Recommendations that can be implemented on a royalty-free (RF) basis. Where that is not possible, the new policy will provide a framework to assure maximum possible openness based on reasonable, non-discriminatory (RAND) licensing terms.

The authors go on to suggest that while it's critical for lower-level Web infrastructure to be implementable on an RF basis, proposed W3C standards that address higher-level application-layer technology may have "a higher tolerance for RAND terms." This is, however, a dubious distinction. Is SVG, which to my surprise may be a patent-encumbered technology, an application-layer technology, or a building block? The latter, I should think.

Zoellick's section on patents provides a timely, excellent, and sorely-needed perspective on the many complex issues involved in this hot debate. It starts with a review of the notorious Amazon 1-Click patent, and the underlying legal framework that has supported a wild proliferation of business-method patents. He concludes, first, that the courts are not interested in hearing debate about whether business method patents are or are not a good thing. In the landmark State Street decision, the Federal Circuit Court overruled an objection that such broad subject matter should not be patentable. So, writes Zoellick, would-be attackers of a patent must focus narrowly on issues of non-obviousness and prior art.

The book takes a long view as to whether patents, whether on business methods or on software, will promote or hinder innovation. Two case studies provide a fascinating counterpoint. First, Zoellick considers the fate of VisiCalc, which today would have had a much greater chance of receiving a patent than it did in 1979. Lacking any such protection, VisiCalc was destroyed by Lotus 1-2-3. Since 1-2-3 was generally acknowledged to be a superior product, this result was arguably a benefit to the market as a whole. But, didn't the process undervalue the contributions of the original innovator, Dan Bricklin? Patents, like copyrights, secure a limited monopoly in order to encourage innovators to take risks and make investments that lead to progress. The counterexample is Stac v. Microsoft. In this case, Stac Electronics patented the data compression at the core of its disk compression product, Stacker. Microsoft infringed on the patent by including its own DoubleSpace utility in DOS 6.0. Patent protection worked for Stac. The court ruled in Stac's favor; Microsoft paid Stac damages for infringement, and also paid ongoing licensing fees. Writes Zoellick:

The software side of Stac was still operating in the year 2000, renaming itself as Previo and addressing the market for networked support systems for end-user devices. VisiCalc, on the other hand, was dead after six years. The advantages of patent protection for pioneering companies in new markets seem clear. Patents can provide real protection for early market developers from others who come into the market once the pioneers have paved the way.

One fascinating chapter details the story of Walker Digital, the parent company that spun off Priceline. The company is literally an idea factory, focused on the value of its inventions. This, Zoellick suggests, may make a lot of sense. Automating existing business processes is, arguably, a game of diminishing returns. As all programmers know, there are limits to the amount of optimization that you can squeeze out of an existing algorithm. The real quantum leaps occur when you discover a new algorithm. The patent system exists to reward such creativity, and we should perhaps not reject such use of patents out of hand.

Still, we are right to be deeply troubled by the prospect of non-royalty-free patents invading the core of what has until now been considered a wholly open Internet infrastructure. To that end, Zoellick's discussion of a recent proposal to change patent law is of extreme interest. A legislative "trial balloon," H.R. 5364, takes particular aim at business method patents, suggesting several ways to strengthen the hand of patent opposers while at the same time raising the bar on proof of non-obviousness, and on disclosure of known prior art. This, says Zoellick, is only the first step in the right direction. Congress has been "missing in action" when it comes to guiding patent policy at a high level. Meanwhile the courts have focused on narrow decisions which, absent a guiding framework, end up setting policy even when they pretend that they don't.

Every Internet business is affected by these issues. There are reasonable arguments both for and against patents. What we need, Zoellick suggests, is to find ways to maximize the benefits of patents while limiting their abuse. A crucial first step, he writes, will be "to encourage Congress to greatly strengthen the opportunities for public input and engagement in the patent process."

Identity and privacy

The final two sections of the book address two other vexing and multi-faceted issues: identity, and privacy. They proceed in the same style: deeply-researched exploration of legal frameworks (such as the E-SIGN act, discussed in an earlier column), agnostic consideration of all sides of these inevitably polarizing issues, and sound advice for Internet businesses and legislators wrestling with them. The advice is pragmatic. For example, Zoellick offers useful rules for businesses to decide when (and when not) it makes sense to implement digital signatures.

In the realm of privacy, he warns that technology that aims to define and implement specific privacy rights finds itself on a slippery slope, because such rights come into conflict with countervailing rights -- a conflict now greatly magnified by the events of September 11. Legislation that grants users specific and granular control over personal information may, in fact, not make sense. Plus, it could impose regulatory burdens greater than small and innovative Internet businesses can bear. Just as E-SIGN aims to legitimize electronic signatures without defining exactly how to implement them, so too, Zoellick suggests, privacy legislation might best focus conservatively on practical ways to encourage businesses to regulate themselves.

Rather than trying to shepherd in a new era of trust through ambitious new regulatory schemes to guarantee and monitor protection of customer information, business might be just as well served by providing good service, treating the customer right, and giving this new idea [Web shopping] another five years to become more familiar.

Each of the book's four sections concludes with an annotated reading list -- a jumping-off point for deeper exploration. One of the books cited is Lawrence Lessig's seminal Code and Other Laws of Cyberspace. "If you are interested in what I am saying here," says Zoellick, "you should look at Code." The reverse is also true. If you are interested in Lessig's meditations on how code, law, markets, and social norms regulate cyberspace, you will be equally drawn to Zoellick's wide-ranging, thoughtful, and eminently practical CyberRegs.


Jon Udell (http://udell.roninhouse.com/) was BYTE Magazine's executive editor for new media, the architect of the original www.byte.com, and author of BYTE's Web Project column. He is the author of Practical Internet Groupware, from O'Reilly and Associates. Jon now works as an independent Web/Internet consultant. His recent BYTE.com columns are archived at http://www.byte.com/tangled/

Creative Commons License
This work is licensed under a Creative Commons License.