The following letter was sent from Audible Magic to one of its potential customers on 15 July 2004.
Obviously we are disturbed by the EFF's article "Audible Magic - No Silver Bullet for P2P Infringement". Putting the technical issues aside for the moment, we question how intent of the article fits in with the stated charter of the EFF? We understand that we are fair game for the debate on copyright law and civil liberties, but the article seemed to focus on an attack of the technology rather than any discussion of the civil liberties implications of the technology. Quotes like "... it is important that Universities are not sold expensive, ineffective solutions simply to appease the public relations needs of the RIAA..." seem to be misplaced.
At a policy level, we share the EFF's concerns about protecting the rights of individuals to private communication. Our CopySense appliance does not report or intercede on email, ftp, or even http traffic. With regard to P2P we share the EFF's view that P2P file sharing is a legitimate and powerful technology, that is why our technology provides the means to allow P2P file sharing networks to operate freely. However, as the EFF understands, most of the files shared on the public networks are copyrighted files that are being copied without the authorization of the copyright owners. One to one sharing of a file via email may be argued to be legitimate, however is it clear that sharing copyrighted files with 100,000 strangers goes beyond any definition of reasonable.
We are surprised that our technology has not been embraced by the EFF as a technical measure that under the right circumstances would seem to fit perfectly into the EFF's position on file sharing. Our products have been designed to allow P2P file sharing networks to operated freely while simultaneously providing copyright owners the ability to choose whether they want their works shared. If the copyright owners choose to stop sharing then the technology is able to stop the transfer in real-time without any human intervention. From a user perspective we feel this is a much less invasive approach from a privacy point of view - stop the transfer instead of focusing on monitoring the users. For Universities, the alternative in use today to solve the problem are technologies that monitor individual users for high bandwidth activity. Once found, those users are shut off from further network usage irrespective of what they are doing. This seems to us to be a less desirable approach from a policy point of view.
We also object to the premise that a network owner, especially a business, loses the right to control their network. We feel strongly that network owners have the right to dictate how their networks are used. If a network owner chooses to create a policy that no copyright works may be transferred over their networks, then they should be free to use technology to enforce those policies. That is where Audible Magic fits in.
With regard to the specifics of the article, the author makes a common error, that is comparing today's product with some theoretical possible future. What the author did by omission is validate that our product solves today's problem. With regard to the theoretical future, the author implies that creating a robust encrypted system is 'trivial'. However, as the hacker community has proven with DRM, developing an unbreakable system is far from a trivial undertaking. This is made the more difficult because of the very public nature of any network with millions of users. We at Audible Magic had already long ago envisioned those scenarios and have development strategies in place to deal with them should it prove necessary to do so. As an aside, we can understand the reason for protecting the identity of the user and providing anonymity but if the objective of these networks is to openly share files, what compelling business need is addressed by hiding the identity of the content transferred?
With regard to the other alleged weakness of the TCP reset. The author again assumes that it will be a trivial matter to get the operating system vendors, particularly Microsoft, to integrate the feature into the operating system. As many parties can attest, it is very difficult to get Microsoft to do anything others want. In addition, the thrust of the CopySense technology is not the TCP reset but the ability to block transfers of copyrighted works. The current appliance happens to use the TCP Reset to accomplish this today. There are many other technical methods of blocking transfers. Again, we have strategies to deal with them should they ever prove necessary. This is why we recommend our customers purchase a software support agreement which provides for these enhancements that keep their purchase up-to-date and protect their investment.
