Property Is a Two-Way Street: Personal Copyright Use and Implied Authorization

When we use the Internet, we know that copyright law limits our freedom. We know, for example, that downloading popular music is legally risky. Those who want to get moralistic about it argue that illegal downloading violates a property right of the copyright holder. But what about our property rights in our computers? Even if copyright is a form of property, it maintains a parallel existence as an intrusion upon property rights. This intrusion is increasingly a part of daily life, as copyright\u27s literal scope sweeps broadly enough to threaten a range of everyday activities that social norms rega rd as acceptable. These observations form the basis of a moral critique of copyright law, but they do not figure prominently in modern doctrine. This Article looks to the common law property rights of copyright users to develop a framework for limiting copyright\u27s reach. If we take seriously traditional rules governing the interplay between statutes and preexisting common law rights, courts have room to incorporate user property rights into copyright doctrine. First, the common law provides a baseline against which the Copyright Act should be construed. Courts should be reluctant to interpret the statute in a manner that negates longstanding expectations that personal property may be used in conjunction with copyrighted material for personal purposes. Second, the property rights of copyright users offer a new foundation for implied license doctrine. Instead of looking solely to the conduct of the licensor (i.e., the copyright holder) to determine whether an implied license to use copyrighted content exists, courts should appreciate the reasonable expectations of consumers in their control of personal property used to interact with the protected works. Expanding our conception of implied license in this manner would help address the uneasy status of personal uses of copyrighted work s under modern law

Technological Self-Help and Equality in Cyberspace

New technologies challenge the law in many ways, for example, they extend one’s capacity to harm others and to defend oneself from harm by others. These changes require the law to decide whether we have legal rights to be free from those harms, and whether we may react against those harms extrajudicially through some form of self-help (e.g., self-defence or defence of third parties) or whether we must resort to legal mechanisms alone. These questions have been challenging to answer in the cyberspace context, where new interests and new harms have emerged. The legal limits on permissible self-defence have historically been a function of necessity and proportionality to the threat.However, this article argues that case law and historical commentary reveal that equality between individuals is also an important policy issue underlying the limits on self-defence. The use of technologies in self-defence brings the question of equality to the fore since technologies may sometimes neutralize an inequality in strength between an attacker and a defender. A legal approach that limits resort to technological tools in self-defence would ratify and preserve that inequality.However, the relationship between technology and human equality is complex, and this article proposes an analytical structure for understanding it. The objective is to understand which technologies promote equality while imposing the least social costs when used in self-defence. The article proposes principles (including explicit consideration of the effects on equality) for setting limits on technological self-help, and illustrates their use by applying them to several forms of cyberspace counter-strikes against hackers, phishers, spammers, and peer-to-peer networks.Les nouvelles technologies posent de nombreux défis en droit. À titre d’exemple, elles augmentent la capacité des individus d’infliger du mal à autrui, mais aussi leur capacité à se défendre du mal. Ces changements exigent du droit de décider si nous avons ou non le droit, juridiquement parlant, d’être à l’abri du mal. Le droit doit aussi décider si nous sommes libres de réagir au mal de façon extrajudiciaire, par l’entremise d’initiatives personnelles (par exemple, l’auto-défense ou la défense des tierces parties) ou si au contraire nous devons nous en tenir aux mécanismes juridiques. Ces questions posent un défi particulier dans le contexte du cyberespace, d’où émergent de nouvelles menaces et des intérêts nouveaux. Les limites juridiques de l’autodéfense permissible dépendent historiquement de la nécessité et de la proportionnalité de la réaction face à la menace.Cet article soutient toutefois que la jurisprudence et les commentaires historiques révèlent que l’égalité entre individus constitue aussi une question de politique importante qui sous-tend les limites de l’autodéfense. L’utilisation des technologies dans l’autodéfense porte donc au premier plan la question de l’égalité puisque la technologie peut parfois neutraliser une inégalité de force entre une personne qui attaque et une autre qui se défend. Une approche juridique qui limiterait l’utilisation d’outils technologiques dans l’autodéfense entérinerait et préserverait cette inégalité.Pourtant, la relation entre la technologie et l’égalité entre humains est complexe. Cet article propose une structure analytique pour mieux saisir cette relation. L’objectif est de comprendre quelles technologies favorisent l’égalité tout en imposant les coûts sociaux les moins élevés lorsqu’elles sont utilisées pour l’autodéfense. L’article propose des principes pour mettre en place certaines limites aux initiatives personnelles technologiques. L’article illustre aussi l’utilisation de ces principes en les appliquant à de nombreuses formes de riposte contre les pirates informatiques, les hammeçonneurs, les polluposteurs et les réseaux pair à pair. Enfin, l’article considère explicitement les effets de ces principes sur l’égalité

CHORUS Deliverable 2.2: Second report - identification of multi-disciplinary key issues for gap analysis toward EU multimedia search engines roadmap

After addressing the state-of-the-art during the first year of Chorus and establishing the existing landscape in multimedia search engines, we have identified and analyzed gaps within European research effort during our second year. In this period we focused on three directions, notably technological issues, user-centred issues and use-cases and socio- economic and legal aspects. These were assessed by two central studies: firstly, a concerted vision of functional breakdown of generic multimedia search engine, and secondly, a representative use-cases descriptions with the related discussion on requirement for technological challenges. Both studies have been carried out in cooperation and consultation with the community at large through EC concertation meetings (multimedia search engines cluster), several meetings with our Think-Tank, presentations in international conferences, and surveys addressed to EU projects coordinators as well as National initiatives coordinators. Based on the obtained feedback we identified two types of gaps, namely core technological gaps that involve research challenges, and “enablers”, which are not necessarily technical research challenges, but have impact on innovation progress. New socio-economic trends are presented as well as emerging legal challenges

Empirical and Analytical Perspectives on the Robustness of Blockchain-related Peer-to-Peer Networks

Die Erfindung von Bitcoin hat ein großes Interesse an dezentralen Systemen geweckt. Eine häufige Zuschreibung an dezentrale Systeme ist dabei, dass eine Dezentralisierung automatisch zu einer höheren Sicherheit und Widerstandsfähigkeit gegenüber Angriffen führt. Diese Dissertation widmet sich dieser Zuschreibung, indem untersucht wird, ob dezentralisierte Anwendungen tatsächlich so robust sind. Dafür werden exemplarisch drei Systeme untersucht, die häufig als Komponenten in komplexen Blockchain-Anwendungen benutzt werden: Ethereum als Infrastruktur, IPFS zur verteilten Datenspeicherung und schließlich "Stablecoins" als Tokens mit Wertstabilität. Die Sicherheit und Robustheit dieser einzelnen Komponenten bestimmt maßgeblich die Sicherheit des Gesamtsystems in dem sie verwendet werden; darüber hinaus erlaubt der Fokus auf Komponenten Schlussfolgerungen über individuelle Anwendungen hinaus. Für die entsprechende Analyse bedient sich diese Arbeit einer empirisch motivierten, meist Netzwerklayer-basierten Perspektive -- angereichert mit einer ökonomischen im Kontext von Wertstabilen Tokens. Dieses empirische Verständnis ermöglicht es Aussagen über die inhärenten Eigenschaften der studierten Systeme zu treffen. Ein zentrales Ergebnis dieser Arbeit ist die Entdeckung und Demonstration einer "Eclipse-Attack" auf das Ethereum Overlay. Mittels eines solchen Angriffs kann ein Angreifer die Verbreitung von Transaktionen und Blöcken behindern und Netzwerkteilnehmer aus dem Overlay ausschließen. Des weiteren wird das IPFS-Netzwerk umfassend analysiert und kartografiert mithilfe (1) systematischer Crawls der DHT sowie (2) des Mitschneidens von Anfragenachrichten für Daten. Erkenntlich wird hierbei, dass die hybride Overlay-Struktur von IPFS Segen und Fluch zugleich ist, da das Gesamtsystem zwar robust gegen Angriffe ist, gleichzeitig aber eine umfassende Überwachung der Netzwerkteilnehmer ermöglicht wird. Im Rahmen der wertstabilen Kryptowährungen wird ein Klassifikations-Framework vorgestellt und auf aktuelle Entwicklungen im Gebiet der "Stablecoins" angewandt. Mit diesem Framework wird somit (1) der aktuelle Zustand der Stablecoin-Landschaft sortiert und (2) ein Mittel zur Verfügung gestellt, um auch zukünftige Designs einzuordnen und zu verstehen.The inception of Bitcoin has sparked a large interest in decentralized systems. In particular, popular narratives imply that decentralization automatically leads to a high security and resilience against attacks, even against powerful adversaries. In this thesis, we investigate whether these ascriptions are appropriate and if decentralized applications are as robust as they are made out to be. To this end, we exemplarily analyze three widely-used systems that function as building blocks for blockchain applications: Ethereum as basic infrastructure, IPFS for distributed storage and lastly "stablecoins" as tokens with a stable value. As reoccurring building blocks for decentralized applications these examples significantly determine the security and resilience of the overall application. Furthermore, focusing on these building blocks allows us to look past individual applications and focus on inherent systemic properties. The analysis is driven by a strong empirical, mostly network-layer based perspective; enriched with an economic point of view in the context of monetary stabilization. The resulting practical understanding allows us to delve into the systems' inherent properties. The fundamental results of this thesis include the demonstration of a network-layer Eclipse attack on the Ethereum overlay which can be leveraged to impede the delivery of transaction and blocks with dire consequences for applications built on top of Ethereum. Furthermore, we extensively map the IPFS network through (1) systematic crawling of its DHT, as well as (2) monitoring content requests. We show that while IPFS' hybrid overlay structure renders it quite robust against attacks, this virtue of the overlay is simultaneously a curse, as it allows for extensive monitoring of participating peers and the data they request. Lastly, we exchange the network-layer perspective for a mostly economic one in the context of monetary stabilization. We present a classification framework to (1) map out the stablecoin landscape and (2) provide means to pigeon-hole future system designs. With our work we not only scrutinize ascriptions attributed to decentral technologies; we also reached out to IPFS and Ethereum developers to discuss results and remedy potential attack vectors

Sub-Botnet Cordination Using Tokens in a Switched Network

Botnets have evolved to incorporate peer-to-peer communication for the purpose of better hiding the administrative source of the botnet. Current botnet detection mechanisms identify network traffic patterns at strategic locations within a network such as the gateway. As detection techniques improve, botnet design will continue to evolve to evade detection; thus, it is advantageous to identify potential future botnet models for the purpose of developing defense mechanisms before an actual new attack type is seen in the wild. This paper presents a model for coordinating external communication among bots located within the same switched network. This model prevents a gatewaybased monitor from correlating external communication dialogs as the internal source of the communication is not a single bothost. Future phases of this project include developing efficient techniques for mitigating this potential future botnet model