Page One

Campus Computing News

Renew PRAS Accounts Now

SirCam Virus, Others Continue to Plague UNT and the World

The SmartForce Server is on Course!

Lab-of-the-Month: SCDGAL

Computer Purchase Information Now Online

ACS Summer News

Migrating Queries from Microsoft Access to an Access Project

Today's Cartoon

RSS Matters

SAS Corner

The Network Connection

List of the Month


Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online

Network Connection

By Dr. Philip Baczewski, Associate Director of Academic Computing

Only in America...

Perhaps this story is familiar to you. A visiting scholar presenting research findings at a conference of scholars and professionals is arrested and held, charged with violating the laws of the country he is visiting. His crime? Apparently, researching and speaking on a subject which is of academic interest and has no legal consequences in most countries around the world.

He is held against his will by the government of that country at the behest of one of that country's powerful organizations. He is prevented from returning to his homeland until a trial is held (presumably to confirm his guilt?).

Unfortunately, this is a too familiar story. Where did this happen? China? Russia? In this case, no. The country of the above story: the United States of America; the complainant organization: Adobe Systems; the crime: violating the Digital Millenium Copyright Act (DCMA). On July 16, 2001, Dmitry Sklyarov, a Ph.D. student researching electronic security at a Moscow University, was arrested by the FBI while preparing for his return to Russia.

He was in Las Vegas to give a presentation on his research at a conference called DEF CON, at which over 4000 researchers and professionals gather to exchange information on computer security and cryptography. The story is complicated and involves many points of fact and law. A good summary is found at the Electronic Freedom Foundations' "US vs.Sklyarov" FAQ site.

Sklyarov was at DEF CON to discuss weaknesses in Adobe Systems' copy protection scheme for their Electronic Books (eBook). Adobe has implemented copy protection in their eBook format to prevent eBook purchasers from duplicating their purchase, even for purposes of backup or other fair use. The DMCA, part of the Copyright act of 1998, makes it "an offense to engage in an act of circumvention of a technical protection (section 1201(a)(1)), to develop and provide tools to others which would allow them to access a technologically protected work (section 1201(a)(2)) and to manufacture, import, provide or traffic in tools that would enable another to circumvent protection to 1201(b)(1)(A))." [1]

Use a decryption program, go to jail

It appears that Sklyarov was targeted mainly because of his relationship with a Russian company called Elcomsoft which created a program to allow for the copying of Adobe eBooks. This program was available in the United States until it was withdrawn on July 3, 2001, seemingly in reaction to a cease and desist letter from Adobe. [2] Rather than pursue Elcomsoft, it was apparently more convenient for Adobe to place Sklyarov in the FBI's sites. The result was the arrest of a scholar because of his activity in conveying his knowledge to fellow scholars and professionals in order to advance the understanding of concepts of data security. That's essentially a thought crime. Right here. In the good ol' U. S. of A.

The Sklyarov case is the first to involve criminal prosecution under the DMCA, however, a number of civil cases have already been brought or threatened. The most widely publicized is the threat by the RIAA (Recording Industry Association of America) to sue, under the DMCA, Princeton Professor Edward Felton if he and his graduate students presented the results of their efforts to break the encryption format of the industry's SDMI copy protection. This work was done at the invitation of the RIAA via a three week contest they held to see if anyone could break that very format. The threat by the RIAA, resulted in the withdrawal of a paper on the topic from an April 2001 conference The paper was recently read, without incident, at a recent USENIX conference session.

These recent events have brought to light a situation which could have a tremendously negative impact on the science of cryptography and data protection. Science is advanced by testing concepts and placing the results of those tests in front of the scientific community for review and replication. The DMCA allows no provision for scientific study or any other activity in regard to to technical protection of works. The act of circumvention is a crime. Period. Think of a way to decrypt information -- go to jail. Science cannot be advanced rapidly or effectively in a climate of information suppression.

Who's Next?

Perhaps equally disturbing about the Sklyarov case is the extent to which it has been ignored by the commercial media in the United States. Ask your average American who is Dmitry Sklyarov and they will likely tell you that he is the President of Russia (of course, the average American barely knows that George W. Bush is President of the United States). There certainly has not been the same coverage afforded the Sklyarov case as there has been to the case of Chinese-born U.S. academic Gao Zhan recently released from China, or that of John Tobin, U.S. Fullbright scholar recently released from Russia.

This law also raises questions of free speech and censorship in America. The DMCA provides corporations with the legal right to stifle speech in regard to technologies that they consider to be protective of their electronic intellectual property. How soon will it be before the FBI has wire taps in Computer Science departments around the country? Far fetched? Perhaps, but so was the arrest of Dmitry Sklyarov. Upon his return to the U.S., John Tobin told reporters, "It's great to be back in the land of the free." Tell that to Dmitry, John.

[1] See,

[2] See,