Good ACM article on reverse-engineering


Admittedly, I should probably have read it before today, but I am still digging out from too much travel.

For those with access, you're looking for "Legally Speaking:Reverse Engineering Under Siege" in the October issue of Communications of the ACM. (If you're not a member, consider joining at the ACM website).

The article basically outlines the DeCSS case as an issue of the protections of trade secrets and their application in the face of the Internet and existing Patent/Copyright law.

To summarize, Ms. Samuelson (University of California at Berkeley) looks at the DeCSS case in terms of trade secret law as opposed to first amendment law (how much of it has been argued to date).

The case in question has been ruled on and won on first amendment grounds, but Ms. Samuelson argues that it is a hollow victory if the issue of trade secret is not addressed appropriately.

The basic issue, in her argument, is that organizations like the DVDCCA (DVD Copy Control Association) are trying to use cases like this to expand the protections of Trade Secret to extend well beyond those previously granted and, in effect, make them more valuable than patents. In existing patent law, the inventor is encouraged to provide information to the public domain because they have a (currently 20 year) period of exclusive use. However, to get that, they must fully describe the invention (just go look up your favorite patent numbers at the US PTO if you are curious) in a manner that the public can learn from it, compete with it, and possibly expand on it.

Trade secrets, on the other hand are only protected such that people aren't allowed to get their hands on the information in a "bad way". In other words, if you leak information you had agreed to keep secret to a competitor, you will likely be liable for (substantial) damages from the inventor/owner of the secret. However, if somebody else receives that information because it has been published (such as in a newspaper or on a widely read web site), they basically are immune from prosecution and the information can be used for whatever purpose the recipient wants. Basically, with a trade secret, your protection is limited to as long as you can keep it a secret.

Enter reverse engineering. This is one of the few ways that you can legally get a trade secret from somebody. Basically, if you buy a product that has a secret, and you spend the time and effort dissecting that product to figure it out, you can use the secret (or publish it, or both) for whatever purposes you have. Since it would then no longer be a secret, there are basically no legal protections. If you want it protected, get a patent.

In other related news, the California Supreme Court has also ruled that another pending DeCSS case against a Texas man could not be brought in CA because of a lack of jurisdiction, and the Norwegian court has found Jon Johansen innocent of digital piracy for reverse-engineering DeCSS in the first place.

Disclaimer: I'm not a lawyer, I don't play one on TV, and I'm not giving legal advice. Everything above is my opinion based on reading about the subject and talking to other people in the IP community