DeCSS Celebrates Its Sixth Anniversary
Six years ago today the DeCSS source code was anonymously posted to the livid-dev mailing list. The code detailed the secret content scrambling system (CSS) decryption algorithm that was only previously only available to licensees of the DVD trade group known as the DVDCCA. With the algorithm out in the open, unlicensed DVD players could easily be made. In fact this was the purpose of the original posting of the code as there were no players available for Linux at the time. Worse for the industry though was that unlicensed players did not have to enforce DVD viewing restrictions, such as region-coding and Macrovision copy protection. With DeCSS public they lost their absolute control of the new movie format. As well the DVDCCA argued that DeCSS would aid with piracy of movies, even though DVD writers were not yet widely available nor were broadband connections. Consequently the DVDCCA moved swiftly to rid the Internet of all traces of DeCSS with a barrage of lawsuits.
This action set off a chain of events that would forever change the nature of the Internet. DeCSS and the lawsuits that ensued tested newly created laws for the first time in the digital age. Indeed, one famous legal verdict in January 2000 ruled that hacker magazine 2600 was not allowed to post the DeCSS source code or even have links to it on their web site. The code was ruled to be a circumvention tool prohibited by the The Digital Millennium Copyright Act (DMCA). In a clearly worded verdict issued a year later, a Second Circuit Court ruled that the DeCSS source code was only "partially protected speech", and that such speech can be restricted on the Internet to help curb piracy. More lawsuits were filed and sites hosted copies of the code were shut down as quickly as they popped up.
An unlikely hero emerged from the DeCSS crackdown. Sixteen year old Jon Johansen (eventually just DVD Jon) was accused of copyright infringement, a charge that carries large fines and prison terms of up to two years in his native Norway. Though not the author of DeCSS, he was a member of the team named "Masters of Reverse Engineering" that had wrote the code. As well he hosted the DeCSS source code on his website for all to download. His trial began in late 2002 and he was quickly acquitted of all charges, a verdict that was later upheld in an appeals court the next year. This was the first major defeat for the DVD trade group.
The spread of DeCSS was never successfully contained. In 2004 the DVDCCA all but admitted that they gave up chasing DeCSS and dismissed a lawsuit they had initiated arguing that it violated California's trade secret laws. Today DeCSS can be easily found on hundreds of websites and has been translated into dozens of programming languages. As well the algorithm used by DeCSS has been widely studied and critiqued by cryptography experts. Still, the DVDCCA does continue to sue authors of software programs based out of America that include CSS decryption code like DeCSS. Indeed in August 2004, 321 Studios, the makers of the popular DVD-X-Copy product had to shut down after being hit with an avalance of lawsuits by the DVDCCA.
As we celebrate the sixth anniversary of the posting of the code we should stop and remember what impact the code has had on the Internet. Piracy of films is now rampant, though one can argue that DeCSS has only been marginally responsible for this. Research on decryption and rights protection algorithms has been all but silenced for fear of lawsuits similar to those that targeted individuals involved with DeCSS. DVD Jon's name has reappeared in the news many times, breaking encryption algorithms in iTunes among others. And the community that had rallied around him and other such figures continues to protect freedom of speech and other such ideals on the Internet. Thought CSS is still used on most major DVD movies, its death is only a few years away. Indeed the successor to CSS called AACS has been recently formalized for inclusion on the new Blu-ray and HD-DVD formats. It will be interesting to see how much of history is repeated should that new encryption algorithm be cracked.