Ed Felten continues his series on the recent Speed Bump conference at the Berkman Center with a discussion of some guidelines for designing effective stopgap security measures (Stopgap Security). His previous post on the conference (What is a Speedbump?) and my response (Defining Speedbumps).
In any case, Felten has three suggestions for stopgap designers:
- [Y]ou should look carefully at the lifetime cost of each stopgap measure, compared to the value it will provide you.
- [R]ecognize that when the adversary adapts to one stopgap, he may thereby render a whole family of potential stopgaps useless. So don't plan on rolling out an endless sequence of small variations on the same method.
- [R]emember that the adversary will rarely attack a stopgap head-on. Instead, he will probably work around it, by finding a tactic that makes it irrelevant.
Well, my first thought based on these guidelines was that the RIAA was hosed. In the long run, attempting stopgap measure after stopgap measure is inevitably doomed. As Felten says, "there is no good solution" in the copyright owners' war on P2P infringement.
Read on...
When confronted with an untenable position, however, I like to turn the problem around and consider it from the other point of view. Rather than think about how they can best defend their existing business models, the RIAA should consider how best they can destroy the business models for illicit filesharing. In other words, what are the weaknesses of illicit filesharing and how best can they be exploited? Why should the RIAA struggle to find stopgaps? Why shouldn't the pressure be on illicit filesharers to develop stopgap responses to RIAA attack?
Number one on any list of attacks, of course, has to be to provide a convenient, legal alternative. Generally speaking, P2P filesharing systems are unable to provide universal access, efficient search engines, and numerous value-added services that a convenient, legal alternative could.
I believe that if the RIAA thought along these lines, they could create a successful, new business model that would thwart anything illicit P2P could attempt to do in response.
Category: Big Thoughts
I may be reading you wrong, but you seem to miss the central problem: the RIAA members are more concerned with CONTROL over music distribution than the monetary losses they might incur from file sharing. To this extent any legal service would be bound to be crippled by some sort of DRM (as the consumers could easily become distributors without it) and so your universal access ideal takes a bit of a hammering straight away, as does the "convenience" aspect of it. I'm sure it's no coincidence that the service with the least restrictive DRM (iTunes) is easily the most popular.
ICBW, but I think the RIAA and its members will go to their graves clutching the precious control tightly to their chests. All the evidence is that they are completely incapable of thinking along the lines you suggest and illicit P2P is here to stay.
Permalink to Comment
Tracked on April 28, 2004 03:05 PM
Tracked on July 14, 2004 06:07 PM