oreilly.comSafari Books Online.Conferences.
Articles Radar Books  


Taxing Questions: Are Compulsory Licenses a Solution to the P2P Debate?

by Miriam Rainsford

The concept of compulsory licenses, first proposed by Professor Lawrence Lessig as a solution to the peer-to-peer debate, has since been hailed by fair-use lobbyists as the savior of persecuted file-sharers, establishing a common ground with the major music labels and offering the possibility that both parties might, at last, be able to reach an agreement.

The idea in itself is simple: users would pay a little more for Internet access, and their ISPs would forward this contribution as a flat-rate license to a collection agency, functioning in a similar way to ASCAP or the Mechanical Copyright Protection Agency (MCPS) and distributing the levies to artists as royalties. But is the compulsory license model too good to be true? Lobby groups such as the EFF are keen to use "compulsories" as a means to get all parties seated at the discussion table. And it is indeed exciting to think that there may be a simple solution that might permit users to swap the songs that they enjoy in freedom, without fear of legal action.

In effect, the compulsory license would form an effective compromise between the music industry and the "pirates" upon whom they wage war: the users of KaZaA and Grokster, and the recipients of the RIAA's recent subpoenas. Extreme caution, then, should be taken in negotiating the inner workings of this new model. It would be all too easy to leap forward and roll out a basic infrastructure for a "compulsory" system, but in light of the power wielded in court by the major record labels, we must ensure at all times that such a system remains impartial and directed to the benefit of the artists. Even this cannot be taken for granted -- major labels have frequently been found to have withheld artists' earnings under the guise of obfuscated accounting.

The RIAA have demonstrated in recent months their great fear of losing out to P2P users, and the resources upon which they can draw if necessary. What is to stop such giants from ensuring a compulsory system is biased towards their own interests? This is technologically not so difficult to achieve, and is a situation that P2P and fair-use advocates must retain in the backs of their minds during any negotiations.

O'Reilly Emerging Technology Conference.

Cory Doctorow of the EFF is an enthusiastic supporter of compulsory music levies, yet is not blind to the difficulties of negotiating between such opposing parties, or to the potential problems in setting up a "compulsory" infrastructure. But he does maintain that our civil liberties will continue to be infringed unless some form of discussion takes place:

"The two answers we see before us are not: 1) have a compulsory license or 2) don't have a compulsory license, and P2P continues to go on and we continue to have an Internet and we continue to enjoy our basic freedoms. The way we see the division breaking down right now is that we can either have an Internet with compulsory licenses on it, and some of the imperfections that may accompany that, or we can continue to have things like the loss of academic freedom, where the University of Wyoming is wiretapping all of its students to find infringement, and these crazy subpoenas that are being issued by the RIAA."

The EFF themselves take no particular position in regards to the actual design of a compulsory system, but instead feel that this must be brought to debate by a panel of experts in order to arrive at the best option. For a new system such as this to work, Doctorow says:

"We need to answer three really hard questions:

  • Who do you collect from?
  • What do you collect?
  • Who you give it to?"

Important questions, indeed, particularly as most advocates of compulsory systems seem to hold the naive belief that a compulsory licensing system would avoid any need for the invasive Digital Rights Management (DRM) technology currently being rolled out by producers of digital music technology and supported heavily by the RIAA. But would we still be able to avoid the use of DRM and at the same time accurately collect statistics for fair distribution of the artists' monies?


Julian Midgley, Chairman of the UK Campaign for Digital Rights and Senior Consultant for Zeus Technology, is concerned with the ways in which a compulsories system might be abused, if the design is less than rigorous. Although he believes a system could potentially be implemented without DRM, he believes this leaves a number of obstacles, primarily the issue of ballot stuffing by labels or by individual artists:

"The amount an artist receives from the levy is proportional to the number of times her/his music is downloaded as a proportion of all downloads. What's to stop an artist running while(1) {wget http://music.com/artists_track.mp3} to get more money? (Given that bandwidth is cheap.)

To prevent this sort of attack, you really need to be able to log the music that's actually played (and it's trivial to defeat this, as well). And do you really want to send logs from every Grokster client to the likes of the RIAA? (Remembering that it's not only music that floats around on the networks.)"

The issue of identifying the music being downloaded and played also raises issues of tagging, wiretapping, and DRM authentication. "I suppose you could run the data through a hashing algorithm and do a lookup. Most other solutions require some sort of DRM. Remember that the DRM need not be more than a compulsory identifier -- it doesn't have to imply any restriction on what you can do with the music thereafter."

Data-Tracking and Privacy Issues

However, within even the most basic of DRM systems, tagging and tracing would most probably be used in tandem for the collection of marketing data. This is not unusual -- at present, the major record labels in the United States already use a system called SoundScan to track album sales by associating barcodes with the purchaser's zip code. Civil liberties advocates would raise eyebrows at such a concept in the same way that Michael Moore raises concerns over the amount of personal information gathered by store loyalty cards. But major labels rely on SoundScan for marketing and radio airplay -- and would undoubtedly be keen to implement a data-gathering system in the ID tags used to track music for distribution of compulsory levies.

It is unnecessary and indeed unproductive for either party's interests to spread FUD about the tracing of digital music when the industry already profiles our musical tastes without objection. And invasive tagging systems are not a prerequisite for the implementation of a robust compulsory system. Julian Midgley suggests that ballot stuffing could be prevented even using the most basic unencrypted tag, similar to those already embedded in an .mp3 file:

"All that's required is that music is distributed with a standardized header identifying the track/artist, etc. To avoid imposing unwarranted restrictions, a multipart format can be used: the header first, followed by a second part that is the music itself, in any format you like -- .mp3, .ogg, WMP, raw, whatever, doesn't matter."

The music-profiling system AudibleMagic could be used for a similar purpose, as it creates md5sums of music tracks, which could then be checked against a central database to authenticate whether the track was legitimately purchased.

Without DRM, AudibleMagic could well be used as part of a compulsory system, collating download statistics across the Internet for royalty distribution. The company BigChampagne tracks user downloads across major file-sharing systems for marketing analysis, and until recently sat quietly in the background, advising major labels on how P2P statistics could assist in focusing their marketing activities. But does this constitute wiretapping? To reiterate Midgley's words: how comfortable are we about letting the RIAA view our file-sharing activities, even when legalized? KaZaA and other P2P users were, until the recent feature in Wired magazine, largely unaware that BigChampagne was watching their every move.

It is highly likely that the major labels will be loath to give up access to their marketing data -- and thus, quite possibly reluctant to agree to a system that denies them access to statistics that they rely upon to do business. If an ID tag system is used to carry personal data, this would for privacy's sake be required to be encrypted -- making it illegal under the DMCA or similar EU legislation to decompile the tag and extract your own personal data that it has gathered from your system. And so we should be cautious to legislate safeguards over what type of ID tag the system requires, what data it contains, and how this may be tracked and used in association with data from the user's computer.

Tom Barger, singer-songwriter, political activist, and consultant to Congressman Rick Boucher, is alert to this possibility, and to its potential anticompetitive uses:

"A little bit of so called lite or non-invasive DRM is like being a little bit pregnant. It is all or nothing. Any disclaimers to the effect 'We will not collect personal information' defies credulity."

Palladium Through the Back Door?

Microsoft's Windows Media Player 9 series already contains built-in DRM facilities that could be used for these purposes. Researchers have established that various versions of the Windows operating system are known to transmit all manner of unrelated data back home in their reports to Redmond. In fact, the Register exposed last year that the Windows Media 9 End User License Agreement (EULA) contained a clause permitting Microsoft to add, modify, or delete any file on the end user's computer. If this can be done within a seemingly innocent installation of a music player, it becomes easy to see how the tracking of data within a compulsory system could become a backdoor into the nation's computers. Simply integrating compulsories within Windows Media Player 9 would permit this to happen.

Microsoft have been very cautious to market their "trusted computing" initiatives from a positive standpoint, promoting their apparent "security" -- which has been established to involve not the actual security of the computer, but whether the user him/herself is "trusted" to use his/her own files. Using the same deft spin, it seems inevitable that Microsoft's much-maligned "Palladium," (now the incomprehensible "NGSCB") might be given a fresh coat of paint and rebadged as a "High-Speed Broadband Multimedia-Enabled Pre-Paid Authenticated System." Attractive indeed to the user who is less than aware of what exactly this authentication entails.

Jay Sulzberger stands out as one of few prominent fair-use campaigners who opposes compulsory licensing. He fears that the very situations that the EFF and other civil liberties groups seek to avoid by introducing a compulsory license may well slip in through the back door:

"To make 'compulsories' work, you must impose a EULA such as [Windows Media Player 9], on every device connected to the net. With DMCA, Palladium, and the economics of device production, we are already close to having the infrastructure in place. 'Compulsories' would end private ownership of computers, and end free, private, tribal, business, and public use of our net."

Strong words, but in a world where Carnivore and the Patriot Act were allowed to slip by unnoticed, this is a real and chilling possibility.

Other issues arise over the use of ID tags in tracking music downloads. Ross Anderson, professor of cryptography at Cambridge University, has studied the use of radio ID tags in consumer goods, and suggests that these could quite plausibly be used for anticompetitive purposes, if combined with anti-circumvention legislation:

"We expect that RFIDs will be used to create market barriers within the EU. There are many ways of doing this technically. For example, if Bayer wants a non-quota method of stopping pharmacists sending Adalat from Spain to the UK, it simply doesn't respond to Boots the chemist when a 'Spanish' carton of the drug passes through the UK supply chain and Boots wants to know what it is."*

This has already happened within the movie industry with DeCSS, and it is not hard to imagine how this situation could extend to the music business. Given the levelled playing field that a "compulsories" system would create, it is quite plausible that labels could seek to elevate competition by tracking their customers' location, personal profile, and interests, and locking them in to their product. Or even if the compulsory levy price differs from country to country, a user's ID tags might be scanned and locked out of the system as "pirate" data if they emigrate, or take their iPod on holiday.

Actual Vs. Actuarial

Cory Doctorow suggests that all of these difficulties could be overcome by using an actuarial, rather than actual, sampling of music use. The systems described above use an "actual sample," a collection of the exact statistics of every single music file being shared at one given time. Doctorow suggests that accurate and acceptable statistics have been derived from Nielsen's "actuarial samples" of home users who submit to anonymous profiling. Similar systems have also been used for blank media levies in Europe and have been found to recompense minor and independent artists fairly. But such a system can never be exact: what happens to the artist who has one or two downloads, or who falls through the net because his/her style of music has a cult following, but just doesn't happen to suit any of the profiles' taste? It seems that at best, both an actuarial and an actual system will involve a compromise: the actuarial will create inaccuracies in profiling data, and the actual will require tagging systems or wiretapping -- unless these are set up and legislated in such a way as Julian Midgley suggested above, to specifically avoid the collection of personal data.

Collection Agencies and Impartiality

The collection agency involved must also be trusted to be impartial. I have already outlined, in my article "A Musician's Take On File Sharing," the difficulties that one music producer experienced at the hands of the UK Mechanical Copyright Protection Agency (MCPS), who would not accept his work because he used an Open Audio license. Given that iCommons is now active in porting the Creative Commons licenses to European law, it is imperative that no group be shut out of a royalty distribution system for the compulsory levies due to the license they wish to use.

And who will sponsor the agency? From where will it be formed? Rumors have circulated of plans for a collection agency founded by a collective of major cell-phone companies. Given that these parties are now doing big business in selling ringtones and facilitating .mp3 downloads and file-sharing across their networks, it is difficult to see how a collection agency formed of phone providers could remain unbiased towards their own business interests. That is not to say that private sponsorship will not work -- but if businesses are to be involved at this level, civil liberties groups should lobby strongly for clauses ensuring that any anticompetitive activity would be prohibited.

But is a government- or centrally-based solution any less likely to be free from bias? Senators are, after all, funded directly by corporate donations, and musicians frequently complain of their difficulties with the established collection agencies. Even the centralized agencies fund their operation by taking an percentage cut from every licensed work -- which means that the majority of their funding will come from the majority seller, i.e. the major labels. This system also cannot be ensured to be unbiased. What is needed is an entirely unconnected group. Cory Doctorow's idea of using an established market research company such as Nielsen is probably the safest and least likely to result in anticompetitive behavior, as the agency has no connected interests with any of the parties for whom it collects, and its reliability has been proven over the years to the general public.


At present, the debate between file-sharers and the music industry remains at an impasse. The EFF remind us that the situation is only going to get worse, and our freedoms are only going to be locked down in more and more chilling ways if we do not come to the negotiating table.

P2P enthusiasts should remember that not all music industry executives are "the bad guys" -- by lumping everyone into one basket, we exercise the same prejudice as the RIAA does in labelling all P2P users "pirates." But as Ted Cohen, Senior VP of New Media for EMI, stresses, "the only way compulsories will work is if everybody is in -- in other words, if there are no analog or digital holes in the system." Music business is big business, and the big labels are the ones who have the most to lose, in dollar terms. The major labels presently do business by competing against one another -- and so if we are to design a new system, we have to ensure that everyone is signed up and unafraid of what the competition might be doing. Otherwise, we will be left with the present paltry smattering of good-quality licensed download systems.

Perhaps the music industry is afraid of compulsories because it will level out the competition and force monies to be divided by consumer decisions on artist quality, rather than on the quantity of marketing effort behind the promotion of an artist.* A compulsory licensing system would certainly necessitate big changes to established practice, and perhaps this is the real reason for the resistance experienced.

It is imperative that we concentrate our efforts towards a solution that will permit music lovers to enjoy their favorite artists' work in the format of their choice, and without fear of the appalling legal action that brought subpoenas to children. But in our haste to avoid such oppression, we should be careful to examine any solution presented and seek expert opinion on potential anticompetitive implications. We should avoid, at all costs, leaping to an easy compromise if this may in fact bring through the back door the very Orwellian scenarios that we seek to avoid.


Tom Barger's essay on attendance of the 2003 FCC Hearings: www.tombarger.com/fcc.html

Prof. Lawrence Lessig (www.lessig.org) and Creative Commons (www.creativecommons.org)

Campaign for Digital Rights: ukcdr.org

Electronic Frontier Foundation: www.eff.org

Ross Anderson's paper on RFID tags: www.fipr.org/draft-ipr-enforce.html

Audible Magic: www.audiblemagic.com

"BigChampagne is Watching You," Jeff Howe, in Wired 11.10

Toby Slater of MusicAlly magazine (www.MusicAlly.com), in conversation

Miriam Rainsford is a composer, singer and songwriter in classical, electroacoustic and underground dance music.

Return to the OpenP2P.com.

P2P Weblogs

Richard Koman Richard Koman's Weblog
Supreme Court Decides Unanimously Against Grokster
Updating as we go. Supremes have ruled 9-0 in favor of the studios in MGM v Grokster. But does the decision have wider import? Is it a death knell for tech? It's starting to look like the answer is no. (Jun 27, 2005)

> More from O'Reilly Developer Weblogs

More Weblogs
FolderShare remote computer search: better privacy than Google Desktop? [Sid Steward]

Data Condoms: Solutions for Private, Remote Search Indexes [Sid Steward]

Behold! Google the darknet/p2p search engine! [Sid Steward]

Open Source & The Fallacy Of Composition [Spencer Critchley]