US Congress finds legal to bypass DRM to repair electronic devices

Digital Rights Management (DRM) systems are not going away anytime soon, but your right to thwart these mechanisms in certain situations is added to US copyright law, reports the motherboard. This effectively strengthens consumer protection in the repair and maintenance of the original feature of many electronic devices.

The Library of Congress and the US Copyright Office introduced the new set of Digital Millennium Copyright Act (DMCA) exemptions in a 85-page "final rule" (PDF) document. It contains several new protections that legally allow consumers and repair shops to hack the firmware on devices such as smartphones, tablets, smart TVs, mobile computing devices and many other gadgets for which technological (TPM, but identical) protection measures are in place. to a secure platform Module) stand between the consumer and a product that works.

"The interim registry has recommended a new exemption to bypass MTPs restricting access to firmware controlling smartphones, home appliances and home systems for diagnostic, maintenance or repair purposes," the document says.

Where applicable, the new rules give consumers the right to circumvent DRM and TPM measures generally for "the maintenance of a device or system … in order to operate it in accordance with its original specifications ". It also protects consumers when DRM is needed to repair a device.

This does not mean that it is now permissible to bypass the DRM to access other works protected by copyright. In other words, it's not up to the US Congress to say that digital rights are poorly designed and to give consumers a legal pass that allows them to do what they want with protected content .

However, the exemptions are broad and cover even "computer programs" when the circumvention is applied to a legally acquired device or machine on which the computer program is run, or is applied to a computer, computer system or computer network. on which the computer program is used. operates with the permission of the owner or operator of this computer, computer system or computer network, solely for the purpose of seeking security in good faith and does not violate any applicable law, including, without limitation , the Computer Fraud and Abuse Act of 1986. "

There is also a section on video games that covers cases "when the copyright owner or his authorized representative has ceased to provide access to an external computer server needed to facilitate a process." authentication allowing the game ".

In such cases, a new exemption allows "the copying and modification of the computer program in order to restore access to the game for a personal and local game on a personal computer or a video game console".

How it works in practice remains to be seen. As noted on the motherboard, nothing prevents (yet) manufacturers to be particularly sneaky with anti-repair mechanisms. For example, Apple builds a kill switch in the MacBook Pro that prevents systems from operating when it is opened and repaired by an unauthorized person to do so. The mechanism relies on integrated software that connects to Apple servers to verify an authorized repair.

I am not a lawyer, but the exemptions seem to indicate that users would be able to outsmart the embedded software in this example. Unfortunately, having permission and the ability to do something does not always go hand in hand.

"Getting an exemption to reset the device is quite different than having access to the firmware to do it," Nathan Proctor, head of the US PIRG's Repair Law campaign, told Nathan Motherboard.

That's true, but it's still a global win for consumers and a necessary step in the right direction.