Declan McCullagh is at it
Declan McCullagh is
at it again, arguing that the DMCA shouldn't really be much of a concern. He dismisses Ed Felten's case, for example, by noting that Felten probably would have won -- ignoring that Felten decided not to publish in the first place not because of a fear of losing but because of the costs of a lawsuit to him and his research team.
The pull quote from the story takes the cake: "If published research does not include working code, the odds of a successful lawsuit rapidly approach zero." This is supposed to point out that the DMCA doesn't really restrict research. Of course, one of the requirements for respectable research is that the published results be reproducible -- that another researcher can take the paper, follow the steps, and produce the same output. Now, as the
DeCSS haiku proves, code in its standard form isn't strictly necessary to describe an algorithm...but any such description is going to be sufficiently indistinguishable from code for a reasonable court to consider it in the same way. In other words, either code or an extensive algorithmic description is a necessary component for much of security research and has to be included in the published results for the research to be worthwhile. The inability to do that is only one of the chilling effects of the DMCA.