Stories
Slash Boxes
Comments

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Study Says DRM Violates Canadian Privacy Laws

Posted by Zonk on Fri Sep 21, 2007 07:32 PM
from the they-know-who-you-is dept.
inkslinger77 writes "DRM technology used in consumer media may be violating Canadian privacy laws, according to a new report. The study, done by University of Ottawa's Canadian Internet Policy and Public Interest Clinic, found that a number of services like iTunes, Visio, and Symantec's North SystemWorks require too much personal information in order to verify their users. 'Another issue cited by [study lead investigator David Fewer] concerned the disclosure of DRM-collected personal information from users of Intuit's QuickTax software."It wasn't the use of QuickTax itself that triggered the concern, but rather the use of Intuit's online filing service where we found buried in one of the disclosures the notice that, as an international corporation, Intuit would send information across the border," Fewer said.'"
+ -
story

Related Stories

This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • Because we all know DRM isn't going anywhere. Sadly.
  • The EC has quite stringent privacy laws, particularly regarding storage of personal info in databases, and has a record of filing anti-corporate lawsuits.

  • by $RANDOMLUSER (804576) on Friday September 21 2007, @07:54PM (#20706011)
    DRM violates Canadian privacy laws...
    But Canada is the source of all piracy...
    But DRM violates Canadian privacy laws...
    But Canada is the source of all piracy...
    dweeeeeeeeeeee
    • DRM voilates canadian privacy laws [implies] Canada is the source of all piracy

      You know that high profile warez sites seek for countries with laws to their likings.
  • Nice thought, but... (Score:4, Interesting)

    by allcar (1111567) on Friday September 21 2007, @07:59PM (#20706073)
    Who's going to pay to find out if this is true. Just because an academic study says it might be the case, proves nothing. A costly law suit will be needed to do that. Any volunteers?
    • Re: (Score:3, Interesting)

      IANAL but I believe that "noncompliance of PIPEDA (Personal Information Protection and Electronic Documents Act)" does not require a volunteer to take the infringing companies to court.
      I believe that the Canadian government ( The Canadian privacy commissioner } can undertake an investigation and {where required} apply significant pressure on the infringing companies.
    • Re: (Score:3, Insightful)

      We're talking about Canada, not the US... in Canada things are not decided by suing people, they're decided by people sitting down and discussing the issue until a solution is found... and then debating it for years before putting it into law. Since the PIPEDA already exists, this study will be enough of a deterrent for most individuals and companies -- except maybe some US companies who think they're above the law and can do what they want. At which point, the Canadian Government steps in and sues them o
    • by technicalandsocial (940581) on Saturday September 22 2007, @01:44AM (#20708367)
      This was not just an academic study, this was funded by the federal privacy commissioner [privcom.gc.ca], and CIPPIC [cippic.ca] is a group of lawyers who submitted their findings to the commissioner. The PIPEDA violations will now be investigated by the privacy commissioner.
      I'm not sure why, but the original submitted left out the link to the actual report [cippic.ca].
  • ...these are just implementation details, rather than matters of principle.
  • by Nymz (905908) on Friday September 21 2007, @08:05PM (#20706141) Journal

    "It's unfortunate that consumers have been misled by a lot of vocal critics because the truth is DRM is no more evil than the lock and key that's on your door, the alarm on your car, or the authentication system in your cell phone." - Christopher Levy, CEO of DRM solutions provider BuyDRM
    Except that when I unlock my door, and disable the alarm on my car, I don't need permission, and it doesn't spy on where I'm driving.
  • DRM is almost always a bad idea -- but I wouldn't mind it so much if it only prevented copied stuff from being played...as opposed to it collecting and phoning home my life story so big brother can sell it to ad companies.

    The line between DRM/registration and spy/adware is being blurred. Soon legal extortion will be the norm.
  • by Anonymous Coward on Friday September 21 2007, @08:15PM (#20706241)
    This view of DRM as 'evil' is totally wrongheaded. DRM allows consumers more choice in the market place, making music and other valuable content available on great devices. DRM allows interoperability, without sacrificing the rights of content owners.

    DRM can be used to protect your files. Set the read-only bit lately? that's DRM! It's simple, non intrusive, and protects you and me, how simple can it get?
  • They're talking about notice requirements... this is not a principled paper, this is not anything that will change or harm DRM in any way. Worse comes to worse for the companies is just them putting a notice somewhere saying they're doing this. Look elsewhere if you want news.
  • by aldheorte (162967) on Friday September 21 2007, @08:30PM (#20706395)
    Somewhat unrelated questions of curiosity: Since if you buy blank media in Canada, you apparently pay a tariff to make up for sharing, does that mean you could buy blank media from Canada from another country and distribute whatever you want on it, claiming that you paid the copyright fee by virtue of the Canadian tariff, especially if you were giving it away for free? In similar fashion, does Canadian privacy law extend to non-Canadian citizens buying DRMed items? If so, what's the thing that determines what is a purchase that is "Canadian"? Location of server in Canada? Use of Candadian domain or online store customized to Canada? Physical location of purchaser? Billing address of purchaser? ISP or IP address of user (and what about proxy or VPN services)? All of the above? Seems like on the Internet whatever country creates the most beneficial tax and rights protection to the consumer could rapidly find itself with a whole lot of virtual citizens if there's an easy way to extend its jurisdiction.
    • This is why so many ships are registered in Panama and Liberia. Also why so many people migrate from basket-case country X to first-world country Y.

      Commerce and free people seek countries with the best conditions, and then migrate. Thus the requirement for the Berlin Wall to limit both.
    • Re: (Score:3, Informative)

      The tariff applies to media that is distributed to all resellers within Canada's borders. If someone in Canada buys media overseas or in the US, they do not have to pay the tariff, as neither the post office nor customs are authorized to collect it.
      • does that mean you could buy blank media from Canada from another country and distribute whatever you want on it, claiming that you paid the copyright fee by virtue of the Canadian tariff
      • In similar fashion, does Canadian privacy law extend to non-Canadian citizens buying DRMed items?


      Absolutely. Canadian law applies to everyone, anywhere in the world. We're generous that way.

      Unfortunately, unlike certain other countries, we do have some logistical issues with enforcing our laws outside the Canadian border.

      We can offer you some really nice red and white "Get out of jail free, eh" cards. You have a colour printer handy?

      c.
    • The blank media fee simply legitimizes private copy. Distribution is still illegal. However, courts have ruled that since P2P protocols compel you to upload (distribute) so you can download, then uploading is legal.

      Foreign media companies are lobbying hard to have a "new" copyright law passed, but since the governments we have had for the last 3 years are minority governments, that law is not exactly a very high priority of politicians who are more inclined to do what people want...

      And since the RCMP has admitted pulling piracy figures out of it's arse, the government is likely to be very sceptical about figured losses by any content industry, ever since it was foolish enough to railroad a law punishing camcording movies...

  • Borders (Score:5, Insightful)

    by multisync (218450) on Friday September 21 2007, @09:13PM (#20706805) Journal

    as an international corporation, Intuit would send information across the border


    Yeah, that's an interesting bit.

    The "free enterprise" party who govern the province I live in contracted the maintenance of our health care records out to a US firm, completely oblivious of the fact that - thanks to the PATRIOT ACT - the company could be compelled to turn our information over to the eff-bee-eye or the en-essay or one of those other alphabet agencies they've got down there, and it's illegal for them to tell us (their customer) when this takes place.

    I know this will sound like "well duh" to those in the US, but my Canadian brain has a hard time wrapping itself around the concept.

    • ...the company could be compelled to turn our information over to the eff-bee-eye or the en-essay or one of those other alphabet agencies they've got down there, and it's illegal for them to tell us (their customer) when this takes place.

      I used to work for a Global 50 company. We had a project underway to consolidate all of the Exchange mailboxes in North America into a single data centre in the US, but wound up pulling out of the project and building a smaller Canadian data centre instead for exactly this reason.

    • by WebCowboy (196209) on Saturday September 22 2007, @12:25AM (#20708029)
      ...but they're both quadrilaterals.

      In the name of DRM, we have CDs equipped with rootkits, we have personally-identifiable information being sent over international borders, we have music players phoning home to say what they're playing or storing...of COURSE DRM technology can collect private data. If the implementors of Digital Rights Management want to MICRO-manage those rights they obviously have to know exactly who's rights they're managing. That obviously means having to demand a certain level of disclosure from end users.

      To say DRM and privacy are not at least related is naive. DRM might only be tracking your usage of digital media so it can allow or deny access, but it's still tracking you, and that leaves the technology open to abuse by people who wish to turn DRM into something more than it was intended to be.