Universal Availability of Publications Core Programme

Such reprography is limited to techniques of reproduction allowing a paper print. So the result of the reproduction must be in paper form.

This provision does not make any distinction between analogue and digital technology. With regards to the digital private copying, the Commission has considered it premature at this stage to provide for a more harmonised solution, since it is still largely unknown whether such copying will be a widespread activity of consumers or not [14]. Therefore, a consultation of interested parties will take place by the end of 1998 so as to envisage further action in this field.

This exception does not apply to the communication to the public right. Thus, the making available of a work by a library from a server to users on-line should and would require a licence of the rights holder or his intermediary and would not fall within a permitted exception.

It is stated in the Explanatory Memorandum that the communication of copyright protected material via the homepage or website of a library will in many cases be in competition with commercial on-line deliveries of material since perfect quality copies of any work could be made available to a large number of users, whether on-site (with a multiplicity of screens in the library) or off-site (to other libraries or remote users) [15].

This lack of exemption for libraries could be one of the key question in the progress of the adoption of this directive.

In our view, we regret that no distinction has been made between the on-line transmission of protected works by a library and the possibility for a library to make available works within the physical site of the establishment in specific and justified cases. In this latter case, a remuneration scheme could have been put forward.

Once again, in this directive, it appears that the threats carried by new technologies were considered sufficient to reform entirely the whole system of copyright, even regarding the analogue and traditional uses of protected works.

4.3. Exceptions to the communication to the public right and to the reproduction right
Article 5(3) provides Member State with the possibility of certain limitations to article 2 (the reproduction right) and article 3 (the communication to the public right).

Article 5(3) (a) allows Member States to exempt the use of a work or other subject matter (such as a sound or visual recording) or parts of it, provided that such use exclusively serves the purpose of illustration for teaching or scientific research, as long as the source is indicated.

In any case, only the part of the use which is justified by its non-commercial purpose may be exempted from the exclusive right.

Paragraph 3(b) to (e) allow Member States to provides for further exemptions to the reproduction right and to the communication to the public right, so as follows :

• for uses to the benefit of visually-impaired or hearing-impaired persons, which are directly related to the disability and of a non-commercial nature and to the extent required by the specific disability (handicapped persons);
• use of excerpts in connection with the reporting of current events, as long as the source is indicated, and to the extent justified by the information purpose (news reporting);
• quotations for purposes such as criticism or review, provided that they relate to a work or other subject matter which has already been lawfully made available to the public, the source is indicated, their making is in accordance with fair practice and to the extent required by the specific purpose (quotations);
• use for the purposes of public security or for the purposes of the proper performance of an administrative or judicial procedure (public security uses and uses in administrative and judicial proceedings).

4.4. Scope of the exceptions.
As stressed in Article 5(4), limitations and exceptions have to be confined to certain specific cases and may not be interpreted in such a way as to their application to be used in a manner which unreasonably prejudices the rights holders' legitimate interests, or conflicts with normal exploitation of the protected subject matter.

It is the so-called 'three step test' enshrined in the art. 9(2) of the Berne Convention and confirmed in the recent WCT and WPPT.

4.5. Nature of the exceptions
In a number of recent COPEARMS deliverables we have pointed out the fact that not defining whether the copyright exemptions are of binding nature or not, threatens the balance of rights set out in copyright regime.

Indeed, by blocking access to protected works, they can override the exceptions enshrined in the law. Since the ERMS reflects the terms of licence contracts, the only way to prevent ERMS from allowing a proper application of exceptions regime, is to state that such exceptions are imperative or binding and can not be overridden by contract.

This is already the case for some exceptions set out in the Software and Database Directives.

The present proposal does not address this issue, except for the private copying exception, albeit not very explicitly. The recital 28 of the proposal provides that "when applying the exception on private copying, Member States should take due account of technological and economic developments, in particular with respect to digital private copying and remuneration schemes, when technological protection measures are available; whereas such exceptions should not inhibit the use of technological measures" (we underline).

We could infer from that recital that with respect to the private copying, such exception is not binding but can and will be overridden by technological measures such as ERMS. Nevertheless, it does not follow that the same conclusion apply to other exceptions.

5. Technological measures
The proposal conveys a on-going concern of the Commission which consists of protecting technological measures, such as anti-copy devices or ECMS, by preventing them from being circumvented. The Commission has already submit a similar proposal in the framework of the adoption of WIPO Copyright Treaty, proposal which was considered premature and too precise by the Diplomatic Conference [16], which has preferred demanding to Member States to provide for 'adequate legal protection and effective legal remedies against the circumvention of effective technological measure".

Under Article 6 of the Directive, Member States shall provide adequate legal protection against any activities, including manufacture or distribution of devices of the performance of services, which have only limited commercially significant purpose or use other than to circumvent and are carried out knowingly or with reasonable grounds to know that they will enable or facilitate without authority the circumvention of any effective technological measure designed to protect any copyright or any rights related.

The 'technological measures' are defined as any device, product or component incorporated into a process, device or product designed to prevent or inhibit the infringement of any copyright or any rights related to copyright as provided by law or the sui generis right. Technological measures shall only be deemed to be 'effective' where the work or other subject matter is rendered accessible to the user only through application of an access code or process, including by decryption, descrambling or other transformation of the work or other subject matter, with the authority of the rights holders. This requirement of effectiveness of the measure would imply that rights holders have a duty to demonstrate the effectiveness of the technology chosen in order to obtain protection. This is the first time in all the former proposals and initiatives of the Commission in this field that such a requirement, which convey the terms of the WCT, is imposed.

The provision only covers the activities and services whose main commercially significant purpose or use is to circumvent, which would ensure that general-purpose electronic equipment or service is not prohibit even if they may be used to this end. [17]

It is worth mentioning that along the protection conferred by this proposal, another protection for the ERMS can be found in another proposal of directive on the protection of conditional access services. [18]

6. Rights Management Information
Article 7 of the proposal gives Member states appropriate flexibility in implementation adequate legal protection against any person performing without authority any of the following acts :

• to remove or alter any electronic rights management information
• to distribute, import for distribution, broadcast, communicate or make available to the public copies of works or other subject matter

In fact, dangers exists that illegal activities might be carried out in order to remove or alter the electronic copyright management information attached to it, or otherwise distribute, import for distribution, broadcast, communicate to the public or make available to the public copies which such information has been removed without authority.

Finally, it has been assert that these technical measures, in their technical functions, must respect privacy safeguards in accordance with Directive 95/46/EC.

Final provisions
Article 9 - Paragraph 1 sets out that all the works and other subject matter benefit from protection under this Directive, on the date of the transposition as referred to in the Directive, are protected by the legislation of the Member States in the field of copyright and related rights.

Paragraph 2 reflects a general principles, ensuring that the Directive has no retroactive effect and does not apply to acts of exploitation of protected works and other subject matter which occurred before the date on which the Directive has to be implemented by Member States.

Paragraph 3 and 4 sets out another general principle according to which contracts which have been concluded and rights which have been acquired before the adoption of the Directive could have been known by parties, are not affected by the latter, thereby excluding certain "old contracts" from the scope of application of the directive.

NOTES

1. 10.12.1997, COM (97) 628 final, Hereinafter, the Proposal

2. COM (95) 382 final of 19 July 1995

3. WIPO Copyright Treaty, http://www.wipo.int/eng/diplconf/distrib/94dc.html, hereafter "WCT", WIPO Performances and Phonograms Treaty, http://www.wipo.int/eng/diplconf/distrib/94dc.html, hereafter "WPPT". For comments on these Treaties, see CRID-Newsletter 1, deliverable 4.2.5, p.4

4. Explanatory Memorandum, Introduction, point 5.

5. Follow-Up to the Green Paper on Copyright and Related Rights in the Information Society, 20.11.96, COM(96) 568 final, Chapter 2, p. 9

6. Recital 23 of the Directive "Copyright and Related Rights in the Information Society - Proposal for Directive/Background", http://europa.eu.int/comm/dg15/en/intpropo/intprop/1100.html, p.7

7. Explanatory Memorandum, Comment on article 2, point 3.

8. Explanatory Memorandum, Comment on article 3, point 2

9. Council Directive 93/83/EEC, 27.09.93, O.J. L 248, 6/10/93, p. 15

10. Follow-Up to the Green Paper on Copyright and Related Rights in the Information Society, op. cit., p.20

11. Article 3 (2) of the Proposal.

12. WCT, art. 6 (2).

13. Recital 18 of the Proposal

14. Explanatory Memorandum of the Proposal, Comments on article 5.

15. Directive Background, op. Cit., p. 9

16. See CRID-Newsletter 1, Copearms deliverable 4.2.5., p.

17. Explanatory Memorandum, Comment on article 6, point 2

18. see CRID-Newsletter 2, Copearms deliverable 4.2.8., p.3

Intellectual Property Rights : An overview of the technical state-of-the-art.

Intellectual Property Rights (IPR) issues came from a need for balance between the interests of the providers of digital content, the carriers of these contents, and consumers. This has been endorsed in the Follow-up to the Green Paper on Copyright and Related Rights in the Information Society, and recognised by the WIPO Copyright Treaty, which has provided new rights to copyright holders, avoided the adoption of provisions that risked stifling innovation and investment in new delivery technology, and taken account of the needs of consumers.

Copyright holders - content providers - must have effective protection or they will not produce works for an electronic environment. Infrastructure and communications providers - carriers - must have predictability about, and appropriate limitations upon, their liability for copyright infringement or they will not carry content which has been copyrighted. Consumers must have easy access to copyright works at reasonable cost and clear payment methods or there will be no market in the Information Society.

SMEs and information workers alike are particularly vulnerable in that they are especially intensive producers and users of information in electronic form and via electronic communications over public networks. They will particularly depend upon clarity in Electronic IPR legislation and operational procedures.

Clarity and balance in IPR legislation will overcome a key current and potential barrier to the implementation and deployment of electronic commerce and tele-work, and will reduce the risks of copyright infringement in introducing these operations in large and small organisations.

In order to overcome the current lack of harmonisation of IPR legislation at the world level, technology providers are proposing technical system for protecting IPR. They are called Electronic Copyrights Management Systems (ECMS) or more generally Electronic Rights Management Systems (ERMS). These systems are mainly focusing on object identification, encryption, watermarking, secure containers and rights management middlewares.

Digital Object Identification
In order to unambiguously identify any digital object circulating through networks and also for ensuring its automated processing, the specialists, right holders and industrialists agreed on the license plate concept. It's a generic concept for identifying a digital object, defining its class and checking its authorisations.

For books for example, the ISBN identifier is well known. CISAC (International Confederation of Authors and Compositors Societies) initiated the Common Information System (CIS) as a standard identification system for digital works. It includes the International Standard Audio-visual Number (ISAN) and the International Standard Work Code (ISWC).

MPEG and JPEG group reserved a sufficiently big computing space into the extensions of specification of MPEG and JPEG format for supporting work identifier codes.

The Association of American Publishers (AAP) launched the Digital Object Identifier numbering system (DOI).

Encryption
The major two functions of encryption are security and authentication. Security is to protect communicated message, and authentication is to certify authenticity of the sender and the content of the message. Authentication can be used in three instances such as to verify the sender, to certify the integrity of the message, and to reject the sender's false claim to deny his/her own message.

In the electronic commerce on the Internet, authentication of a sender of data is as important as protecting the data from wire trapping or tampering. There is such a method as using physical finger print or iris pattern, but the most common way to certify the sender is to use a public key method that uses a pair of public key and private key. To deter such crime as masquerading as another person, a public key unique to a person or an entity is generated, made public, and authorised by a certain organisation to prove that the key is actually the issuer's.

An important entity enabling and regulating public key based exchanges is the certificate authority (CA).

A certificate authority means a trusted third party that utilises public key method. Certificate authority is going to be used in many occasions such as when a consumer purchases goods from electronic shop on the Internet to ensure that both the consumer and the shop are actually who they claim they are. Certificate authorities are the essential infrastructure that will realise the security and trust on the Internet. Given that there will be multiple certificate authorities in the world, cross certification among independent certificate authorities will be important to enable universal usage of one's certificate.

Certificate authorities offer such services as issuing of certificates, registration and publicising of certificates, storage and management of certificates, revocation of certificates, and compiling the list of revoked certificates. In broader definition, credit check of a person to issue a certificate, registration and management of personal data, storage of digital data, certifying digital documents, and recovering keys.

Existing technologies used by certificates authorities include the following :

• Protocols : SET (Credit card settlement protocol), Secure Socket Layer (SSL web protocol)
• Form of certifications : ITU X.509, ISO | IEC 9594-8.
• Public key (RSA encryption etc.) Use a pair of public and private keys

Secret key (DES, Triple DES encryption etc.) Use a key specific to a pair of sender and recipient.

Digital signature technology and the law
The goal of digital-signature legislation is to regulate the technical steps involved in certificate generation and distribution so that a digital signature is acceptable as evidence in court. Uncertainty about digital signatures' evidence constitutes the most important impediment to their use. Today the general treatment and acceptance of digital signatures in Europe depend on country's legal system. There are two distinct types of legal system in Europe. In most European countries, including Germany, the Netherlands, and the UK, judges are allowed to accept any means of evidence (free system of evidence). However, in some countries, as Belgium and France for example, the law defines the means of evidence that judges can accept.

Germany set up a legal framework for digital signatures, based on a system of licensed certificate authorities, last year. Denmark and Belgium are about to initiate similar legislation processes. But these frameworks won't be obligatory expect for certain procedures in the public sector, and they won't make digital signature generally legally binding.

Watermarking, Fingerprinting
Digital watermarking technique represents a valid solution to the ever increasing need for copyright protection and authentication of digital contents transmitted through networks. A digital watermark is an identification code, embedded in the document to be protected, carrying information pertaining to copyright protection, data authentication, thus allowing to identify the creator, owner, distributor, authorised consumer of digital data (in this last case, the term Fingerprinting is usually used). Generally it is required that a watermarking algorithm be :

• Unobtrusive : it should be statistically and perceptually invisible not to degrade data quality and to prevent attacks from finding and deleting it;
• Readily extractable : the data owner or an independent control authority should easily extract it;
• Lossless : it should imply no loss of relevant information;
• Robust : it should resist to any attempt to remove it by attackers trying to counterfeit copyright of data;
• Unambiguous : its retrieval should unambiguously prove the identity of the data owner.

Watermarking and fingerprinting can be considered as steganographic techniques. They add subliminal data into the information without interfering with the message conveyed by the tagged information.

The Esprit projects IMPRIMATUR and TALISMAN have developed robust watermarking algorithms applicable on digital images and resistant to MPEG and JPEG compression.

Secure containers
These technical systems protect the data by delivering it over the Internet in locked form (mainly using encryption techniques as described above). As the computer which receives the delivery is able to access the publisher's web site, this communication link can be used again by the publisher to micromanage the user's access to the data. The data can be constantly locked up and users can be charged and traced for every time they access the data. It could be allowed out only on specific days or during any arbitrary access scheme.

IBM is currently pushing a software concept called Cryptolope. They take the text data and encrypt it with a key. When people want to read the data, they supply their ID number to the IBM central computer and it ships back the key. Each time they want to read the data, they pay again. A user must have an account with IBM, which handles the billing before paying a royalty to the data's owner.

EPR and the InterTrust Corporation Inc are shipping the DigiBox container. DigiBox allows to deliver an encrypted information through the InterTrust system. The DigiBox container includes several elements : organisational structures, properties, controls, and supporting data items.

The principle is very simple : content is placed in a secure DigiBox with control commands that are interpreted by the InterTrust application and after receiving the content, payment is transmitted back to the publisher in another DigiBox for authentication.

EURITIS is pushing the CopySmart Secure Device (CSM/SD) as a general purpose container allowing for : specification of conditions of use, remote connection for rights clearance and payment, data locking. This technology is usable for CD-ROM protection, software licensing and protection of any delivered digital content. Online management of rights is handled by the CopySmart Trusted Server (CSM/TS) which is an electronic rights brokerage platform. These applications use smart-card technology to enforce security and IPR protection.

ERMS Middlewares
ERMS middlewares are electronic rights brokerage platforms on the Internet which regulate interactions between liable agents and the copyrighted contents managed by these platforms. One particular aspect of these rights brokerage systems is that they give consistency to operations which take place in distributed computing environment.

Main liable agents are Content providers (authors, publishers, universities, etc.), Service providers (distributors, electronic shopping malls, publishers, retailers, etc.), Content registration authorities (content identifier issuers), Banks, Certificate authorities, Fees collecting societies, customers.

The ERMS repository contains electronic contracts and rules which specify permissions and conditions of uses of protected contents. Links to remote databases are specified thus allowing for a distributed storage of the content. The platform provides the following services: users registration, identification and authentication, content registration, access control, right clearance, auditing, billing.

The IMPRIMATUR project has set-up an ECMS demonstrator protecting the distribution of digital images on the Web.

EURITIS is commercialising the CopySmart Trusted Server (CSM/TS) as an ERMS dedicated middleware on TCP/IP networks (Internet, Intranet, Extranet).

The OMG (Object Management Group) has issued the CORBA (Common Object Request Broker Architecture) Licensing service specifications. These specifications allow for the integration and the monitoring of legacy applications thanks to the OMG Interface Definition Language which binds the existing applications with the licensing services requested from the Object Request Broker (ORB).

ORB applications are commercialised by ORBIX product from IONA Technologies Ltd, and Visigenix ORB from Borland.

Limitation to Technical protection of data : Fair use and exceptions.
Depending on some contextual factors, the technical systems of protection described above, must deactivate some protection. Factors to consider include:

• the purpose and character of the use (commercial or non-commercial) ,
• nature of the work (factual or fictional) ,
• percentage of copied material and the relevance of that material ,
• economic effect of the copying of digital material.

This is applied quite differently around the world. Due to the lack of legislation harmonisation.