Security Web Digest: DMCA Expansion, CD Copy Protection Gains, The Feds Go After PayPal ... and More

Music pirates don't care... Security execs think we're unprepared... eBay's payment service in hot water for online gambling work... and more from around the web.


Critics of the federal Digital Millennium Copyright Act said Friday that they were disturbed by proposals for similar laws at the state level. Quietly, opponents said, state legislators are considering bills that would be even broader than the controversial DMCA, which restricts bypassing copy-protection measures. The movie industry however, says DMCA opponents are overreacting. The group primarily responsible for the state bills is the Motion Picture Association of America, one of the most vocal supporters of the federal DMCA. The MPAA rejects the characterization of the state legislation as similar to the federal law, saying the state measures update cable and satellite protection laws to catch up with todays hacking technologies.

The peer-to-peer music file-sharing habit among 61 million Americans and millions more worldwide is "cemented," with only 9% of U.S. downloaders believing they are doing anything wrong, media analyst Eric Garland told the California state Senate Thursday. "We see only one trend," said Garland, founder of Beverly Hills-based Big Champagne, which analyzes Internet trends. "More people are downloading more copyrighted material." Instead of fighting the trend, which he called a losing battle, Garland said the entertainment industry should embrace digital distribution rather than file lawsuits that only make more people aware of free downloads.

Record labels have been experimenting with compact disc copy-protection technology for close to two years now and the techonlogy may be headed for the U.S. market in bulk this year for the first time, according to one Wall Street analyst. In a research note published Friday, J.P. Morgan analyst Sterling Auty said that Arista Records, a subsidiary of BMG Music, appeared to be moving to market with CD copy-protection technology produced by SunnComm Technologies. "We expect volume shipments of protected CDs to ship commercially in the U.S. as early as the May-June time frame using the SunnComm solution," Auty wrote. SunnComm recently struck a deal with Microsoft to work together on a package of copy-protection techniques for labels. SunnComm will protect the ordinary CD audio tracks against copying, while Microsoft will provide tools to put additional copy-protected versions of the songs on the CD that can be copied to a computer hard drive or MP3 player but not traded online.


A poll conducted by CSO magazine on Wednesday reveals that 63% of chief security officers and senior security executives are not confident that the United States can protect its critical infrastructure and citizens from harm by terrorists and nation states. The poll, which surveyed 271 security executives, found that organizations are taking steps to secure their employees, facilities, and information assets in anticipation of possible physical and cyber attacks. More than one-third (35%) of security executives surveyed reported that their organization had increased its security investment because of the war in Iraq. Forty-one percent of respondents said they are increasing their monitoring of computer systems and stepping up their LAN/network security (30%). Only 18% of security executives polled said the war would have a negative impact on their companys bottom line, and of those companies, most believed that it would result in a loss of revenues of less than 10%.


The U.S. Attorney for the Eastern District of Missouri alleged that eBays online payment service PayPal violated provisions in the USA Patriot Act between October 2001 and July 2002, according to eBays annual report, filed Monday with securities regulators. Under the act, it is prohibited to transmit funds known to have come from a criminal offense, or that are intended to promote or support unlawful activities. The agency is seeking to collect any earnings that PayPal received from online gambling merchants during the nine-month period, as well as interest. Last year, PayPal received 6 percent of its revenue from online gambling, according to its filing with the Securities and Exchange Commission. eBay, which received the U.S. Attorneys notice on Friday, is reviewing the matter and has not decided whether it will pay the requested settlement price, said Kevin Pursglove, an eBay spokesman.