Passwords and Keys under the DMCA: A Call for Clarification from the Courts or Congress

Authors

Lindsey M. Shinn

Abstract

While the DMCA was passed to protect copyrighted content in the digital age, the cases interpreting the statutory terms "circumvention" and "authorization" are inconsistent. The courts have staked out two poles on what does and does not constitute circumvention under the DMCA: aftermarket parts that run items like garage doors do not circumvent, but code that allows an unanticipated device to play a CD is a circumvention. This Note explores the surprising consequences of carrying the reasoning of each of these lines of cases to their logical conclusions. The most unsettled area naturally falls in the middle-in the cases of passwords or keys properly created and applied by either humans or computers-where courts have not well-articulated their reasoning and Congress may not have intended the DMCA to reach anyway. Further troubling is the way courts have allowed plaintiffs to use the DMCA to enforce contractual definitions of authorization, rather than simply on a breach of contract theory, especially where the DMCA does not clearly define "authorization." Moreover, courts often separate authorization of the key or password from authorization of the actor, without sufficient explanation. Thus, this Note argues that Congress or the courts should further refine these definitions in the DMCA to achieve a more coherent scheme.

Recommended Citation

Lindsey M. Shinn, Passwords and Keys under the DMCA: A Call for Clarification from the Courts or Congress, 60 Hastings L.J. 1173 (2009).
Available at: https://repository.uclawsf.edu/hastings_law_journal/vol60/iss5/6