Actuate Corp. v. IBM Corp., No. 09-5892 (N.D. Cal. April 5, 2010) [Scroll down for opinion]
Distribution of software license keys on the internet may constitute trafficking in circumvention technology, which is prohibited under the Digital Millennium Copyright Act (“DMCA”)
Plaintiff software licensor sued defendant for, among other things, violation of the anticircumvention provisions of the DMCA found at 17 USC 1201. Plaintiff alleged that defendant posted license keys on the internet, which purportedly would enable plaintiff’s software to be “installed on an unlimited basis.”
Defendant moved to dismiss, pointing to a line of cases including I.M.S. Inquiry Management Systems, Ltd. v. Berkshire Information Systems, Inc. and Egilman v. Keller & Heckman, LLP [see this old blog post about Egilman].
The I.M.S. line of cases hold that the use of a password issued by the copyright holder does not amount to “circumvention” under the DMCA. Under this thinking, the use of an issued password, even if done without authority, does not result in the “avoiding, bypassing, removing, deactivating, or otherwise impairing [of] a technological measure.”
But another line of cases, headed by 321 Studios v. MGM Studios, Inc. suggests differently. The court in 321 Studios reasoned that unauthorized use of a decryption code (the same one issued by the manufacturer) to bypass the encryption on a DVD served to avoid and bypass the encryption.
In this case, despite both parties’ attempts to show the compatibility of the lines of cases, the court found them to be irreconcilable. It sided with the thinking behind the 321 Studios line, finding no support for a distinction between passwords and other types of code that might be used for decryption.
Here’s the opinion: