Hi everyone – I’m sorry there’s been a few months gap since the last games law update, but it’s been pretty busy in my personal life and I’m afraid my assiduous squirreling away of useful links for you suffered. Here’s October 2012 in brief to help make amends… Continue reading Games law update, October 2012
Tag: security
Thoughts on the WoW Glider appeal
A US appeal court has upheld the illegality of WoW Glider, a high-profile and profitable bot for Blizzard’s World of Warcraft (hat-tip to Nic Suzor). The case is important both for its implications for bot use generally in MMOs as well as for a number of other legal points for games companies which come out of the case. The case was also not a clean win for Blizzard, which suffered setbacks in two important parts of the case.
The background
Glider allows players to level up automatically within WoW by playing their avatars for them. It therefore bypasses the level progression built into WoW. Glider was built by MDY Industries, which is owned by Michael Donnelly, who sold it to WoW players for a lot of money. Interesting fact: Donnelly made $3.5m profit off WoW Glider, apparently.
Blizzard did not like Glider, unsurprisingly, and told MDY to stop selling it. MDY then commenced legal action seeking to justify the legality of Glider. In 2008, a California court held against MDY, finding both that Glider involved copyright infringement of WoW and that it contravened the Digital Millenium Copyright Act. That last bit needs a bit of explanation for non-US readers: the DMCA makes it illegal for you to try to circumvent technological protection measures which a software company puts in place to protect its software. In this case the principal protection measure is The Warden, a program that Blizzard uses to track down bots – and which Glider was designed over time to evade.
Having lost the lawsuit, Donnelly and MDY were therefore made subject to a huge $6.5m fine and ordered to stop selling Glider. They appealed – and the judgement from the US 9th Circuit appeal court has now arrived.
Key points from the case
- Blizzard lost its copyright infringement argument. In a nutshell, it argued that its EULA prohibits bot use and therefore, if a player uses Glider, that is a breach of the EULA and constitutes copyright infringement, for which MDY should be legally responsible as it sells Glider in the first place. The court held that in fact using a bot does not involve copyright infringement, it just means a breach of contract (i.e. of the EULA). In other words, using or selling Glider is still illegal because it involves breach of contract, but it’s not quite as illegal as Blizzard made out, i.e. copyright infringement. This has important practical consequences, because it significantly limited the legal penalties that Blizzard could seek against MDY. It is also significant legally, because it is the first time that a court has found that using a bot does not involve copyright infringement.
- However, Blizzard won the DMCA argument. The court found, again, that because Glider is specifically designed to evade The Warden, it therefore fell foul of the anti-circumvention laws in the DMCA. Therefore, the court upheld the ban on Glider, even though MDY had ‘won’ the copyright argument.
- Because Blizzard lost the copyright infringement argument, the court effectively overturned the massive $6.5m fine against Donnelly and MDY. Which must be a relief for them. But it doesn’t get them entirely out of the financial wood because…
- Blizzard had also run a ‘tortious interference with contract’ argument – i.e. it wanted MDY to pay for the damage that Blizzard suffered due to Glider, which appears to have been lost subscriptions. In the lower court, Blizzard won this argument, but the appeal court now basically has ordered a re-trial.
- We’ll very likely see this in the courts again, either because of the partial re-trial or because one or both parties attempts to appeal the case up to the US Supreme Court.
Other interesting points:
- The court affirmed the decision in Vernor v Autodesk earlier this year that games ‘owners’ in fact only license their games, they do not own them (read more here: what Vernor v Autodesk means for games)
- Blizzard apparently spends “$940,000” a year responding to complaints regarding anti-bot activities (contrast that with the $3.5m profit Donnelly made on Glider sales). Still, I wonder how much extra Blizzard spends on actually combatting the bots themselves.
- Interestingly, MDY’s explicit business model was to make it so commercially difficult for Blizzard to continue its anti-bot activities that it would effectively allow Glider to continue.
So what?
It might sound like a lot of legalese, but really this is a milestone lawsuit in the games industry:
- It shows yet another weakening of the EULA. Just because Blizzard said that using a bot was illegal and a breach of copyright, didn’t actually make it so. Expect more hard looks at the EULA in the future.
- On the other hand, it shows how important the DMCA is to protecting games in the US. The equivalent in the UK is the Copyright, Designs and Patents Act 1988 (you can read more about that here in the context of modchips).
- It also shows that Blizzard really doesn’t like bots. Its legal costs must be quite substantial by now and, the court having ordered that each side pay its own costs, it can’t recover them from MDY. That’s a lot of money to spend going after one bot, but Blizzard must have been banking that it will have a deterrent factor on other bots in the future.
Finally, here’s the really interesting question for me: MDY lost not because of Glider itself, but because it circumvented The Warden. What if there was an MMO with no such protection program in place (and, perhaps, with a less strict EULA too)? In that case, there is at least an argument I think that bots could be ‘legal’ for that game. Food for thought, eh?
Follow us at http://www.twitter.com/gamerlaw or subscribe to our email updates here
Setback for Jagex in Runescape lawsuit
Jagex, developer of the popular browser MMO, has suffered setbacks in its ongoing lawsuit against Impulse Software, the maker of a bot for Runescape called the “iBot”. This follows attempts in 2009 by Runescape to take legal action against a gang of UK phishers.
First, a quick summary
Impulse’s bot (like most bots) allows players to level up their avatars faster by playing for them. Jagex, understandably, was not happy with this. It therefore brought a lawsuit against Impulse Software in the US, bringing claims under the Computer Fraud and Abuse Act, as well as claims for copyright infringement, DMCA violations, and trademark infringement.
As part of that lawsuit, Jagex sought a preliminary injunction against Impulse banning it from sale or use of the iBot. This then came to a court hearing, with Impulse contesting the injunction. The court has now published its judgment denying Jagex that preliminary injunction, during which it commented on Jagex’s claims generally. A quick summary follows:
Copyright claim: Jagex argued that Impulse’s iBot infringed the copyright works in its game. The court felt that Jagex’s copyright claims were “unlikely to succeed” since it had not made all the necessary copyright registrations (in the US, for a copyright to be protectable it needs to have been registered with the US Copyright Office – unlike in the UK where there is no registration requirement and generally copyright works becomes protectable as soon as they have been creatted). In particular, Jagex had not registered copyright in its website or software. As a result, Jagex could not argue that Impulse had ‘copied’ its copyright works.
DMCA claim: The US Digital Millenium Copyright Act bans attempts to circumvent ‘technological measures’ put in place by owners to protect their copyright works (an example would be DRM technology). The UK analogy is the Copyright Designs and Patents Act 1998 (you can read more on how it works in the UK here). Jagex argued that Impulse use of its iBot breached the DMCA provisions. Again, the court was unpersuaded by Jagex’s argument, because Jagex could not rely upon any registered copyright works that needed protection, or that there were any ‘technological measures’ in place to protect them.
Trademark claim: Jagex argued that Impulse had infringed its trademark in the name “Runescape”. The court found against Jagex again, on the basis that Impulse had removed any references to Runescape and instead used “RS” throughout. Jagex argued that the term “RS” was itself infringing on its trademark by causing consumer confusion between Runescape and the Impulse bot, as everyone knew that “RS” was being used to mean Runescape. The court found against Jagex, on the basis that there could not be consumer confusion between a game and a bot intended to cheat that game.
Computer Fraud and Abuse Act claim: This law protects (as you might expect) against the misuse of someone’s computers for fraudulent and other purposes (a good example would be hacking). The UK equivalent is the Computer Misuse Act (more on that here). Jagex’s argument seems to have been that, while Impulse itself did not attack the “protected computers” in question (Runescape’s servers), they assisted players to attack those servers by providing the bot to them. I won’t get into the detail, but the court found against Jagex on this argument as well.
Ruling on the preliminary injunction: having gone through the substantive legal claims, the court considered the preliminary injunction which Jagex sought, to obtain which Jagex had to prove (i) it would suffer irreparable harm if the injunction was not given; (ii) the balance of equities (i.e. probability) fell in its favour and not Impulse’s, and (iii) the public interest was in favour of granting Jagex the injunction. Unfortunately, the court found against Jagex on all three counts. As a result, the court denied Jagex’s application for a preliminary injunction.
What next?
Jagex is still free to pursue its lawsuit against Impulse, albeit without having been able to restrain the use of the iBot in the meantime (which Impulse presumably will continue to sell). But clearly Jagex will have to look very carefully at what the court said about the merits of its claims – which were not positive.
Lessons to be learned:
- THIS CASE DOES NOT MEAN THAT BOT MANUFACTURERS HAVE A FREE HAND. We’ve seen on a number of occasions that games companies have successfully used litigation to shut down bot manufacturers and other illegal attempts to tamper with their game, usually using very similar arguments to those advanced by Jagex here. Take for example Blizzard v Scapegaming last month, or the WoWGlider lawsuit before that.
- Think globally with your IP. Jagex fell down at least in part because the court ruled that it not had protected its copyright properly in the US and its terms and conditions were insufficient. So don’t just protect yourself in your home country – you need to protect yourself in every country in which you do substantial business (UPDATE: Thomas Bidaux suggests every country where you have >10% of your business).
- Take legal action as soon as you are able – don’t delay. This was another reason that Jagex failed to obtain the injunction.
- Just registering copyright and trademarks won’t automatically protect your game – bot manufacturers these days are very careful to try to minimise liability on these fronts (hence for example Impulse’s use of “RS” rather than Runescape). Talk to your lawyers if you have concerns about attempts to undermine your game. A little legal advice early can save a lot of time and money down the line.
Follow us at http://www.twitter.com/gamerlaw or subscribe to our weekly email newsletter here
Nintendo v Playables – the latest modchip case considered
It seems that Nintendo is on a mission to gun down modchip sellers at the moment. I posted in May 2010 that Nintendo was suing New York-based modchip seller NXP Games, Inc. The 1709 Blog has just reported that Nintendo has successfully just sued another modchip seller in Holland. And, last week, Nintendo won a UK High Court claim against modchip seller. This post is about the UK decision.
Here’s a quick summary:
Nintendo v Playables, the UK High Court decision on modchips delivered last week, was not a groundbreaking decision. It simply reinforces the fact that previous caselaw has already found that the sale and distribution of modchips breaches UK copyright laws and is therefore illegal. So, this decision did not make modchips illegal for the first time under UK law. It is still an important decision, however, because it forms part of a continuing move in the US/UK towards outlawing modchips altogether – an approach which is not shared in certain other countries, particularly in Europe (more on that at the end of this post).
So, now read on the clever(ish) legal analysis. Oh, and for more background on modchips you can read my previous post ‘Are Modchips Illegal?’…
The story
Nintendo manufactures and sells its handheld Nintendo DS among other consoles. Playables, a UK company, imported and sold devices which when connected to a Nintendo DS could be used to play pirated games (either using inbuilt memory or through inserting memory cards into the device). In other words, Playables sold modchips.
HM Revenue & Customs and Trading Standards seized about 165,000 of these modchips en route to Playables, which led to Nintendo finding out about them and deciding to commence High Court proceedings against Playables and one of its directors. As it turned out, prior to trial Nintendo agreed a partial settlement with Playables (the terms of which are unknown and no doubt secret) but nonetheless sought summary judgment of the case to court in order to obtain legal vindication of its position.
Fundamentally, Nintendo argued that the modchips infringed its copyright in: (i) the source code for the boot up software; (ii) the Nintendo Logo Data File (which assist the DS to run); (iii) the Nintendo ‘Racetrack’ logo. In legal terms, the arguments being run were:
(i) circumvention of ‘Effective Technical Measures’ (essentially, they deliberately circumvented technology put in place by Nintendo to stop copyright infringement); and
(ii) pure copyright infringement.
More on that below.
The ETM argument
This is where we get a bit legal. Nintendo relied upon two provisions in the Copyright Designs and Patents Act 1988 (the “CDPA”), section 296 and section 296 ZD.
Section 296 prohibits anti-circumvention devices that have been applied to computer programs. To establish a breach of this provision, Nintendo had to prove that:
- there was a “technical device” which had been applied to a computer program; and
- that the defendants had manufactured it/sold it etc for the sole purpose of the unauthorised removal or circumvention of the technical device.
In addition, for one of these sections Nintendo also have to prove that the defendants actually knew or had reason to believe the technical device would be used to make infringing copies.
Nintendo easily could prove Test (1), since the modchips physically are inserted into the Nintendo DS and can then be used to run pirated games etc.
As to Tests (2) and (3), Playables advanced the same arguments that pretty much all modchip sellers have advanced in these cases:
- modchips are not just sold for circumvention purposes but can have legitimate uses, e.g. if you wanted to play your own game on the console; and
- the modchip sellers don’t know that their devices would be used by people to make/use pirate games.
In the UK, these arguments had already been put forward (and failed) in several cases, in particular one called Sony v Ball and separately in R v Gilham (more on that below). Here, again, the judge gave these arguments pretty short shrift. He said “I do not think that the defendants have a realistic prospect of asserting that they did not know of the unlawful uses to which the devices would be put” and that Playbles had “no realistic prospect of success” in arguing the modchips were for legitimate purposes.
The Jurisdiction angle
One interesting/new question which came up during this part of the case was what happens when a modchip seller is exporting modchips outside the UK as well as selling them within the UK. Does just exporting modchips outside the UK fall foul of the CDPA as well?
Mr Justice Floyd said yes, it does. He said that one of the CDPA sections being relied on, s296 ZD, is concerned with dealings in the UK in devices capable of circumvention. Nintendo did not need to prove actual circumvention.
So what? Answer: on this reasoning, if in the future a modchip seller was to import modchips into the UK and then export them out (e.g. to Europe), that would be illegal even if the modchip is not actually sold/used in the UK. It also means that the claimant (in this case, Nintendo) could seek greater financial damages.
The copyright argument
As I said above, as well as an ETM argument, Nintendo also brought a plain old vanilla copyright argument, based on the DS source code, the NLDF and Nintendo’s logo (well, actually, Nintendo’s argument was that Playables should be liable for copyright infringement because its device authorised others to infringe Nintendo’s copyright, most likely because it would be hard to prove that Playables itself had actually infringed Nintendo’s copyright). These arguments met with more limited success: Nintendo only won on the NLDF authorisation point.
The court’s judgment
We already know that Nintendo/Playables itself had settled but Nintendo wanted a judgment in its favour. So, it went off seeking summary judgment from Mr Justice Floyd, who found in its favour on the ETM argument and partially in its favour on the copyright argument. The Judge also found there was enough evidence to find Mr Chan, the Playables director, jointly liable with Playables.
Also, just to emphasise, the court’s judgment was directed at whether Playables had in fact breaches the relevant sections of the CDPA. This case did not seek to establish as a general principle that modchips are illegal, as that had already effectively been achieved by a combination of the CDPA provisions and previous caselaw. Obviously though this case will act as further precedent to be used in any subsequent cases against modchip sellers in the UK.
Analysis
As I said, this was not a groundbreaking decision, but it does have some interesting aspects:
- It forms part of the continuing trend in the US/UK towards outlawing modchips altogether, by finding that they have no legitimate purpose other than to facilitate copyright infringement/games piracy. For example, the case follows hot on the recent UK criminal case of R v Gilham, in which a modchip seller was convicted of offences relating to his sale of modchips (you can read my thoughts on that case here).
- It contrasts with the view on some other countries that in fact modchips can be used for legitimate purposes and that the games companies should not have ‘their own way’ of controlling the consoles in the way they want, rather than what consumers want. For example, you read here about recent modchip decisions in France and Spain which moved in that direction.
- It shows that the directors and employees of modchip sellers can be personally liable, not just the company. Here, Mr Chan was found financially liable as well as Playables. In Gilham, Mr Gilham himself was prosecuted and convicted. This is must be a serious deterrant factor, but…
- The fact that the case was taken all the way to judgment shows that the console manufacturers clearly do still regard modchips as a serious concern, so deterrants are needed.
- HMRC were involved. We don’t know exactly how, but clearly there was (and has been for some time) cooperation between HMRC and the console manufacturers to tackle copyright infringement/piracy of all kinds, including modchips.
- Why didn’t Nintendo go for criminal prosecution of Mr Chan and/or Playables? We know from Gilham that console manufacturers have done this before against modchip sellers. Instead Nintendo relied on a civil suit. Why? I can speculate, but really it’s a mystery…
So what next?
In the UK, Playables will likely be shut down, Nintendo’s position has been vindicated, now it and the other console manufacturers will need to focus on the next modchip threat.
However, modchips are used all over the world, with the console manfacturers being forced on jurisdictional grounds to fight legal battles under the legal systems of several different countries to outlaw modchips (for example the New York and Holland lawsuits mentioned above). It is by no means clear that the same result achieved here would be achieved in say France, China or Brazil. All of which unfortunately means continued legal expense and uncertainty for the console manufacturers.
Speculation alert: in the meantime, as far as I am aware there has been no or very little consideration of the use of modchips from a consumer law perspective in Europe, certainly in the UK. Perhaps a consumer law argument could help to change the nature of the argument away from pure copyright considerations? Sounds like a tough gig, but you never know. Watch this space…
Follow us at http://www.twitter.com/gamerlaw or subscribe to our weekly email newsletter here
Nintendo sues another modchip reseller
Teen convicted of crashing PlayStation site in banhammer
It’s worth bearing in mind that in the UK and EU he would have faced similar criminal proceedings. In the UK for example there are specific criminal penalties under the Computer Misuse Act 1990. We wrote about Runescape and the Computer Misuse Act some time ago, check it out for more info
Sony faces class action over Other OS removal
Gamesindustry.biz reports on a Californian class action against Sony Computer Entertainment following its recent removal of the Other OS functionality from the PlayStation 3. I talked to them about it here.
Follow us at http://www.twitter.com/gamerlaw or subscribe to our weekly email newsletter here
Teen admits crashing Playstation site in banhammer revenge
Thanks to Kotaku for this one: a US teen has pleaded guilty to criminal offences over his hacking and crashing of a Playstation web site in 2008, which he did in revenge for being kicked out of a tournament for the PS2 game SOCOM US Navy Seals for using a cheat mod.
Apparently, he carried out his attack by infecting the site’s servers with a virus. Clearly, he was savvy enough to carry out the attack, but not savvy enough to hide his tracks, meaning that he was found out and has now pleaded guilty to four felonies: unlawful use of a computer, criminal use of a computer, computer trespassing and the distribution of a computer virus (this was part of a plea bargain and prosecutors have therefore dropped 11 other counts in exchange for the four guilty pleas). Silly boy.
The case gives us an opportunity to remind everyone of the legal position in the UK. The Computer Misuse Act 1990 is the principal legislation for hacking and it criminalises the following main actions:
(i) Intentional attempts to cause a computer to perform any function with intent to obtain unauthorised secure access to a computer or data on it (e.g. phishing),
(ii) Same as (i) but with the intent to carry out a further criminal offence (e.g. hacking a PC in order to commit fraud), or
(iii) acting in any way which causes the unauthorised modification of the contents of any computer, with the intent to impair the operation of any computer/programme or to hinder access to data on any computer (e.g. uploading a virus to a PC or server).
This Act was most recently used publicly by the UK police to swoop in on a group of Runescape players who had been hacking/phishing Runescape accounts for criminal purposes (more on that, and the Computer Misuse Act, here).
This is one of those posts when the legal lesson of the day seems blindingly obvious, but here goes anyway: hacking someone else’s computer or web site is a criminal offence, so don’t do it!
Follow us at www.twitter.com/gamerlaw or subscribe to our weekly email newsletter here
Nintendo ‘wins’ Australian modchip lawsuit, but are modchips actually illegal Down Under?
Are modchips illegal?
This article is about modchips: is their sale/use illegal or not? We look at three recent cases in England, Spain and France – which show an interesting divergence of European opinion as to the legality of modchips: not every country thinks that modchips are a bad thing. More below…
“
A modchip (short for modification chip) is a small electronic device used to modify or disable built-in restrictions and limitations of many popular videogame consoles. It introduces various modifications to its host system’s function, including the circumvention of region coding, digital rights management, and copy protection (homebrew) software checks for the purpose of running software intended for other markets, copied game media, or unlicensed third-party.”Modchips exist for other devices (e.g. dvd players) but for today’s purposes we’re only talking about modchips which are used in games consoles and which are intended to circumvent games copy-protection: in other words, modchips which fool a console into thinking that the player owns an authentic, licenced copy of a game when it fact he/she does not. An example of such a modchip is the wiikey, which (funnily enough) mods the Wii.
- USA: in principle, use of modchips may fall foul of the Digital Millenium Copyright Act (DCMA), which has been used previously to get at sellers of modchips (example here)
- In Italy, back in 2005 a court ruled that the purpose of modchips was to ‘avoid monopolistic positions and improve the possibilities for use of the PlayStation’. The court said: ‘It’s a little like Fiat marketing its cars while banning them from being driven by non-European citizens or outside towns.’ “
- In Australia, the Australian High Court ruled in 2005 that modchips for the Playstation 2 were not illegal. As I understand it the Court’s reasoning was that, since the Playstation 2 technology had only ever sought to stop players playing unauthorised games but had not sought to stop them copying those games, a modchip which assisted players to play but not copy unauthorised games was not an attempt to circumvent “technological protection measures” under Australian law. (As far as I’m aware, that position has not been contradicted in any subsequent case-law).
(In England, the Court took a rather simpler approach by holding that the very act of playing a game using a modchip constitutes copying infringement – but there may have been good reasons why this
argument was not adopted in Australia).
Closing thoughts
- Even without having to get into a detailed legal review of the laws of different jurisdictions, it is clear that some countries have adopted a relatively hardline approach to modchips (e.g. the UK or USA). In particular, the UK has made it clear that the sale of modchips may be a criminal offence.
- But, maybe surprisingly, other countries appear to have taken a more neutral/favourable approach to modchips, recognising that modchips are not just about playing pirated games. With games companies apparently remaining keen to shut down modchip sellers (as with the French action above), it will be interesting to see what 2010 brings…