Tag: Featured

Copyright and AI in a World of Whiplash Public Policy

copyright

I have not added a copyright post here since March 19, when the DC Circuit Court of Appeals affirmed in Thaler v. Perlmutter that works produced autonomously by generative AI (GAI) are not protected under U.S. copyright law. Although it is good to see the human authorship doctrine in copyright left undisturbed, it is a fleeting moment of sanity within a warped national reality.

As reported earlier, Open AI appealed to the administration’s focus on China as a basis to argue that “beating China” requires ignoring the copyright claims of authors whose works are used to train AI models. Not only is that claim wrong on it’s face, but the conduct of the current administration vis-à-vis civil rights forces millions of Americans to ask whether China is an adversary or a role model.

One mirror in the funhouse reveals a compelling bipartisan hearing held by the Senate Judiciary Committee, Subcommittee on Crime and Counterterrorism, where Chairman Hawley and colleagues from both parties offered strong endorsements for the courageous testimony of Facebook whistleblower Sarah Wynn-Williams. Focused primarily on Meta’s engagements with the Chinese Communist Party (CCP)—and Zuckerberg’s lying to Congress about that very issue—the committee cited other abuses described in Wynn-Williams’s book, like the company intentionally targeting vulnerable teens. (More about the book Careless People in another post.)

Ordinarily, I compartmentalize copyright matters from other criticisms of Big Tech, but here, the stories overlap, even if Meta is the only target of the committee’s investigation at this time. First, throughout her testimony, Wynn-Williams repeats the theme that Meta used the “but China will win” argument to oppose Congress taking any meaningful regulatory action. This alone should cast doubt upon Open AI et al. making the same argument as a rationale for mass copyright infringement for model training. As Senator Klobuchar noted, there was no basis for prior claims that enforcing various consumer safeguards (e.g., Kids Online Safety Act) would be counter-productive to national security, and in that light, Congress should decline to believe the same story in regard to copyright infringement.

Meta may be unique—or uniquely situated—as a clandestine partner to the CCP, but it is also notable that the committee mentioned the role of Meta’s Llama AI and heard Wynn-Williams’s testimony that the product was used by the CCP for “AI weapons” and for the development of the Chinese LLM DeepSeek. Further, Wynn-Wiliams offers a theory about the open source versus closed model AI competition in the marketplace. “There’s a lot of money on the line,” she says. “In some ways you could say, if you want open source to prevail, it helps to have a strong threat from a Chinese model so you can say that it’s really important that America wins, and we’re the American open-source option. And I think you can see the way that strategically plays out.”

“But China will win” is pretty much what Open AI told the Office of Science and Technology Policy in its letter arguing that machine training with copyrighted works is per se fair use. But looking at Meta (which is currently being sued in the Kadrey case), consider the perspective:  in developing Llama, not only did Meta scrape the literary works of millions of authors and journalists, and not only did it source pirate libraries for that purpose, but it also deployed that same AI power in the interests of a nation that brutally kills freedom of expression. Yes, of course, I’m thinking the same thing because it’s unavoidable. The current U.S. administration has engaged in multiple First Amendment and other constitutional violations, including assaults on the free press, and thus, the policy whiplash.

Couple these optics with the volume of evidence that the real power behind the destruction of the administrative state is a small group of tech billionaires pushing an anti-democracy ideology called the neo-reactionary movement (NRx), and the idea of advocating creators’ rights seems all but futile. After all, is it remotely sane to think that an administration of semi-literate, 1A-infringing, book banners will care about the rights of authors—let alone reject the tech-bros who wrote the destruction manual for the United States?

Setting aside the copyright questions raised by GAI training, Big Tech’s wanton harvest of artistic and intellectual works as lifeless raw material is perhaps the ultimate expression of the cyberlibertarian’s disdain for human beings as mere repositories of data to be exploited and manipulated. The rhetoric of Big Tech ideology—from 4Chan to the halls of academia—is the authoritarian principle that individuals must be sacrificed for the sake of the collective. All rights are a nuisance to the tech oligarch, and authors are the last people any authoritarian wants to empower.

Open AI’s claim that mass copyright infringement is necessary to “beat China” is paradoxical—either willfully or naively blind to the fact that when we treat works of authorship as mere fodder for the machine, we don’t beat the CCP; we emulate it. Further, not only is the claim overstated that GAI development is a matter of national security, but again, what does “national security” even mean at present? Concepts like American interests, values, innovation, global security, etc. are all diminished, if not wholly swallowed, by the reckless destruction of the principles and institutions that distinguish America as a leader among democratic nations. And copyright rights are in those same crosshairs.

In response to copyright’s critics, especially those in academia with Big Tech funding their work, I have argued that the diversity and scope of America’s creative output has been essential to its strength as a democracy. Whether one looks at the economic value of the core copyright industries, the cultural value of diverse creative expression, or both, the rationale for intellectual property is to incentivize useful innovation and legitimate greatness.

American authors—from historians to rockstars—are the legacy of an aspiration expressed by Noah Webster, the father of American English and of American copyright. In 1783, advocating the first state copyright law in Connecticut, Webster argued that “America must be as independent in literature as she is in politics—as famous for arts as for arms.” By contrast the “greatness” proclaimed by Trump is tautological and brittle just like Big Tech’s claims to “innovation” are often vague and misleading.

As proposed in my book, the inclusion of copyright in Article I was one of the more egalitarian and democratic choices made by the founders, even if they did not wholly grasp its potential. At the most basic level, copyright incentivizes creative expression by any citizen anywhere, and the American model largely fulfilled that traditional Republican principle that the market, not the government, decides what is successful.

The copyright questions presented in roughly 40 cases are difficult and novel. Moreover, the facts presented vary, and thus, the outcomes will vary, especially on questions of fair use. In the meantime, it is clear that at least some of the major AI developers are engaged in a campaign to appeal to the current administration to treat copyright rights much as it is treating other constitutional rights—as principles to trample in a march toward something very un-American.

As AI Moves Fast and U.S. Policy Flounders, Will Organizations Look Abroad for Data Security?

data security

Last week’s firing of the head of the National Security Agency and U.S. Cyber Command, along with his deputies, is one more reason to conclude that the United States is not led by serious people. As the administration waves off the implications of Signalgate and then fires Four-Star General Timothy D. Haugh et al. on the reported basis that Laura Loomer told Trump they are “disloyal,” any common-sense observer will justifiably doubt whether national security is a priority for this administration. Concurrently, one wonders whether the administration’s security clumsiness, combined with its deepening relationship with U.S. Big Tech leaders, will foster anxieties over data security as organizations in every sector develop new AI models that will be tomorrow’s attack vectors.

While U.S. Big Tech praised Trump’s revocation of the Biden EO on AI as an end to regulation, the move could erode confidence for many organizations that need to develop AI in environments provided by domestic suppliers of confidential computing services. Although the U.S. remains a leader in cybersecurity, Americans are targeted by cyberattacks more than any other country, and rescinding the Biden EO did not reverse any regulation. On the contrary, exacerbating the U.S. history of laissez-fair cyber policy, Trump has been a direct beneficiary of data abuse and micro-targeting misinformation; and more than half of all citizens likely assume that our private data is not only insecure, but that the current administration would not scruple to exploit it for the most draconian purposes.

For my recent post about Section 230 reform, I spoke with Peter DeMeo, Chief Product Officer of Phoenix Technologies AG in Switzerland about agentic AI as both opportunity and threat. Not yet fully realized, the principle is that an AI agent can act autonomously to improve or maintain a given system. “But you want to keep the agents in a good place,” DeMeo says. For instance, he describes a Swiss hospital group where the IT infrastructure crashed overnight, but the staff found the agent had fixed the problem and kept operations running. This kind of positive result, however, should not mask the fact that AI agents are new attack vectors. DeMeo explains…

Imagine a foreign adversary infiltrating a hospital’s network through a sophisticated phishing attack, poisoning the AI agent’s data and turning it malicious. Unaware of the compromise, the IT team deploys these sleeper agents into a trusted execution environment—a secure enclave, where they can operate autonomously. From within this stronghold, the malicious agents launch a next-generation ransomware attack, encrypting critical system data. Surgeons and medical staff are locked out, unable to access patient histories, scans, and essential systems—crippling hospital operations and endangering lives.

Is the U.S. a Robust Data Security Environment?

America’s data security landscape comprises a patchwork of federal law, state law, and what might be fairly described as an honor system among many major providers of confidential computing services. U.S. policy (i.e., let Big Tech do what it wants) combined with “operational assurance” (i.e., trust the provider to do what it says) may not provide the kind of confidence various organizations demand as they develop and deploy agentic AI. And that was before DOGE’s questionable access to, and haphazard handling of, sensitive information—or before Trump fired the top cyber security official without cause.

Meanwhile, a key indicator to follow in this context will likely be the insurance industry. For instance, Chubb, a major provider of cyber insurance, released its first Navigating the Cyber Claims Landscape report early this year. The report shows, for instance, ransomware incidents increasing in the U.S. while they are declining outside the U.S, and it explicitly states that “A zero trust security model is essential to maintain controls.”

If organizations look outside the U.S. for confidential computing, Switzerland could emerge as a hub for the level of data security needed to confront the vulnerabilities inherent to agentic AI. For instance, Phoenix’s business model combines decades of confidential computing experience, compliance with Switzerland’s stringent data protection laws, and pricing tiers that make confidential computing accessible for small and mid-size organizations. Rather than “operational assurance,” as Chief Technical Officer Angel Nunez Mencias, explains, Phoenix provides “technical assurance,” meaning that only the customer holds the encrypted key to their own data. There is no “back door,” and it would not be possible to make a customer’s data available to a third party—not even with a warrant issued under the U.S. Cloud Act.

In compliance with the Swiss Federal Act on Data Protection (FADP), not only must the customer approve every change deployed, but statutory provisions include strict civil, and even criminal, liabilities for mishandling certain data—especially sensitive information about natural persons. Asked whether this approach to security might inadvertently provide opportunity for cybercriminals or terrorist organizations, Mencias notes, “Confidential computing is not a black box. Just as the customer must approve every change, we approve the software deployed in our environment.”

IT professionals at organizations in the U.S. and abroad will decide whether providers like Phoenix offer a more secure environment for advancements in agentic AI computing, but the value proposition DeMeo describes provoke questions that were difficult before the current U.S. administration began breaking things. Now that it shall be the policy of the United States to cede the field of excellence in a wide range of disciplines, it is fair to ask whether various organizations will look elsewhere for data security.

DC Circuit Affirms Human Authorship Required for Copyright

human

In a decision that is unsurprising but important, the DC Circuit Court of Appeals affirmed that “authors,” as defined in U.S. Copyright Act, are human beings and not machines that can autonomously generate works. I say unsurprising because nothing in history or statute should have led the court to any other conclusion, and indeed the opinion can be summed up thus: “…the text of multiple provisions of the statute indicates that authors must be humans, not machines.”

Dr. Thaler, a computer scientist, developed a generative AI (GAI) he calls Creativity Machine, which autonomously generated a visual work for which he applied for a claim of copyright with the U.S. Copyright Office. Thaler disclosed that the work was wholly created by the machine, and on the basis that copyright can only attach to works made by humans, the Office rejected the application. Thaler sued, arguing that the Office was asserting a policy not found in the statute or the constitutional foundation for copyright. He lost in the district court, and the appellate court has now affirmed that ruling. (See earlier posts.)

Specifically, the court cites several operative provisions of the Copyright Act that would be nonsensical if machines were “authors.” “Machines do not have property, traditional human lifespans, family members, domiciles, nationalities, mentes reae, or signatures,” the opinion states. This summary refers to the right to own any kind of property, duration of copyrights, inheritance of copyrights, jurisdictional enforcement of copyrights, incentive to create works, and the right and authority to transfer copyrights.

None of those rights or capabilities apply to non-humans, and non-humans do not have standing in court to adjudicate conflicts over such matters. Consequently, U.S. copyright law would unravel if machines were “authors,” which would, notably, moot Dr. Thaler’s claim that his GAI called Creativity Machine is legally the “author” of the visual work he sought to protect. “Numerous Copyright Act provisions both identify authors as human beings and define ‘machines’ as tools used by humans in the creative process rather than as creators themselves,” the opinion states. Imagine the opposite conclusion and Creativity Machine could be named as a plaintiff in an infringement suit. Chaos ensues, and not just for copyright.

As to Dr. Thaler’s theory that under the work made for hire (WMFH) doctrine, he could claim copyright in the work generated by the AI he owns, the court is clear that this misreads the principle. In plain terms, under WMFH, rights transferred to the hiring party must exist in the first place, but those rights can only be vested in a human being upon creation/fixation of a work. No human author means there are no rights to transfer to a hiring party.

Although the Thaler decision is not surprising, it is important because it reaffirms a core doctrine as both case law and policy evolve in response to GAI. By affirming the boundary that 100% machine-generated expression is not protected, this solidifies the framework in which courts to do what they often do in copyright cases—namely to separate protected expression from unprotected elements in a given work.

The more compelling and trickier question as to what is protected and not protected when an “author” uses a generative “machine” as a tool is now active in the District Court for the District of Colorado. As discussed in this post, artist Jason Allen presents a plausible argument that he used Midjourney as a tool to create and fix his mental conception of a visual work of expression. Arguably, Allen v. Perlmutter will be the first case to write early guidance for the use of GAI to create works that may be protected. As such, that outcome just might be surprising and important.

Photo by: Designer491