Before Flash ruled the media-streaming world, and when iTunes simply did not exist, there was Monkey Island II: LeChuck’s Revenge (“Monkey Island”). Aside from its highly addictive gameplay, Monkey Island had one noteworthy characteristic: a Decoder Wheel. Upon inserting the game, the software would prompt the user to align various icons on the wheel to generate a numeric password that varied with every use, verifying that the user had purchased the game legitimately. As technology progressed, the means of protecting digital rights expanded into a vast array of software encryption and protection known as Digital Rights Management (“DRM”). Today, DRM can be found in everything from audio CDs to video games. However, the public has not embraced DRM. The integration of DRM into consumer electronics sprouted a variety of allegations that these software encryption and protection methods make personal computers (“PCs”) vulnerable to malware and privacy invasion.

In the aftermath of Napster and Pirate Bay’s shameless disregard for copyrights, DRM strategies are necessary to protect the incentives that encourage artists and programmers to create and publicly display their works. Yet the security risks associated with DRM levy a high cost on the public, on whose patronage the content creators depend. By restricting research and investigation into security risks in popular public technologies, U.S. copyright law, particularly under the anti-circumvention provisions of the Digital Millennium Copyright Act (“DMCA”), removed necessary safeguards for the public. The large influx of new consumer electronics demands exemption from the anti-circumvention provision of the DMCA for good faith research into security flaws and vulnerabilities in DRM.

This Note discusses the current state of American copyright law under the Digital Millennium Copyright Act. The main thesis addresses whether the current rule-making procedure allowing for a triennial determination for exemptions to the DMCA is adequate to protect the best interests of the public. This Note focuses on the 2010 rule-making under the DMCA allowing for circumvention of access controls for good faith research in investigating and correcting security vulnerabilities in video games is the focal point. Creating a statutory exemption allowing for circumvention of a broader class of works for good faith research into software defects would better suit the interests of the general public, while also preserving the rights of copyright holders. This argument is followed by a discussion of the current risks that DRM software associated with audio-visual works poses for the general public and the benefits that a broader exemption would provide.

*Eric Maher