A suggestion on banning functions

First, I really appreciate your stance taken in the blog post "Copybot Action". I think this clear statement that misuse won't be tolerated will really help. I also understand the inherent limitations of intellectual property protection / DRM in SL and on the internet as a whole now, after reading the townhall transcript.

Now, my suggestion (and question): Philip mentioned that the residents will need to have make use of tools for banning, governance and policy response; as I understand it, you might be working on better tools to help us protect our rights, security and privacy inworld. Right now, banning a person is quite ineffective due to the open registration. I'm not speaking against the open registration here, it's a fact we have to live with. But I would like to see an effective way to ban the complete identity information of a user that Linden Lab has on file, without being able to access this information of course.

The only verifyable identity information of a person including all their alts is the machine hash or hardware hash of a client. I understand that the current SL client already collects this information and ties it to a certain account. Would it be hard to change the ban functions of land and estate owners, to operate based on this hardware hash instead of an account name? I imagined it like this: many persons use multiple computers, so the (invisible) account info needs to contain a list of all hash IDs ever used with this account, i.e. the identity of all machines a person ever used to log in an account. As soon as I ban a person from my land based on their account name, the whole list of hash IDs is banned. Otherwise banning, as the only tool of self-protection we have right now, is quite pointless. Would this be possible? If not, how can we make sure that a banned person doesn't come right back at us?

In this context, how would a future open source client handle the data gathering for a hardware hash? Is it possible to change the code in order to fake an ID, or are there ways to ensure that a hash ID is valid? I would also like to know how Linden Lab handles a grid-wide ban. Do you ban persons from the grid based on the hardware hash too, or is just one account and possibly verified alts of the same person banned?

---------------------------------------------------------------------------------

/Edit: I have another question and would like to avoid starting a new thread about it, so I'll just add it here.
I can see my customer's need to create backups of their purchases, so I'm planning to change some wares from -copy/+transfer to +copy/-transfer. But I sell several linksets that change their permissions on rez, due to a bug. I reported the bug a few times: the perms are fine in the customer's inventory, but all perms but modify are gone after the customer rezzes it. As I found out, this always happens when a linkset is often duplicated by using either shift+drag or "take copy". I use to take backups during work, so I duplicate my projects often before I have a final sales version and often run into this bug.
Is there any known workaround and is this bug on the priority list?

----------------------------------------------------------------------------------

/Edit2: And yet another addition, regarding the CopyBot again. Sorry to bring it up once more, but it seems to be unclear what "infringing copies" means. Which copy is legal, which is not?

I understand that it's perfectly legal to make backups of any software or other digital wares that one owns. No one can argue that. It's perfectly legal to rip a DVD after buying it and create a copy for your personal use only. The same ripping tool can be used to create pirate copies as well, but that doesn't make the tool illegal. If I can't create a backup other than circumventing a protection mechanism, I may do so. SL doesn't have a backup solution, so many users argue that the CopyBot or similar software often is the only method to create a backup.

Now, let's take a program like Microsoft Word for example. If I bought it, I can copy the CD. I would even be allowed to copy the CD if it had a copy protection. I'm not allowed to install it on two machines though. It's unclear if a duplicate of a copy-protected prim object is the same as a second software installation, since one can pick it up right away and only take it out of the inventory in case the original gets lost. That may be hairsplitting. So far the CopyBot doesn't seem to do anything illegal, as long as one doesn't copy content without ownership and/or attempts to resell the ripped content.

But there's one very important point. What I'm not allowed to do with my copy of Microsoft Word, under no circumstances, is to disassemble the code, remove any licence number or product ID, change the splash screen to replace the Microsoft logo with my own name and remove any indication that this product was produced by Microsoft and that Microsoft holds the copyrights. That would be a clear copyright violation in any country.

Alas, the CopyBot does exactly that. It doesn't duplicate, but rebuild. It's the same as disassembling a software like Word and recompiling it with a new company logo. It's exactly the same as copying the pages of a book and printing a new author name on the cover. No matter if I apply the IP rights of software or of real, physical products, it turns out to be illegal. A real backup solution may be legal, as long as it copies a product unchanged or at least keep the creator's name unchanged. But I fail to see any possible way to create a backup and not a counterfeit when using the CopyBot.

Could you please clarify what form of copying is legal, which permissions I'm allowed to circumvent and change when creating a backup, and if it is possible to create a TOS compliant backup with the CopyBot, or if any use of this tool no matter what for won't be tolerated?
Thank you.

Well Ishtara, this is certainly a challenge!

To answer the first question...right now, if you ban someone from accessing your parcel (or estate), the ban is based on account name. If there are alt accounts which could be associated to the account they would not be included. This policy stems from our very early decision to treat each account as a unique individual, as frequently they are. Members of a single household, dorm mates, sometimes even people who live near each other, could conceivably share an IP address. You might want to ban one of them, but not all. Hence, the decision to work primarily from unique names.

Second, our definition of an infringing copy ties to the RW definition. If you copy something where someone else owns the copyright, and profit from that infringement, for example by selling it without paying a royalty or license, then they may have a claim against you. To be sure, you should talk to a copyright attorney. For more information, please see http://www.copyright.gov/help/faq/.

Your third question goes way beyond my expertise in understanding copyright law. Again, I'd suggest you check with an attorney if there are specific instances you need advice for.