Page:Fair Circumvention.djvu/20

From Wikisource
Jump to navigation Jump to search
This page has been validated.
20
[Vol. 74:1
BROOKLYN LAW REVIEW

freedom to install non-Lexmark toner cartridges by disabling their printers if they did so. Upon powering up, each Lexmark printer performed a two-step authentication sequence.[1] It first queried a separate microchip inside the inserted toner cartridge, which contained an eight-byte key combination. Applying a publicly available encryption algorithm known as “Secure Hash Algorithm-1” or “SHA-1,”[2] the printer calculated an authentication code based on the toner cartridge’s eight-byte key. Authentication succeeded if the result the printer calculated matched a parallel calculation undertaken by the chip on the toner cartridge itself. During the second stage of the authentication sequence, the Printer Engine Program downloaded a copy of another very short program (the Toner Loading Program) from a chip on the toner cartridge and computed a checksum of the downloaded bytes.[3] This stage of the authentication procedure succeeded if the checksum the Printer Engine Program calculated matched a value encoded elsewhere on the toner cartridge chip. The printer shut itself down unless both steps of the authentication procedure succeeded. The authentication procedure sought to ensure that consumers used only toner cartridges (whether new or refilled) supplied by Lexmark.[4]

Although defendant Static Control Components (“SCC”) did not compete directly with Lexmark, it sold chips to Lexmark’s competitors in the market for remanufactured toner cartridges.[5] SCC’s chips enabled Lexmark’s competitors to produce toner cartridges that mimicked the two-stage authentication sequence when used in a Lexmark printer. SCC advertised that its chips successfully bypassed the first step of Lexmark’s authentication sequence.[6] For the second step of the sequence, SCC’s chips contained a byte-for-byte copy of Lexmark’s Toner Loading Program, which enabled the chip to pass Lexmark’s “checksum” calculation.[7]

Lexmark charged that SCC’s chips infringed Lexmark’s copyrights in the Printer Engine Program and Toner Loading Program. Lexmark also alleged that SCC’s chips circumvented, in violation of the DMCA, a technological measure (specifically, the first step of the two-step authentication sequence) that “effectively controlled access” to its copyrighted programs.[8] A federal district court agreed and preliminarily

  1. See id. at 530.
  2. Id.
  3. Id. at 531.
  4. See id. at 530-31.
  5. Id. at 530.
  6. Id.; see also id. at 537 (observing that SCC did not duplicate the algorithm Lexmark used in the first step of its authentication procedure, but instead “replaced Lexmark’s SHA-1 function with a different publicly available encryption program”).
  7. Id. at 530-31.
  8. Id. at 531.