The Scare of Abandonware

It’s nice to have law in a society to bring a sense of predictability. Clear and organized laws allow us to understand the consequences of our actions. Knowing the law lets us make choices based on the expected outcomes. However, there are a few areas of law where outcomes are not so obvious. Abandonware is an interesting case of 21st century law. Copyright law simply doesn’t outline what to do when a company publishes a game and then closes its doors. It’s scary for cautious lawyers to discuss because of that uncertainty. As always, this blog post is NOT legal advice– in fact, it’s mostly about why giving legal advice about abandonware is difficult.

How Games Get Abandoned

Abandonware isn’t entirely limited to software, but the differences in technology and industry norms and structure make it a far larger problem for software than any other media. It’s no surprise that book, radio, television, film, or music industries ever needed a statute on abandoned works.

When game studios close, they are often bought by other, larger studios- or at least their IP assets are. However, sometimes the IP of a studio doesn’t get purchased – it just gets abandoned. Copyrights in the US last at least 70 years. Although courts have ruled that not every work has a recognized owner at the time of creation, courts have not definitively addressed the issue of abandoned works. (It is possible to officially declare a work abandoned and part of the public domain, but this is not automatic for IP that is simply left behind by a defunct company.)

Who Would Have The Right To Sue?

There are a few fundamentals that have to be in place for a case to even get seriously looked at by a judge. There must be an allegation of a violation of a law, for one thing. Additionally, the plaintiff must have “standing.” This means the plaintiff was harmed by the breaking of the law. A case must also be “ripe” (the allegation cannot be speculated or predicted to occur sometime later), and the case cannot be “moot” (resolving the case must make an actual difference to the injured party).

In the case of abandonware, could these fundamentals be met? Sometimes revenue is still given to developers whose companies have closed shop, but it’s unclear how often this is the case.  In most cases, it seems that no one can claim to be damaged by the unauthorized distribution of the software, because no one can claim they lost money as a result. Further, any case would be moot because ceasing the distribution would not make any difference to a non-existent competitor.

Despite the unlikely odds of an abandonware suit even getting to trial, distributing abandonware still feels a little risky for two reasons. First, unlike trademarks, copyrights are not contingent on use in commerce, and unlike abandoned property there is no law describing how to treat abandoned works. Second, it’s an unexplored area of law, which means that there isn’t precedent either to argue in court or to consider when advising a client.

Who Gets the Loot of the IP License When a Company Dies in the Dungeons?

Despite the murkiness, some abandonware cases seem clearer than others. Some games from the 80s and 90s seem well and truly abandoned. However, if a copyright is assigned to a corporation and that corporation then goes defunct or is bought, it’s sometimes unclear who owns the copyright.  Other games may carry a sort of tangential active ownership that could complicate a case. For an example of both of these complications, let’s consider a game from 1991 that featured a licensed IP to a game developer and a publisher (who are now both defunct): Eye of the Beholder.

Dungeons and Dragons was owned by TSR, Inc until that company went out of business and sold most of its D&D intellectual property assets to Wizards of the Coast (a company owned by the toy company Hasbro, Inc). Eye of the Beholder was a game made by Westwood Associates (bought by Electronic Arts and defunct since 2003), though the title screen clearly identifies it as an Advanced Dungeons and Dragons game. The game was published by Strategic Simulations, Inc (bought by Mindscape and defunct since at least 2011), who worked with TSR on dozens of licensed D&D games.

With Westwood and SSI now out of the picture, can Wizards of the Coast claim ownership in the use of their D&D mark in 30 year old games?  Wizards of the Coast would probably not prevail on a claim of direct ownership of these games. As far as I can tell, courts have not addressed a case in which a party bases a claim on IP that is inside another product. The closest cases involve the use of a person’s likeness in a game, but the plaintiffs don’t try to claim ownership over the entire product. It may be that the original license agreement puts the “D&D” IP out of the reach of claims by TSR, and therefore out of the reach of WotC.

Ideally, the licensing contract between TSR, Inc and Westwood Associates has a paragraph for just this kind of question (this is why it pays to draft contracts with the worst possibilities in mind- like your company going out of business). If a court faced the claim that WotC has a claim on the distribution and sales of games featuring D&D settings and characters, I suspect* it would rather dismiss the claim on the basis of laches rather than address the tangled mess of IP licensing claims.

Conclusion: We Can Know The Risks, If Not the Outcomes

Abandonware seems to be technically illegal, but it also seems to be nearly unenforceable. That’s an uncomfortable place to be. It’s a strange state, and there are hardly any appropriate analogies that would help explain it. The best analogy might be a comparison to an old game that, despite being technically functional, won’t run on a current operating system. Abandonware’s legal challenge might be best described by its technical challenge.

 

*There is always a small risk of a surprise in court: A court could create the principle that when a party does not exist to protect a licensed IP, the licensor may step in and act as owner of that IP for some limited purpose. Some would call that “legislating from the bench.” The judge would call it “meeting the demands of justice in the face of technological development.”

Advertisements

Evil Vines Choking Out Unenumerated Protections (An Afterthought on Legislating for Changing Technologies)

Legislation always faces a problem of enforcement. That problem can take many shapes: lower courts or police may refuse to enforce the law, citizens may refuse to obey the law en masse, or crafty schemers may look for loopholes and technicalities so they effectively break the law without penalty. There are multiple laws, cases, opinions, and all other legal indications that children merit special and particular protection online and in digital interactions. However, there is no law specifically forbidding inflicting digital violence on a child’s avatar in a game until the child pays non-digital money— and I’m almost surprised it took so long for someone to find that opportunity. I think Penny Arcade misunderstands the problem. The problem is that all of those legal efforts to protect children could never cover every possible way that someone might try to exploit a child in a digital setting. When someone wants to exploit people for money, they only worry about the law in three ways: not getting caught, not getting tried, and not getting convicted.

This kind of example raises concerns not just in the video game industry, but across industries affected by the new General Data Protection Regulation. It would be unfairly cynical to even hypothesize that every company is nefarious, of course. A good many companies have a genuine desire to uphold the GDPR rights of their users, and their task is to work toward official compliance with the GDPR requirements– a few will even go beyond that minimum and take further measures for privacy and security. Notwithstanding, some controllers and processors still want to exploit their users, and their task is now to figure out how to sneak over, around, or through the GDPR.

 

In Both Overcooked And The GDPR, Execution Matters More Than Ingredients

I deliberately avoided playing Overcooked for a long time because so many review joked about the fights it causes with friends. Now that I’ve played it, I barely understand why it’s such a divisive experience for so many people. The game is charming and delightfully fun. Players work together in kitchens filled with obstacles (food and tables often move during the round, forcing players to adapt) to prepare ingredients and assemble meals for a hungry restaurant– though the diners are sometimes floating on lava floes and sometimes… the diners are penguins. The game is about coordinating and communicating as you adapt to changes within the kitchen. Maybe the reason so many people throw rage fits during this game is that they are not good at coordinating an effort and communicating effectively. In any case, the game isn’t about food so much as it’s about kitchens (especially in restaurants). So the game doesn’t focus so much on the ingredients as it teaches the importance of working together in chaotic situations.

People are focusing  a lot on the ingredients of the new EU data privacy law– particularly the consumer protection rights enumerated in it. However, there is very little talk about the bulk of the law, which is aimed at the effort to coordinate the enforcement and monitoring mechanisms that will try to secure those consumer rights. The rights listed in the GDPR are great ingredients– but as Overcooked teaches, it takes both execution and ingredients to make a good meal.

Supervisory Authority: How We Get From Ingredients to Meal

I’ve read a lot of articles about the General Data Protection Regulation, and I notice two common points in almost all of them: 1) the GDPR lists data privacy rights for consumers, 2) this is a positive thing for consumers. However, after reading the entire law, I think this is a gross oversimplification. The most obvious point that should be added is overwhelming portion of the statute that is devoted to discussing “Supervisory Authorities.” The GDPR may list a lot of consumer rights, but it also specifically details how these rights are to be enforced and maintained. This law prescribes a coordinated effort between controllers, processors, supervisory authorities, and the EU Board.

As described in Article 51, 1, a supervisory authority is a public authority “responsible for monitoring the application of this Regulation, in order to protect the fundamental rights and freedoms” that the GDPR lists. Each member of the EU is required to “provide for” such an authority. I can only speculate that this would look like a small, specialized government agency or board. This supervisory authority is required to work with the various companies that hold and process data (“controllers” and “processors” in the GDPR) to ensure compliance and security. The supervisory authority is responsible for certifications, codes of conduct, answering and investigating consumer complaints, monitoring data breaches, and other components of a comprehensive data privacy program. The supervisory authority must be constantly and actively ensuring that the rights in the GDPR are made real.

If the supervisory authority can’t coordinate the effort with the controllers and processors, the rights in the GDPR are just delicious ingredients that were forgotten about and burned up on the stove.

What the Internet of Things can Learn from “The Order 1886”

Great (Sounding, Looking) Potential

The Order 1886 has great quality graphics, but is a poor quality game. Just because the technology involved is cutting edge doesn’t mean the final product is good. The internet of things relies on some cutting edge technology and novel ideas, but that doesn’t mean the final product is always favorable.

I’ve been hearing about the “Internet of Things” for several years now. Middle-aged entrepreneurs are just sure that this “the next big thing,” except it’s going to be bigger than the car or the light bulb. From what I’ve seen, IoT is a glossy, shiny, pretty gimmick that hasn’t shown it’s poised to really solve problems that consumers feel they have. So far, we don’t think a fridge that buys eggs for us is really what’s missing in our lives.

Having sophisticated technology isn’t the same as having a great (or even marketable) tech product. In the same way, having glossy graphics isn’t the same as having a good (or even marketable) game. Both IoT and Order 1886 are impressive at a glance, but fail to live up to expectations as one spends more time with them.

Burger King Sets Itself Up For Trolling

The broad IoT idea continues to reveal vulnerabilities and half-thought-out applications. A few months ago, Burger King aired an ad in which the actor in the commercial asked the viewer’s smart phones to read the first paragraph of the Wikipedia page about Burger King’s flagship product, The Whopper. The completely predictable result was that people started vandalizing the Wikipedia page in question, leading the ad to tell people that The Whopper contained humans and cyanide.

There’s a lot I could go into about this example, especially about troll behavior and the weaknesses of IoT’s reliance on unsecure nodes. I want to highlight that the problem wasn’t about hacking into Burger King or Android systems. There are some concerns with IoT and that sort of hacking, but there’s another problem: Entrepreneurs rely on the web without knowing what 4Chan is or having have never been verbally abused by a stranger for the length of an entire League of Legends match. That is a mistake.

This example also illustrates why IoT hasn’t gotten traction: It’s still a gimmick that breaks often. Even when it works at its best, IoT is a fun and surprising answer to a question no one asked. The best case for Burger King’s commercial is that they surprise a few consumers, but also stir fears about privacy and security in doing so. The success of IoT still hangs on the uncomfortable reality of diminishing personal privacy, and many consumers haven’t completely reconciled leaving the past with entering the future.

The Order 1886 Fails as a Game, IoT Still Fails as a Tech Product

One of the reasons people were so angry about The Order 1886 is that the trailers looked so good. People bought into the promise and the hype, and then it failed to deliver in meaningful ways. Similarly, the more glossy the presentations about IoT get, the more consumers will feel the gap when they don’t experience a meaningful impact as a result of using it.

It’s the applications that go on top of the tech that really matter. Platforms and apps that balance consumer’s emotions about privacy and security will be the only thing that can really bring about the kind of pervasive, omnipresent IoT about which I keep hearing (excited and vague) presentations.

Things that look really good but don’t do anything are called art. Things that do something useful are called products. Usefulness is not the sole factor in a product’s quality or its marketability, but it is important- especially if it wants to be more than a fad or gimmick that ends up with a discount sticker in the bargain bin.

Law Without Accountability is DOOM

St. Thomas Aquinas wrote that there are four essential components to the concept of a law: 1) an ordinance of reason 2) for the common good 3) given by the entity who has charge (or authority) over those subject to the law, and 4) promulgated, so that those subject to the law are aware of the law. For example: It would be an ordinance of reason, for the common good, for government to promulgate rules against turning humans into demonically possessed hellspawn when you are supposed to be mining supernatural energy from the bowels of the underworld. It seems so obvious- so what happened in this year’s reboot of the classic game DOOM?

Aside from a contract with the rulers of hell, it doesn’t look like there’s much law in DOOM. Though there are several types of law from a certain perspective, the absence of common legal structures is both understandable and important.

Lessig’s Four Flavors of Law

In an effort to explain the problem of copyright infringement in the context of the digital era, Lawrence Lessig suggested that there are really four categories of law: statutory (the laws “on the books”), economic (market incentives and disincentives), cultural (social norms, traditions, etc), and architectural (limits of physical possibility). Through this lens, we see an abundance of law in DOOM.  Each of the four main characters presents each of these types of law:

VEGA, the non-judgmental AI Architecture

Created by Hayden, VEGA is an artificial intelligence that monitors and operates the facility. He explains state of affairs and limits of possibility and explains the architectural laws that govern the situation they face. VEGA does not have his own agenda, but only wishes to serve by providing factual information.

“Dr.” Samuel Hayden, Economics and market

The President and CEO of the Union Aerospace Corporation, Hayden is concerned with the economic impacts of the Doom Slayer’s choices. The massive loss of human life at the facility is secondary to his focus on efficiency and scientific progress.

Olivia Pierce: Corporate Cult-ture

The antagonist Olivia creates and enforces cultural law throughout her cult and her corporation. Hologramatic announcements and documents gathered in the game reveal the overlap between Olivia’s demonic cult and the corporate policies and guidelines at the UAC. Presumably, Hayden allowed this culture because it served his economic interests. Olivia maintained this culture because it served her interests of climbing Hell’s social ladder… or descending into Hell’s cesspool. I don’t know how that metaphor works for demons.

The Doom Slayer: Statute, Adjudication, and Enforcement

The Doom Slayer is the embodiment of statutory law. He is there to fix the runaway obsessions of cults and markets. He is there to ensure a fundamental floor of safety. As a bonus, he’s going to take care of the enforcement, too. In the first iteration of Doom, the player was a Marine stationed on Mars as part of a United Nations force. In this year’s version, he is an eternal killer of demons. In both versions, his purpose to ensure the safety of humanity and balance the risks and dangers of the UAC’s activities. His role is both to decide what the rule should be, and then ensure that the rule is followed.

 

Energy Law: Laws of physics, laws of people.

The core principle behind energy law is preventing energy extraction and distribution from wrecking needless destruction. Energy law works closely with limits of science and technology, and recognizes certain risks and dangers that are likely or inherent in certain situations. This is why there are rules about where and how oil companies can drill, or what levels of hazardous emissions are permissible for factories. Laws have to be adapted to the relevant circumstances. Sensible energy policies facilitate the extraction, processing, and use of fuels while minimizing risk and harm to the environment and humanity. In DOOM, this might include regulations and safety measures against unleashing extra-dimensional monstrosities upon mankind.

 

Conclusion: The Need For Enforcement and Monitoring.

Americans tend to fervently and piously believe in law as an institution – and that belief alone goes a long way to creating a stable society. However, the mere existence of a set of laws is not enough to bring order or safety. The laws must also be followed and enforced. Having laws that permit or forbid actions isn’t enough to change how people feel about the subject matter. Without proper enforcement, people will just act in whichever ways seem most convenient.

Upholding the law isn’t just abiding by it individually – it’s also the social effort of maintaining institutions and practices that hold people accountable. That’s why we monitor, audit, and certify. Someone needs to actually go check secret laboratories for secret underground catacombs for ritualistic sacrifices and 10-story high cyberdemons. Rules against opening up transdimensional portals to fulfill blood contracts with demonic powers are an important start, but they are not enough. Even obviously important laws can be ignored, and they are likely to be ignored if there is no enforcement or accountability.

I’m Betting That Overwatch Loot Boxes Aren’t Gambling (under 31 USC 5362)

Disclaimer: As with all of my posts, this is NOT LEGAL ADVICE. This is academic analysis on a subject of law – and I don’t even have a good tool set (WestLaw, Lexis, etc) for that.

1- Introduction: Micro Transactions and Loot Boxes

The business model for free to play games is to include micro-transactions for aesthetic, trivial add-ons. For Counter Strike: Global Offensive, this manifests as the opportunity to pay a few dollars to buy a key to unlock boxes which are randomly distributed during play. Paying to unlock a box gives a play a random chance to receive aesthetic enhancements for a weapon (a “skin”). The rarity of the skins varies widely. Some of the most rare and prized ones are occasionally sold on eBay (or other 3rd party sites) for over $1,000.*

The question is: Are Loot box systems gambling? What about cereal boxes, TCG booster packs, or other things that allow children to participate in contests involving chance?

Some internet-folk grew a discussion thread to eight pages on the Overwatch forums discussing this topic, and not a single one of them reached for a legal definition of the subject at hand. People just talked about how they felt about the subject. Apparently, it takes a law degree to find the first search result on Google. Law has some flexibility – and that makes these questions difficult-, but there are rules, people!

2- What is the Definition of Gambling?

(For simplicity, I removed references to Insurance, Commodities, and Securities.)

31 U.S. Code § 5362 – Definitions

(1)Bet or wager.—The term “bet or wager”—

(A) means the staking or risking by any person of something of value upon the outcome of a contest of others, a sporting event, or a game subject to chance, upon an agreement or understanding that the person or another person will receive something of value in the event of a certain outcome;

[Lotteries and gambling administration]

(E) does not include—

[Insurance, Commodities or Securities]

(viii) participation in any game or contest in which participants do not stake or risk anything of value other than—

(I) personal efforts of the participants in playing the game or contest or obtaining access to the Internet; or

(II) points or credits that the sponsor of the game or contest provides to participants free of charge and that can be used or redeemed only for participation in games or contests offered by the sponsor; or [Fantasy Sports]

3- Analysis: Winning the Gamble Must be Distinct from Winning the Prize

The real key is in part (1)(A): “upon the outcome of a contest of others, a sporting event, or a game subject to chance, upon an agreement or understanding that the person … will receive something of value in the event of a certain outcome.”

Let’s take three examples that are not legally considered gambling: buying TCG booster packs, putting random prizes in cereal boxes, and… *sigh* there are a lot of reasons I don’t want to mention a certain online service that sends subscribers monthly boxes containing a random assortment of goodies… but imagine that such a thing exists.

My best guess** is that the law requires the “certain outcome” and the prize (“receive something of value”) to be two different and distinct things. In the case of cereal boxes and booster packs, the “certain outcome” is the prize. There is a chance of getting a Holographic Charzard, but winning only means getting the Holographic Charzard. You cannot “win” the card without, at the very same time, having the card: winning the prize always already entails having the prize.

In contrast, consider some examples that are legally considered gambling: slot machines, lottery tickets, and blackjack. In each of these cases, the outcome entitles the player to a prize: the slot machine dispenses quarters (“makes it hail”) as a result of the outcome. For a slot machine, the outcome itself is only a sequence of matched cherries or bars; for a TCG booster pack, the outcome of opening a pack is having a stack of cards.

This distinction may seem pedantic or petty, but it allows people to play games of chance without involving money. It allows people to play poker among friends for no money, or to made idle wagers for fun. It allows Disney to sell boxes of figurines with one shrouded “mystery” figurine included and it allows schoolteachers to play “Science Bingo” in class. It’s a tiny distinction that allows a lot of innocent behavior.

4- Application To Loot Boxes

However, there is still an interesting metaphysical investigation required to conclude this legal analysis: is the opening of a loot box like the opening of a booster pack, or is it like playing a slot machine? Is it actually two different events, or only one? Does the computer run the RNG when it is unlocked, and then determine the prize based on the outcome of the RNG? Or does the loot box already “contain” the prize before the opening?

Blizzard already told players not to bother hoarding loot boxes in the hope of getting future skins, because the contents of the box are already determined when the box is given to the player. If this is true (and if my guesswork-analysis is correct) then there is good reason to think that loot boxes are not legally considered gambling under 31 USC 5362.

I don’t know if a judge would actually go to this level of technical granularity, but there has been a long-standing debate about whether electricity should be legally classified as a “good” or as a “service” – and the distinction relies on a scientific understanding of whether you are being given electrons at your home, or just having your electrons vibrated. It seems like the order of operations carried out by a computer program is somewhat of a macro-level question than the movement of sub-atomic particles.

 

*A tiny cottage industry grew out of this: 3rd party websites that allowed people to wager their digital property from Valve’s game. Several of these sites were recently issued cease-and-desist letters after one of them was revealed to be promoting itself under false and misleading pretenses on YouTube.

** I looked around, and was surprised that I didn’t find a case, law review article, or law that dove into this issue with more specificity. I suspect that there has been a case about this, or at least an article – I just don’t have access to a law library right now.

 

UPDATE: I try to add some extra links when the rest of the world catches up to me.

Robot Congress did a podcast on this subject.

The Verge wrote about it.

 

Watching Over Copyrights and Brands, Part II

You can protect a brand in a lot of ways. You can wave the law around like a sword, or hide behind it like a shield. Or you can not worry about using the law to your advantage and just make a product that others can’t top. One of the most fun things about law school was learning about all of the ways around the law – not breaking or circumventing it, but bridging over the gaps and cracks. Gaps and cracks happen most when the law hasn’t kept up with culture or technology, which is where I think the law is most exciting and interesting.

One of the most genius aspects of the overwhelming media hype-package of Overwatch is the way it manages concerns for copyright and trademark infringement. Blizzard achieved a level of branding and promotion that reduces their concerns for infringement. Overwatch is inimitable. That doesn’t make it invulnerable, but it might be the next best thing.

I. “Junk” from “Rats” Can’t Hurt the Bastion of the Marketplace

Even before I ever visited New York City, I knew that people sold cheap, counterfeit Rolexes on the streets. Having this explained to me as a child is also how I heard about Rolex, incidentally – and learned that it was different from Rolo. I always thought it was interesting that everyone knew about this black market for counterfeit goods, but no one seemed extremely worried. I think one reason for the lack of concern is that Rolex knows they won’t go out of business because of cheap knock-offs.

The best games, from the biggest studios­, have less to worry about when their IP is infringed or “heavily borrowed.” Dominating the games market is less about legal force than it is about marketing and loyalty. For one thing, Activision can’t claim copyright over the concept of a military-shooter and force other studios to not make games that compete with Call of Duty. So Activision makes Call of Duty a brand, because brands command loyalty. A given Call of Duty game may be worse in every respect to a competitor’s game, but fans will still choose the inferior product because of its franchise. (This is one of two reasons anyone rooted for the Cubs from 1945- 2015.) Blizzard created something powerful: a genuinely superior product that commands tremendous brand loyalty.

II. Just Palette-Swap For A New Game! Sounds Pharah- don’t you McRee?

Of course, just because no one can succeed in really ripping off Overwatch doesn’t mean people won’t try. League of Legends had this experience, also. Generally, game knockoffs like these are about as much of a concern as e-mails from dispossessed millionaire Nigerian princes. It’s a reprehensible practice that creates clutter and will accidentally trick some people, but they aren’t going to displace the original.

Companies can compete with Overwatch, but they can’t replace it. The entire experience is too complete and interconnected. No parasitic effort can trick a gamer into thinking they have the real deal, no one can deliver a superior version of the same experience, and no one pull more brand loyalty in online gaming.

III. Leaving your Trace[r] Mei Show that You’ve been a [Road]Hog, and You’ll Get No Mercy

Although Blizzard won’t feel the financial impact of the feeble efforts of clones, there are things that can still undermine the game. For example, a company could make an add-on that allows players to cheat at the game. Of course, a company called Bossland did exactly that. Rather than simply ban the players who use this add-on (per violations of EULA and ToS agreements), Blizzard has gone after the makers of the program – who are super proud of what they do.

I am a little bit surprised that they cite copyright infringement in their claim. This is interesting because it seems well outside the scope of traditional copyright law, but copyright law has been slowly evolving in the last decade. I think the technical details of how Bossland’s program interacts with Blizzard’s game could be essential to determining if applying copyright law is appropriate. After the recent ruling in Google v. Oracle, courts are more likely to find infringement just from making two programs talk. (The fair use defense that saved Google is not going to help Bossland.) In this case, it seems extremely likely that Bossland had to access and take (or manipulate) some of Blizzard’s code, which may be enough for infringement. But the ways that 3rd parties can interact with programs is still an interesting question for copyright law to resolve.

Regardless of the copyright claim, I think the other claims made by Blizzard are plenty strong enough to win, so I don’t think a court will end up going into detail about it.