TPP requires countries to destroy security-testing tools (and your laptop)

Under TPP, signatories are required to give their judges the power to "order the destruction of devices and products found to be involved in" breaking digital locks, such as those detailed in this year's US Copyright Office Triennial DMCA Hearing docket, which were used to identify critical vulnerabilities in vehicles, surveillance devices, voting machines, medical implants, and many other devices in our world.


Since the docket opened, we've lived through the recall of 1.4 million jeeps whose steering and braking could be seized by Internet-based attackers and Dieselgate, which saw VW using DRM to hide its emissions-cheating.

TPP allows countries to create security exemptions to the seize-and-destroy rule, but it requires them to enact the rule itself.

The implications go well beyond security of course. Many of us routinely use circumvention tools. For example, you may have installed Handbrake to rip DVDs, or VLC to let you capture streams or watch out-of-region discs. Under this rule, governments must enact legislation allowing court orders to destroy your laptop if you have these programs installed on it.

This means that if you use your laptop to rip a DVD movie, your computer could be seized or even destroyed by authorities, Vivek Krishnamurthy, a cyberlaw instructor at the Berkman Center for Internet and Society at Harvard, told me over the phone. Even more importantly, he said, security researchers—experts who hack cars and other consumer goods to make sure hardware and software is secure—could be prevented from doing their jobs.

Because of this, the “internet of things,” a theoretical future where every device is networked via the internet, could be left in a state of chronic device ecosystem insecurity, Krishnamurthy said.

“What we’re seeing now is that every country in the TPP is going to, in the first instance, prohibit people from checking these devices to see if they work as advertised: if they’re safe, if they’re effective, etcetera,” Krishnamurthy told me. “They’re going to go have to get permission from someone to do that research.”

White Hat Hackers Would Have Their Devices Destroyed Under the TPP
[Jordan Pearson/Vice]