Last week, Librarian of Congress James H. Billington approved new exemptions to the Digital Millennium Copyright Act (DMCA), one of which helps security researchers. Previously, researchers were forbidden under penalty of law to circumvent copyright protection systems on digital media, such as CD-ROMs, even if researchers were simply testing the security of those protection systems. The recent DMCA exemptions now allow researchers to perform security testing against copyright protection systems without risking criminal charges.
Specifically, the new exemption states that circumvention is allowed for "Sound recordings, and audiovisual works associated with those sound recordings, distributed in compact disc format and protected by technological protection measures that control access to lawfully purchased works and create or exploit security flaws or vulnerabilities that compromise the security of personal computers, when circumvention is accomplished solely for the purpose of good faith testing, investigating, or correcting such security flaws or vulnerabilities."
Other exemptions include the ability to circumvent security protection systems on cell phones to make them work with other carriers. The exemptions also include the ability to circumvent security systems that use obsolete dongles, the ability to circumvent eBook security systems to allow "read-aloud" functionality or specialized screen rendering functionality if the eBook doesn't include those features, and the ability to circumvent security on "audiovisual works in the educational library of a college or university's film or media studies department for making compilations of portions of those works for educational use in the classroom by media studies or film professors."