The key to achieving this is anticircumvention rules, which were first mandated in 1996 via a pair of international copyright treaties.15 Developed in response to fears from rights holders that the easy copying and distribution facilitated by the internet might destroy their business models, the treaties require member countries to prohibit the bypass of technological measures that are designed to protect against copyright infringement. Such measures, usually called “digital rights management” (DRM), are supposed to guard against unauthorized copying, and indeed the treaty drafters carefully limited the scope of the obligation to just that, with the WIPO Copyright Treaty expressly specifying that the obligation didn’t “go further than the scope of copyright.”16 But that limitation was almost universally ignored by countries that implemented the treaty. The US version, contained in section 1201 of the Digital Millennium Copyright Act (DMCA), makes it a crime—punishable by a five-year prison sentence and a $500,000 fine for a first offense—to tamper with a software-based lock that restricts access to a copyrighted work. This is broader than what was required, as it does not distinguish between tampering with locks for legal or illegal purposes. Instead, once there’s a lock in place that controls access to a copyrighted work, the lock itself becomes sacrosanct.