And now, a few disparaging words about the Digital Millennium Copyright Act (DMCA) and especially the bills, passed by some states and under consideration in many more, to extend it — the so-called “DMCA 2” laws.

Yes, I’m incorporating a political perspective into this column, as I did a couple of weeks ago in the context of Oracle’s attempted acquisition of PeopleSoft. In response to those who encourage me to “leave politics out of it” … I didn’t put politics into IT in the first place. It’s there, and hard to ignore in situations like this.

The DMCA and DMCA 2 aren’t, at their core, liberal/conservative or Democrat vs Republican issues. They’re part of something more serious and pernicious: The increased influence of large corporations on the conduct of government, and correspondingly decreased influence of private citizens and small corporations.

Plenty of others have brought up DMCA 2, and I have nothing original to add to the discussion. If you haven’t paid attention, the claimed purpose of these laws is to make it even more difficult to pirate works of entertainment; the apparent purpose is to further restrict the rights of consumers to treat items they’ve purchased as something they actually own; and the reality of how they’re written would make firewalls and network address translation illegal.

Contact your state legislature and (if your company has them) lobbyists and tell them to kill this bad boy. While you’re at it, tell them to muzzle Orin Hatch and shoot dead his harebrained idea to let media companies remotely sabotage PCs they suspect contain pirated music. Talk about a great way to make the life of a CIO miserable …

The DMCA itself has less impact on working CIOs. Other than its linkage to the Windows XP end-user license agreement — the part that allows Microsoft to update your operating system without your knowledge or permission — there isn’t a lot in it that affects you as head of IT.

Except that it sets a bad example for CIOs. Why?

Think about what the DMCA does. In the long run, it will harm existing entertainment conglomerates more than it harms consumers, for two reasons. The first is that while the illegal duplication of music is a real issue, trying to counter advances in technology with legislation is, in the long run, self defeating. At some point existing entertainment companies will find themselves simply irrelevant, made obsolete by technologies they refused to embrace.

The bigger problem is the mis-match between what the recording industry wants to sell and what customers want to buy. The recording industry is selling CDs — physical collections sold in retail stores. Many of their customers want singles, and they want them downloadable. Even those who prefer to buy honestly have a hard time doing so.

There are a few new websites in this business. If they’re connected to the major labels or retailers, the connection is well-hidden. Regardless, I wish them well — they’re the right response to the problem. Buying legislative protection from Congress is the wrong one.

We’re in an age in which many businesses have extended their range of strategic options beyond winning in the marketplace. They pursue legislative and legal avenues rather than adapting their products and services to marketplace preferences and technological innovation, and they succeed. Their success has made them lazy.

Especially from advocates of “limited government,” as most large corporations are (or at least they are when the subject is paying for government), asking the government to protect them when they could be developing their own technology and strategies to protect themselves sounds pretty whiny to yours truly.

All of which may be interesting, but hardly an issue for IT departments. Except that it parallels similar, and similarly unhealthy trends found in far too many corporate environments.

The DMCA sounds to me a lot like the desktop lock-down policies advocated by many IT leaders. The music industry is trying to use legislation to prevent customers from getting what they want through other channels instead of finding a way to remain the supplier of choice. What is desktop lock-down? Many CIOs are either unable or unwilling to understand what end-users are trying to accomplish. Instead of finding ways to make working with IT preferable to bypassing it, they use the corporate policy manual … legislation … to prevent end-users from taking full advantage of information technology.

The music industry has told its customers, “We think you’re a bunch of thieves, so we’re combining legislation to increase the penalty for theft with technologies designed to prevent you from getting what you want.”

What are these CIOs saying to their end-users? The same thing: “We think you’re a bunch of corporate miscreants, so we’re combining policies that increase the penalty for misusing your PCs (with misuse being up to us to define) with technologies designed to prevent you from doing your job the way you think is best.”

The DMCA sets a bad example. Some CIOs have embraced it. Don’t be one of them.

We used to say, “Quicker, cheaper, better … pick two.” Then process re-engineering came along, promising improvements in all three through the magic of being more insightful than those who built the current process. Sometimes re-engineering succeeds. Sometimes it does more harm than good, in part because, as discussed in this space over the last two weeks, neither quicker nor cheaper consists of just one measure. While “Shorter cycle time, higher throughput, lower overhead, reduced unit cost, and better … pick a few,” sounds dull, it’s more likely to keep you out of trouble than its snappier predecessor.

Quicker and cheaper are each multiple measures. How about “better” — is that just one measure, or is it more?

From the perspective of any given process, it really is just one measure. Quality (“better”) means adherence to specifications.

A process is a factory, producing a large number of items which are supposed to be identical in one or more respects. If your goal is to improve a process — perhaps the most common objective of any IT-related project — then improving process quality mean its outputs more closely meet specifications.

Not every activity in a business is a process, though. A lot of time and energy goes into figuring out what specifications the company’s processes must meet. “Better” in this sense can’t be constrained by any simple, single measure.

How does this relate to IT? It isn’t a new point, but it bears repeating: Nobody cares if the software works, only if the business has changed successfully. That means IT needs to be able to lead business improvement efforts, which in turn means understanding how to make the business “better” in all senses of the term — adherence to specifications, and choosing the right specifications in the first place.

So … specifications have two major sources. The first are customers — people who make buying decisions about our company’s products and services. Customer-driven specifications are a matter of aesthetics.

Aesthetic specifications are never right or wrong in any objective sense — all they can do is match the tastes of the customers we’ve decided to target. The specifications for a Lamborghini Gallardo, which are all about speed, handling, acceleration, and looking very, very cool, are neither more nor less right than those for the Toyota Prius, which emphasize price, reliability, and incredible gas mileage. Two different groups of customers, two different entirely right specifications.

The other source of specifications is competition … winning and losing. What determines whether your company wins? There’s no simple formula.

Think baseball: Some teams win on pitching, some on rallies, and some on home runs. Different strategies work better against different opponents, except, of course, that all strategies beat the Cubs … but I digress.

Think chess: Some players emphasize positional chess, building unassailable formations from which they can launch attacks; others concentrate on combinations — surprising sequences that win by tricking an opponent into making a mistake. Which is better depends on who you’re playing.

In military doctrine, as my friend Curt Sahakian, president of the Corporate Partnering Institute, reminds me from time to time, maneuver warfare holds the current key to success. It works through a process-like formula called the OODA loop (observation, orientation, decision, and action) developed by Colonel John Boyd after the Vietnam War debacle.

Whichever side has the faster OODA loops generally wins. Which doesn’t, however, mean the process of developing competitive “specifications” has been reduced to a predictable, repeatable process.

Far from it. Speeding up your OODA loops only works when the accuracy of observation and orientation, and the suitability of decisions and action, don’t suffer.

If this weren’t the case, any decision made quickly enough would win, as would action no matter how sloppily executed. But that isn’t the case.

For while indecision almost always leads to failure, the world has no shortage of stupid losers whose only ability is to make snap decisions without first understanding the situation.

And while failing to act guarantees losing even more than failing to decide, taking action certainly doesn’t guarantee winning. It’s the ability to execute that in the end makes the difference.

Want another description of the ability to execute? It’s having the discipline to make sure you adhere to the specifications that are, after all, the products of worthwhile decisions.