DRM and its side-effects
From Blindside
Contents |
[edit] What is it
Digital Rights Management (DRM) is an umbrella term referring to technologies used by publishers or copyright owners to control access to or usage of digital data or hardware, and to restrictions associated with a specific instance of a digital work or device. The term is often confused with copy protection and technical protection measures, which refer to technologies that control or restrict the use and access of digital content on electronic devices with such technologies installed, acting as components of a DRM design. (source - Wikipedia)
[edit] Impact & Maturity assessment
We assign this an Impact Level of 1, as the commercial environment is rapidly moving away from DRM on published work without intervention by statute or regulation. Concepts such as the Creative Commons license are allowing a more flexible ringfencing of intellectual property, further reducing the need for DRM. We assign this a Maturity Level of 3, due to the existence of a robust competitive playing field, established regulatory bodies and a considerable body of relevant case law.
The separate issue of software licensors gaining access to personal computers and information under the pretext of installing updates is important and of concern to public sector users, but corporate firewalls and correct business rules should be able to stop this.
[edit] Information Assurance issues
Potential Information Assurance issues related to DRM & DRM systems:
- Reported instances of installed DRM software taking priority over other programs in order to perform efficiently.
- End-user license agreements clauses that give companies the right to change agreements whenever the need arises. This happened with Apple computer users, when the company changed the allowable times a user can burn a song to a CD from ten to seven without the users knowing it
- DRM may put end-user personal information at risk by sending information back to the manufacturer or the company where the DRM originators and compromise system security. Instances have been reported of Microsoft’s Windows Genuine Advantage Antipiracy program, released as update to Windows Editions compromised system security features.
- DRM may result in privacy risks and prevent anonymous consumption of content if manufacturers or content owners insist on consumers identifying themselves. Linking identity to content consumption may also impact trade negatively if consumers refrain from buying content fearing privacy risks.
- DRM is said to being used to log information on content used by users. If this is used to profile consumers of content, content owners, may in the future, may use the information to facilitate discrimination in terms of price by adjusting the price of the content based on the consumers identity and the consumers past choices which indicate purchasing power directly or indirectly.
- DRM systems may be designed to damage users’s system if files are being used illegally.
[edit] Timescale
The Impact of DRM on Information Assurance is being felt now. This is evident in the following examples:
- Sony being sued over copy-protected CDsfor using a software copy protection system which is hidden using virus-like techniques that may potentially provide hackers with a ready-made toolfor masking attacks.
[edit] Examples
- Fairplay is a DRM technology created by Apple and built into the QuickTime multimedia software and used by the iPod, iTunes, and iTunes Store.
- Protected Media Pathin Microsoft Vista
- Napster music store, which offers a subscription based approach to DRM alongside permanent purchases. Users of the subscription service can download and stream an unlimited amount of music encoded to Windows Media Audio (WMA) while subscribed to the service. But as soon as the user misses a payment the service renders all music downloaded unusable. Napster also charges users who wish to use the music on their portable device an additional $5 per month. Furthermore, Napster requires users to pay an additional $.99 per each track to burn a track to CD or to listen to the track after the subscription expires. Songs bought through Napster can be played on players carrying the Microsoft PlaysForSure logo (which, notably, do not include iPod players or Microsoft's own Zune). (Source Wikipedia)
[edit] Comments (attributed)
Richard Stallman calls DRM digital restrictions management and is implacably opposed to it.
The Royal Academy of Engineering in their recent report Dilemmas of Privacy and Surveillance noted potential beneficial uses of DRM
Research could be pursued into the possibility of using Digital Rights Management (DRM) technology to protect personal information (Attributed to Mr Jerry Fishenden's discussion at the Digital Identity Forum, November 2006). DRM technology is used primarily for music sold over the Internet. The music files that are downloaded have software attached to them which puts limitations on the use that can be made of those files – for example, limiting the number of times that the files can be copied, limiting the number of devices that the files can be copied to or limiting the amount of time that the file can be stored for. Applying this technology to information posted on the Web could allow information to be posted for limited amounts of time, or could allow information to be publicly available on the Web but not copied by others - meaning that the author of the information had control over the amount of time for which it was available, and could also rule out the possibility of the information being altered. Thus it could be used to protect the authors of blogs and the users of social networking sites.(p40 + additional discussion)
Bill Gates on Blu-Ray being "anti-consumer" in the Daily Princetonian
[edit] Organisations
Recording Industry Association of America (RIAA)
The Free Software Foundation and its campaign DefectiveByDesign.org
All Party Parliamentary Internet Group
[edit] Documents & research papers
Digital Rights Management (DRM) Architectures
Lessons from the Sony CD DRM Episode
