ARTICLES IN THE BOOK
A GUIDE TO WINDOWS VISTA
This article is from:
All text is available under the terms of the GNU Free Documentation License: http://en.wikipedia.org/wiki/Wikipedia:Text_of_the_GNU_Free_Documentation_License
Digital Rights Management (DRM) is an umbrella term that refers to any of several technologies used by publishers or copyright owners to control access to and usage of digital data or hardware, and to restrictions associated with a specific instance of a digital work or device. The term is often confused with copy protection and technical protection measures; these two terms refer to technologies that control or restrict the use and access of digital content on electronic devices with such technologies installed, acting as components of a DRM design.
Digital Rights Management is a controversial topic. Advocates argue DRM is necessary for copyright holders to prevent unauthorized duplication of their work to ensure continued revenue streams. Some critics of the technology, including the Free Software Foundation, suggest that the use of the word "Rights" is misleading and suggest that people instead use the term Digital Restrictions Management. Their position is essentially that copyright holders are attempting to restrict use of copyrighted material in ways not included in the statutory, common law, or Constitutional grant of exclusive commercial use to them. Others, such as the Electronic Frontier Foundation consider some DRM schemes to also be anti-competitive practices, citing the iTunes Store as an example.
DRM vendors and publishers coined the term "digital rights management" to refer to the preventive schemes discussed here; it is limited to digital media because of their special characteristics, especially exact copiability. There is a long history of objection on the part of copyright holders (in modern times often music distributors or broadcasting companies) to copying technology of any kind. Examples have included player piano rolls (early in the 20th century), audio tape recording (after World War II), video tape recording (e.g., in the famous Betamax case in the US), etc. Digital copying raised concerns to a higher pitch. While analog media inevitably loses quality with each copy generation, and in some cases even during normal use, digital media files may be copied an unlimited number of times with no degradation in the quality of subsequent copies. Digital Audio Tape, thought by many observers of the time to be a probable replacement / improvement for the audio cassette, was a market failure in part due to opposition to it on grounds of unauthorized copying potential. The advent of personal computers, the ease of ripping media files from a CD or from radio broadcast, combined with the Internet and popular file sharing tools, have made unauthorized sharing of digital files (often referred to as digital piracy) still easier and has increased still more the worries of the copyrighted content providers.
Although technical controls on the reproduction and use of software have been intermittently common since the 1970s, the term DRM has come to primarily mean the use of these measures to control copyrightable artistic content. Beyond the existing restrictions imposed by copyright law, most DRM schemes are able to enforce additional restrictions at the discretion of the content's publisher, which may or may not be the same entity as the copyright holder. And usually have, as the legal uses permitted in law are hard to match to the technical (ie, in almost all cases cryptographic systems) properties of the various DRM schemes.
DRM schemes are built on numerous technologies, such as modifications to digital media player software to include cryptographic controls on access. Since such implementations can in principle be reverse engineered, and in practice frequently are, they cannot be fully effective as an inherent part of the design. This fact has resulted in a general move toward Mandatory Access Control systems (as opposed to Discretionary access control) in which use restrictions are enforced by firmware (ie, software permanently embedded in hardware), or especially in recent releases of some operating systems, in the heart of the operating system. These software/firmware/embedded hardware controls interact with operating systems, media player software, or both to achieve their DRM goals. However, some implementations of this DRM type are vulnerable to an additional class of attacks, due to the requirement for running on tamper-resistant hardware. There has also been pressure (successful in some places) for legislation and regulation creating new offenses (ie, controlling or prohibiting examination of DRM schemes, or possession of any tools (e.g., software) which might interfere with the operation of a DRM scheme.) An example is the DMCA.
While digital rights management is most commonly used by the entertainment industry (e.g., films and recording), it has found use in other media as well. Many online music stores, such as Apple's iTunes Store, as well as certain e-books producers, have adopted various DRM schemes in recent times. In recent years, a number of television producers have begun demanding implementation of DRM measures to control access to the content of their shows in connection with the popular TiVo time-shifting recorder system, and its equivalents.
An early example of a DRM system is the Content Scrambling System (CSS) employed by the DVD Forum on movie DVDs since circa 1996. The scheme used a simple encryption algorithm, and required device manufacturers to sign a license agreement restricting the inclusion of certain features in their players, such as a digital output which could be used to extract a high-quality digital copy of the movie. Thus, the only consumer hardware capable of decoding DVD movies was controlled, albeit indirectly, by the DVD Forum, restricting the use of DVD media on other systems until the release of DeCSS by Jon Lech Johansen in 1999, which allowed a CSS-encrypted DVD to play properly on a computer using Linux, for which there the Alliance had not arranged for a licensed version of the CSS playing software. An unsuccessful variant of this scheme is the now-defunct DIVX format.
Enterprise Digital Rights Management (E-DRM or ERM) refers to the use of DRM technology to control access to corporate documents (Microsoft Word, PDF, TIFF, AutoCAD files, etc), rather than consumer playable media. The technology usually requires a Policy Server system (typically dedicated hardware running purpose designed software) to authenticate users' rights to access certain documents, but more recently software that does not require this has become available. EDRM vendors include Microsoft, Adobe Systems, EMC Corporation and several smaller companies. There are open source implementations as well. EDRM is generally intended to apply to trade secrets, which are different from copyrighted material (though there is sometimes an overlap as some material is both copyrighted and a trade secret — e.g., the source code for some proprietary software), and for whom the primary issue is industrial or corporate espionage or inadvertent release. In most jurisdictions, there is no notion of fair use for trade secrets as there is for copyrighted material. Trade secrecy confidentiality measures are somewhat less controversial than DRM applied to copyrighted works sold to the public in many copies (e.g., audio or video recordings, texts).
In 2003, DNAML, an Australian Company, developed a combined DRM and payment system referred to as DNL DRM or Shareware eBooks (see samples). Publishers such as Thomson Education, Harper Collins, and Wiley have now adopted the DRM system.
Digital Rights Management systems have generally received some international legal backing by implementation of the 1996 WIPO Copyright Treaty (WCT). Article 11 of the Treaty states that:
"Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention and that restrict acts, in respect of their works, which are not authorized by the authors concerned or permitted by law."
Just which DRM scheme, and which additional restrictions over and above copying are covered by this, is not entirely clear. The WIPO provision is in any case implemented differently in different countries and jurisdictions. The legal protection is for 'effective technological measures', which has been read to preclude DRM systems that do not establish copy-prevention.
The WCT has been implemented in most member states of the World Intellectual Property Organization. The American implementation is the Digital Millennium Copyright Act (DMCA), while in Europe the treaty has been implemented by the 2001 European directive on copyright, which requires member states of the European Union to implement legal protections for technological prevention measures. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.
Problems associated with some well-known DRM schemes include:
The Digital Millennium Copyright Act (DMCA) is an extension to United States copyright law passed unanimously on May 14, 1998, which criminalizes the production and dissemination of technology that allows users to circumvent technical copy-restriction methods, rendering all forms of DRM-stripping and circumvention software illegal, as well as some aspects of research and reverse engineering of existing systems. On 22 May 2001, the European Union passed the EU Copyright Directive, an implementation of the 1996 WIPO Copyright Treaty that addressed many of the same issues as the DMCA.
The DMCA has been largely ineffective in protecting DRM systems, as software allowing users to circumvent DRM remains readily available over the Internet. However, the Act has been used to restrict the spread of such software by inhibiting its distribution and development, as in the case of DeCSS.
The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law's use to prevent or penalize development of anti-DRM measures. While working for Elcomsoft in Russia, he developed The Advanced eBook Processor, a software application allowing users to strip usage restriction information from restricted e-books, an activity legal in both Russia and the United States. Paradoxically under the DMCA it is not legal in the United States to provide such a tool. Sklyarov was arrested in the United States after presenting a speech at DEF CON and subsequently spent several months in jail. The DMCA has also been cited as chilling to legitimate users, such as students of cryptanalysis (including, in a well-known instance, Professor Felten and students at Princeton), and security consultants such as Niels Ferguson, who has declined to publish information about vulnerabilities he discovered in an Intel secure-computing scheme because of his concern about being arrested under the DMCA when he travels to the US.
While DRM systems are ostensibly designed to protect a copyright holder's exclusive right to control copying, after a statutorily-defined period of time any copyrighted work becomes part of the public domain for anyone to use freely. DRM systems currently employed are not time limited in this way, and although it would be possible to create such a system (under compulsory escrow agreements, for example), there is currently no mechanism to remove the copy control systems embedded into works once the copyright term expires and they enter the public domain.
Furthermore, copyright law does not restrict the resale of copyrighted works (provided those copies were made by or with the permission of the copyright holder), so it is perfectly legal to resell a copyrighted work provided a copy is not retained by the seller—a doctrine known as the first-sale doctrine in the US, which applies equally in most other countries under various names. Similarly, some forms of copying are permitted under copyright law, under the doctrine of fair use (US) or fair dealing (many other countries). DRM technology restricts or prevents the purchaser of copyrighted material from exercising their legal rights in these respects.
Moreover, the scope of legal rights cannot, in principle, be fully encoded in technical access/copying restrictions. For example, a photograph generally falls under the copyright of its photographer, and may not be reproduced in an unlimited way by other persons. A photographer wishing to enforce her copyright might employ a DRM scheme for a digital version of the photograph (Corbis is claimed to have done so for the images it licenses) that indicate "may not be copied." However, the photographer might subsequently sign an agreement with another party authorizing such duplication (the reason for doing so is irrelevant to this example). Under law, the moment such an agreement is signed, copying (under the new terms) becomes legal; but the DRM software will not (or at least has not yet, in any case) be adjustable to reflect the new legal reality.
An oft-cited example of DRM overreach is Adobe Systems' release in 2000 of a public domain work, Lewis Carroll's Alice in Wonderland, with DRM controls asserting that "this book cannot be read aloud" and so disabling use of the text-to-speech feature normally available in Adobe's eBook Reader.
DRM has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to substantial numbers of rare (and in many cases unique) documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library's document centre at Boston Spa in England. This is an interesting case, one in which DRM has actually increased public access to restricted material rather than diminished it.
An example of such a DRM system is one currently being used on books from multiple publishers by VitalSource Technologies, Inc. (purchased by Ingram Industries in the summer of 2006). Books using this system (called VitalBooks) are used by many American Dental Schools (e.g., New York University College of Dentistry) and are included on many educational computers sold by IBM/Lenovo, Apple Computer, and other computer makers. The textbooks are delivered by pre-installing them on the hard drive, via download, or on DVD (or via some other media) which students purchase instead of printed versions. Some schools require use of the electronic books as part of their instructional system. The VitalBook titles are readable only on a computer the user has authorized, and can be transferred to other systems. The titles are owned by the user and fully functional with printing and copy/paste capabilities, and some other specific features. Some titles have 'expired' with the student's graduation.
Some DRM advocates have taken the position that the operational contexts and design goals of DRM (e.g. computer security, software engineering, and cryptographic system design and implementation) are sufficiently well understood that it is already possible to achieve those desired ends without causing unrelated problems for users or their computers.
Others have taken the position that creators of digital works should have the power to control the distribution or replication of copies of their works, and to assign control over such copies to others. Without this power, they argue, there will be a chilling effect on creative efforts in the digital space. This has been the underlying argument for copyright in traditional creative media, and is extended to the digital space. DRM is one means by which creators of digital works may exercise this power.
A similar view states that with DRM's advent has come the first time large-scale digital distribution has been reasonably achievable, which proponents claim to be a benefit both to content creators and their customers that far outweighs any problems that arise. This argument cannot be applied to some physical media, however, as such media are in many respects similar to traditional (analog) media.
Furthermore, advocates of DRM believe that its opponents advocate the rights of hardware and media owners, but at the expense of the privileges of artists and those who have acquired copyright in their creations. On this account, consumers of hardware and media voluntarily and knowingly agree to the grant of limited use of the content exhibited using their physical media. This is one of the underlying reasons for the novel terms of many licenses to which end users must agree at purchase. The term 'shrinkwrap license' has come to be applied to these, especially for consumer media copies (i.e. of music on a CD or a video production on a DVD).
Many organizations, prominent individuals, and computer scientists are opposed to DRM. Two notable DRM critics are John Walker, as expressed for instance, in his article The Digital Imprimatur: How big brother and big media can put the Internet genie back in the bottle, and Richard Stallman notably in his article The Right to Read and in other public statements "DRM is an example of a malicious feature - a feature designed to hurt the user of the software, and therefore, it's something for which there can never be toleration". Professor Ross Anderson of Cambridge University heads a British organization which opposes DRM and similar efforts in the UK and elsewhere.
The Electronic Frontier Foundation and similar civil rights organizations, including FreeCulture.org, http://boycott-riaa.com and http://www.ihatedrm.com, also hold positions which are characterized as opposed to DRM.
The Foundation for a Free Information Infrastructure criticizes DRM's impact as a trade barrier from a free market perspective.
To date, the first two draft versions of the GNU General Public License version 3 released by the Free Software Foundation, prohibit using DRM to restrict free redistribution and modification of works covered by the license, and has a clause stating that the license's provisions shall be interpreted as disfavoring use of DRM. Also, in May 2006, the FSF launched a "Defective by Design" campaign against DRM.
Free Creations has published a license against DRM: Against DRM 2.0.
Creative Commons provides licensing options encouraging the expansion of and building upon creative work without the use of DRM.
In France, in order to inform consumers about DRM, the citizen group StopDRM is regularly organizing protests at such as Virgin Records or La Fnac. There have been such protests in many cities.
As already noted, many DRM opponents consider Digital Rights Management to be a misnomer. They argue that DRM manages rights (or access) the same way prison manages freedom. A common alternative is Digital Restrictions Management. Alternatively, ZDNet Executive Editor David Berlind suggests, as still more appropriate, the term Content Restriction, Annulment and Protection or CRAP for short.
The use of DRM may also be a barrier to future historians, since technologies designed to permit data to be read only on particular machines, or with particular keys, or for certain periods, may well make future data recovery impossible - see Digital Revolution. This argument connects the issue of DRM with that of asset management and archive technology.
DRM opponents argue that the presence of DRM infringes existing private property rights and restricts a range of heretofore normal and legal user activities. A DRM component would control a device a user owns (such as an MP3 player) by restricting how it may act with regards to certain content, overriding some of the user's wishes (for example, preventing the user from burning a copyrighted song as part of a compilation or a review). An example of this effect may be seen in Microsoft's Windows Vista operating system in which content is disabled or degraded depending on the DRM scheme's evaluation of whether the hardware and its use are 'secure'. All forms of DRM depend on the DRM enabled device (e.g., computer, DVD player, TV) imposing restrictions that cannot be disabled or modified by the user. The Green Party's Principal Speaker, Sian Berry, has noted that "We all need to think a little beyond the sheen of unscratched iPods and think how consumers and muscians will feel in a few years time when they are de-facto locked into a single format by a single vendor. It's time to act to guarantee interoperability of DRM formats in order to protect consumer and muscians's rights."
On February 6, 2007, in an open letter posted on the Apple website entitled Thoughts on Music, Steve Jobs called for the abolishment of DRM in digital music, effectively counting himself among DRM's detractors. As the CEO of the largest online music distributor in the world, Mr. Jobs' statement could have huge implications for the future of the music industry, especially the "Big Four:" Universal, Sony BMG, EMI and Warner (whom he explicitly charges with the responsibility of discarding the technology).
Tools have been created to strip Windows Media of DRM restrictions. An example being FairUse4WM
Ken Fisher points to evidence that DRM has little to do with piracy, as most pirates are not individuals with a computer, but organizations with access to a media duplicating plant and employing skilled staff; he cites evidence suggesting that its "sole purpose is to maximize revenues by minimizing your rights so that they can sell them back to you."
In 2002 Bertelsmann (the record companies BMG, Arista and RCA) were the first to use DRM on audio CDs. Initially this was done on promotional CDs; later all CDs from these companies included at least some DRM. Other record companies also started using DRM as well.
However, these CDs could not be played on all devices that were intended to do so, including some car CD players. Many people could no longer play CDs they had purchased on their computers. Computers running Windows would sometimes crash when people attempted to play such CDs, and many of the CDs could not be played on computers at all. Later on, all CDs from those companies were deliberately DRM'ed to deter playing on computers at all. In 2005, Sony BMG's DRM technology installed 'DRM' software without notification or confirmation; among other things, the installed software included a rootkit, reducing security on that computer to nothing. This created security vulnerabilities others could exploit, and when the nature of the DRM involved was made public, Sony eventually recalled millions of CDs. Several class action lawsuits were begun.
Consumer rights organizations have complained that people could not exercise their legal rights, such as copying CDs for their own private use (including backups and personal re-mixes).
It also did not prevent copying. The DRM software had to be renewed constantly to fight cracking, yet this basic goal never succeeded. For example, the Sony DRM technology created fundamental vulnerabilities in consumer's computers, yet could be trivially bypassed by holding down the "shift" key while inserting the CD, or disabling the autorun feature. And of course, the audio could be played and re-recorded, completely bypassing all of the DRM.
By January 2007 EMI stopped publishing audio CDs with DRM, stating that "the costs of DRM do not measure up to the results". EMI was the last publisher to do so; audio CDs containing DRM are no longer released by the major publishers.
Many online music stores employ DRM to restrict the usage of music purchased and downloaded online. There are many options for consumers buying digital music over the internet, in terms of both stores and purchase options. Two examples of music stores and their functionality follow:
For a more complete list, see the Online music stores category. For a more complete comparison see Comparison of online music stores.
Designers of each of the DRM systems wish the content to be permanently tied to the DRM controls. Thus far, it has been possible for reverse engineering to discover a way to separate the DRM controls from the content, after which a consumer can in the case of music, convert the content into another format, such as MP3 or Ogg Vorbis, both of which are DRM free. many observers believe that it is not possible to prevent this, and is regarded as a flaw in DRM systems by content providers.
The various services are currently not interoperable, though those that use the same DRM scheme (for instance the several Windows Media DRM format stores, including Napster) all provide songs that can be played side by side through the same player program. Almost all stores require client software of some sort to be downloaded, and some also need plug-ins. Several colleges and universities, such as Rensselaer Polytechnic Institute, have made arrangements with assorted Internet music suppliers to provide access (typically DRM-restricted) to music files for their students, to less than universal popularity, sometimes making payments from student activity fee funds. One of the problems is that the music becomes unplayable after leaving school, unless the student continues to pay individually. Another is that few of these vendors are compatible with the most common portable music player, the Apple iPod. The Gowers Review of Intellectual Property (to HMG in the UK; 141 pages, 40+ specific recommendations) has, inter alia, taken note of the incompatibilities, and suggests (Recommendations 8 -- 12) that there be explicit fair dealing exceptions to copyright allowing libraries to copy and format-shift between DRM schemes, and further allowing end users to do the same privately. If adopted, some of the acrimony may decrease.
Although DRM is prevalent for Internet music, some Online music stores such as eMusic, Audio Lunchbox, and Anthology recordings do not use DRM. Major labels have begun releasing more online music without DRM. Eric Bangeman suggests in Ars Technica that this is because the record labels are "slowly beginning to realize that they can't have DRMed music and complete control over the online music market at the same time... One way to break the cycle is to sell music that is playable on any digital audio player. eMusic does exactly that, and their surprisingly extensive catalog of non-DRMed music has vaulted it into the number two online music store position behind the iTunes Store." Apple's Steve Jobs has called on the music industry to eliminate DRM in an open letter titled Thoughts on Music Furthermore, according to USA Today, EMI is in talks to start selling music on said resources without DRM, saying that such moves would increase sales, with other music labels mentioning similar plans, with only Warner Music reenforcing their DRM support.
Several DRM schemes have been implemented. Many see them as "abuse" of copyright, while DRM proponents have seen them as a "reasonable balance of consumer concerns and artist rights."
Copyright law has been defined in terms of general definitions of infringement in any concrete medium. This classic approach focused such law on whether or not there is infringement, rather than focus on particular engineering techniques. Legislators have in several instances chosen not to prohibit new technologies (for example, piano rolls, radio broadcasting, and audio tape recording have not been prohibited, and in fact endorsed by inclusion in copyright legislation or the Courts in the U.S.). Critics of DRM assert that detecting and prosecuting infringement within the social and legal system avoids a legacy of outlawing generic, universal, popular, widespread, useful, and possibly uncontrollable in any case, engineering techniques in response to specific misuses.
In Europe, there are several dialog activities that are uncharacterized by its consensus-building intention:
The European Community was expected to produce a recommendation on DRM in 2006, phasing out the use of levies (compensation to rights holders charged on media sales for lost revenue due to unauthorized copying) given the advances in DRM/TPM technology. However, opposition from the member states, particularly France, have now made it unlikely that the recommendation will be adopted.
Categories: Articles with unsourced statements since February 2007 | All articles with unsourced statements | Articles with unsourced statements since March 2007 | Business law | Copyright law | Cryptography law | Digital rights management