DRM ( Digital rights management )
Digital rights management (DRM) is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that are not desired or intended by the content provider. Copy protection which can be circumvented without modifying the file or device, such as serial numbers or keyfiles are not generally considered to be DRM. DRM also includes specific instances of digital works or devices. Companies such as Amazon, AOL, Apple Inc., the BBC, Microsoft and Sony use digital rights management. In 1998 the Digital Millennium Copyright Act (DMCA) was passed in the United States to impose criminal penalties on those who make available technologies whose primary purpose and function is to circumvent content protection technologies.
The use of digital rights management is controversial. Content providers claim that DRM is necessary to fight copyright infringement online and that it can help the copyright holder maintain artistic control or ensure continued revenue streams. Those opposed to DRM contend there is no evidence that DRM helps prevent copyright infringement, arguing instead that it serves only to inconvenience legitimate customers, and that DRM helps big business stifle innovation and competition. Further, works can become permanently inaccessible if the DRM scheme changes or if the service is discontinued. Proponents argue that digital locks should be considered necessary to prevent "intellectual property" from being copied freely, just as physical locks are needed to prevent personal property from being stolen.
Digital locks placed in accordance with DRM policies can also restrict users from doing something perfectly legal, such as making backup copies of CDs or DVDs, lending materials out through a library, accessing works in the public domain, or using copyrighted materials for research and education under fair use laws. Some opponents, such as the Free Software Foundation (FSF) through its Defective by Design campaign, maintain that the use of the word "rights" is misleading and suggest that people instead use the term "digital restrictions management". Their position is that copyright holders are restricting the use of material in ways that are beyond the scope of existing copyright laws, and should not be covered by future laws. The Electronic Frontier Foundation (EFF) and the FSF consider the use of DRM systems to be anti-competitive practice.[spaces:0][spaces:0]
DRM technologies attempt to give control to the seller of digital content or devices after it has been given to a consumer. For digital content this means preventing the consumer access, denying the user the ability to copy the content or converting it to other formats. For devices this means restricting the consumers on what hardware can be used with the device or what software can be run on it. Long before the arrival of digital or even electronic media, copyright holders, content producers, or other financially or artistically interested parties had business and legal objections to copying technologies. Examples include: player piano rolls early in the 20th century, audio tape recording, and video tape recording (e.g., the "Betamax case" in the U.S.). Copying technology thus exemplifies a disruptive technology.
The advent of digital media and analog/digital conversion technologies, especially those that are usable on mass-market general-purpose personal computers, has vastly increased the concerns of copyright-dependent individuals and organizations, especially within the music and movie industries, because these individuals and organizations are partly or wholly dependent on the revenue generated from such works. While analog media inevitably loses quality with each copy generation, and in some cases even during normal use, digital media files may be duplicated an unlimited number of times with no degradation in the quality of subsequent copies. The advent of personal computers as household appliances has made it convenient for consumers to convert media (which may or may not be copyrighted) originally in a physical/analog form or a broadcast form into a universal, digital form (this process is called ripping) for location- or timeshifting. This, combined with the Internet and popular file sharing tools, has made unauthorized distribution of copies of copyrighted digital media (digital piracy) much easier.
DRM technologies enable content publishers to enforce their own access policies on content, like restrictions on copying or viewing. In cases where copying or some other use of the content is prohibited, regardless of whether or not such copying or other use is legally considered a “fair use”, DRM technologies have come under fire. DRM is in common use by the entertainment industry (e.g., audio and video publishers). Many online music stores, such as Apple Inc.'s iTunes Store, as well as many e-book publishers also use DRM, as do cable and satellite service operators to prevent unauthorized use of content or services.
Common DRM techniques
Digital Rights Management Techniques include:
Restrictive Licensing Agreements: The access to digital materials, copyright and public domain are controlled. Some restrictive licenses are imposed on consumers as a condition of entering a website or when downloading software.
Encryption, Scrambling of expressive material, and embedding of a tag: This technology is designed to control access and reproduction of online information. This includes backup copies for personal use.
DRM and film
An early example of a DRM system was the Content Scrambling System (CSS) employed by the DVD Forum on film DVDs ca. 1996. CSS uses an encryption algorithm to protect content on the DVD disc. Manufacturers of DVD players must license this technology and implement it in their devices so that they can unlock the protected content and play it. The CSS license agreement includes restrictions on how the DVD content is played, including what outputs are permitted and how such permitted outputs must be protected. This keeps the chain of protection intact as the video material is played out to a TV. In 1999, Jon Lech Johansen released an application called DeCSS which allowed a CSS-encrypted DVD to play on a computer running the Linux operating system, at a time when no licensed DVD player application for Linux had yet been created.
Microsoft's Windows Vista contains a DRM system called the Protected Media Path, which contains the Protected Video Path (PVP). PVP tries to stop DRM-restricted content from playing while unsigned software is running in order to prevent the unsigned software from accessing the content. Additionally, PVP can encrypt information during transmission to the monitor or the graphics card, which makes it more difficult to make unauthorized recordings.
Advanced Access Content System (AACS) is a DRM system for HD DVD and Blu-ray Discs developed by the AACS Licensing Administrator, LLC (AACS LA), a consortium that includes Disney, Intel, Microsoft, Matsushita (Panasonic), Warner Brothers, IBM, Toshiba and Sony. In December 2006 a process key was published on the internet by hackers, enabling unrestricted access to AACS-protected HD DVD content. After the cracked keys were revoked, further cracked keys were released.
Marlin (DRM) is a technology that is developed and maintained in an open industry group known as the Marlin Developer Community (MDC) and licensed by the Marlin Trust Management Organization (MTMO). Founded in 2005 by five companies: Intertrust, Panasonic, Philips, Samsung, and Sony, Marlin DRM has been deployed in multiple places around the world. In Japan the acTVila IPTV service uses Marlin to protect video streams, which are permitted to be recorded on a DVR in the home. In Europe, Philips NetTVs implement Marlin DRM. Also in Europe, Marlin DRM is required in such industry groups as the Open IPTV Forum and national initiatives such as YouView in the UK, Tivu in Italy, and HDForum in France, which are starting to see broad deployments.
DRM and television
The CableCard standard is used by cable television providers in the United States to restrict content to services to which the customer has subscribed.
The broadcast flag concept was developed by Fox Broadcasting in 2001 and was supported by the MPAA and the U.S. Federal Communications Commission (FCC). A ruling in May 2005 by a US Court of Appeals held that the FCC lacked authority to impose it on the TV industry in the US. It required that all HDTVs obey a stream specification determining whether or not a stream can be recorded. This could block instances of fair use, such as time-shifting. It achieved more success elsewhere when it was adopted by the Digital Video Broadcasting Project (DVB), a consortium of about 250 broadcasters, manufacturers, network operators, software developers, and regulatory bodies from about 35 countries involved in attempting to develop new digital TV standards.
An updated variant of the broadcast flag has been developed in the Content Protection and Copy Management group under DVB (DVB-CPCM). Upon publication by DVB, the technical specification was submitted to European governments in March 2007. As with much DRM, the CPCM system is intended to control use of copyrighted material by the end-user, at the direction of the copyright holder. According to Ren Bucholz of the EFF, which paid to be a member of the consortium, "You won't even know ahead of time whether and how you will be able to record and make use of particular programs or devices". The DVB claims that the system will harmonize copyright holders' control across different technologies, thereby making things easier for end users. The normative sections have now all been approved for publication by the DVB Steering Board, and will be published by ETSI as a formal European Standard as ETSI TS 102 825-X where X refers to the Part number of specification. Nobody has yet stepped forward to provide a Compliance and Robustness regime for the standard (though several are rumoured to be in development), so it is not presently possible to fully implement a system, as there is nowhere to obtain the necessary device certificates.
DRM and music
Discs with digital rights management schemes are not legitimately standards-compliant Compact Discs (CDs) but are rather CD-ROM media. Therefore they all lack the CD logotype found on discs which follow the standard (known as Red Book). Therefore these CDs could not be played on all CD players. Many consumers could also no longer play purchased CDs on their computers. Personal computers running Microsoft Windows would sometimes even crash when attempting to play the CDs.
In 2005, Sony BMG introduced new DRM technology which installed DRM software on users' computers without clearly notifying the user or requiring confirmation. Among other things, the installed software included a rootkit, which created a severe security vulnerability others could exploit. When the nature of the DRM involved was made public much later, Sony BMG initially minimized the significance of the vulnerabilities its software had created, but was eventually compelled to recall millions of CDs, and released several attempts to patch the surreptitiously included software to at least remove the rootkit. Several class action lawsuits were filed, which were ultimately settled by agreements to provide affected consumers with a cash payout or album downloads free of DRM.
Sony BMG's DRM software actually had only a limited ability to prevent copying, as it affected only playback on Windows computers, not on other equipment. Even on the Windows platform, users regularly bypassed the restrictions. And, while the Sony BMG DRM technology created fundamental vulnerabilities in customers' computers, parts of it could be trivially bypassed by holding down the "shift" key while inserting the CD, or by disabling the autorun feature. In addition, audio tracks could simply be played and re-recorded, thus completely bypassing all of the DRM (this is known as the analog hole). Sony BMG's first two attempts at releasing a patch which would remove the DRM software from users' computers failed.
In January 2007, EMI stopped publishing audio CDs with DRM, stating that "the costs of DRM do not measure up to the results." Following EMI, Sony BMG was the last publisher to abolish DRM completely, and audio CDs containing DRM are no longer released by the four record labels.
Nokia corporation uses DRM protection with all the preloaded content distributed with each Nokia device.
Many online music stores employ DRM to restrict usage of music purchased and downloaded online.
- Prior to 2009, Apple's iTunes Store utilized the FairPlay DRM system for music. Apple did not license its DRM to other companies, so only Apple devices could play iTunes music. In May 2007, EMI tracks became available in iTunes Plus format at a higher price point. These tracks were higher quality (256 kbps) and DRM free. In October 2007, the cost of iTunes Plus tracks was lowered to US$0.99. In April 2009, all iTunes music became available completely DRM free. (Videos sold and rented through iTunes, as well as iOS Apps, however, were to continue using Apple's FairPlay DRM.)
- Napster music store offers a subscription-based approach to DRM alongside permanent purchases. Users of the subscription service can download and stream an unlimited amount of music transcoded to Windows Media Audio (WMA) while subscribed to the service. But when the subscription period lapses, all of the downloaded music is unplayable until the user renews his or her subscription. Napster also charges users who wish to use the music on their portable device an additional $5 per month. In addition, Napster gives users the option of paying an additional $0.99 per track to burn it to CD or for the song to never expire. Music bought through Napster can be played on players carrying the Microsoft PlaysForSure logo (which, notably, do not include iPods or even Microsoft's own Zune). As of June 2009, Napster is offering DRM free MP3 music, which can be played on iPhones and iPods.
- Wal-Mart Music Downloads, another online music download store, charges $0.94 per track for all non-sale downloads. All Wal-Mart, Music Downloads are able to be played on any Windows PlaysForSure marked product. The music does play on the SanDisk's Sansa mp3 player, for example, but must be copied to the player's internal memory. It cannot be played through the player's microSD card slot, which is a problem that many users of the mp3 player experience.
- Sony operated an online music download service called "Connect" which used Sony's proprietary OpenMG DRM technology. Music downloaded from this store (usually via Sony's SonicStage software) was only playable on computers running Microsoft Windows and Sony hardware (including the PSP and some Sony Ericsson phones).
- Kazaa is one of a few services offering a subscription-based pricing model. However, music downloads from the Kazaa website are DRM-protected, and can only be played on computers or portable devices running Windows Media Player, and only as long as the customer remains subscribed to Kazaa.
The various services are currently not interoperable, though those that use the same DRM system (for instance the several Windows Media DRM format stores, including Napster, Kazaa and Yahoo Music) all provide songs that can be played side-by-side through the same player program. Almost all stores require client software of some sort to be downloaded, and some also need plug-ins. Several colleges and universities, such as Rensselaer Polytechnic Institute, have made arrangements with assorted Internet music suppliers to provide access (typically DRM-restricted) to music files for their students, to less than universal popularity, sometimes making payments from student activity fee funds. One of the problems is that the music becomes unplayable after leaving school unless the student continues to pay individually. Another is that few of these vendors are compatible with the most common portable music player, the Apple iPod. The Gowers Review of Intellectual Property (to HMG in the UK; 141 pages, 40+ specific recommendations) has taken note of the incompatibilities, and suggests (Recommendations 8—12) that there be explicit fair dealing exceptions to copyright allowing libraries to copy and format-shift between DRM schemes, and further allowing end users to do the same privately. If adopted, some of the acrimony may decrease.
Although DRM is prevalent for Internet music, some online music stores such as eMusic, Dogmazic, Amazon, and Beatport, do not use DRM despite encouraging users to avoid sharing music. Another online retailer, Xiie.net, which sells only unsigned artists, encourages people to share the music they buy from the site, to increase exposure for the artists themselves. Major labels have begun releasing more online music without DRM. Eric Bangeman suggests in Ars Technica that this is because the record labels are "slowly beginning to realize that they can't have DRMed music and complete control over the online music market at the same time... One way to break the cycle is to sell music that is playable on any digital audio player. eMusic does exactly that, and their surprisingly extensive catalog of non-DRMed music has vaulted it into the number two online music store position behind the iTunes Store." Apple's Steve Jobs called on the music industry to eliminate DRM in an open letter titled Thoughts on Music. Apple's iTunes store will start to sell DRM-free 256 kbit/s (up from 128 kbit/s) AAC encoded music from EMI for a premium price (this has since reverted to the standard price). In March 2007, Musicload.de, one of Europe's largest online music retailers, announced their position strongly against DRM. In an open letter, Musicload stated that three out of every four calls to their customer support phone service are as a result of consumer frustration with DRM.
- Limited install activations
Computer games sometimes use DRM technologies to limit the number of systems the game can be installed on by requiring authentication with an online server. Most games with this restriction allow three or five installs, although some allow an installation to be 'recovered' when the game is uninstalled. This not only limits users who have more than three or five computers in their homes (seeing as the rights of the software developers allow them to limit the number of installations), but can also prove to be a problem if the user has to unexpectedly perform certain tasks like upgrading operating systems or reformatting the computer's hard drive, tasks which, depending on how the DRM is implemented, count a game's subsequent reinstall as a new installation, making the game potentially unusable after a certain period even if it is only used on a single computer.
In mid-2008, the publication of Mass Effect marked the start of a wave of titles primarily making use of SecuROM for DRM and requiring authentication via an online server. The use of the DRM scheme in 2008's Spore backfired and there were protests, resulting in a considerable number of users seeking a pirated version instead. This backlash against 3 activation limit was a significant factor in Spore becoming the most pirated game in 2008, with TorrentFreak compiling a "top 10" list with Spore topping the list.However, other games on the list like Call of Duty 4, Assassin's Creed and Crysis use SafeDisc DRM which has no install limits and no online activation. Additionally, other video games that do use intrusive DRM such as BioShock, Crysis Warhead and Mass Effect don't appear on the list.
- Persistent online authentication
Many mainstream publishers continued to rely on online-based DRM throughout the later half of 2008 and early 2009, including Electronic Arts, Ubisoft and Atari, notable examples being Anno 1404 and James Cameron's Avatar: The Game making use of the online version of the TAGES copy protection system. Ubisoft broke with the tendency to use online DRM in late 2008 with the release of Prince of Persia as an experiment to "see how truthful people really are" regarding the claim that DRM was inciting people to use pirated copies. Although Ubisoft has not commented on the results of the 'experiment', the majority of their subsequent titles in 2009 contained no online-based DRM since the release of Prince of Persia - notable exceptions to this practice being Anno 1404 and James Cameron's Avatar: The Game making use of the online version of the TAGES copy protection system. An official patch has since been released stripping Anno 1404 of the DRM. Electronic Arts followed suit in June 2009 with The Sims 3,with subsequent EA and EA Sports titles also being devoid of online DRM.
Ubisoft formally announced a return to on-line authentication on 9 February 2010 through its Uplay on-line gaming platform, starting with Silent Hunter 5, The Settlers 7 and Assassin's Creed II. Silent Hunter 5 was first reported to have been compromised within 24 hours of release, but users of the cracked version soon found out that only early parts of the game were playable. The Uplay system works by having the installed game on the local PCs incomplete and then continuously downloading parts of the game-code from Ubisoft's servers as the game progresses. It was only more than a month after the PC release in the first week of April that software was released that could bypass Ubisoft's DRM in Assassin's Creed II, demonstrating its strength. The software did this by emulating a Ubisoft server for the game. Later that month, a real crack was released that was able to remove the connection requirement altogether.
In early March 2010, Uplay servers suffered a period of inaccessibility due to a large scale DDoS attack, causing around 5% of game owners to become locked out of playing their game.The company later credited owners of the affected games with a free download, and there has been no further downtime.
- Software tampering
Bohemia Interactive have used a form of technology since OFP where if the game is suspected of being pirated, bugs like guns losing their accuracy or the player being turned into a bird are introduced.
Croteam, the company that released Serious Sam 3: BFE in November 2011, implemented a different form of DRM where instead of displaying error messages that stop the pirated version of the game from running, it causes a foe in the game to become invincible and constantly attack the player until the player is dead.
Electronic books read on a personal computer or an e-book reader typically use DRM technology to limit copying, printing, and sharing of e-books. E-books are usually limited to a certain number of reading devices and some e-publishers prevent any copying or printing. Some commentators believe that DRM is something that makes E-book publishing complex.
There are four main ebook formats at present. Mobipocket, Topaz, ePub and PDF. The Amazon Kindle uses Mobipocket and Topaz and it also supports native PDF format ebooks and native PDF files. Other ebook readers mostly use ePub format ebooks, but with differing DRM schemes.
There are three main ebook DRM schemes in common use today, one each from Adobe, Apple, and the Marlin Trust Management Organization (MTMO). Adobe's Adept DRM is applied to ePubs and PDFs, and can be read by several third-party ebook readers, as well as Adobe Digital Editions software. Apple's Fairplay DRM is applied to ePubs, and can currently only be read by Apple's iBooks app on iOS devices. The Marlin DRM was developed and is maintained in an open industry group known as the Marlin Developer Community (MDC) and is licensed by an organization known as the Marlin Trust Management Organization (MTMO). Marlin was founded by five companies, Intertrust, Panasonic, Philips, Samsung and Sony. The Kno online textbook publisher uses Marlin to protect ebooks it sells in the ePub format. These books can be read on the Kno App for iOS and Android tablets. Barnes & Noble uses a DRM technology provided by Adobe, and is applied to ePubs and the older Palm format ebooks. Amazon uses a DRM which is an adaption of the original Mobipocket encryption, and is applied to Amazon's Mobipocket and Topaz format ebooks.
Two PC and Macintosh software programs to view e-books are Adobe Reader and Microsoft Reader. Each program uses a slightly different approach to DRM. The first version of Adobe Acrobat e-book Reader to have encryption technologies was version 5.05. In the later version 6.0, the technologies of the PDF reader and the e-book reader were combined, allowing it to read both DRM-restricted and unrestricted files. After opening the file, the user is able to view the rights statement, which outlines actions available for the specific document. For example, for a freely transferred PDF, printing, copying to the clipboard, and other basic functions are available to the user. However, when viewing a more highly restricted e-book, the user is unable to print the book, copy or paste selections.The level of restriction is specified by the publisher or distribution agency.
Microsoft Reader, which exclusively reads e-books in a .lit format, contains its own DRM software. In Microsoft Reader, there are three different levels of access control depending on the e-book: sealed e-books, inscribed e-books and owner exclusive e-books. Sealed e-books have the least amount of restriction and only prevent the document from being modified Therefore, the reader cannot alter the content of the book to change the ending, for instance. Inscribed e-books are the next level of restriction. After purchasing and downloading the e-book, Microsoft Reader puts a digital ID tag to identify the owner of the e-book. Therefore, this discourages distribution of the e-book because it is inscribed with the owner’s name making it possible to trace it back to the original copy that was distributed. Other e-book software uses similar DRM schemes. For example, Palm Digital Media, now known as Ereader, links the credit card information of the purchaser to the e-book copy in order to discourage distribution of the books.
The most stringent form of security that Microsoft Reader offers is called owner exclusive e-books, which uses traditional DRM technologies. To buy the e-book the consumer must first open Microsoft Reader, which ensures that when the book is downloaded it becomes linked to the computer's Microsoft Passport account. Thus the e-book can only be opened with the computer with which it was downloaded, preventing copying and distribution of the text.
In one instance of DRM that caused a rift with consumers, Amazon.com remotely deleted purchased copies of George Orwell's 1984 and Animal Farm from customers' Amazon Kindles after providing them a refund for the purchased products. Commenters have widely described these actions as Orwellian, and have alluded to Big Brother from Orwell's 1984. After an apology from Amazon CEO Jeff Bezos, the Free Software Foundation has written that this is just one more example of the excessive power Amazon has to remotely censor what people read through its software, and called upon Amazon to free its e-book reader and drop DRM. It was then revealed that the reason behind the deletion on Amazon's part was due to the ebooks in question being unauthorized reproductions of Orwell's works over which the company that published and sold it on Amazon's service had no rights as the works were not within the public domain
DRM and documents
Enterprise digital rights management (E-DRM or ERM) is the application of DRM technology to the control of access to corporate documents such as Microsoft Word, PDF, and AutoCAD files, emails, and intranet web pages rather than to the control of consumer media. E-DRM, now more commonly referenced as IRM (Information Rights Management), is generally intended to prevent the unauthorized use (such as industrial or corporate espionage or inadvertent release) of proprietary documents. IRM typically integrates with content management system software.
DRM has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to substantial numbers of rare (and in many cases unique) documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library's document centre at Boston Spa in England.
Digital watermarks are features of media that are added during production or distribution. Digital watermarks involve data that is arguably steganographically embedded within the audio or video data.
Watermarks can be used for different purposes that may include:
- recording the copyright owner
- recording the distributor
- recording the distribution chain
- identifying the purchaser of the music
Watermarks are not complete DRM mechanisms in their own right, but are used as part of a system for Digital Rights Management, such as helping provide prosecution evidence for purely legal avenues of rights management, rather than direct technological restriction. Some programs used to edit video and/or audio may distort, delete, or otherwise interfere with watermarks. Signal/modulator-carrier chromatography may also separate watermarks from original audio or detect them as glitches. Use of third party media players and other advanced programs render watermarking useless.[dubious – discuss] Additionally, comparison of two separately obtained copies of audio using simple, home-grown algorithms can often reveal watermarks. New methods of detection are currently under investigation by both industry and non-industry researchers.
Sometimes, metadata is included in purchased music which records information such as the purchaser's name, account information, or email address. This information is not embedded in the played audio or video data, like a watermark, but is kept separate, but within the file or stream.
As an example, metadata is used in media purchased from Apple's iTunes Store for DRM-free as well as DRM-restricted versions of their music or videos. This information is included as MPEG standard metadata.
Laws regarding DRM
Digital rights management systems have received some international legal backing by implementation of the 1996 WIPO Copyright Treaty (WCT). Article 11 of the Treaty requires nations party to the treaties to enact laws against DRM circumvention.
The WCT has been implemented in most member states of the World Intellectual Property Organization. The American implementation is the Digital Millennium Copyright Act (DMCA), while in Europe the treaty has been implemented by the 2001 European directive on copyright, which requires member states of the European Union to implement legal protections for technological prevention measures. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.
Digital Millennium Copyright Act
The Digital Millennium Copyright Act (DMCA) is an amendment to United States copyright law, passed unanimously on May 14, 1998, which criminalizes the production and dissemination of technology that allows users to circumvent technical copy-restriction methods. Under the Act, circumvention of a technological measure that effectively controls access to a work is illegal if done with the primary intent of violating the rights of copyright holders.[verification needed] (For a more detailed analysis of the statute, see WIPO Copyright and Performances and Phonograms Treaties Implementation Act.)
Reverse engineering of existing systems is expressly permitted under the Act under specific conditions. Under the reverse engineering safe harbor, circumvention necessary to achieve interoperability with other software is specifically authorized. See 17 U.S.C. Sec. 1201(f). Open-source software to decrypt content scrambled with the Content Scrambling System and other encryption techniques presents an intractable problem with the application of the Act. Much depends on the intent of the actor. If the decryption is done for the purpose of achieving interoperability of open source operating systems with proprietary operating systems, the circumvention would be protected by Section 1201(f) the Act. Cf., Universal City Studios, Inc. v. Corley, 273 F.3d 429 (2d Cir. 2001) at notes 5 and 16. However, dissemination of such software for the purpose of violating or encouraging others to violate copyrights has been held illegal. See Universal City Studios, Inc. v. Reimerdes, 111 F. Supp. 2d 346 (S.D.N.Y. 2000).
On 22 May 2001, the European Union passed the EU Copyright Directive, an implementation of the 1996 WIPO Copyright Treaty that addressed many of the same issues as the DMCA.
The DMCA has been largely ineffective in protecting DRM systems, as software allowing users to circumvent DRM remains widely available. However, those who wish to preserve the DRM systems have attempted to use the Act to restrict the distribution and development of such software, as in the case of DeCSS.
Although the Act contains an exception for research, the exception is subject to vague qualifiers that do little to reassure researchers. Cf., 17 U.S.C. Sec. 1201(g). The DMCA has had an impact on cryptography, because many[who?] fear that cryptanalytic research may violate the DMCA. The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law's use to prevent or penalize development of anti-DRM measures. Sklyarov was arrested in the United States after a presentation at DEF CON, and subsequently spent several months in jail. The DMCA has also been cited as chilling to non-criminal inclined users, such as students of cryptanalysis (including, in a well-known instance, Professor Felten and students at Princeton), and security consultants such as the Netherlands based Niels Ferguson, who has declined to publish information about vulnerabilities he discovered in an Intel secure-computing scheme because of his concern about being arrested under the DMCA when he travels to the US.
On 25 April 2007 the European Parliament supported the first directive of EU, which aims to harmonize criminal law in the member states. It adopted a first reading report on harmonizing the national measures for fighting copyright abuse. If the European Parliament and the Council approve the legislation, the submitted directive will oblige the member states to consider a crime a violation of international copyright committed with commercial purposes. The text suggests numerous measures: from fines to imprisonment, depending on the gravity of the offense.
The EP members supported the Commission motion, changing some of the texts. They excluded patent rights from the range of the directive and decided that the sanctions should apply only to offenses with commercial purposes. Copying for personal, non-commercial purposes was also excluded from the range of the directive.
In Europe, there are several ongoing dialog activities that are characterized by their consensus-building intention:
- Workshop on Digital Rights Management of the World Wide Web Consortium (W3C), January 2001.
- Participative preparation of the European Committee for Standardization/Information Society Standardization System (CEN/ISSS) DRM Report, 2003 (finished).
- DRM Workshops of Directorate-General for Information Society and Media (European Commission) (finished), and the work of the DRM working groups (finished), as well as the work of the High Level Group on DRM (ongoing).
- Consultation process of the European Commission, DG Internal Market, on the Communication COM(2004)261 by the European Commission on "Management of Copyright and Related Rights" (closed).
- The INDICARE project is an ongoing dialogue on consumer acceptability of DRM solutions in Europe. It is an open and neutral platform for exchange of facts and opinions, mainly based on articles by authors from science and practice.
- The AXMEDIS project is a European Commission Integrated Project of the FP6. The main goal of AXMEDIS is automating the content production, copy protection and distribution, reducing the related costs and supporting DRM at both B2B and B2C areas harmonizing them.
- The Gowers Review of Intellectual Property is the result of a commission by the British Government from Andrew Gowers, undertaken in December 2005 and published in 2006, with recommendations regarding copyright term, exceptions, orphaned works, and copyright enforcement.
Many organizations, prominent individuals, and computer scientists are opposed to DRM. Two notable DRM critics are John Walker, as expressed for instance, in his article The Digital Imprimatur: How big brother and big media can put the Internet genie back in the bottle, and Richard Stallman in his article The Right to Read and in other public statements: "DRM is an example of a malicious feature - a feature designed to hurt the user of the software, and therefore, it's something for which there can never be toleration". Professor Ross Anderson of Cambridge University heads a British organization which opposes DRM and similar efforts in the UK and elsewhere. Cory Doctorow, a prominent writer and technology blogger, spoke on the Microsoft campus criticizing the technology, the morality, and the marketing of DRM.
There have been numerous others who see DRM at a more fundamental level. TechMediums.com argues that DRM-free music allows for viral marketing, arguing that independent artists benefit from "free marketing" and can then focus on revenues from higher margin products like merchandise and concert ticket sales. This is similar to some of the ideas in Michael H. Goldhaber's presentation about "The Attention Economy and the Net" at a 1997 conference on the "Economics of Digital Information." (sample quote from the "Advice for the Transition" section of that presentation: "If you can't figure out how to afford it without charging, you may be doing something wrong.")
The EFF and similar organizations such as FreeCulture.org also hold positions which are characterized as opposed to DRM.
The Foundation for a Free Information Infrastructure has criticized DRM's impact as a trade barrier from a free market perspective.
The final version of the GNU General Public License version 3, as released by the Free Software Foundation, has a provision that 'strips' DRM of its legal value, so people can break the DRM on GPL software without breaking laws like the DMCA. Also, in May 2006, the FSF launched a "Defective by Design" campaign against DRM.
Creative Commons provides licensing options encouraging the expansion of and building upon creative work without the use of DRM. In addition, the use of DRM by a licensee to restrict the freedoms granted by a Creative Commons license is a breach of the Baseline Rights asserted by each license.
Bill Gates spoke about DRM at CES in 2006. According to him, DRM is not where it should be, and causes problems for legitimate consumers while trying to distinguish between legitimate and illegitimate users.
According to Steve Jobs, Apple opposes DRM music after a public letter calling its music labels to stop requiring DRM on its iTunes Store. As of January 6, 2009, the iTunes Store is DRM-free for songs. However, Apple considers DRM on video content as a separate issue and has not removed DRM from all of its video catalog.
Defective by Design member protesting DRM on May 25, 2007.
As already noted, many DRM opponents consider "digital rights management" to be a misnomer. They argue that DRM manages rights (or access) the same way prison manages freedom and often refer to it as "digital restrictions management". Alternatively, ZDNet Executive Editor David Berlind suggests the term "Content Restriction, Annulment and Protection" or "CRAP" for short.
The Norwegian Consumer rights organization "Forbrukerrådet" complained to Apple Inc. in 2007 about the company's use of DRM in, and in conjunction with, its iPod and iTunes products. Apple was accused of restricting users' access to their music and videos in an unlawful way, and of using EULAs which conflict with Norwegian consumer legislation. The complaint was supported by consumers' ombudsmen in Sweden and Denmark, and is currently being reviewed in the EU. Similarly, the United States Federal Trade Commission held hearings in March 2009 to review disclosure of DRM limitations to customers' use of media products.
The use of DRM may also be a barrier to future historians, since technologies designed to permit data to be read only on particular machines, or with particular keys, or for certain periods, may well make future data recovery impossible — see Digital Revolution.
DRM opponents argue that the presence of DRM violates existing private property rights and restricts a range of heretofore normal and legal user activities. A DRM component would control a device a user owns (such as a Digital audio player) by restricting how it may act with regards to certain content, overriding some of the user's wishes (for example, preventing the user from burning a copyrighted song to CD as part of a compilation or a review). An example of this effect may be seen in Microsoft's Windows Vista operating system in which content using a Protected Media Path is disabled or degraded depending on the DRM scheme's evaluation of whether the hardware and its use are 'secure'.All forms of DRM depend on the DRM enabled device (e.g., computer, DVD player, TV) imposing restrictions that (at least by intent) cannot be disabled or modified by the user. Key issues around digital rights management such as the right to make personal copies, provisions for persons to lend copies to friends, provisions for service discontinuance, hardware agnosticism, software and operating system agnosticism, contracts for public libraries, and customers' protection against one-side amendments of the contract by the publisher have not been fully addressed.(see references 80-89) It has also been pointed out that it is entirely unclear whether owners of content with DRM are legally permitted to pass on their property as inheritance to another person.
Tools like FairUse4WM have been created to strip Windows Media of DRM restrictions.
Valve Corporation President Gabe Newell also stated "most DRM strategies are just dumb" because they only decrease the value of a game in the consumer's eyes. Newell suggests combating piracy by " greater value for customers through service value".
Due to the strong opposition that exists to DRM, many companies and artists have begun advertising their products as "DRM-Free".
Apple began selling "DRM-Free" music through their iTunes store in April 2007. It was later revealed that the DRM-Free iTunes files were still embedded with each user's account information, a technique called Digital watermarking, generally less restrictive because it identifies a purchaser rather than preventing playback of content. In January 2009, iTunes began marketing all of their songs as "DRM-Free", however iTunes continues to use DRM on movies, TV shows, ringtones, and audiobooks.
Bruce Schneier has written about the futility of digital copy prevention and says it's an impossible task. He says "What the entertainment industry is trying to do is to use technology to contradict that natural law. They want a practical way to make copying hard enough to save their existing business. But they are doomed to fail." He has also described trying to make digital files uncopyable as being like "trying to make water not wet". The creators of StarForce also take this stance, stating that "The purpose of copy protection is not making the game uncrackable - it is impossible."
Both the Association for Computing Machinery and the Institute of Electrical and Electronics Engineers have historically opposed DRM, even going so far as to name AACS as a technology "most likely to fail" in an issue of IEEE Spectrum.
Methods to bypass DRM
There are many methods to bypass DRM control on audio and video content.
One simple method to bypass DRM on audio files is to burn the content to an audio CD and then rip it into DRM-free files. Some software products simplify and automate this burn-rip process by allowing the user to burn music to a CD-RW disc or to a Virtual CD-R drive, then automatically ripping and encoding the music, and automatically repeating this process until all selected music has been converted, rather than forcing the user to do this one CD (72–80 minutes worth of music) at a time.
Many software programs have been developed that intercept the data stream as it is decrypted out of the DRM-restricted file, and then use this data to construct a DRM-free file. These programs require a decryption key. Programs that do this for DVDs, HD DVDs, and Blu-ray Discs include universal decryption keys in the software itself. Programs that do this for TiVo ToGo recordings, iTunes audio, and PlaysForSure songs, however, rely on the user's own key — that is, they can only process content that the user has legally acquired under his or her own account.
Another method is to use software to record the signals being sent through the audio or video cards, or to plug analog recording devices into the analog outputs of the media player. These techniques utilize the so-called "analog hole" (see below).
All forms of DRM for audio and visual material (excluding interactive materials, e.g. videogames) are subject to the analog hole, namely that in order for a viewer to play the material, the digital signal must be turned into an analog signal containing light and/or sound for the viewer, and so available to be copied as no DRM is capable of controlling content in this form. In other words, a user could play a purchased audio file while using a separate program to record the sound back into the computer into a DRM-free file format.
All DRM to date can therefore be bypassed by recording this signal and digitally storing and distributing it in a non DRM limited form, by anyone who has the technical means of recording the analog stream. Furthermore, the analog hole vulnerability cannot be overcome without the additional protection of externally imposed restrictions, such as legal regulations, because the vulnerability is inherent to all analog means of transmission. However, the conversion from digital to analog and back is likely to force a loss of quality, particularly when using lossy digital formats. HDCP is an attempt to plug the analog hole, although it is largely ineffective.
Asus released a soundcard which features a function called "Analog Loopback Transformation" to bypass the restrictions of DRM. This feature allows the user to record DRM-restricted audio via the soundcard's built-in analog I/O connection.
DRM on general computing platforms
Many of the DRM systems in use are designed to work on general purpose computing hardware, such as desktop PCs apparently because this equipment is felt to be a major contributor to revenue loss from disallowed copying. Large commercial copyright infringers ("pirates") avoid consumer equipment, so losses from such infringers will not be covered by such provisions.
Such schemes, especially software based ones, can never be wholly secure since the software must include all the information necessary to decrypt the content, such as the decryption keys. An attacker will be able to extract this information, directly decrypt and copy the content, which bypasses the restrictions imposed by a DRM system.
DRM on purpose-built hardware
Many DRM schemes use encrypted media which requires purpose-built hardware to hear or see the content. This appears to ensure that only licensed users (those with the hardware) can access the content. It additionally tries to protect a secret decryption key from the users of the system.
While this in principle can work, it is extremely difficult to build the hardware to protect the secret key against a sufficiently determined adversary. Many such systems have failed in the field. Once the secret key is known, building a version of the hardware that performs no checks is often relatively straightforward. In addition user verification provisions are frequently subject to attack, pirate decryption being among the most frequented ones.
A common real-world example can be found in commercial direct broadcast satellite television systems such as DirecTV and Malaysia's Astro. The company uses tamper-resistant smart cards to store decryption keys so that they are hidden from the user and the satellite receiver. However, the system has been compromised in the past, and DirecTV has been forced to roll out periodic updates and replacements for its smart cards.
Watermarks can very typically be removed, although degradation of video or audio can occur.
Mass piracy failure
Mass piracy of hard copies does not necessarily need DRM to be decrypted or removed, as it can be achieved by bit-perfect copying of a legally obtained medium without accessing the decrypted content. Additionally, still-encrypted disk images can be distributed over the Internet and played on legitimately licensed players.
When standards and formats change, it may be difficult to transfer DRM-restricted content to new media. Additionally, any system that requires contact with an authentication server is vulnerable to that server becoming unavailable, as happened in 2007 when videos purchased from Major League Baseball (mlb.com) prior to 2006 became unplayable due to a change to the servers that validate the licenses.
Amazon PDF and LIT ebooks - In August 2006, Amazon stopped selling DRMed PDF and .LIT format ebooks. Customers were unable to download purchased ebooks 30 days after that date, losing access to their purchased content on new devices.
Microsoft Zune - When Microsoft introduced their Zune media player in 2006, it did not support content that uses Microsoft's own PlaysForSure DRM scheme they had previously been selling. The EFF calls this "a raw deal".
MSN Music - In April 2008, Microsoft sent an email to former customers of the now-defunct MSN Music store: "As of August 31, 2008, we will no longer be able to support the retrieval of license keys for the songs you purchased from MSN Music or the authorization of additional computers. You will need to obtain a license key for each of your songs downloaded from MSN Music on any new computer, and you must do so before August 31, 2008. If you attempt to transfer your songs to additional computers after August 31, 2008, those songs will not successfully play."
However, to avoid a public relations disaster, Microsoft re-issued MSN Music shutdown statement on June 19 and allowed the users to use their licenses until the end of 2011: "After careful consideration, Microsoft has decided to continue to support the authorization of new computers and devices and delivery of new license keys for MSN Music customers through at least the end of 2011, after which we will evaluate how much this functionality is still being used and what steps should be taken next to support our customers. This means you will continue to be able to listen to your purchased music and transfer your music to new PCs and devices beyond the previously announced August 31, 2008 date."
Yahoo! Music Store - On July 23, 2008, the Yahoo! Music Store emailed its customers to tell them it will be shutting down effective September 30, 2008 and the DRM license key servers will be taken offline.
Walmart - In August 2007, Walmart's online music division started offering (DRM-free) MP3s as an option. Starting in February 2008, they made all sales DRM-free. On September 26, 2008, the Walmart Music Team notified its customers via email they will be shutting down their DRM servers October 9, 2008 and any DRM-encumbered music acquired from them will no longer be accessible unless ripped to a non-DRM format before that date.
After bad press and negative reaction from customers, on October 9, 2008, Walmart decided not to take its DRM servers offline.
Fictionwise / Overdrive - In January 2009, OverDrive informed Fictionwise that they would no longer be providing downloads for purchasers of e-books through Fictionwise as of 31 January 2009. No reason was provided to Fictionwise as to why they were being shut down. This prevents previous purchasers from being able to renew their books on new devices. Fictionwise is working to provide replacement ebooks for its customers in alternative, non-DRM formats, but does not have the rights to provide all of the books in different formats.
Ads for Adobe PDF - Also in January 2009, Adobe Systems announced that as of March 2009 they would no longer operate the servers that served ads to their PDF reader. Depending on the restriction settings used when PDF documents were created, they may no longer be readable.
Adobe Content Server 3 for Adobe PDF - In April 2009, Adobe Systems announced that as of March 30, 2009 the Adobe Content 3 server would no longer activate new installations of Adobe Reader or Adobe Acrobat. In addition, the ability to migrate content from Adobe Content Server 3 to Adobe Content Server 4 would cease from mid-December 2009. Anyone who failed to migrate their DRMed PDF files during this nine month window lost access to their content the next time they had to re-install their copy of Adobe Reader or Adobe Acrobat.
Harper Collins ebook store - In November 2010, Harper Collins announced that as of November 19, 2010, their eBook Store was discontinued, and advised all customers to download and archive their purchases before December 19, 2010, when purchased titles would no longer be accessible. Loss of access to Mobipocket ebooks on new devices.
CyberRead ebook store - In February 2011, CyberRead announced that they were closing down, and advised all customers to download and archive their purchases. Loss of access to Mobipocket ebooks on new devices.
Moral and legitimacy implications
- One of the principles of the Rule of Law is that "The law can be readily determined and is stable enough to allow individuals to plan their affairs."
- A problem with DRM that EFF points to is: ".. in an effort to attract customers, these music services try to obscure the restrictions they impose on you with clever marketing."
- DRM laws are widely flouted: according to Australia Official Music Chart Survey, copyright infringements from all causes are practised by millions of people.
That is, the law, or in this case, the contract between the user and seller, cannot be readily determined, and is widely broken. These facts reduce the ability of a law-abiding person to both detect when they've broken the law, and to feel a moral obligation to abide by DRM contract and law.
- Is burning a music CD breaking the law?
- Is giving a CD I've purchased to a friend breaking the law?
- Is burning a CD, and then giving it to a friend, breaking the law?
- Is purchasing a CD, and listening to it, and then returning it to the store for resale breaking the law?
- Is purchasing, burning a CD, and then returning it to the store for resale breaking the law?
The answers to these questions are non-obvious, which breaks one of the fundamental principles of the Rule of Law listed above.
Not all piracy is undesirable to digital rights holders
Microsoft has stated that if someone is going to steal software, they want it to be their software they steal. There can be real benefits to software makers to theft, since the unit cost of digital theft is zero, or near-zero, and their belief is that some software pirates will become trained in their software and eventually pay for it. An analogous argument was made in an early paper by Kathleen Conner and Richard Rummelt. A subsequent study of digital rights management for ebooks by Gal Oestreicher-Singer and Arun Sundararajan showed that relaxing some forms of DRM can be beneficial to digital rights holders because the losses from piracy are outweighed by the increases in value to legal buyers.
Business Model Ideas
Music is the prominent copyrighted material illegally downloaded from the Internet. The fairly new technology has given the public access to resources that were difficult to obtain before. Due to the Internet, businesses must consider innovative ideas to prevent people from illegally downloading materials. Music is illegally downloaded because the files are small, products can be easily duplicated, and people have the resources and knowledge to manipulate the system. One way to prevent illegal downloading is to have technical protection schemes, which includes using encryption or limiting the number of computers a file can be shared on. The second way to prevent illegal file sharing is to change the business model.
Easy and Cheap
The first business model to prevent from illegal file sharing is to make the downloading easy and cheap. The use of a noncommercial site makes downloading music complex. If someone misspells the artist’s name, the search will leave the consumer dissatisfied. Also, some illegal file sharing websites lead to many viruses that attach themselves to the files. Some sites limit the traffic, which can make downloading a song a long and frustrating process. If the songs are all provided on one site, and reasonably priced, consumers will purchase the music legally to overcome the frustrations that can occur downloading illegally.
Comedian Louis C.K. made headlines in 2011 with the release of his concert film Live at the Beacon Theater as an inexpensive, DRM-free download. The only attempt to deter piracy was a letter emphasizing the lack of corporate involvement and direct relationship between artist and viewer. The film was a commercial success, turning a profit within 12 hours of its release. Some, including the artist himself, have suggested that piracy rates were lower than normal as a result, making the release an important case study for the digital marketplace.
Webcomic Diesel Sweeties released a DRM-free PDF ebool on author R Stevens' 35th birthday., leading to more than 140,000 downloads in the first month, according to Stevens. He followed this with a DRM-free iBook specifically for the iPad, using Apple's new software, which generated more than 10,000 downloads in three days. That led Stevens to launch a Kickstarter project - "ebook stravaganza 3000" - to fund the conversion of 3,000 comics, written over 12 years, into a single "humongous" ebook to be released both for free and through the iBookstore; launched February 8, 2012, with the goal of raising $3,000 in 30 days, the project met its goal in 45 minutes, and went on to be funded at more than 10 times its original goal. The "payment optional" DRM-free model in this case was adopted on Stevens' view that "there is a class of webcomics reader who would prefer to read in large chunks and, even better, would be willing to spend a little money on it."
A video game Kickstarter project, Double Fine, launched on the same day as Diesel Sweeties', provided the game DRM-free for backers, and it too far exceeded its original goal of $400,000 in 45 days, raising in excess of $2 million.n this case DRM free was offered to backers as an incentive for supporting the project pre-release, with the consumer/community support and media attention from the highly successful Kickstarter drive counterbalancing any loss through piracy.
Digital Content to Promote Traditional Product
Many artists are using the Internet to give away music to create awareness and liking to a new upcoming album. The artists release a new song on the internet for free download, which consumers can download. The hope is to have the listeners buy the new album because of the free download. A common practice used today is releasing a song or two on the internet for consumers to indulge. In 2007, Radiohead released an album named In Rainbows, in which fans could pay any amount they want, or download it for free.The disadvantage to giving away a new single on an album is that it may discourage the consumers from buying the whole album.
Disintermediation and Give it Away
Many musical artists make most of their revenue through performing concerts. While album sales do increase their wealth, artists do not completely rely on the sales for their income. The business model of disintermediation means to eliminate the middlemen. A person can purchase songs and albums via the internet. There would be no communication between the consumer and a store. Another option is to give all the music away. The artists will not lose many profits from album sales, and the music will still be wide spread. The main disadvantage to giving away music for free is that the record labels may not allow it. Record labels sign artists and handle the promotion and marketing of the artist. The sales of albums act as a source of revenue to the labels which means, from a business perspective, free downloads would decrease their profits.
The Artistic Freedom Voucher
The Artistic Freedom Voucher (AFV) introduced by Dean Baker is a way for consumers to support “creative and artistic work.” In this system, each consumer would have a refundable tax credit of $100 to give to any artist of creative work. To restrict fraud, the artists must register with the government. The voucher prohibits any artist that receives the benefits from copyrighting their material for a certain length of time. Consumers can obtain music for a certain amount of time easily and the consumer decides which artists receive the $100. The money can either be given to one artist or to many, the distribution is up to the consumer.
A very early implementation of DRM was the Software Service System (SSS) devised by the Japanese engineer Ryoichi Mori in 1983 and subsequently refined under the name superdistribution. The SSS was based on encryption, with specialized hardware that controlled decryption and also enabled payments to be sent to the copyright holder. The underlying principle of the SSS and subsequently of superdistribution was that the distribution of encrypted digital products should be completely unrestricted and that users of those products would not just be permitted to redistribute them but would actually be encouraged to do so.