The Cause of Digital Rights Management – by “Benjamin B”

DRM is the natural evolution of copyright protection. As media transitioned into a digital form publishers needed to develop new methods of protecting their works. Some of the earliest copy protections mechanisms accompanied the first generation of computer games. They were usually some sort of gimmicky device or language that often contributed to the gameplay or developed the game’s atmosphere.


Code Wheels from A Secret of Monkey Island. The keys written under each pirate head were required at various points in the games.

Once consumers learned how to bypass these physical copy protections, corporations began using registration keys. These long numerical codes are typically written inside the software’s box or separately mailed.  Programs require the code before initially running. Once hackers developed key generators, companies began requiring online registration and authorization, a policy still in use today.

Online authorization was the last step before Digital Rights Management. DRM is unique because in many circumstances it infringes on typical consumer rights and can invade privacy. DRM varies widely between platforms, but most often comes in two forms: a frequent online check between the user and producer for authenticity, and a complex authorization program on the user’s computer.

Common Forms of DRM

Most eBook sellers require all purchases to be linked to a user’s account.  Each account can have a limited number of devices authorized to read a book.  You must purchase multiple copies of a book to exceed the number of permitted devices.  Most retailers allow between four and six activations.  While this seems like a large number, the limit is quickly reached if you want to share the book within your family or read it on multiple devices.

eBook DRM prevents sharing among friends, one of the best parts of reading books.

Music was one of the first battlegrounds for DRM.  As computers become more common during the late 1990’s and early 2000’s music piracy skyrocketed.  Publishers responded by including DRM on CDs, making it far more difficult to rip music.  However as digital music players replaced portable CD players this became untenable. People now buy CDs with the express intent of ripping music to their digital players.  As this became the norm publishers gradually eliminated DRM from CDs.  Currently most physical and digital retailers sell music without any form of DRM.

Unlike music DVDs and Blu-Ray discs still use multiple forms of DRM.  DVDs have used a technology called CSS (Content Scrambling System) for almost two decades.  While this technology was decoded and circumvented years ago, publishers continue to include it on most DVDs.  Blu-Ray discs use a variety of methods to prevent copying.  Some require online authorization, while others utilize a complex series of encrypted keys that require a virtual machine to decode.

Of all forms of copy protection DRM for software is by far the most developed. Every major game release is accompanied by the latest DRM.  Many publishers have their own preferred form of copy protection.  EA typically uses SecuROM for its big releases.  Ubisoft recently started using a form of DRM nicknamed ‘always-on’, which requires a user to be continually connected to the Internet for their games to work regardless of whether the game uses the Internet.  Any disruption in Internet connection will force the user to exit the program.

The Problems of DRM

While DRM is a justifiable reaction to piracy, in many regards it goes beyond what an average person would consider reasonable.  If a product requires online authorization it is only freely usable while the company maintains its servers.  Microsoft is a major culprit in this respect. It is stopping all support for its eBook format .lit by the end of 2012.  Even though the purchased files will still be usable, Microsoft will not offer any help if problems arise.  Microsoft is also discontinuing support for Windows XP, shutting down the activation servers by 2014 and preventing individuals from new XP installations.

Not only can DRM occasionally prevent people from using their legally purchased goods, it can also damage and destabilize a machine.  Some forms of DRM install secondary programs on computers to authorize and check software. These programs often require high security clearance.  The worst-case scenario is a hacker developing a virus that specially targets DRM, exploiting any security flaws and using it to highjack the computer. Of all DRM programs the most insidious is SecuROM, which installs itself in a computer’s kernel (the system’s core). Removing it requires wiping the entire computer and starting anew. To make it worse, originally EA neither asked nor informed users about SecuROM before installation.

If DRM itself was not enough of an issue, the Digital Millennium Copyright Act makes bypassing DRM illegal.  If the company that authorizes your purchases goes bankrupt, the DMCA’s anti circumvention clause makes it a felony to recover you files.

Just like with everything on the Internet, XKCD offers its own take on DRM

How to Fix DRM

This is a tragic cycle perpetuated by a single public outlook. For some reason people do not equate pirating media with theft. The social stigma associated with online piracy is incomparable to that of shoplifting.  This dichotomy needs to be rectified before any DRM-less solution can be found.

There is an economic issue fueling the cycle as well.  All forms of electronic media are far more expensive than necessary. As publishers have transitioned to digital distribution, costs have dropped but in many circumstances prices have not equally declined.  There must be a major incentive for people to stop pirating media.  The most obvious one is convenience. Publishers need to make buying their products more convenient than pirating.  If prices drop and online distribution methods become simple and quick, people will readily purchase products. Some companies have already instituted such business models.

In the video games industry Steam is the dominant source for digital distribution, holding about a 70% market share.  It is significantly more profitable than physical store, yielding a 70% gross margin on sales to the 30% average for most physical retailers.  Downloading from Steam is simple and fun.  The program runs frequent sales, offering blockbuster titles at significant discounts.  While some DRM is included in these products, it is often of the non-intrusive sort.

Typical Reaction to a Steam Holiday Sale. Its business model seems to be doing quite well.

Numerous retailers have developed this type of business model for television, music, and movies.  Netflix and Hulu Plus both offer a large variety of television shows and movies for a nominal monthly fee.  Their titles can be quickly streamed to any equipped computer, gaming console, or TV.  Amazon and iTunes now offer easy and fast movie, television and music downloads, almost all DRM-free.  These businesses have made an impact.  Music piracy has dropped significantly as a total share of worldwide piracy.  While once the majority of bittorrent traffic, music now constitutes only 2.9%.  As more companies shift to this model, piracy overall should decrease

DRM is an evil born of our time. As people begin to see the Internet as an extension of the physical world rather than a separate realm social norms should decrease piracy. As corporations shift to more sustainable electronic business models, piracy should begin to disappear.  Once both of these changes have occurred DRM should naturally disappear into the annals of history.

Further Reading

Defective by Design

Electronic Frontier Foundation


What’s Going on with DRM? – by “Daniel P”

A few years ago, my friend copied a bunch of music from his brother’s hard drive to his new iPod. His brother has awesome taste in music, and since my buddy didn’t have to pay anything for it, I thought he got a pretty sweet deal. We were talking about this while driving around and listening to the White Stripes.

“Dude!” he said all of a sudden. “This sucks! I can’t play blue orchid on this iPod cuz I don’t have the license for it.”

“Ah shit man,” I replied. “It’s because of DRM.”

“DRM sucks.”

Yup. It does. Used to be that if you bought a CD you could do whatever you wanted with it. Listen to it anywhere, let your friends burn it, or burn it yourself and hand out the tracks. Music CDs (not CD-ROM media) by definition cannot have DRM applied to them because its not standards compliant. Guessing the music industry didn’t like this too much and was getting ready to release another CD technical standard with built in DRM.

But they didn’t have to. People dropped their CDs and started using digital files. When online music stores appeared on the scene, they just limited they ways you could use the files you bought from them. Let’s look at how:

Exclusivity – If I download “Fell in Love with A Girl” on x music downloading site, I can only play it on user end hardware or software affiliated with that site. For a while (maybe still now) music downloaded using Kazaa could only be played on Windows media player. Music from the Wal-Mart and Napster stores can only be played on products with Microsoft “plays for sure” certification, something iPods don’t have. iTunes’ version of DRM, fairplay, limited the number of devices an individual song could be stored on. Apple also only allowed files downloaded through iTunes to be played on Apple products and a select few Motorola phones.

Fees – Copies of music have a price. Napster charged an extra $5 dollars per month if you wanted to play the music you downloaded through it on a portable music player. Good thing I can fit my laptop in my pocket when I got to the gym. Napster actually had the worst deal ever: you lost access to all the files downloaded using it if you didn’t pay your monthly subscription fee. That’s just lending music on a monthly basis.

A lot of music stores recognized that DRM-free music has its price. Apple initially sold such files at an elevated price. Now all files on iTunes are DRM free and popular songs cost $1.29, thirty cents more than the standard price per song the store was unveiled with. Napster’s done away with its DRMed wares too.

I’m sure there’s someone out there asking, “Where did you go, DRM’d music? I miss you.” I’ve got a few guesses. Stores probably realized that DRM’d music is really annoying for users. It limits where and how they can play it and makes copying your music from your old computer to a new one really painful. They also realized that people would be willing to pay a bit more for music without DRM. In Apple’s case, thirty cents more. And I bet there’s some calculation out there that says the extra thirty cents generates enough money to outweigh revenue lost due to piracy. The last reason is the iTunes stores. It’s got 25% of the digital music market in the U.S. If it doesn’t have DRM’d music then any site that does is going to lose to it. Also, don’t forget the iTunes store’s buddy, the iPod. It has a whopping 74% of the U.S. mp3 player market, further cementing Apple’s hold on the stuff we’re listening to.

Looks like Apple is calling the shots in the online music market. But at $1.29 per song, who’s using it? Look at the numbers again.

iTunes market share = 25%
iPod market share = 75%

Most people who download music have a music player. Most people with iPods use iTunes. If most people with iPods bought music from iTunes, its market share would be far more than 25%. A lot of pirates still in town.

46 DC EA D3 17 FE 45 D8 09 23 EB 97 E4 95 64 10 D4 CD B2 C2 – by “Ben S”

Is this image illegal?
A "PS3 Flag", an homage to its predecessor, the "Free Speech Flag"

On January 3, George Hotz, or geohot as he calls himself, a hacker previously involved in the effort to jailbreak the iPhone, released the private key to the PlayStation 3, using techniques described by the group fail0verflow at the 2010 Chaos Communication Congress.  Essentially, possession of the key allows users to create and run signed software on their PS3s without the use of any sort of external USB device–i.e., to run the software as if it had been distributed by Sony.

There is every indication that this is why the parties involved exploited the, well, exploit–so that they and others would be able to use the machines that they own to run whatever software they want to write for it or share with each other (fail0verflow claims to have developed the hack in order to allow PS3s of all firmware versions to run Linux).  Of course, one of the side effects of the release of the key is that users can now, if they so choose, use it to run pirated versions of PlayStation 3 games on their machines, which Sony is loathe to allow.

In a response eerily reminiscent of that of Universal and its cohorts following the release of DeCSS and of that of the MPAA and AACS LA following the release of the AACS cryptographic key (the key that protects Blu-Ray DVDs), the corporate machine leapt into action (after one embarrassing gaffe on Twitter), and fired off lawsuits against both fail0verflow and geohot, causing the latter to start a legal defense fund.

This case lies much closer to that of AACS than that of DeCSS–the court ruled, in Universal v. Corley, that DeCSS was not protected speech because, among other things, the DMCA’s restrictions on circumventing technologies was “content-neutral,” and DeCSS seemed to have been distributed for the purpose of redistributing copyrighted DVDs, at least according to the District Court.  In the case of the AACS key, while the MPAA and AACS LA issued numerous DMCA takedown notices (notably to Digg), this was the only legal action taken: no lawsuits were filed, and the legal status of the key remains up in the air.

In the case of the PS3, the stated purpose for circumventing the “technological measures” that “effectively control” access to the PS3 was to get the machine to run Linux–undoubtedly, this is not in violation of any copyright law.  But will this be its primary use? The court tells us in MGM v. Grokster that we must consider not only whether a noninfringing use exists, but its relative frequency compared to that of infringing uses.

Will most users use the key to play pirated games?  More importantly, does it matter?

Similar to the avalanche of posts of  “09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0” on Digg following the MPAA’s response to the release of the key, a…flurry? of “46 DC EA D3 17 FE 45 D8 09 23 EB 97 E4 95 64 10 D4 CD B2 C2” posts appeared on Reddit in the aftermath of geohot’s publication of the key.  Both communities felt a sense of injustice that posting a 128- or 160-bit key, a number short enough to scrawl on the back of one’s hand, should subject the poster to prosecution.

On the other hand, the DeCSS program, in its shortest incarnation, is only 434 bytes, or 3472 bits, only about 20 times as long as the AACS and PS3 keys, and the court found that it was illegal–just as a clever Digg user created a flag using the hexadecimal key, or how I shamelessly copied the idea to make a flag of my own, so too did protestors of the DeCSS decision create MIDIs, plays, and even a haiku of the program.

When everything is expressed in terms of numbers, anything can be expressed in terms of anything else.  The court has ruled that some numbers are illegal, so where exactly is the line?  If I write some protection protocol with a cryptographic key of “1”, can I go around issuing DMCA takedown notices to every website that has the audacity to post a “1” somewhere? Would that even count as an effective technological measure? Probably, since knowledge of the key is generally not enough to crack the code–one must also know where to put it, which requires some amount of proficiency with computers (arguably more proficiency than most users possess).

So where is the line? Is it at 10 bits? 100? 1000? We already know it can’t be any greater than 3472.  The problem is, wherever the line is drawn, it will be arbitrary–any attempt to exclude some kinds of speech from protection will, when taken to its logical extent, inevitably result in some sort of restriction that seems ridiculous and unfair.  There will always be some tricky end case.

And programmers are great at coming up with tricky end cases.

Let e-Books be e-Books – by “Lynn W”

Having used Yale library for the past four years, I’ve come to accept as fact that the wonderful invention of the e-Book allows all library users to bypass the logistical obstacles that accompany the borrowing of physical books – unavailability when checked out by others, the trip of physically finding and retrieving the title from its shelf, the revulsion of thumbing through dilapidated  volumes with unidentifiable stains. More than once, I’ve taken Yale classes in which professors have assigned books that are available online from the Yale library. The strategy for those readings has always been to click on the link whenever I want, at my own pace and timing. The only “hassles” were perhaps that the pages cannot be printed, and that some versions do not allow electronic markings or highlights. Small price to pay for the convenience offered.

Interestingly, and much to my dismay, this universal access model to library e-Books does not extend much farther beyond the university setting. Although e-Books are not yet widespread among public libraries, the ones they do occupy maintain heavy restrictions on usage, as if these electronic files were physical objects.

Take the New York Public Library as a case study. Although the library has 100 titles in e-Book format, it offers them in very limited quantities. For example, currently there are just two e-copies of Blackveil (published Feb. 2011). Both are unavailable, with two “patrons” on each waiting list. The older, but more popular Artemis Fowl (published Aug. 2009) is even more scarce; there is just one currently unavailable copy, with eight on the waiting list.

Perhaps even more ludicrous are the policies on checkout and return. There are no standard lending periods, as these can vary from title to title depending on individual licensing agreements. Furthermore, two of the three provided e-Book formats (OverDrive and Mobipocket) “cannot be returned early. They are automatically returned at the end of the lending period.” So assuming that Artemis Fowl has the standard library lending period of three weeks, I’d have to wait until September 2011 for three weeks of access to a PDF copy? What???

Oh wait… I just got it here.

Granted, this version is in a much plainer font, and there are no page numbers. But the content is exactly the same. How did I find this? By Googling “artemis fowl pdf” and clicking the third search result. Clearly, DRM is not serving its purpose. Is it really necessary to ensure that libraries abide by DRM for their e-Books when cases of circumvention abound so prolifically on the Internet?

Functionality aside, the more important question is whether DRM has a place in the public library domain. The whole point of libraries is to offer communities a local learning center for free. Specifically, the New York Public Library aims to “inspire lifelong learning, advance knowledge, and strengthen our communities.” The digitization of books should, if anything, only help accelerate this mission of educating the community. Why, then, is the new medium of communication being subject to the same delivery constraints of old media? Why, when electronic files can be accessed instantaneously and multilaterally, should people have to wait for months to take their turn?

Library e-Books belong in their own category, separate from print books, and they deserve their own lending policy – one that makes use of the advantages that they offer in speed and plurality of transmission. The Yale model of universal access isn’t necessarily ideal for all public libraries, but the old print model of lending for e-Books simply needs to go.

Apple’s struggle for closure – by “Ben S”

I’m in love with my Droid.  I ordered it the first day they were available, even putting up with my unusable Samsung Juke and its shattered screen for an extra week, just so I could get my hands on what I saw as the first tenable challenge to the iPhone–one of the main draws, for me, at least, was the fact that anyone could design apps and put them on the “Android Market” without putting them up for review before some ominous Comité de salut app.

One of the biggest shortcomings, however, was the lack of Adobe Flash, which, Android owners kept being promised, was “coming,” and after waiting months, the news in June that Flash 10.1 had finally been released and was Android-compatible was somewhat muted by the fact that it was actually compatible with Android 2.2, whereas all Droid users were still stuck with 2.1 for the foreseeable future.
Finally accurate

So while at this point I could have manually rooted the “Froyo” update to my phone and used Flash to my heart’s content, a call to Verizon confirmed what I had suspected–any manual installation of the new OS from a source other than Motorola or Verizon would void my warranty (which, when buying a phone with a plan allows you to get it at 1/5 of the non-plan cost, is a real consideration).

And so I waited, patiently, until late August to get my update, download Flash, and then find out Hulu was blocking all mobile phones from viewing videos anyway.

So, although iPhone users all over the world are likely still more than a little heady about the Librarian of Congress’ clarification to the DMCA allowing for, among other things, “jailbreaking” the device, it is certainly worth noting that, while Apple can no longer use the threat of legal action to keep all its devotees in line, it still has a plethora of tools at its disposal to discourage users from straying from the Way of Apple, including, yes, voiding your warranty:

Apple’s goal has always been to insure that our customers have a great experience with their iPhone and we know that jailbreaking can severely degrade the experience. As we’ve said before, the vast majority of customers do not jailbreak their iPhones as this can violate the warranty and can cause the iPhone to become unstable and not work reliably. [Emphasis added]
It’s not that they’re controlling, it’s just that they know what’s best for you!

To be fair, they have a point–there have been instances of jailbroken phones being exposed to vulnerabilities, especially those that use SSH and don’t change the password from the default.  Naturally, the more open a technology is, the more risk there is for malicious attacks–and when the openness is not officially sanctioned, Apple has little reason to fortify the rogue phones against attacks.

Indeed, though there is absolutely no indication that they plan to do this, Apple could even, if they so chose, develop viruses themselves that specifically target jailbroken phones, or, more legally ambiguously, introduce some internal fuse designed to detect modification, and, if any such modification occurs, melt the phone.  Not, of course, that Apple would ever deliberately introduce defects into their products

But back to the probable: Apple has absolutely no incentive to provide any sort of support for those who use the phone in ways that Apple has said it should not be used–and while communities of jailbroken iPhone users will certainly continue to grow and evolve, coming up with patches and fixes themselves, what, ultimately, is the point in taking technology from one of the most closed consumer technology companies in existence and trying to make it open?  Why not just get technology that is open in the first place?

So, in short, if you want an open, generative phone, then buy an open, generative phone (one that you can also hold any way you like).  Don’t be a putz.

Leasing Ourselves Away – by “Sabina M”

Using and demanding more DRM-free services like recently launched UrFilez or Ovi Music will make you not only 300% cooler, but a responsible citizen.

Imagine this: sometime during the night, half your books have been pillaged. Not by vikings, but by Barnes & Noble.

Imagine this: law enforcement shows up at your doorstep. You have attempted to glue Lego to your science fair project (or hair) – but Lego has very strict ideas about how, where, and for how long Lego can be used.

Imagine this: you have taken apart your CD player to figure out how it works. You do – and you even figure out a way to make it sound better, and maybe be used for time travel. Naturally, you show all your friends how to repeat this miraculous feat. Shouldn’t have done that: get ready to drop the soap.

Maybe the examples are a bit hyperbolic. Or maybe they are all too realistic, if used as an analogy for how the products we purchase digitally are protected by both copyright law and DRM (digital rights management) technologies. Last year, DRM “protection” was the backdoor that made possible the Amazon deletion of eBooks from customers’ Kindles (because the “digital age” is an ironic one, it had to be 1984 – so funny that it’s not). DRM is being used to prevent you from playing movies, music, and games or using software on just any machine or number of machines: on just any operating system (read: anything beyond Apple or Microsoft); in any geographical locality or for any amount of time.

When it comes to digital goods, we have implicitly come to accept the idea that we cannot do just whatever we want with the products we have purchased – and perhaps even more worrying, that we can never truly own digital media. We have accepted, perhaps without being aware of, the fact that we are only renting it and so have to submit to any specific conditions the provider specifies, including the possibility of having our product deleted or made less functional at a whim.

Don’t even think about tinkering with your new copy of, say, Microsoft Office Word: and if you do, do not share your discoveries with anybody. Although tinkerers – or people unwilling to be held hostage to a specific service provider – have recently won a small battle this past summer as such alteration was extended legal permissibility (if not permanent protection) when it comes to phones, the fundamental issue remains. Legal bright spots aside, DRM technology explicitly aims at making the cracking of the proverbial CD player near impossible, even at the cost of practicality. Imagine the CD player, telephone, or Lego blocks of your childhood being 20 pounds heavier just so you couldn’t use them in weird ways: imagine your CD player working less well or ceasing to work altogether if it suspected you were using it in non-correct ways (and then imagine it did this anyway: see the Spore case), all as a trade-off in the name of being more difficult to tamper with.

We (us nerds anyway) instinctively find something unnerving about the idea of someone stealing or blacking out large parts of our books, of the CD player company preventing us from tinkering with our bought property and using police as their proxy – basically, of someone watching over our shoulder when it comes to what we do with the things that are our own. In contrast, the response seems much less visceral, and much more confused, when we talk of DRM. And there are some perhaps justifiable reasons for this ambivalence: but, mainly, a terribly bad one, namely the idea that digital products are, and should be treated as, fundamentally different. For who? For the companies.

After all, is it not the right of developers to keep their code a secret? In this lies part of the crux. With software, the ideas and design are the product. Furthermore, many of these “new” types of products – that is, digital media – are increasingly being couched within a larger framework of a continuous and larger service (see iTunes, Amazon’s Video on Demand, Blizzard’s online RPG).

One way to think of this dilemma and why it came to be so dilemm-ish is this: you could take apart a CD player, sure, knock yourself out – but you could not, in practice, by yourself, replicate the finished product and so displace the monopoly the production company had on designing, manufacturing, and delivering that product to you. If that had been possible, tampering with the interior workings of tech products would have become an issue far earlier – in the digital ownership of digital products, it is all too easy to threaten the profitability of a product by making the company obsolete as a supplier (or sole developer, as the case sometimes is when protected software is cracked in order to be enhanced and, inevitably, spread).

There is undoubtedly truthiness to these facts. Yet surely we can all agree that there are concessions that are unacceptable, even in the name of protecting the economic viability of software companies, when those concessions concern the basic rights of being human – of being curious and inventive – and the basic rights we associate with democracy, namely those of free speech and perhaps to private property. These questions must be asked regardless of how unpleasant the answer might be to commercial interests. (And with DRM, it might not be so at all: it is unclear just how beneficial DRM protection has been for companies, all considered).

As someone with an unhealthy relationship with the Internet and nerd culture, I am squarely on the side of copyleft, open source, creative commons, and so on. But I do not want to ignore the fact that companies are inhabiting a very peculiar space when it comes to purely digital products. If before it was no biggie to lend my SNES game to my neighbor, today it is – because my neighbor next door has suddenly become the entire internet-browsing public. Free speech in the sense of spreading an idea, lending a creative work, instructing others in how things work even when companies would rather we not, discovering and tampering with code (which I would argue rightly deserves to be defined as speech) – yes, free speech and tinkering has become complicated for everyone involved. But this does not mean we must compromise it to the tune of private corporations too worried about their short-term profit to realize the long-term consequences of the laws and practices they have begun to implement and entrench into society as a de facto necessity.

My heart weeps for these producers, or at least sniffles because my head tells it to, but it recoils at the idea of DRM and its supporting social, legal, economic structures evolving further in the direction it has. What do I mean by social and economic structures? I mean the slow transition we are witnessing from physical to digital product: our thinking of digital products as not-quite-goods: the lack of uproar over how the key cultural and other products of our age are coming to be accepted as simply services, things we use on a lease and with a leash.

The heavy media giants – companies like Sony, Apple, Microsoft, Amazon – have begun to construe many of their products as services, period. Services are subject to change. Services can be terminated. And so it comes to be that only the bookstore of a fascist state can enter your house and steal your books in the middle of the night, while Amazon can do so in broad daylight. As Amazon customers that had their Kindles “bricked” (in an ongoing debacle separate from the 1984 deletions) can testify, simply purchasing an eBook is no guarantee for keeping it.

I own an impressive amount of useless TV shows through Amazon on Demand. Yet, if I want to watch them, I have to make sure not to leave American soil: licensing issues. Hopefully Europe will sort those out some ten years down the road, but the point is, Amazon has without warning taken away my right to use these purchases of mine because they deem I do not have the – apparently far more important – right to digitally watch them beyond the U.S. So what then? Do I purchase every episode all over again, but on a DVD? Why are digital copies of an episode more acceptable to, in effect, control the content and presentation of than physical ones – mere practicability is not it (and one might well wonder when DVDs will begin to have automatic IP blocking and such, also).

The issue seems to lie more in the aesthetic feeling of digital goods somehow being fundamentally different in every single way: it is almost as if a digital product is not real. “That’s ridiculous, nobody can take back my purchased DVD” versus “Hey, Amazon is blocking me from re-watching the Battlestar Galactica season finale, I guess that’s just how it works”.

It only works this way because we let it: and my point is, we shouldn’t. We can’t allow the law to codify our digital goods, especially expressive ones, as second-class expressions or property. Yes, we can buy a hard copy of a DVD. But in – twenty? Ten? Five? years from now, will hard copies still be there? Probably not. But we would still be stuck with legislation that presupposes a digital book does not deserve the same protections against theft and censorship the “real” equivalent does. This is what DRM is: anti-license to do whatever to your goods, but also anti-protection against what the private company you got it from can do to it in turn – remove, censor, alter. And the problem stretches not only to purely digital or software goods: PS3 has removed features from already-bought consoles, remotely (like prior support for Linux). With the internet, boundaries between hardware and software are thinning.

Take a look at Sony’s license agreement:

Some content may be provided automatically without notice when you sign in. Such content may include automatic updates or upgrades which may change your current operating system, cause a loss of data or content or cause a loss of functionalities or utilities


You may not sell, rent, sublicense, modify, adapt, translate, reverse engineer, decompile, or disassemble any portion of the Property. Except as stated in this Agreement or otherwise expressly permitted by SCEA in writing, you may not reproduce or transfer any portion of the Property. You may not create any derivative works, attempt to create the source code from the object code, or download or use any Property for any purpose other than as expressly permitted. You may not bypass, disable, or circumvent any encryption, security, digital rights management or authentication mechanism in connection with Sony Online Services or any of the content or service offered through Sony Online Services.

Do things look this cyberpunkly bleak only to the people that really, really care about full control of their software and media? While not all of us may feel this to be a great threat to democracy, it very well might become if we do not begin debating this issue on a level more profound than “WTF $ONY DONT L3T ME HAVE LINUX…. >>” or “APPEL WHY DOES MY CELINE DION MP3 NOT WOERK SOMETIME”. Our society has changed. We cannot just shrug it away and assume the free market will take care of everything, that we will end up with well-functioning, reasonable DRM and copyright policies. Companies are, by definition, for-profit entities that have no incentive to think ahead and take principles of democracy into consideration. They want to make money, and keep making money. Why should we allow private corporations to dictate the terms of our future relationship to the culture and technology we come into contact with?

Don’t click away your rights. You are human, or possibly a transhumanist. The only thing that makes man better than a monkey, even when the monkey is cuter, as is the case with many nerds, is our curiosity: our ability to learn, then take the knowledge we just gained and build upon it. So the next time you’re skipping through a license agreement, take the time to read it: because we need to have the sanctity of the bookshelf, we need the freedom to tinker, and we should never compromise away our right to share knowledge, however threatening to commercial interests.

DRM – A Personal History – by “Brendan G”

A few years ago, my laptop was stolen. A day or so after the theft, I started to get bills from iTunes for songs I had never downloaded. Whoever has possession of the computer was able to purchase songs through the iTunes store because I had the “one-click” download feature turned on.

My Laptop (circa 2007, pre-theft)

Assuming I could just change my password and prevent future downloads turned out to be wrong. Apparently once a computer is associated with an iTunes account, the user is never asked to input their password, even if that password has changed. The only thing I could do, according to Apple, was cancel the credit card associated with the account and open a new account. The worst part? Apple had flagged my old account as “fraudulent” so I could no longer listen to backups of songs I had downloaded prior to the theft.

Now I was left without access to the songs I had purchased with my old account, while the thief was able to continue listening to my music, free of charge. Apple wanted to make their DRM system transparent and user friendly, but in the end, left a gaping vulnerability in the software that only hurt the legitimate consumer.

Had the iTunes store been DRM-free, I would have been able to recover my music from a backup relatively easily, but instead I was locked out of my own purchase. And at the same time, their DRM system did nothing to prevent someone else from accessing the content. So in the end, nobody wins.

Of course, this all happened before the iTunes store went “DRM-free”, but the experience made me reluctant to purchase anything from them, knowing how lax their security measures are. I was never a very big spender on iTunes, but ultimately Apple lost a customer because of their DRM system.

Windows 7’s New DRM – by “Yingqi G”

Last month saw a controversial update to Windows 7’s validation features. After the much aligned Windows Genuine Advantage several years ago, which requires you to verify your copy of Windows, February’s update to Windows Activation Technologies makes the check periodic. In light of the draconian DRM software in some recently released games, it seems consumers are fighting a losing battle to keep their computers free of the secret software police.

The only problem is that people are still buying the software. Among those who oppose DRM, one not uncommon argument is that DRM degrades the value of the product by making it less convenient to use than the alternative without DRM. This alternative is often just the original software with DRM removed, usually illegally. Thus, as the argument goes, DRM incentivizes piracy. Proponents of DRM believe that stronger, more pervasive DRM is the solution, while opponents of DRM believe the software publisher should remove the incentive to acquire copies illegally.

Both sides have seen their successes. On the one hand, many successful game publishers have managed to shift their software away from DRM by selling some value-add service, frequently in the form of multiplayer play. On the other hand, many game publishers have found success in digital distribution through Steam, a distribution channel tied to DRM that also requires regular online check-ins like Windows. In other words, history has yet to prove either side right.

Windows 7 adds an interesting twist to the question. While music, software, and other media containing controversial DRM are usually consumable entertainment, Windows 7 is an operating system. The DRM software doesn’t control your ability to enjoy any product in particular. It controls your ability to use your computer. It controls your ability to perform any number of functions, both in daily life and in business.

Fortunately, alternatives do exist. Apple is well-known for being equally if not more unfriendly to consumers for their completely pervasive DRM software that extends far beyond just verifying your operating system. And, of course, there’s the long tail containing UNIX, Linux, and other miscellaneous operating systems. Linux is a clear alternative to operating systems containing DRM software. However, again, as history seems to indicate, DRM isn’t a critical factor. Despite the clear-cut difference, that Linux doesn’t share Windows and OS X’s preference for potentially extremely inconvenient DRM, Linux has nowhere near the same market share.

The question of Linux’s market share is very hotly debated. However, it suffices to note that DRM on Windows hasn’t yet pushed a significant number of users to switch operating systems. There are plenty of reasons, and, unfortunately, none of them bode well for those of us who oppose DRM.

One reason is that many users just don’t notice it. While it’s still too soon to say anything about Windows 7’s new measures, Windows Genuine Advantage remained relatively invisible except for the one-time inconvenience when you first install Windows. Another large segment of Windows installations come from businesses, where IT generally shields users from DRM headaches. Time will tell whether these periodic check-ins will be any more visible.

Another reason is the network effect. Since Windows 7 is an operating system and not “just a piece of software”, its attraction lies not so much in its inherent values, but rather in the software users need that is available only for Windows. Two large categories of such software are games and in-house applications used by businesses.

To be clear, I personally dislike DRM and would prefer that Windows 7 didn’t have its new measures. Unfortunately, like the users I talked about, I will continue to use Windows 7. Despite the new features, I have yet to be inconvenienced enough to give up the software for which need Windows 7, and as long as that remains true, Microsoft is going to get away with more than just their new measures.

As Spotify takes off, is a service-based model the future of music? – by “Samuel D”

iTunes has been leading the charge in legal online music sales since 2003 (selling over six billion tracks in that time) by selling individual songs and albums (DRM-free since January) through its iTunes Store software. Some interesting (ostensibly) legal alternatives have popped up over the years (Rhapsody, Pandora, imeem, Lala, MySpace Music), but none pose as great a threat as 2006 start-up Spotify. Spotify takes an entirely legal, service-based, streaming model to a new level, and the results overseas have been astounding.

Spotify has reached deals with major music labels for use of their collections. Users can stream the music with no buffer delay using a free version (with advertisements every half hour) or an ad-free premium version (for the equivalent of $16US per month). Users can also buy a one-day pass to go ad-free for 24 hours (for the equivalent of $1.62US).

Sharing: One of the most popular features of Spotify is sharing. Since the entire streaming library is available to all users at all times, users can share songs and elaborate playlists with users instantaneously. One user could make a 100-song playlist for a party, send it to a friend, and the recipient could play it instantaneously without downloading any files or buying any songs.

Offline: Users can cache up to 3,333 songs for offline use. This, clearly, would be larger than most people’s iTunes library and makes Spotify a direct (and potent) iTunes competitor. It’s also a huge competitive advantage over several of its streaming counterparts.

Geolocation: Spotify is the inverse Hulu, in a way, as it is currently only available overseas in Norway, Sweden, Finland, the U.K., France, and Spain. They are working hard to bring the service to the U.S. The Stockholm-based company is opening a U.S. office this year. The U.S. launch is imminent (as they reach deals with U.S. record labels), but apparently will rely on a mysteriously “slightly different” business model.


Portability/Mobile: The basic Spotify experience works through downloadable software (synced across multiple machines), but Apple recently shocked the tech community by approving the Spotify iPhone/iPod Touch app for the App Store. The app lets premium users stream the entire Spotify library over 3G or Wi-Fi AND sync offline. Given the offline sync, the Spotify app would instantaneously eradicate the need to buy music through the iTunes Store for your iPod. An Android app is available, as well. Playlists and settings are wirelessly synced between your phone and computers.

MP3: Spotify (for obvious reasons) does not allow users to download files of songs, but does link to legal music partners (Amazon, etc.) so users could buy MP3s on their own.

The Future: Spotify clearly takes the service-based music model to a new level. Valleywag calls it “everything iTunes should be.” As Spotify adds more and more music to its library and even Mark Zuckerberg sings its praises, how will Apple respond? Spotify is now reportedly making more money for Universal in Sweden than iTunes is. Many believe a service-based model is the future of music now that mobile platforms have caught up, but do people really want to rent music?

Spotify is currently valued around $250 million and with the U.S. launch imminent, that should only grow. Expectations and buzz are certainly high. The service has six million users presently, but is setting its sights high, aiming to take the service-based model to the next level:

“If we can transcend it so that, maybe you don’t actually have to pay for the music, it’s included in your data plan with your carrier or ISP or cable operator; it might be when you buy a new product, a TV screen, that you get one year of music included … devices like new Samsung TV screens, where they’ve got Linux built in, which allows you to do software on it – they’ve got YouTube built in, they might have Spotify built in.”

Spotify Website:
Spotify on Twitter:
Spotify on Wikipedia:

Push for cell phone DRM in Japan – by “Michael C”

Cell phone DRM
Cell phone DRM

With Apple’s announcement at the beginning of the year that the iTunes Store, the biggest online music store, was removing its FairPlay DRM from all of its music, it seems like  DRM-restricted music may be coming to an end, in the US at least. However, the situation is very different in  Japan, where the RIAJ (Recording Industry Association of Japan, essentially Japan’s version of the RIAA) is pushing to implement DRM on all cell phones in Japan.

Five years ago, the idea of DRM cell phones would not be a huge deal, as most people had separate MP3 players and did not use their phones for music. However, as cell phones, MP3 players, and PDAs are increasingly meshed into portable all-in-one devices, like the iPhone and Palm Pre, many people are playing music on these devices.

The proposed DRM will work on the server-side, which means that every time a person wishes to play a song on their cell phone, the cell phone will communicate with a server to check if the file was legally purchased. If it is, the server will send the proper response back to the cell phone, allowing the song to be played. If everything goes according to the RIAJ’s plan, the system can be in place as early as 2011.

This DRM system raises a number of questions. There are many online music stores out there, and the DRM would have  to work with music purchased from every single one. This seems somewhat unlikely, as the current online music store  trend is a move away from DRM, not towards it. Would global online music stores like the iTunes Store be willing to  implement some form of DRM into their songs just to appease the RIAJ? Such a measure would probably be quite costly, since DRM files (for the Japanese market) would have to be created, while maintaining the non-DRM files for the rest of the world. Another important note is that not everyone gets their music from an online music store. How would the system handle songs ripped from a purchased audio CD? How would it deal with MP3s released by fledging artists for free? In both of these cases, DRM would probably be absent from the MP3 file. How would the service  verify these tracks? If the DRM were implemented perfectly, it would be a good way to reduce piracy. Yet, it is hard to believe that the DRM implementation will be perfect, and it is inevitable that some users will be unable to play their legitimately purchased songs. Ultimately, then, it seems like this system will cause more frustration and problems than it will attempt to solve, and should be avoided for the benefit of the average user who just  wants to listen to a few songs on the go.