DRM from Wikipedia

Digital Rights Management

Digital Rights Management (generally abbreviated to DRM) is any of several technologies used by publishers (or copyright owners) to control access to and usage of digital data (such as software, music, movies) and hardware, handling usage restrictions associated with a specific instance of a digital work. The term often is confused with copy protection and technical protection measures (TPM). These two terms refer to technologies that control or restrict the use and access of digital media content on electronic devices with such technologies installed, acting as components of a DRM design.

Digital Rights Management is a controversial topic. Advocates argue DRM is necessary for copyright holders to prevent unauthorized duplication of their work to ensure continued revenue streams.^[1] Some critics of the technology, including the Free Software Foundation, suggest that the use of the word “Rights” is misleading and suggest that people instead use the term Digital Restrictions Management.^[2] The position put forth is that copyright holders are attempting to restrict use of copyrighted material in ways already granted by statutory or common law applying to copyright. Others, such as the Electronic Frontier Foundation consider some DRM schemes to be anti-competitive, citing the iTunes Store as an example.^[3]

Enterprise Digital Rights Management (E-DRM or ERM) refers to the use of DRM technology to control access to corporate documents (Word, PDF, TIFF, AutoCAD files, etc), rather than consumer playable media. The technology usually requires a Policy Server to authenticate users’ rights to access certain files. EDRM vendors include Microsoft, Adobe Systems, EMC Corporation/Authentica and several smaller companies. There are open source implementations as well. EDRM is generally intended to apply to trade secrets, which are much different from copyrighted material (though there is sometimes an overlap with material being both copyrighted and a trade secret — eg, source code of proprietary software), and for whom the primary issue is industrial or corporate espionage or inadvertent release. In most jurisdictions, there is no notion of fair use of trade secrets as there is for copyrighted material. Trade secrecy confidentiality measures are less controversial than DRM applied to copyrighted material, which is commercially sold in many copies.

[edit]

Introduction

DRM vendors and publishers coined the term digital rights management to refer to the types of technical measures discussed here, applying it only to digital media (and analog media that has been released in digital form). There is a long history of objection on the part of copyright holders (often music distributors or broadcasting companies) to copying technology of any kind. Examples have included player piano rolls (early in the 20th century), audio tape recording (after WWII), video tape recording (eg, in the famous Betamax case in the US), etc. Digital copying raised concerns to a higher pitch. While analog media loses quality with each copy generation, and often even during normal use, digital media files may be copied an unlimited number of times without degradation in the quality of subsequent copies. Digital Audio Tape, thought by many observers of the time to be a probable replacement / improvement for the audio cassette, was a market failure in part due to opposition on grounds of the potential for piracy. The advent of personal computers, combined with the Internet and popular file sharing tools, have made unauthorized sharing of digital files (often referred to as digital piracy) possible and profitable.

Although technical controls on the reproduction and use of software have been intermittently common since the 1980s, the term DRM has come to primarily mean the use of similar measures to control artistic works or content. Beyond the existing restrictions imposed by copyright law, most DRM schemes are able to enforce additional restrictions at the discretion of the content’s publisher, which may or may not be the same entity as the copyright holder.

DRM may be enforced by numerous technologies, such as special modifications to digital media player software. Since such implementations can be reverse engineered, they are not effective as an inherent part of the design. This fact has resulted in a general move toward Mandatory Access Control systems (as opposed to Discretionary access control) wherein usage restrictions are enforced by software buried in hardware, working with software provisions in operating systems, media playing software, or both. However, some implementations of this type of DRM are vulnerable to an additional class of attacks, due to a requirement to run on tamper-resistant hardware. There has been pressure (largely successful) for legislation and regulation creating new offenses (ie, controlling or prohibiting examination of DRM schemes, or possession of any tools (eg, software) which might interfere with the operation of a DRM scheme.) An example is the DMCA.

While digital rights management is most commonly used by the entertainment industry (films and recording), it has found use in other media as well. Many online music stores, such as Apple’s iTunes Store, as well as certain e-books producers, have adopted various DRM schemes in recent times. In recent years, a number of television producers have begun demanding implementation of DRM measures to control access to the content of their shows in connection with the popular TiVo system, and its equivalents.^[4]

[edit]

Content Scrambling System

An early example of a DRM system is the Content Scrambling System (CSS) employed by the DVD Forum on movie DVDs since circa 1996. The scheme used a simple encryption algorithm, and required device manufacturers to sign a license agreement restricting the inclusion of certain features in their players, such as a digital output which could be used to extract a high-quality digital copy of the movie. Thus, the only consumer hardware capable of decoding DVD movies was controlled by the DVD Forum, restricting the unauthorized use of DVD media until the release of DeCSS by Jon Lech Johansen in 1999. An unsuccessful variant of this scheme is the now-defunct DIVX format.

[edit]

Legal enforcement of DRM

Digital Rights Management holds an uncertain legal status in most countries, as the rights of users and producers regarding content are rarely defined clearly enough currently for the legal situation to be widely agreed upon. In most countries, particularly those without a fair use doctrine, users’ ability to use copyrighted material is ill-defined and so difficult to enforce.

The 2001 European directive on copyright forces member states of the European Union to implement legal protections for DRM. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.

Problems associated with some well-known systems include:

DIVX: Proposed as a rental-only system, DIVX required a phone line, and thus inhibited the use of media offline. To relocate a work for which unlimited plays had been purchased (called DIVX Silver), it was necessary to carry the DVD player that first played the disk with it, or manually request that another player be authorized to play that disc. Consumers were denied certain fair use rights in countries with such a doctrine, such as the ability to create compilations of purchased material and to re-sell their copy. DIVX should not be confused with DivX.

CSS: Restricts owners’ use of purchased content, such as the creation of compilations or full quality reproductions, where such actions would ordinarily be permissible in certain countries as fair use. The system also prevents the user from playing encrypted DVDs on any computer platform, although this restriction can be easily circumvented at the risk of prosecution under laws such as the DMCA. CSS is an example of certificate-based encryption.

Product activation: Restricts a product’s functionality until it is registered with a publisher by means of a special identification code, often recording information about the specific computer the software it is installed on to prevent its use across multiple machines. Activation schemes may place some users at risk by incorrectly identifying their purchased software as unauthorized. An example of this vulnerability occurred in 2003, when Intuit’s use of a flawed product activation scheme angered thousands of customers who were denied legitimate use of the product, resulting in a formal apology by Intuit and their cancellation of the system.

Digital watermarking: Allows hidden data, such as a unique disc ID, to be placed on the media. The system allows such information as the name and address of the purchaser to be taken at the point of sale, and entered into a database along with the unique disc ID. This system does not prevent copying, but ensures that any copies made of the media will be traceable to a particular copy and perhaps to a particular user. However, the scheme relies largely on authenticating the purchaser’s identity at the point of sale, and can be easily circumvented by a customer who provides false information.

[edit]

Digital Millennium Copyright Act

The Digital Millennium Copyright Act (DMCA) is a United States copyright law passed unanimously on May 14, 1998, that criminalizes the production and dissemination of technology that allows users to circumvent copyright protection methods, rendering all forms of DRM-stripping and circumvention software illegal. On 22 May 2001, the European Union passed the EU Copyright Directive, an implementation of the 1996 WIPO Copyright Treaty that addressed many of the same issues as the DMCA.

The DMCA was largely ineffective in enforcing DRM systems, as software allowing users to circumvent copyright restrictions remains readily available over the Internet. However, the Act has been used to restrict the spread of such software by limiting its distribution and development, as in the case of DeCSS.

The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law’s use in preventing the further development of anti-DRM measures. While working for Elcomsoft, he developed The Advanced eBook Processor, an application that allowed authorized users to strip usage restriction information from protected e-books. Sklyarov was arrested in the United States after presenting a speech at DEF CON, and subsequently spent several months in jail. The DMCA has also been cited as detrimental to legitimate users, such as students of cryptanalysis, and security professionals such as Niels Ferguson, who declined to publish information about vulnerabilities he discovered in an Intel secured computing scheme because of his concern about being arrested under the DMCA when he travels to the US.

[edit]

Other copyright implications

While DRM systems are ostensibly designed to protect an owner’s right to control copying, after a statutorily-defined period of time any copyrighted work becomes part of the public domain for anyone to use freely. DRM systems currently employed are not time limited in this way, and although it would be possible to create such a system (under compulsory escrow agreements, for example), there is currently no mechanism to remove the copy control systems embedded into works once the copyright term expires and they enter the public domain.

Furthermore, copyright law does not restrict the resale of copyrighted works (provided those copies were made by or with the permission of the copyright holder), so it is perfectly legal to resell a copyrighted work provided a copy is not retained by the seller—a doctrine known as the first-sale doctrine in the US, which applies equally in most other countries under various names. Similarly, some forms of copying are permitted under copyright law, under the doctrine of fair use (US) or fair dealing (many other countries). DRM technology restricts or prevents the purchaser of copyrighted material from exercising their legal rights in these respects.

Moreover, the scope of legal rights cannot, in principle, be fully encoded in technical access/copying restrictions. For example, a photograph generally falls under the copyright of its photographer, and may not be reproduced in an unlimited way by other persons. A photographer wishing to enforce her copyright might attach some DRM codes to a digital version of her photograph that indicate “may not be copied.” However, the photographer might subsequently sign an agreement with another party authorizing such duplication (the reason for doing so is irrelevant). Under law, the moment such an agreement is signed, copying (under the new terms) becomes legal; but the DRM software will not (has not so far, in any case) be adjustable to reflect the new legal reality established by those whose choice it is.

An oft-cited example of DRM overreach is Adobe Systems’ release in 2000 of a public domain work, Lewis Carroll’s Alice in Wonderland, with DRM controls asserting that “this book cannot be read aloud” and so disabling use of the text-to-speech feature normally available in Adobe’s eBook Reader.

DRM has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to substantial numbers of rare (and in many cases unique) documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library’s document centre at Boston Spa in England. This is an interesting case, one in which DRM has actually increased public access to restricted material rather than diminished it.

An early example of a DRM scheme is one that is currently being used on textbooks required in some American Dental Schools including New York University College of Dentistry. The textbooks are available only on DVD and students are forced to purchase the DVD. The DVDs are readable only on an authorized computer and only for a limited time, after which the DVD “expires” and the information in the “DVD book” becomes unavailable. Some of these books are not available on paper at all.^[5]

[edit]

DRM advocates

Some DRM advocates have taken the position that the operational contexts and design goals of DRM, security, software engineering and cryptography are sufficiently well understood that it is already possible to achieve the desired ends without causing unrelated problems for users or their computers.^{[citation needed]}

Others have taken the position that creators of digital works should have the power to control the distribution or replication of copies of their works, and to assign limited control over such copies. Without this power, they argue, there will be a chilling effect on creative efforts in the digital space. This has been and remains the underlying argument for copyright. DRM is one means by which creators of digital works may obtain this power.

A similar view states that DRM’s advent is the first time large-scale digital distribution has been reasonably achievable, which proponents claim to be a benefit both to content creators and their customers that far outweighs the typical problems that arise. This argument cannot be applied to physical media, however.

Furthermore, advocates of DRM believe that its opponents advocate the rights of hardware and media owners, but at the expense of the privileges of artists and their designated copyright holders. Consumers of hardware and media voluntarily and knowingly agree to the grant of limited use of the content exhibited using their physical media.

[edit]

DRM opponents

Many organizations, prominent individuals, and computer scientists are opposed to DRM. Two notable DRM critics are John Walker in his article, The Digital imprimatur: How big brother and big media can put the Internet genie back in the bottle^[6], and Richard Stallman in his article/story The Right to Read and in public statements “DRM is an example of a malicious feature – a feature designed to hurt the user of the software, and therefore, it’s something for which there can never be toleration“.^[7] Professor Ross Anderson of Cambridge University heads a British organization which opposes DRM and similar efforts in the UK.

The Electronic Frontier Foundation and similar civil rights organizations, including http://boycott-riaa.com and http://www.ihatedrm.com, also hold positions which are characterized as opposed to DRM.

The Foundation for a Free Information Infrastructure criticizes DRM’s impact as a trade barrier from a free market perspective.

The GNU General Public License version 3, released by the Free Software Foundation, prohibits using DRM to restrict free redistribution and modification of works covered by the license, and has a clause stating that the license’s provisions shall be interpreted as disfavoring usage of DRM. Also, in May 2006, FSF launched a “Defective by Design” campaign against DRM.

Free Creations has published a license against DRM: Against DRM 2.0.

In France, in order to inform the consumers about DRM, the citizen group StopDRM is regularly organizing protests in general stores (like Virgin or La Fnac) in different cities.

As already noted, many DRM opponents consider Digital Rights Management to be a misnomer. They argue that DRM manages rights (or access) the same way prison manages freedom. A common alternative is Digital Restrictions Management. Alternatively, ZDNet Executive Editor David Berlind suggests the term Content Restriction, Annulment and Protection or CRAP for short.^[8]

The use of DRM may also be a barrier to future historians, since technologies designed to permit data to be read only on particular machines may well make future data recovery impossible – see Digital Revolution. This argument connects the issue of DRM with that of asset management and archive technology.

DRM opponents argue that the presence of DRM infringes private property rights and restricts a range of normal user activities. A DRM component would take control over the rest of the user’s device which they rightfully own (such as an MP3 player) and restricts how it may act, regardless of the user’s wishes (for example, preventing the user from copying a song). All forms of DRM depend on the DRM enabled device (eg, computer, DVD player, TV, …) imposing restrictions that cannot be disabled or modified by the user, regardless of existing rights. In other words, the user has no choice.

Tools have been created to strip Windows Media of DRM restrictions. An example being FairUse4WM^[9]

[edit]

DRM and Internet music

Most internet music stores employ DRM to restrict the usage of music purchased and downloaded online. There are many options for consumers buying digital music over the internet, in terms of both stores and purchase options. Two examples of music stores and their functionality follow:

The iTunes Music Store, the industry leader, allows users to purchase a track online for under a dollar, to burn that song to an unlimited number of CDs, and transfer it to an unlimited number of iPods. The purchased music files are encoded as AAC, a format supported by iPods, and DRM is applied through FairPlay. Many music devices are not compatible with the AAC format, and only the iPod itself can play FairPlay-encoded files. Apple also reserves the right to alter its DRM restrictions on the music a user has downloaded at any time. For example, Apple recently decided to restrict the number of times a user can copy a playlist from ten to seven. Songs can be played on only five computers at a time, and users cannot edit or sample the songs they purchased (though copies can be used and edited in Apple’s iMovie). Despite these restrictions, the iTS DRM is often seen as lenient. Previously, it was possible to bypass the DRM through programs such as Hymn but Apple has altered its systems to close such loop holes. Apple provides iTunes software for copying the downloaded music to iPods in AAC format or to conventional music CD (CDDA format). No copy restrictions are recorded onto the CD and many programs can read and convert music from CD to other music formats, such as MP3 used by competing digital music players.

Napster music store, which offers a subscription based approach to DRM alongside permanent purchases. Users of the subscription service can download and stream an unlimited amount of music encoded to Windows Media Audio (WMA) while subscribed to the service. But as soon as the user misses a payment the service renders all music downloaded unusable. Napster also charges users who wish to use the music on their portable device an additional $5 per month. Furthermore, Napster requires users to pay an additional $.99 per each track to burn a track to CD or to listen to the track after the subscription expires. Songs bought through Napster can be played on players carrying the Microsoft PlaysForSure logo (notably excluding iPod players and Microsoft’s own Zune).

The various services are currently not interoperable, though those that use the same DRM scheme (for instance the various Windows Media DRM stores, which include Napster) all provide songs that can be played side by side through the same program. Almost all stores require client software of some sort to be downloaded, and some also need plug-ins. Several colleges and universities, such as Princeton University, have made arrangements with assorted Internet music suppliers to provide access (typically DRM protected) to music files for their students, to less than universal popularity, sometimes making payments from student activity fee funds. (See Nick Timeros’s article in the WSJ: Free Legal, And Ignored) One of the problems is that the music becomes unplayable after leaving school, unless the student continues to pay individually. Another is that few of these vendors are compatible with the most common portable music player, the Apple iPod.

[edit]

DRM and Libraries

Denver Public, Cuyahoga County and San José Public libraries join Cleveland Public Library, King County Library System, Public Library of Youngstown & Mahoning County, Wright Memorial Public Library and many others who enable the downloading of best-selling eBooks 24/7 from their library websites using the OverDrive service. The service features a growing collection of best-selling eBooks from popular authors and publishers including HarperCollins, Time Warner, McGraw-Hill, Zondervan, Scholastic, John Wiley and Sons, and more. These audio books are downloadable in the WMA DRM format.^[10]

[edit]

Controversies, consequences, and examples

A parodied Home Taping is Killing Music logo from an anti-DRM point of view.

Several DRM schemes have been implemented. Many see them as “abuse” of copyright (often called eSlavery in Europe); DRM proponents have seen them as a “reasonable balance of consumer concerns and artist rights.”

Examples include:

Digital imprimatur
Inclusion of commercials on the “unskippable track” on DVDs reserved for the copyright notice;
Using the DMCA to restrict access to items that do not qualify for copyright, such as garage door openers and printer ink cartridges;
Adding restrictions on text-to-speech conversion in the EULA of e-books;
BBC IMP trial for downloads of DRM-encrypted audio and video files; uses the Kontiki peer to peer file distribution system. Allows no user control of the background up and downloading, leading to considerable slowing of user PCs and potential exhaustion of allowed data transfers without warning due to the nature of peer to peer type operations, with only the option to shut down the user’s computer or disconnect from the Internet. BBC content is time-limited and will only play on the machine to which it was downloaded or an officially authenticated device participating in Microsoft’s DRM scheme.
Sky’s ‘Sky By Broadband’ scheme also uses Kontiki with similar results.
Using Copy Control schemes to thwart the existing statutory and common law exceptions to copyright holder control (such as fair use), as for instance in regional coding of media (such as in DVDs);
The possibility of dominant DRM-inclusive recording and playback technology being used uncritically by users unaware of the dangers and consequences thereof, and potentially later locking them out of their own creations, as with SCMS in consumer-grade DAT equipment;
Preventing academic publication and distribution of information relating to flaws in computer security in the absence of the permission of the creators of said technologies;
Silencing individuals who have found serious flaws in software used in electronic voting.^[11]
Restriction of medical records and personal financial information using DRM to protect consumer rights. Insurers, lawyers and loan companies have strongly objected to the use of these technologies to prevent patient, hospital and practitioner records being more freely accessible due to copy and forward restriction applied to patient or customer records.
As of 2005, in American dental schools students are required to purchase textbooks on DVD. The DVDs are readable only on an authorized computer and only for a limited time, after which the DVD expires and the information in the “DVD book” becomes unreadable. Some of these books are not available on paper at all.
Stopping or making archival of the content, even allowed such like in libraries, hard or impossible to do due to practical and technical reasons – especially when considering that the content should still be accessible even if the publisher disappears (bankruptcies etc).
TiVo 7.2 OS adds content access restrictions, blocks transfers, and auto-deletes some shows
The 2005 Sony CD copy protection scandal
Aesthetic objections to onscreen DRM threats interfering with relaxing and watching a movie.
The Swedish Pirate Party wants to outlaw most forms of DRM.
The legal inability to disable DRM restrictions, even if they “threaten critical infrastructure and potentially endanger lives”^[12]
Many DRM systems restrict playback to a single device and, to date, no provider has offered to renew this licence when the device is upgraded.
Some WMDRM protected files will install spyware such as Zango when the user agrees to retrieve a license to play the file.^{[citation needed]}
The Playstation 2 version of Ape Escape: Pumped & Primed creates copy-protected game saves which cannot be transferred between memory cards. This is the first known instance where a publisher has enforced DRM on private data, rather than just data copyrighted by the publisher.
The PlayStation 2 CD-ROM format games are protected and cannot be copied with normal copy software. Curiously, the DVD-ROM format games doesn’t have this type of protection.
The Xbox 360 games has advanced security code which prevents copying of the games.
The Museum of Just Not Getting It^[13] makes an attempt to tabulate the worst DRM-related decisions by media companies.

[edit]

Copyright law vs. particular techniques

Copyright law has been defined in terms of general definitions of infringement in any concrete medium. This classic approach focused such law on whether or not there is infringement, rather than focus on particular engineering techniques. Legislators have in several instances chosen not to prohibit new technologies (for example, piano rolls, radio broadcasting, and audio tape recording have not been prohibited, and in fact endorsed by inclusion in copyright legislation or the Courts in the U.S.). Critics of DRM assert that detecting and prosecuting infringement within the social and legal system avoids a legacy of outlawing generic, universal, popular, widespread, useful, and possibly uncontrollable in any case, engineering techniques in response to specific misuses.

[edit]

European dialogues on DRM concerns

In Europe, there are several dialog activities that are uncharacterized by its consensus-building intention:

Workshop on Digital Rights Management of the World Wide Web Consortium (W3C), January 2001. [1]
Participative preparation of the European Committee for Standardization/Information Society Standardisation System (CEN/ISSS) DRM Report, 2003 (finished). [2]
DRM Workshops of DG Information Society, European Commission (finished), and the work of the DRM working groups (finished), as well as the work of the High Level Group on DRM (ongoing). [3]
Consultation process of the European Commission, DG Internal Market, on the Communication COM(2004)261 by the European Commission on “Management of Copyright and Related Rights” (closed). [4]
The INDICARE project is an ongoing dialogue on consumer acceptability of DRM solutions in Europe. It is an open and neutral platform for exchange of facts and opinions, mainly based on articles by authors from science and practice.
The AXMEDIS project is a European Commission Integrated Project of the FP6. The main goal of AXMEDIS is atomating the content production, protection and distribution, reducing the related costs and supporting DRM at both B2B and B2C areas harmonising them.

The European Community is expected to produce a recommendation on DRM in 2006, phasing out the use of levies (compensation to rights holders charged on media sales for lost revenue due to unauthorized copying) given the advances in DRM/TPM technology.

[edit]

Inclusion within GNU General Public License version 3

Wikinews has news related to:

Free Software Foundation releases first draft of GPLv3

The first proposed draft of the GPLv3 (released on 2006-01-16) contains language intended to neutralize the harmful effects of DRM (interference with users’ rights to examine, alter, and redistribute) when implemented using GPL’d software. Although the draft in no way prohibits the use of GPL’d code in DRM systems, it does require binaries (or source code) to be distributed not only with source code, but also with the necessary cryptographic keys and other required mechanisms needed to modify the software and still have it interoperate. It also contains language intended to exclude GPL’d DRM code from the scope of the DMCA (and similar statutes elsewhere) anti-circumvention provisions.

[edit]

References

Wikiquote has a collection of quotations related to:

Digital Rights Management

^ Christopher Levy (February 3, 2003). Making Money with Streaming Media. streamingmedia.com. Retrieved on 2006-08-28.
^ Digital Restrictions Management and Treacherous Computing. Retrieved on 2006-08-04.
^ FairPlay: Another Anticompetitive Use of DRM. Retrieved on 2006-08-01.
^ Bangeman, Eric (2006-10-28). TiVo tightens the DRM vise. Retrieved on 2006-08-11.
^ Fleisher, Lisa (April 2002). DVD texts make lukewarm debut at NYU. Washington Square News.
^ Walker, John (September 13, 2003). The Digital Imprimatur: How big brother and big media can put the Internet genie back in the bottle..
^ O’Riordan, Ciaran (January 16 2006). Transcript of Opening session of first international GPLv3 conference.
^ A lot of CRAP. Retrieved on 2006-09-07.
^ Engadget FairUse4WM strips Windows Media DRM!. Retrieved on 2006-08-25.
^ OverDrive (December 16, 2003). Top Libraries Select OverDrive eBook System.
^ Online Policy Group v. Diebold, Inc.. Electronic Frontier Foundation.
^ Felten, Ed (March 8, 2006). RIAA Says Future DRM Might “Threaten Critical Infrastructure and Potentially Endanger Lives”.
^ The Museum of Just Not Getting It.

[edit]

External links

DRM Search Engine 1.03 – Indexed repository of DRM technical documents, download available for public documents only.
Windows Media DRM FAQ
A Special Guide to DRM and Software Activation Tools: Protect Data, Enforce Licenses
Digital rights management: When a standard isn’t
The Digital Imprimatur – How big brother and big media can put the Internet genie back in the bottle.
The Right to Read at GNU.org
DRM.info collaboration against DRM
DRM Watch – Web site with news and commentary about DRM.
World Intellectual Property Organisation (WIPO), Standing Committee on Copyright and Related Rights: Current Developments in the Field of Digital Rights Management. SCCR/10/2. August 2003.
CEN/ISSS (European Committee for Standardization / Information Society Standardization System): Digital Rights Management. Final Report, 30 September 2003. Contains a range of possible definitions for DRM from various stakeholders.
Authena – an open source DRM scheme.
Advanced Peer-Based Technology Business Models. Ghosemajumder, Shuman. MIT Sloan School of Management, 2002. DRM-free model for distributing digital music.
Music Downloads: Pirates- or Customers?. Silverthorne, Sean. Harvard Business School Working Knowledge, 2004.
Microsoft Research DRM talk by Cory Doctorow June 17, 2004
Groklaw page on Sony DRM issues and litigation.
SonyBMG Litigation and Rootkit Info.
Libraries fear digital lockdown – BBC Article.
“Lessons from the Sony CD DRM Episode” (PDF format), by J. Alex Halderman and Edward Felten, February 14, 2006.
Some criticisms of DRM
Paradigmatic example of legislators hearing a very general computer buzzword (“caching” ) associated with infringement cases and banning it, not realizing it was a universal computer memory technique. Article itself demonstrates difficulty of explaining this to general public, writer does not seem to realize every computer and most digital devices of any kind would have to be destroyed.[5]

October 11, 2006 Posted by valleyventure | Business Model, DRM, p2p | | 4 Comments

Superdistribution is the Solution to Digital Piracy and Marketing

Forget about DRM and legal action to prevent piracy — there is a better way: Superdistribution harnesses basic human drives to save money and make money. It’s more powerful than copy protection, more powerful than ethical arguments, and more powerful even than fear of legal prosecution.

A recent article points out that in 2003 around one third of all installed software on PC’s was pirated. Probably an even higher percentage of digital music was pirated.

Piracy comes about because people like to get things as cheaply as possible. When calculating the “cost” of getting something, we need to consider not just the pricetag but also the rest of the transaction-cost — for example the cost in time to locate something, download it, potentially pirate and crack it, etc. To combat piracy, we need to bring the total cost (including all transaction costs) of paying for digital products down to roughly equal or less than than the total cost of pirating those same items. One way to accomplish this is too keep lowering prices of goods. But there are price-points below which sellers lose their margins and thus cannot pass. The problem arises when the total transaction cost of piracy is still less than the lowest commercially-viable total transaction cost to purchase a digital product legitimately. In such a situation piracy flourishes because sellers simply cannot compete by lowering prices any further. So what is a seller to do in that case?

Fortunately there is a solution: Sellers can effectively lower the total transaction cost of purchasing versus pirating by using superdistribution. Superdistribution enables “peer-to-peer” marketing and selling. The concept is simple. I buy a product from Seller X and pay price Y for it. But I can then promote it to my friends and if one of them buys it, I get a commission that reduces my price Y for my copy. If they then further distribute the product to their friends and so on down the line to some number of levels, I get further comissions (fractional by social distance of each purchaser from me). This is sometimes called “network marketing” and is fully legal in the USA so long as no up-front fees are charged to parties before they can become resellers and start earning commissions (at least this was the law last time I checked — but do your own research to be safe if you are planning to go into business doing this!). In other words, you don’t have to buy a product before you can resell it to others and earn commissions — you can resell it and earn commissions even if you yourself don’t own it.

In any case, legal subtleties aside, the concept is what matters here. Superdistribution reduces the buyer’s total transaction cost, and even enables them to potentially get their product for free or even make a profit if enough downline sales result from their referrals. The catch is that it only works in cases where the product is easily superdistributable, and the customer has good enough connections to easily find downline buyers. Finally, it only makes sense in cases where the market is not already saturated — where there are still lots of potential buyers who haven’t bought the product yet.

Superdistribution, if done properly, will virtually eliminate piracy. The reason is simple. If you buy a product wouldn’t you rather get a lower price or get it free or even make money, if you could? Because superdistributing a product has this potential, but giving it away for free does not, parties who buy products are more likely to then superdistribute them than they are to simply give them away for free to their friends. Now what about the case where a party does not buy a product? Superdistribution wins there too because even non-buyers can act as resellers — in other words, they can make even greater profits than buyers because they didn’t even spend anything. So in short, if a suitable superdistribution mechanism is provided, people will use it to resell digital products they download and/or buy rather than giving them away to others for free. This is really the solution to the music industry’s woes — it is far more effective than any form of digital rights management or legal action. By enabling non-pirates to benefit financially compared to pirates, non-piracy can naturally be brought about for the majority of cases.

I already just buy music in iTunes and the Apple Music Store instead of pirating it, because the total cost of transactions is lower than the cost of piracy. It simply takes too much time and effort to locate good quality pirated tracks for entire albums that I want. As well as being illegal and unethical, piracy just takes too much work for me to bother with it. But that’s not the case for everyone — there are many people who either have more time, are more efficient pirates, or who have more access to a broader selection of pirated goods than I do — perhaps for them it is worth saving $.99 per song to pirate. Those people are the problem that the music industry and other digital copyright holders have to deal with — not yuppies like myself who can afford to buy music and for whom the convenience of doing so is worth the price. Superdistribution really would give those people for whom piracy is the cheaper option a new reason not to be pirates. It would also give people like me who are not pirates an incentive to expend extra effor to help market and sell music I buy to others.

And that brings me to the subject of marketing. Superdistribution doesn’t just solve the problem of distribution, it solves the problem of marketing of digital products by making viral marketing pay. Not only do superdistributors reduce piracy, they also can externalize their marketing costs by enabling their customers to benefit financially by becoming network marketers along their relationships. Marketing via superdistribution along trusted social networks is ultimately a more effective way to market a digital product than any form of “in your face” marketing.

To make this really potent — suppose that the price for a digital product is discounted if you get it from an existing customer/superdistributor rather than if you buy directly from the retailer or a competing source? Then I would have an incentive to buy from my friends, rather than going direct to the source. This benefits the source in that it increases the willingness of people in social networks to consider offers from their friends, and makes it more likely that they will buy from their friends in the network rather than directly from competitors etc. Furthermore my bond to my friends is stronger than my bond to any particular brand or vendor — so vendors, by transforming social relationships into distribution channels, get stronger relationships with potential and existing customers than they could get by going directly.

So how might this all work? I would suggest that Apple start this off directly within iTunes. Any iTunes user should be able to superdistribute any song they have purchased, or even tracks they have not purchased but that are listed in the Apple Music Store, to any other iTunes user. This would take the form of sending a “referral” to that user via email, or better yet, via a built-in iTunes social networking tool. Apple would take care of tracking and awarding commissions and managing the payment and downloading of superdistributed tracks. The end users would simply reap the benefits. This would result in much improved sales for Apple, and an even more compelling reason to use iTunes for end-users. By enabling iTunes users to even superdistribute to non-iTunes users (via regular e-mail or via posting uniquely keyed offer URLs to their Web pages) then Apple could reach an even broader potential market and bring a lot of new customers to their store.

Superdistribution works not only for music of course, but for just about any type of digital product, and even for many types of physical products. But in the case of digital products it is ideally-suited. It is so well-suited that I believe there is a business opportunity for an independent superdistribution portal — a site where users could get accounts in which to act as buyers and sellers of superdistributed products from a range of vendors. By singing up to such a site anyone could engage in superdistribution with anyone, anywhere, rather than having to use different networks for doing superdistribution for different products and vendors. In such a site I would have a unified digital wallet — comissions earned from superdistributing product X from vendor A would come into this wallet and could then offset payments I may have made for product Y from vendor B — in other words, the benefit of superdistribution is able to encompass all my transactions. This independent superdistribution portal would also benefit the original vendors — it would provide them with a hosted OEM’d superdistribution infrastructure, at little to no cost to them, in exchange for a cut of any sales made through the system. I think this could be a very viable business. Anyone interested in building it with me? If we could make a working demo, I think I can get it funded.

October 10, 2006 Posted by valleyventure | p2p, superdistribution | | No Comments Yet

Superdistribution, Google and MTV

Back in April in a piece titled “SocialNets & the Power of the URL¹”, I wrote:

… Like every media revolution in history, when tectonic shifts occur on the production side of content, equally disruptive shifts follow in distribution (or visa versa). What we’re experiencing now is no different. Not only do these (consumer-generated) URLs mean that consumers are now “producers”, they are also being used as a new channel for media distribution… the consumer is also becoming a “distributor”… Over the next few years, new ventures will emerge to monetize such new distribution opportunities, and they will more directly compensate people for the role they are playing as filters and distributors of media.

Google’s joint venture with Viacom’s MTV², announced this week, provides a watershed moment in the scenario depicted above. Google’s Adsense represents one of the largest web-based content syndication platforms in the world, and the fact that MTV will begin to use it to distribute video programming out to the edges marks a breakthrough in a business model known as “superdistribution”.

A key facet of superdistribution is the willingness of the content/copyright owner to compensate each player who functions as a redistributor of digital media. For instance, bloggers who participate in Google’s Adsense network will now be able to earn income as a redistributor of MTV’s video content.

To go back to our original post again,

Since the Internet does away with the need for physical packaging of content (e.g. DVDs, CDs, newsprint, etc.), the need for specialized distribution outlets goes with it… Looking out several years, it’s not too difficult to envision a media landscape where the majority of traditional media distribution outlets reliant on the benefits of natural monopoly economics have largely been replaced with a highly-fragmented layer of people-powered community-based distribution networks.

At the end of the day, Google’s deal with MTV will prove hugely disruptive, as people-powered superdistribution begins to transform the way Hollywood products are discovered, delivered and consumed. And not surprisingly, Google will be the center of gravity of this new digital media universe.

Now, if I could convince/help them buy Lions Gate Entertainment³, the stage would be all set for Google to become one of the first “socially-integrated⁴” media empires of the the 21st century… one that could leapfrog Rupert Murdoch’s News Corp.

Written by Robert Young

October 10, 2006 Posted by valleyventure | Business Model, p2p | | No Comments Yet

OMA DRM from Wikipedia

OMA DRM

From Wikipedia, the free encyclopedia

Jump to: navigation, search

OMA DRM is a Digital Rights Management (DRM) system invented by the Open Mobile Alliance whose members represent the entire value chain, including mobile phone manufacturers (e.g. Nokia, Motorola, Samsung, Sony-Ericsson, BenQ-Siemens), mobile system manufacturers (e.g. Ericsson, Siemens, Openwave), operators (e.g. Vodafone, O2, Cingular, Deutsche Telekom, Orange) and IT companies (e.g. Microsoft, IBM, SUN). In order to ensure interoperability across all implementations the OMA provides in addition to the specifications also test tools for OMA DRM. The OMA DL DRM group is chaired by Jan van der Meer (Philips) and Willms Buhse (CoreMedia).

The scheme is implemented on many recent phones and is intended to be used by mobile content providers to add Digital Rights Management to their products. To this date two versions of OMA DRM have been released: OMA DRM 1.0 and OMA DRM 2.0.

OMA DRM 1.0 – Started in November 2002 and approved in June 2004: Basic DRM standard without strong protection. Specifies three main methods: Forward Lock, Combined Delivery (combined rights object / media object), and Separate Delivery (separated rights object + encrypted media object). Forward lock prevents the user from forwarding content such as ringtones and wallpapers on their phone. The content can be distributed using e.g. HTTP or MMS.
OMA DRM 2.0 – Started in July 2004 and approved in March 2006: Extension of the DRM 1.0 separate delivery mechanism. Each participating device in OMA DRM 2.0 has an individual DRM PKI certificate with a public key, and the corresponding private key. Each Rights Object (RO) is individually protected for one receiving device by encrypting it with the device public key. The RO in turn contains the key that is used to decrypt the media object. Delivery of Rights Objects requires a registration with the Rights Issuer (RI, the entitiy distributing Rights Objects). During this registration, the device certificate is usually validated against a device blacklist by means of an Online Certificate Status Protocol (OCSP) verification. Thus, devices known to be hacked can be excluded once they try to register with an RI and receive new ROs for content access.

[edit]

Implementations and Usage

OMA DRM 1.0 has been implemented in over 400 phone models. Many mobile operators (e.g. Vodafone, SFR, Turkcell, Vivo) use OMA DRM for their content services. The first OMA DRM 2.0 implementations in mobile phones were released early 2006 (e.g. the Nokia N91 and Sony Ericsson W850i). Software implementations for PC and PDA clients are also available. Most of the ringtones pre-installed on Nokia phones have implemented DRM.

OMA DRM providers include:

[edit]

Symptoms

A ringtone that includes OMA DRM usually has a “.asp” file extension. This file could potentially be viewed before downloading the actual file as kind of a confirmation request on downloading data. However, with most of today’s implementations at this point it is usually too late for denial and the user would already have been billed for the ringtone. The file extension does not matter for Nokia phones, so it is possible that they may use an extension other than .asp.

On Nokia Series 40 phones an installed file with DRM will not have its “Send” option greyed out in its options menu. If the user attempts to send this via MMS a message “The file is copyright protected” will appear. A Bluetooth file transfer will fail if the user tries to extract the file using Bluetooth, yet the file will still appear as present and will still be deletable via Bluetooth.

[edit]

External links

October 7, 2006 Posted by valleyventure | DRM, Music Industry, our venture, p2p | | 1 Comment

British research about mobile P2P

Experimental Evaluation of the IP Multimedia Subsystem (IMS)

The IP Multimedia Subsystems (IMS) is considered by both network and service operators as a platform to bring about the long awaited all-IP convergence of the cellular world and the Internet. IMS carries both signalling and bearer traffic in which multimedia sessions can be created, modified or deleted delivering voice, data and multimedia contents to end users (Figure 2). As the number of devices that connects to the Internet via Third Generation (3G) networks increases, IMS has the advantage of providing Quality of Service (QoS), better billing system and integration of services which a 3G network per se cannot offer.

Given the substantial interest of IMS, we are carrying out a pilot study aimed at assessing its core functionality. This is done by building a test-bed based on the specification of IMS as described by the Third Generation Partnership Project (3GPP) Release 5, which mandates the Internet Protocol version 6 (IPv6) for increased addressing space, Mobile IPv6 (MIPv6) for mobility, Internet Protocol Security (IPSec) for security and Session Initiation Protocol (SIP) for signalling and bearer traffic. We integrate these as an overlay network allowing transparent connectivity between fixed and mobile networks over a multi-access network (LAN, WLAN, UMTS and GPRS) to emulate a typical IMS environment. We carry out an experimental study to determine the level of maturity of the individual components, the interoperability of the components and how the platform would respond to issues like registration, mobility and handover in different environmental scenarios such peer-to-peer file transfer, client-server services and voice services. This project is strongly related to our study of pervasive, service-centric frameworks for advanced service provisioning (click here for further information).

Academic contact: Dr Antonio Liotta

Figure 2. The IMS architecture.

Mobile P2P Networking (PeerMob)

The Peer-to-Peer (P2P) computational paradigm is in essence an alternative to the well-know Client-Server (C-S) model. While C-S applications and services involve a many-to-one relationship between application (client) and service repository (server), in the P2P model any host (or node) may simultaneously act as both client and server. P2P computing represents a simple but extremely powerful paradigm shift which promises to facilitate the deployment of decentralised services (applications).

The full commercial deployment of P2P networks is hampered by a number of limitations of current systems. In this project we address the following ones:

P2P systems are intrinsically best-effort. It’s very hard, if not impossible, to determine the peer discovery time (i.e. the time needed for a peer acting in the role of a client to discover the relevant peer that will be acting as server). Also P2P systems are not geared to support any other form of Quality of Service.
P2P systems are difficult to control. Since there is no central management authority in pure P2P systems, it is also very difficult to add management value to P2P services.
P2P systems are difficult to secure and charge. These management functions are of paramount importance to the service provider.

The key goal of the project is to address these limitations in the particular context of mobile cellular networks. The key requirements of our mobile P2P framework are:

To be able to run on thin mobile terminals (600Kbytes footprint including P2P core and application);
To be macro handover resilient;
To allow mobile P2P content distribution;
To allows ‘deep’ mobile P2P semantic search/discovery;
To feature disaster-recovery capability;
To be is intrinsically scalable with number of users and amount of information published;
To place the network operator in a unique position as provider of managed P2P services.

More specifically, we are looking at the integration of P2P networking protocols in the context of the IP Multimedia Subsystem (IMS) as depicted in Figure 3. The project includes also the development of novel Mobile P2P services.

Funding body: This project is funded by Vodafone R&D, U.K.

Academic contact: Dr Antonio Liotta

Figure 3. Mobile P2P networking over IMS.

Dynamic Network Clustering via Mobile Agents (completed)

Efficient clustering is a fundamental problem in the area of networking and distributed services. Because of their peculiarities, autonomic systems are particularly sensitive to the way clusters are formed and cluster heads are elected. Assuming that autonomic ubiquitous systems are composed of entities that move, attach/appear and disconnect/disappear fairly frequently, autonomic systems must rely on effective means for maintaining clusters and cluster heads. This includes the ability to partition the system into an appropriate number of clusters (depending on the number of system entities) and elect the best possible cluster heads.

In this project, we have addressed the clustering problem for autonomic systems, presenting a novel approach that has the following advantages:

1) It is based on a distributed algorithm that has a low (linear) cost (efficiency);

2) It can satisfy precise constraints on the number of clusters (self-configuration);

3) It creates provably near-optimal clusters and cluster heads (self-optimisation);

4) It re-calculates near-optimal cluster heads in face of component failures or congestion (self-healing).

To the best of our knowledge, no existing technique satisfactorily addresses the combined requirements of efficiency, scalability, adaptability and optimality. Our contribution includes an in-depth simulation-based analysis of the proposed approach, elaborating on its applicability to distributed monitoring, peer-to-peer systems, network overlays, application-level multicast, and content adaptation networks. Figure 4 depicts our mobile agent based solution which uses agent cloning and agent migration to solve network clustering problem.

Academic contact: Dr Antonio Liotta

Figure 4. Network clustering algorithm based on a mobile agent system.

People

Academics: Dr Antonio Liotta

Research Assistants:

PhD Students: Marco Ballette; Ling Lin; Adetola Oredope.

Former group members: Carmelo Ragusa; Daniel H. Tyrode-Goilo.

September 25, 2006 Posted by valleyventure | Blogroll, Wireless Technology, p2p | | No Comments Yet

P2p Pineer in music world

This is a pioneer. Although their technology is still based on blue tooth, the business revenue model is very good and possible for impoementation.

Melodeo Unveils Peer-to-Peer Music Sharing Functionality; Users Can Now Pay for and Share Full-Track Downloads Legally and Securely from Mobile Phone to Mobile Phone

SEATTLE — Melodeo, Inc. today announced new peer-to-peer music sharing functionality with its Melodeo Mobile Music Solution. Available during the first quarter in Europe, mobile phone users will be able to securely send full tracks that they have purchased, from one mobile phone to another mobile phone via Bluetooth wireless technology. Melodeo, a Seattle-based company, provides music to wireless subscribers through its Mobile Music Solution. The Mobile Music Solution resides directly on the user’s wireless phone, allowing consumers to quickly and easily shop, preview, purchase/download over the air, and play and store full-length music tracks.

“We’re thrilled about Melodeo’s peer-to-peer functionality, because it is secure and all parties are compensated when music is shared. This makes it a huge win for artists, music publishers, record labels, operators and mobile phone users,” said Don Davidge, senior vice president, Melodeo. “We expect that as the service grows it will not only be a significant source of revenue for artists, publishers and labels, but will also bring music to new audiences. Ultimately, we anticipate that sending a song will soon be as common as sending a text message or making a call.”

Wireless Operator Support

Wireless operators are deploying Melodeo technology on their networks to offer their subscribers access to Melodeo’s extensive music library. With the service, consumers can easily purchase and download full-length songs directly from their handsets, over the air, to their wireless phone. Music tracks that have been downloaded via the carrier’s network can then be “super-distributed” via Bluetooth. Tracks sent via Bluetooth technology do not use the operator’s network bandwidth, and therefore represent a highly efficient distribution mechanism for digital music. Melodeo’s DRM solution fully protects the tracks in both download and peer-to-peer activities.

Many industry analysts see the mobile music market growing exponentially in the coming years. Jonathan Coham, analyst with the Radicati Group, believes that “wireless music delivery is the next logical step. For music labels and artists, the appeal of wireless music delivery is that DRM ensures they will be compensated for their work. Melodeo’s distribution model makes for a quick go-to-market strategy, which, combined with an innovative peer-to-peer approach, looks set to stimulate a strong level of interest in the industry.”

Using the Peer-to-Peer Feature

To use the peer-to-peer feature, users simply select a song from the play list of tracks on their mobile phone. They then send the full track to another user with a Melodeo-enabled mobile phone located within Bluetooth range. The song file, which is DRM protected, pops up on the recipient’s mobile phone and he or she can listen to a 30-second preview of the song. If the person likes it, he or she can easily choose to purchase it and the Melodeo server then sends a decryption key via the carrier’s network to unlock the song, and bill the purchase to the recipient’s account. The Melodeo peer-to-peer system will also be used to send music as a gift, with the charges billed to the sender’s account.

A sender who shares music with a friend may also be eligible to receive a reward from the operator after the friend purchases a certain number of tracks. For instance, after the friend purchases four songs, the user who recommended them or gifted them may be given a complimentary track of a song from the operator.

Quick, Easy-To-Use Solution

Melodeo’s Mobile Music Solution includes an extensive music catalog provided by Warner Music Group and other record labels. Finding songs or an artist in this catalog is easy with a patented “power-search” capability. With just a few keystrokes, users can quickly and easily access the music they want.

The Mobile Music Solution includes personalization of a user’s music catalog based on the user’s preferences. Intelligence capabilities enable the solution to discover an individual’s unique music preferences and offer customized recommendations to the subscriber.

Melodeo’s software incorporates the most advanced audio codec, aacPlus from Coding Technologies, which produces music files in the 500 to 750K range, significantly smaller than a typical MP3 file, in a solution that is downloaded, not streamed, saving valuable bandwidth. While phone memory varies by brand, users can expect to store roughly 75 to 125 tracks with 64MB of memory.

About Melodeo

Melodeo is entirely focused on the music mobile phone market. Melodeo, Inc. is a privately held company in Seattle, Washington, dedicated to creating software and services to bring music to mobile phones. The Melodeo Mobile Music Solution provides wireless operators and phone handset manufacturers the means to provide secure digital music to wireless subscribers in an easy-to-use, dynamic user interface. Recognizing the growing market for wireless content, Melodeo offers its easy-to-use distribution model that at the same time supports the Digital Rights Management initiative, securing artist and label compensation. For more information, visit the company’s website at http://www.melodeo.com, or send email to info@melodeo.com.

From business wire.

September 23, 2006 Posted by valleyventure | Blogroll, Cool companies, Wireless Market Research, Wireless Value Added Service, our venture, p2p | | No Comments Yet

Cascade Mobile P2p

Cascada Mobile now offers TAG referral distribution technology. Now this really isn’t P2P. They call it P2P because a user can use it to contact another user … but he has to go through their server.

Still, mobile P2P presents an interesting challenge due to the limited resources on a phone compared to a PC. Plus phones have different operating system and capabilities. Developers have to translate the display for each phone model. Designers either limit functionality so the app will work across a wide swath of phones, or more typically route the phone client into a server somewhere. This does the latter.

	Squirting Climaxing … on DRM from Wikipedia
	dan flights on 10 Future Web Trends
	FredderiK on DRM from Wikipedia
	josh on 21 iPhone Food Apps to Eat You…
	Sdsdhlkj on Web 2.0 List

November 2009
M	T	W	T	F	S	S
« Oct
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Ramdomness of wireless and mobile business by Robert Zhu

Digital Rights Management

Contents

Introduction

Content Scrambling System

Legal enforcement of DRM

Digital Millennium Copyright Act

Other copyright implications

DRM advocates

DRM opponents

DRM and Internet music

DRM and Libraries

Controversies, consequences, and examples

Copyright law vs. particular techniques

European dialogues on DRM concerns

Inclusion within GNU General Public License version 3

See also

Related concepts

Devices that use DRM

Lobbying organizations

References

Further reading

External links

OMA DRM

From Wikipedia, the free encyclopedia

Implementations and Usage

Symptoms

External links

Categories

Recent Posts

Recent Comments

Pages

Blogroll

Business Plan

China

Free Papers

Innovation and Entrepreneurship

our venture

Wireless

Blog Stats

Meta

Top Posts

Site info