DRM & fingerprinting
I've just listened to an excellent podcast from American Lawyer Doug Lichtman who gives an great summary of the technical and legal aspects of Digital Rights Management. The podcast is titled "Everybody Hates DRM" but is really a very even handed examination of how DRM can and is being used.
As well as looking into some of the disasters, such as Sony BMG's rootkit, it touches on some of the ways DRM can be a benefit to consumers by expanding the range of ways of accessing content. For example, traditionally the only way to enjoy a movie at home might have been to rent a DVD or purchase a DVD. DRM technology allows the movie owner to allow more novel arrangements that it could charge less for - such as 'watch once' or 'watch many times, but only on one device'.
There is a natural tension between the copyright owner using DRM to limit the consumer's use of the copyrighted material and the consumer. This occurs especially in situations where the owner has been less than clear about the limitations, or where consumers have traditionally had an ability to deal with the material in some manner and that ability is removed. Often this tension results in systems being developed to circumvent the DRM. Perhaps the most famous of these is DVD Jon's cracking of the CSS system used to protect DVD's. In these cases, the US Digital Millennium Copyright
Act (DMCA) swings into support the rights of the copyright owner.
The DMCA effectively makes it an offence to circumvent DRM or supply tools that enable such a circumvention. Similar provisions apply in Australia under our Australian Copyright Amendment (Digital Agenda) Act 2000 - I seem to remember this was part of what we had to pay for the US-AUS Free Trade Agreement in exchange for being able to sell beef to the US with them considering giving some thought towards giving up some of their farm protectionism at some time in the future.
An interesting situation, discussed in the podcast, arises when manufacturers of game consoles (Sony Playstation, Nintendo Wii, Microsoft XBox etc) sell games consoles at a loss, but make their profits on the games. In order for this business model to work, the companies must have control of the games that can be played on their consoles. They use DRM to enforce this, but 'mod-chips' have been developed by hackers for most of the consoles to circumvent this. Naturally this circumvention falls under the DMCA and is therefore illegal in the US. In Australia, shops are able to openly advertise mod-chips and have legitimate businesses installing them. This anomaly arises partly as a result of a court case in which Sony brought an action against a mod-chip seller. In that case the court found, in part, that the devices allowed a legal function - the playing of games legally acquired in other regions in the world. This is perhaps an example of the company using DRM to do more than just enforce their copyright rights, then this being their undoing - although only in Australia.
One DRM technology mentioned in the podcast is the 'fingerprinting' of audio files. One of the problems YouTube has is threats from music companies who don't like their copyrighted music appearing in YouTube videos. To overcome this YouTube purchased a system that scans all the new videos and checks the music against a database to see if it is copyrighted. I've been reading an excellent description of their Audio Content ID system from Parallax this week. He's done a nice job of testing the system with various attacks.
My personal take on DRM in music is that a couple of years ago, you could only purchase music online from a couple of places, there was only a limited amount available and the DRM meant you had to use Windows Media Player and there were limitations on moving it from MP3 player to MP3 player. At the same time, using Napster or one of the other peer-to-peer networks you could download any music you could think of, in minutes with no restrictions. The music companies were making their payed for product less useful and harder to obtain than the free (and illegal) product. This was not a successful strategy.
In 2009 the situation is much better. ITunes has a huge back catalogue of music and it is all DRM free. Searching is as easy as it was on Napster and there are no fakes or spam files. It's a simple thing to purchase credits when I buy my groceries. So now it's at least as easy, and in some ways easier to purchase legal digital music than illegal. This seems like a much better business prospect that having to sue your customers all the time.
There are still a couple of flies in this ointment though. The only way to easily buy digital DRM free music is through iTunes - so I have to use iTunes which means I have to do things the Apple way. Most the time this is fine, but sometimes it bugs me (for example losing some quality when I have to convert through two digital formats to put MP3's on my non-Apple MP3 player). The second is that iTunes has no competitor. The music companies stupidly let Apple do this to them. It's hard to see where some downward pressure on digital music prices would come from without some competition.
We have to give Apple some credit for using their market power to push the music companies towards DRM free, otherwise everyone was losing. The music company's fear of having their product stolen was causing it to be. Apple has obviously made a case for DRM free to the music companies and they've had to listen, with the result consumers can buy the music they want easier than stealing it.
