Lentis/Digital Rights Management

Introduction

edit

Digital Rights Management, or DRM, is an umbrella term for technologies that control access to digital media and attempt to prevent the usage of digital content in ways that are not expressly approved by the content provider. Many implementations of DRM endeavor to disable or restrict the ability of end users to modify and make duplications of digital content that they have legally acquired. Examples of digital content that might be controlled include music, motion pictures, software, television broadcasts, e-books, and video games.

Digital Rights Management was designed in response to the widespread availability of consumer tools that enable unskilled users to freely make exact duplications of digital content. The aim was to protect individuals, businesses, and industries that rely primarily on copyright ownership to provide revenue by preventing unauthorized duplication and distribution of their intellectual property.

However, the use of DRM is highly controversial and there are strong tensions among the social groups affected by the technology. DRM works to shift the balance of power from content consumers to content providers. Proponents argue this is necessary to enforce copyright law in the digital age, while opponents point to examples of DRM being abused to enforce restrictions above and beyond the scope of copyright.

In this chapter, we’ll take a look at a couple of case studies and consider the interplay between the social and technical factors involved. A thorough examination of the technology that makes DRM possible is beyond the scope of this chapter, but I encourage you to see the Wikipedia article on DRM for some useful background. Digital Rights Management is an interesting example of a sophisticated technology designed exclusively to aid in social control, and an analysis of its successes and failures sheds revealing light on the social interface of technology.

Case Studies

edit

Digital Music

edit

The rise of digital music was arguably the single greatest driving force behind the development and implementation of DRM technologies. Until the early 1980s, recorded music was distributed to consumers via analog means as either a vinyl disk or magnetic tape. Music could still be copied and distributed by consumers, but specialized hardware was required and quality was lost with each copy generation. These intrinsic limitations kept unauthorized duplication from being a major issue in the days of analog recordings. All that changed at the end of the 20th century as the compact disc became the preferred format for recorded audio. CDs stored music in digital form and consumer copying, duplication, and sharing was easily achieved with a personal computer.

In addition to physical CD sales, the end of the 20th century brought about an entirely new distribution channel – digital downloads available online. Now, individual songs could be purchased in addition to entire albums, and consumers could browse, preview, and purchase music 24 hours a day. By the early 2000’s, this method of distribution would outpace all physical media sales combined. Needless to say, online distribution accelerated the music sharing process by bypassing the requirement to purchase a CD, insert it into a computer, and extract the content. Distributing music was as simple as posting a file online.

The record labels and the major trade organization that represents them (the Recording Industry Association of America) began widespread use of Digital Rights Management to maintain distribution control in this changed environment. Initially, online music was sold with DRM technology while traditional compact discs remained DRM-free, but by 2005 the major record labels were selling CDs with DRM as well.

The DRM schemes used allowed the record labels to exert a wide variety of controls over consumers, including what devices they were permitted to play the content on, how many devices could be used in the lifetime of a purchased song, a time period after which the music would cease to be playable, and much more. While ostensibly designed simply to prevent illegal copyright violations and distribution, the many of the controls that DRM permitted could be used to block legal “fair use” by consumers. Further, it was often unclear at purchase time what restrictions would be in effect and DRM provided the technological means to modify the terms post-sale without the user’s consent, including by completely disabling the content remotely.

Any technology used to shift the balance of power between social groups will be met with heated and vocal opinions from those affected. The proliferation of DRM presented new challenges to the music industry, and DRM was seen as a technological solution to a social problem. “The answer to the machine is in the machine”, wrote Charles Clark, copyright representative of the Federation of European Publishers. [1]. DRM proponents often believe increased restrictions are a necessary and acceptable side effect of preventing illegal activity. According to Tommi Kyyra of the International Federation of the Phonographic Industry “we need to understand that listening to music on your computer is an extra privilege. Normally people listen to music on their car or through their home stereos… you should consider purchasing a regular CD player.” [2] Some go so far as to say that abuses of DRM are justified because the average consumer puts up with it. Speaking in defense of a particular DRM implementation that surreptitiously opened security vulnerabilities on user’s machines, the head of major record label Sony BMG told NPR that “most people, I think, don't even know what a rootkit is, so why should they care about it?” [3]

Needless to say, DRM critics are very vocal as well, often pinning blame not only on the technology but squarely on the groups who use it to wield power. Popular internet blogger Jeff Atwood puts it bluntly: “the RIAA and the major record labels are as close as you can get to pure evil while not actively killing small children, puppies, and kittens.” Richard Stallman, founder and self-professed leader of the free software movement, encourages people to avoid DRM-controlled music altogether. “Today’s legal music is not acceptable, since it carries Digital Restrictions Management (called Digital Rights Management by its proponents) to restrict what people can do with the files they have bought.” [4]. Even music artists themselves are wary of handing record labels excessive control. “Artists do not support using digital locks to increase the labels’ control over the distribution [of music]”, according to a spokesman from the Canadian Music Creators Coalition. [5]

In the case of digital music, consumer opposition to DRM has largely resulted in the abandonment of the technology all together. No DRM technology can be 100% impervious to circumvention, and ultimately consumers will find underground means of sharing and distributing music. Internet security expert Bruce Schneier put it succinctly: “Digital files cannot be made uncopyable, any more than water can be made not wet.” [6] Record labels began to realize that “There is a cost associated with DRM, and that is lost sales of content.” [7]

As a result, a number of services began to sell music online DRM-free, notably Amazon beginning in September 2007. Apple’s iTunes Music Store, the leading internet retailer of digital downloads, followed suit in January 2009 and began removing DRM from their catalog upon getting the go-ahead from their record label partners. Eventually, even the Recording Industry Association of America admitted that “DRM is dead” in a famous interview by SC Magazine with chief spokesman Jonathan Lamy.

The story of DRM in digital music shows us what happens when social groups try to use technology to extend their sphere of influence. Digital Rights Management, a technology purportedly created and used for the expressed purpose of enforcing the law, was pushed too far and consumers revolted. The bad press forced the proponents of DRM-controlled music to abandon it completely and has given the music industry a bad image in the minds of many consumers that persists to this day. Any method of social control must walk a fine line. Technology offers excellent opportunities for interested groups to volley for power, but abuse of this opportunity is very costly.

Computer Games

edit

Digital Rights Management in computer gaming is a fairly recent development. Older computer games usually just required users to keep the game installation disk in the disk drive while playing the game to prevent people from giving the game to friends or others to play without paying. This led to an initial wave of “piracy” brought about by No-CD cracks. These cracks either trick the disk drive into thinking that a copy of the disk is inserted or simply bypass the CD checking software of the game. These cracks can be useful in legal ways, such as for backing up software or adding convenience to gaming, however they also allow for simplified game sharing and bypass of copyright laws. The world of gaming software protection has changed, however, and now many new, physical format PC titles almost always come with DRM.

One notable game which brings light to the issue of DRM on computer gaming is EA’s Spore. Electronic Arts released Spore in 2008 with copy protection software called SecuROM. SecuROM ensured that the game could only be installed 3 times to prevent users from widely distributing single copies and using No-CD cracks. Spore also included a legitimacy check when the user went online. This DRM had a devastating effect on users who owned multiple computers or had to upgrade operating systems, and it resulted in serious outcry against EA. Once hackers broke through the security measures, illegitimate copies of the game were pirated to such an extent that Spore became the most pirate computer game of 2008. [8] EA eventually increase the number of installation instances from 3 to 5, [9] which seemed to lessen the outrage.

More recently, Ubisoft’ “Online Services Platform” changed the nature of computer game Digital Rights Management. Playing on the ever-increasing integration of the internet into modern society, Ubisoft’s OSP requires users to always be on the internet to play newer Ubisoft titles. This allows the company to require an account for the purchased game and lets them keep track of legitimate copies through these user accounts. Users were furious at this development as well, citing the fact that internet connections are not always available when they would like to play a game. Another problem with this strategy came to light within the first week of Assassin Creed 2’s release. A Distributed Denial of Service attack shutdown the European servers for the game for over 6 hours on the first weekend, effectively destroying users’ ability to play the game. [10]

Unfortunately for computer gamers, DRM does not appear to be dying anytime soon. The PC versions of any game are generally the most pirated. The reason for this is that all of the game’s files are in an accessible place where hackers can easily modify executables. Studies have shown [11] that single player computer games are pirated to such an extent that without DRM, it is highly unlikely that they will turn a profit. This means that users will simply have to accept the waves of DRM to play computer games, or turn their attention elsewhere.