Weblog - Tom Jacobs

My DRM Life - Year 2016 (A Historical Retrospective)

[The following future retrospective is an article I have been developing which attempts to show how digital rights management technologies can and will be used in the coming years. While there has been a lot written in the blogging world about how terrible DRM is (and I don't disagree that the first generation of DRMs have been far too restrictive of individual rights), many more believe that DRM is a critical security and privacy technology with more positives than negatives (by far). This article attempts to articulate the benefits of DRM from the point of view of a fictional college student in year 2016 conducting a historical review of the evolution and deployment of DRM systems using next generation, inter-operable, open, identity based DRM approaches.]

Hello, my name is Ted Smith and I am an economics student at the University of California living in Los Angeles, California. Today's date is Wednesday, May 16, 2016. I was preparing a research report on the costs/benefits of digital rights management systems and how that technology has been successfully deployed despite all the fears which were dramatized during the previous decade.

At that time, it was understandable that some individual rights advocates feared that freedom of expression and creativity or more simply that personal freedoms would become more limited or denied altogether. It was also understandable that many copyright owners in the movie and music industry once greatly feared file-sharing networks and were concerned that their customers might use content they hadn't paid for the rights to use. Also, there were many during that decade who were ignorant of the business and privacy risks that arose from not using DRM technologies to secure their own rights to privacy, trade-secrets and maintaining proprietary data not covered by copyrights.

So, in this report, let me take you on a historical journey through time to understand how society has evolved in the last decade to embrace DRM as a critical enabler for individuals, health care providers, governments, financial institutions, copyright holders and the business community at large. Additionally, we'll take a look at the evolution of society and how it has been impacted by the use of rights management technologies.

CONSUMER PERSPECTIVE

Taking my own family as a typical example, we enjoy listening to music, watching TV (I still love my TiVo) and playing games. We're also very creative in our own way because we take digital pictures, shoot family videos on digital camcorders or on our mobile-computer/phones. Since our family is always on the go, we're very happy that we aren't locking our content to our home and can instead get access to anything we want wherever we are... which is all the easier because of nearly ubiquitous Internet accessibility. When I purchase music or movies now, I can enjoy that content at my home, on my mobile computer-phone, at my friend's house or really anywhere I am. Much like browsing the Internet, I don't have to care much about what devices I use or which particular content services I'm using because standards and "technology neutral"; approaches to DRM have eliminated most risks. The first generation DRMs created isolated content communities which limited my ability to enjoy my content to a small subset of devices.

As far as creating our own content, whenever we shoot our own photos or videos and want to share them, we always protect them with DRM to make sure that only those who we want to see our content can see them. When I shoot photos of my young sister, I want to make sure that our immediate and extended family can see them on the web while denying access to any random predators. My family doesn't pay anything for the content, rather they just need to identify themselves before getting rights to access it. On the other hand, I've got a good side of "selling" my semi-professional 15 Mega pixel camera-phone nature photographs through a subscription service. I don't make much money per photo (way less than a penny), but I make it up in volume. Without DRM, my photos would have been too easily used and shared around without compensating me.

ENTERPRISE PERSPECTIVE

My father works very hard and enjoys his job. He works as a regional salesman for a industrial equipment manufacture. His industry is highly competitive and his company requires that he protect his company confidential information with extreme confidentiality in order to maintain the business and keep their customers happy. A few years back, another salesperson at his company had lost his notebook computer on a train. That computer had company customer lists, details on upcoming products and their internal price book. Luckily, the data files were protected with DRM, so anyone who found that computer was out of luck in trying to get at that data. Years before, they likely wouldn't have been protected and anyone could easily have accessed that information to unfairly compete or even sabotage customer accounts. Luckily, even though the notebook was never returned, nobody ever worried that the data would be accessible by anyone not authorized.

There was another case where an employee of his company left one day to join a competitor. As soon as the company knew he was leaving, they immediately revoked his access rights to the company data on his phone, home computer and laptop. In doing so, that individual would never be able to open those documents ever again and thus protect the confidential information of the company.

HEALTHCARE PERSPECTIVE

As part of my research, I was able to interview the CIO of a major health care network. She informed me that the health care industry has gone through an amazing transformation over the past decade. In addition to amazing medical break thoughts from a care and treatment perspective, this industry has stepped fully into the 21st century of technology including networking and privacy protection. In years past, if an out-of-area patient were to arrive in the emergency room of a hospital, their medical records were difficult or impossible to access quickly. As trusted information networks were deployed and subscribed to by health care providers, it became much easier for information be made accessible to others while maintaining privacy and confidentially. It also became possible for emergency room doctors to directly access detailed patient histories when they were assuming a life & death role in an emergency room. Since patient records are now managed using a hospital IT network employing DRM, health care providers can now more easily make the patient/care information available to whomever needs it while tracking access and maintaining privacy as prescribed by law. Doctors can now get any and all necessary patient information (MRI scan videos, x-ray images, patient interviews, test results, treatment history) whether they are in their office, on duty at a hospital or on the golf course. Secure access to protected data based on who you are and your role as a health care provider determine what you can access to enable better care.

NETWORK SERVICE PROVIDER PERSPECTIVE

In order to get the prospective of the network service industry, I was able to sit down with the CTO of major broadband service provider who had cross-industry perspectives that he was able to share with me. He told me that the first decade of the 21st century was certainly an exciting time for those who provided network access (network service providers - NSP) and those who sought to provide digital services (digital services providers). In the early days of the century, the rush was on to provider higher speed Internet access, digital television services (broadcast, on-demand, download), digital telephony and applications services (web based applications). In many ways, the network service providers continue to fight that battle with each other to offer better packages of services at ever better rates to the same customer base. While most broadband suppliers (whether wired or wireless) have effectively equivalent usable capacity, the important change in the industry was their move to cooperate with each other on federating DRM rights so that each NSP can be in the business of selling rights to subscribers. Consumers gained trust in buying from these NSPs since their rights transcended the specific purchase and could be re-issued by other NSPs as necessary. While over-the-top digital service providers (remember Apple's original iTunes offering?) continue to exist and thrive, they must compete with NSPs by providing additional services beyond simply selling. One need only note that broadband service providers now operate the top destinations for music/movie sales to see the strong new role that have earned.

CONSUMER ELECTRONICS PERSPECTIVE

The annual parade of amazing new consumer electronics is always an interesting testament of how far the CE industry has progressed and a harbinger of the trends ahead. In the middle of the previous decade, CE manufacturers were literally between a rock and a hard place. In those days, in order to provide a cool new entertainment device, manufacturers had to accommodate multiple competing (non inter-operable) DRM systems... not to mention all the various formats they needed to support (which were pretty much figured out a few years before that). Some manufacturers were simply cut-out of the most popular CE device markets because technology owners were leveraging their proprietary technologies to gain market advantage. This was possible because end-to-end solutions were still vendor technology driven rather than standardized architectures for an industry more interested in interoperability and broad consumer acceptance. Later in the previous decade, when the CE makers decided to stop being lead around by the nose by technology patent owners, CE owners moved to standardize more of their technology and stop giving their hard earned revenue to patent revenue focused "standards farmers" (companies in the business of seeding standards with their patented technology for purposes of collecting revenue rather than producing products). CE owners followed the model proved in the 1990's by the World Wide Web (WWW) in that they should standardize on open, royalty free protocols and formats to enable open and broad interoperability. Much like browsing the Internet, one would never need to worry about who's web browser you were using... on which device the browser is running... or what platform the web server your connected to is running. Things just work. Such "by default" interoperability took a few years to work through, but since the lifetime of CE devices continues to shrink the opportunity to "fix" things in newer generations gets ever easier over time.

EDUCATIONAL PERSPECTIVE

In order to understand the views of the librarians and educators, I spoke with the CIOs of several world class universities. They told me that from a university librarian's point-of-view, their role was to make sure that content the library either owned or had licensed would be available to students, professors or other library users. In years past, it was difficult for the libraries to adequately track the usage of content in compliance with license agreements. Additionally, there has been an ever quickening pace to digitize any physical materials to make them easier to find and retrieve. With all of this content, their libraries have become profit centers by selling access rights to their content while maintaining their ongoing role of serving the university and academia overall. While some of the digital content is strongly protected, much of the library material from students and professors is more simply covered by Creative Commons licenses which (among other options) informs content users of their redistribution responsibilities (such as attribution). The CIOs agreed that life had gotten easier for them after they were able to manage content under a single common DRM architecture which was provided by multiple suppliers. They were very happy that by the beginning of the second decade of the 21st century they could treat their their rights managed materials with the same degree of openness and platform independence that they had enjoyed with non-rights protected materials (web pages) years before.

COPYRIGHT OWNERS PERSPECTIVE

I was most fortunate to have been able to interview a CTO from the motion picture industry who frequently represented his industry's perspectives in front of legislators and industry. He was able to share with me the long odyssey that has transformed their businesses. He shared that in the previous decade, this industry was anxious that the growth of file sharing networks would dramatically impact the motion picture industry much the same way the music industry had been threatened in the earliest days of the Internet (remember Napster, Grokster?). One of the biggest fears their industry had was the departure of their "customers" to file sharing networks (why buy a cow if you can get the milk for free). They also feared that their long proven financial model of staggered release windows (cinema, DVD, subscription, pay-per-view, broadcast, web, regions) would be lost and negatively impact them financially. He shared that much the way that the VCR and DVD actually turned out to dramatically increase industry revenues, file sharing networks (with DRM protection) actually have become their preferred, extreme low cost distribution channel for their content
which they can now manage more directly together through their licensing channels. The "customers" for their content found the incentive to get their content rights through legitimate licensing services (rather than seeking out pirated content) because their rights were accessible to them wherever they were, on whatever device they were using at any point in time. Additionally, loyalty programs for customers granted additional rights (ring-tones, wallpaper, games, special features, alternate formats) to content which could also be easily and transparently acquired. He said that even though it was still possible to defeat DRM and copy protection systems, they had successfully shifted the attention away from just getting "free" content to providing additional value to their actual customers by easily respecting copyright agreements. He said they also experimented more with alternate compensation models such as targeted advertising in "free" content which made them nearly as much money as broadcast licensing. With broadband network access so easily accessible, the requirement for consumers to "hold" their own content bits and fear their loss of rights to use had passed since content rights transcended both devices and the bits themselves.

FAIR USE ADVOCATES PERSPECTIVE

I was fortunate to speak with a "fair use" scholar who has been involved in the legal and social debates on this topic for many years. What came clear from my discussion was that the introduction of DRM systems late in the previous decade was a highly contentious debate. There were well founded fears by "fair use" advocates that legal obstacles (such as DMCA) and technical approaches such as DRM systems would erode the legitimate rights of citizens with respect to copyrighted materials. While the law continues to evolve and seeks to address the legitimate rights granted under copyright law, the majority of the copyright owners have moved to pre-empt new legislation by allowing more liberal usage rights since new technical measures (tracking, watermarking) make it easier to prosecute those who unfairly appropriate copyrighted materials and cause damages or losses. When DRM systems began to directly offer "fair use" extraction options, much of the fair use debate subsided.

What I also found interesting in investigating this topic was the historically loose use (by some) of the term "fair use" when the term "free use" would be more appropriate since some of those individuals simply did not respect copyright law at all and pontificate about "societal rights" trumping the rights granted by law.

Still most others would fit somewhere in-between the two camps and really mean "fairer use" from the perspective of mostly honest citizens who respect copyrights in general, but are frustrated that copyright licensing and use terms were too restrictive. This middle group likely represent the majority of population and their frustrations were mostly addressed in the beginning of this decade with much more liberal usage rights from copyright owners.

SUMMARY

In the final analysis, good sense prevailed at the end of the previous decade and the critical concept of network identity based rights management saved DRM from the scrap heap of history. More importantly, DRM has evolved to become a baseline technology for preserving the confidentiality of any type of content, especially for applications where no "fair use" principles apply (no copyright issues). Where copyright issues apply, DRM evolved from being simply a "restriction management" technology into being an "entitlement management" system designed to make sure that users could transparently get access rights to whatever they needed without worrying about the device or protection system. Since every commercially available computer and consumer electronic device has become "trusted" from the hardware up, the risks of hacking content have been greatly diminished - though never completely eliminated, which has generally not been the end goal.

By the middle of the previous decade, there was widespread recognition that shifting the focus of DRM to depend upon network management of identity was the key to effective DRM systems. Identity enabled DRM systems focused on individuals and roles instead of only on the devices. Today, nearly everybody expects that when they will acquire the rights to consume content, they will be able to do so on any suitable secure device, and not be tied to a particular device or even to a particular location. In many ways DRM transitioned from being a "fat client" focused approach to being a "network client" model much like all the other application services we use today.

In the last decade, it quickly was recognized that the same set of technologies created for entertainment focused DRMs could be applied to many other industry
domains (enterprise, health care, education, finance, government, etc.). Differentiation between industries came by employing a subset of the core technologies, and applying different licensing policies. For example, a top tier entertainment delivery service requires tamper proof technology. However, with books in the public domain or ones which use the Creative Commons (non-commercial) license, tamper proofing technology would not be required. Instead it might be necessary to use technology to verify/enforce that Creative Commons license for non-commercial use.

It is true that many people did recognize these common factors. However, the different "camps" in the DRM discussion were so balkinized that there was absolutely no discussion between them to truly solve the problem. It was Open Media Commons, launched in 2005, that was one of the key catalysts that did enable these groups to work together with a common purpose. The DReaM technology in Open Media Commons provided all the necessary technology building blocks. DReaM technology was released as an open source project, and it was able to develop as a royalty free technology. Prior to that, DRM technology was highly encumbered so that there was onerous licensing terms demanded by DRM patent owners. These roadblocks were overcome with DReaM.

So, more than a decade after first generation DRM systems were deployed, most of the early shortcomings have been addressed by next generation DRM architectures which moved the focus of rights management to enabling users rights rather than focusing on restrictions. It is clear that the benefits of DRM systems across multiple domains has resulted in large scale benefits which outweigh any of the corner case restrictions that DRM originally introduced.

Posted at 12:26PM Oct 17, 2006 by tomj in General  |