Sunday, June 20, 2010

Disappearing DRM and other thoughts

Note: The opinions expressed in the following posting are mine, and not those of any of my former, current or future clients or employers.

I've long believed that Digital Rights Management (DRM) is a hopeless battle. DRM penalizes the legal, honest customers who purchase content and want to do the right thing. If a hacker is committed, he or she can break any DRM, given enough time and resources. Even if cracking a DRM system is illegal in one country (as the DMCA makes it in the U.S.,) it can usually be cracked legally (or illegally) in another country, and then the cracking software, content that's been unlocked, or both, can get freely distributed around the world. Companies almost never get a positive return on investment from DRM: Distributors are forced to implement it by their content suppliers, and they bear the costs. Content producers can dictate what kinds of DRM are acceptable but rarely bear the costs.

Nevertheless, many content producers and distributors demand that DRM be used. My opinion is that there are ways to make DRM less onerous and less risky for consumers while giving content adequate protection. Consider one problem: Company A sells content to producers that is protected with its own DRM system. Then, a couple of years down the road, Company A goes out of business, is acquired by another company that's no longer interested in the DRM system, or decides to stop distributing content. When customers have problems with the DRM system (for example, they want to move their content library to another machine, or they've had a system problem and need to reauthorize their existing library,) there's no one there to help them. The library of content that they might have spent hundreds or even thousands of dollars on is now worthless.

Or, consider a slight modification to the first case: Company A licenses a DRM system from Company B, and Company B goes out of business. Yes, Company A most likely required Company B to put a copy of its DRM software in an escrow account to cover just such an situation, but that doesn't mean that Company A will be able to support and maintain the DRM system by itself. Company A may still be in business but be unable to fix problems in the DRM for its customers.

One way to address these problems would be to create what I call "disappearing DRM." This would be a DRM system for downloaded content that is automatically disabled after a given period of time, perhaps 24 to 36 months. The greatest risk for piracy is when an eBook, music recording or movie is current. Most popular books and music have gone to the backlist or catalog by the time 24 to 36 months elapses. With disappearing DRM, content could be freely archived, copied and moved from device to device once the time limit expires. That way, if the content or DRM vendor goes out of business, is acquired or loses interest, purchased content would still be usable.

DRM is a necessary evil for encouraging distribution of digital media by major publishers, but there are many ways that it could be made more transparent, more convenient and less dangerous for consumers. A disappearing DRM system would be one of them.
Enhanced by Zemanta

No comments: