APIG DRM Inquiry Submission


Executive Summary

  1. DRM distorts traditional trade-offs in copyright law by providing a mechanism for rights holders to restrict the way in which works are used, over and above the limitations set down by copyright law.
  2. New types of content sharing licences are at risk if DRM becomes widespread, as DRM systems may prevent the public from accessing materials released under these alternative licences.
  3. The law should require that all media producers deliver works in the clear, i.e. without any DRM, to copyright deposit libraries.
  4. All DRM will eventually become outdated, thus locking away the DRM'd media, and users should be allowed to circumvent any DRM when this occurs.
  5. The law should provide an immediate right of action for any disabled people to circumvent DRM systems in the process of accessing the media for their own consumption.
  6. Content already has legal protection. Legal penalties for DRM circumvention go beyond what is required for the enforcement of copyright and create many negative side-effects.
  7. DRM systems can and do have serious negative effects on computer functionality.
  8. The UK Parliament should lead the way in developing a balanced global agenda on intellectual property issues.

Does DRM distort traditional trade-offs in copyright law?

"Copyright law is a law like any other, and guilt is traditionally decided by human judges and jurors with the aid of opposing lawyers who are also (mostly) human beings. DRM puts the programmer in the role of police, prosecutor, judge and jury."

Copyright law seeks to carefully balance monopoly rights for creators and publishers with the public interest in free expression, education, criticism and new forms of creativity.

Given that the monopoly holder can unilaterally set the terms of a digital rights management system's "contract", the change in the balance of copyright created by DRM is all in the direction of the copyright holder, who obtains new powers and benefits, while the user of the copyrighted material enjoys nothing but reductions in their freedoms.

Additionally, DRM is incapable of distinguishing between lawful re-use and unlawful re-use, because doing so requires that DRM understand the intention of the user – to be able to tell fair use from misuse. Such subtlety is beyond the rigid strictures of DRM.

Finally, it is notable that no current DRM system voluntarily seeks to restrict itself by enforcing only those rights granted to the rights holder under existing copyright law. For instance, the proposed CPCM standard for digital TV (DVB) allows the terms of protection to be extended to 200 years [1]. Other user rights, such as the doctrine of exhaustion [2] are likewise vulnerable.

Do new types of content sharing licences (such as Creative Commons or Copyleft) need legislative change to be effective?

Pervasive digital rights systems can have a negative effect on rights holders who do not use or are unconnected to those exploiting these systems, including those who wish to encourage open and free distribution by releasing their works under alternative licences such as Creative Commons or Copyleft.

For instance, if hardware-based DRM, such as Trusted Computing (See Appendix A) is in use and supported in law, powerful rights holders may end up with complete control of what consumers can and cannot see, regardless of whether the content in question belongs to those rights holders or not. This is because their content will only be usable if software the rights holder approves of is running, which may, in turn, lead to a situation where a typical user is only running software that is controlled by those rights holders. This software can then choose what can and cannot be viewed by the user. In effect, powerful rights holders may become censors for the general public. Of course, consumers could elect to not run the software dictated by these rights holders, but then they will be prevented from enjoying much of the commonly available content [3].

One legislative solution to this would be to make the use of circumvention tools legal when they are applied either in the course of a lawful use or to enable lawful uses.

One special case of this exclusion involves legislated DRM standards which demand that receiving devices are unalterable by end-users. This excludes the use of free software in these systems, because such code is, by its very nature, always alterable by its users.

How should copyright deposit libraries deal with DRM issues?

"Unless someone outside the publisher has a non-DRM’d copy of the content, it is difficult to see how the eventual end of the copyright term will be enforced. Suppose, when “About A Boy” should enter the public domain, there are no non-DRM’d editions available?"

The law should require that media producers deliver works in the clear to copyright deposit libraries. Any lesser measure exposes the library to the risk that works will become unreadable when the hardware and software used to implement the DRM becomes obsolete [4]. The outcome would be that the DRM material simply disappears.

With this provision, copyright deposit libraries can play a renewed role in a world that contains not just use-restricted material, but copyrighted content encoded in other forms of proprietary and non-interoperable formats. By requiring that works be deposited in open, unencumbered formats, copyright libraries can serve as digital repositories for works that are in the public domain, where the public and entrepreneurs can source canonical editions and distribute and build upon them. New industries and businesses which exploit the rich resources of the public domain - a UK business releasing CDs of public domain music, or pre-loading UK MP3 players, say - can retrieve the source files from the deposit library, turning the public investment in archiving into an engine for economic growth.

How should consumers be protected when DRM systems are discontinued?

"Future historians will curse us if we allow the deployment of systems that will forever lock them out of records or cultural artefacts. DRM systems risk this."

All DRM will eventually become outdated and, because it is inevitably designed to resist access to its protected content, will effectively become unusable - unless there is some way to copy the material to newer systems. Again, there is a need to remove any legal obstructions to the production and dissemination of circumvention tools which allow access to lawfully acquired DRM-locked materials under these circumstances.

To what extent should DRM systems be forced to make exceptions for the partially sighted and people with other disabilities?

Blind people and others with sensory disabilities often have the statutory right to convert media to assistive formats, but if DRM is in place they are prevented from doing so.

In the UK, the Visually Impaired Persons Act 2002 allows for the transformation of media into the appropriate assistive formats. Beneficiaries of copyright exemptions should not, as current law dictates, have to appeal to the Secretary of State in the hope that he will order right holders to allow at some future point the exercise of those exceptions. They should have an immediate right of action against those who have released restrictive works.

Sensorily disabled people are often the unintended beneficiary of works that have had their DRM removed by file-sharers; for example ebook sharers who digitise texts not yet available to the public and "fansubbers" who add closed captions to imported DVDs. These materials are often the subject of legal countermeasures and thus these creative and assistive acts are done in defiance of anti-circumvention laws, because, for example, it is impossible to add captions to a movie without extracting the movie from its protective DRM wrapper.

WIPO’s Standing Committee on Copyright and Related Rights met in November and recognised the seriousness of the problem for users with disabilities [5].

The UK could lead the way in this by setting a gold standard: both in providing for practical exception processes for those with disabilities, and by carving out more flexible transformative rights for the creative enhancement of existing works.

What legal protections should DRM systems have from those who wish to circumvent them?

"The content already has legal protection against misuse. DRM is practical protection. If people want to practically circumvent DRM, and then use the content in legal ways, that should remain legal. For me, this is the heart of the issue, and the most important single point with regard to DRM."

Legal penalties against circumvention of DRM have so many negative side-effects that we believe it should be strictly limited to support the enforcement of copyright:

  • Circumvention should be permitted if it is to enable a lawful use of the DRMed material.
  • Circumvention tools should be legal if they enable a lawful use of the DRMed material.
  • Circumvention should be permitted for academic or research purposes. Without this legal circumvention is unlikely to occur in practice, no matter how desirable.
  • Circumvention should be lawful to gain access to lawfully acquired works where the DRM has failed or become obsolete, or where an online validation server is unreachable or has disappeared due to bankruptcy, etc.

This incentivises DRM makers to more closely model user rights in copyright. The current system is a attractive to rights holders, because it allows them to confiscate users’ traditional rights and sell them back under false pretences, for example, as a licence. It does not reflect the current set of rights enshrined in any copyright law. Instead it allows rights holders to arbitrarily restrict the use of DRMed works as if the rights holders were de facto lawmakers.

Can DRM systems have unintended consequences on computer functionality?

DRM systems can have, and indeed they have had, unintended consequences for users. The most recent example, covered in more detail in the Appendix, was Sony BMG's DRM software which was installed from a music CD on users' computers without their permission, made those computer vulnerable to attack by viruses, and when removed caused serious malfunction.

In attempting to enforce use-restriction on their customers, Sony BMG ended up fulfilling all the effective (and, in some US states, legal) definitions of "spyware", unwanted software that invades user's privacy, and interferes with the operation of their machine. 6

An affirmative statement that the Computer Misuse Act applies to this form of DRM would be a useful deterrent to such abuse.

What is the role of the UK Parliament in influencing the global agenda for this type of technical issue?

The UK occupies a pivotal global role in the development of policy for this, and other intellectual property issues. A key player in organisations which set global policies, such as WIPO and the EU, Britain also is in unique position to act as a moderating influence on the United States, which is often the strongest advocate in these arenas for radical change in international copyright norms.

As Bernt Hugenholtz, chairman of the European Commission’s Legal Advisory Board Intellectual Property Task Force, has commented [7]: "The intense pressure from the copyright industries and, particularly, from the United States (where the main right holders of the world reside) ... has not allowed the Member States and their parliaments, or even the European Parliament, to adequately reflect upon the many questions put before them."

With British citizens' control over their own property and rights in the balance, we hope that our representatives in Parliament will ensure that the public interest is also spoken for at these negotiations, by overseeing and more closely defining our own global agenda.

Appendix A - Notes on Digital Rights Management

1 What is DRM?

Digital Rights Management (DRM) systems are use-restriction technologies, protected by anti-circumvention provisions under the EUCD and the 1996 WIPO Copyright Treaty (WCT). DRM software seeks to control how owners of lawfully acquired works use those works. It also seeks to control who may make players and interoperable technologies for use in connection with those works.

Both of these objectives harm the public interest, are technically infeasible, and upset the balance of interests between creators and the wider public which copyright law ought to reflect.

1.1 Controlling uses

Controlling the use of a work after it has been lawfully acquired presents an insurmountable technological challenge. Typically, DRM seeks to exert control by limiting activities such as printing, copying or redistribution. Consider legitimate computer security, which concerns itself with preventing third parties – the attacker – from reading, interfering with or stopping the transmission of information between trusted parties. When Alice sends Bob a message, she uses security to prevent Carol from reading it, changing it, or faking it.

DRM, however, treats the intended recipient of works as the attacker – when you buy a DVD, the attacker that the DVD’s DRM tries to control is you, the DVD’s owner.

But DRM can never provide full control because its effectiveness is compromised at a fundamental level. DVD players, for example, must be able to unscramble the movie on the DVD, otherwise you would not be able to play it. So in order to prevent copying, your own DVD player has to conspire to keep you from saving the movie after it has been unscrambled.

Practically speaking, this is impossible. It is a tenet of computer security that an attacker with unlimited time and physical access to a sensitive computer can always get it to yield its secrets. It only takes a single skilled attacker to remove the DRM and make the unscrambled work available on the Internet for that DRM to be permanently broken. Subsequent attackers only need sufficient skill to locate the unscrambled copy on a P2P network, not the skill to crack the DRM.

See Professor Ed Felten’s "CD Copy Protection: The Road to Spyware" http://www.freedom-to-tinker.com/?p=939


1.2 Preventing interoperable technologies
1.2.1 Legal Protection

Copyright law preserves competition by allowing for the reverse-engineering of file-formats and programs for the purpose of producing new, interoperable software. It is pro-competitive to have tools from multiple vendors available for any given file format – for example, to have multiple Web browsers, or to have programs such as Apple’s TextEdit and the OpenOffice.org suite which can read Microsoft Word files.

However, in the case of DRM, anti-circumvention laws prevent the production of players compatible with DRM file formats. For example, the mPlayer media player can read and play back Microsoft’s WMV videos, allowing consumers who invest in WMV files the choice of an alternative and more capable player. However, mPlayer circumvents the DRM in WMV, and is therefore of dubious legality, and cannot be readily obtained and used by British firms seeking to incorporate it into their commercial offerings.

Legally protected DRM creates a new class of proprietary file-formats which cannot be lawfully reverse-engineered. This limits competition and reduces choice for the consumer, resulting in ’lock-in’ – once consumers start gathering media in a given file format, they find themselves unable to switch to another format without having to repurchase the media they already own.

1.2.2 Technical Protection

As mentioned above, DRM players must unscramble protected content in order to make it useful to the user. Because this unscrambled form can then be intercepted by the user and used to create a copy of the content, one approach to DRM is to introduce technical protection against this interception. A standard PC is currently unable to do this: in practice, it is not possible to control what is done with the data once it has been unscrambled.

Thus the computing industry is exploring the possibility of creating computer systems where the DRM is built into hardware, and the protected media can only be accessed when approved software is running. This allows the content owner to prevent interception of scrambled content by refusing to unscramble it if the computer is running any software that the content owner doesn’t approve of. (In practice, this means that unscrambling will occur only if all the software running on the computer is approved by the content owner).

This is the aim of technologies such as those being developed by the Trusted Computing Group (https://www.trustedcomputinggroup.org/home) and Microsoft’s Next-Generation Secure Computing Base (http://www.microsoft.com/resources/ngscb/default.mspx).

Trusted Computing (TC) and similar systems do not prevent the eventual unlocking and releasing of content into circulation (attackers still have unlimited time and access to the TC system). They do, however, significantly increase the ability of rights holders and other remote groups to control the use of consumer computing hardware, and deny interoperability.

- Ben Laurie, for ORG

Appendix B - Additional Submission Notes

[1] DRM Beyond Copyright

For details on CPCM, see Electronic Frontier Foundations submission to the DCMS Committee, http://www.eff.org/IP/DVB/

Other examples of DRM imposing greater controls than copyright law include DVD CSS which allows region-coding – a DVD protected by CSS bought in one country might refuse to play on another country’s DVD players. Of course, a book bought in any country works in any other country. While the EU Copyright Directive does not extend protection to these type of access controls, which are unrelated to copyright, UK case law does prevent users from bypassing region controls in devices such as the Sony PlayStation. Use can also be restricted in novel ways, for example: the user might be able to view a document on their screen, but be unable to print it, or the user will be unable to use copy and paste, regardless of whether their intention is fair or not. The recipient of DRMed content can have access retroactively reduced or revoked, for example, DRMed content may check each time it is opened to see whether the user still has the “right” to view it. This right could be retroactively removed, regardless of whether the user agrees.

[2] The Doctrine of Exhaustion

"First sale" rights restrict the ability of rights holders to attack the European Single Market by pricing copyright works differently in each of the EU member states. Once a copyrighted work has been sold within the EU, it may be resold by the purchaser without infringing any intellectual property right, e.g. once you have bought a book or a record, you have the right to resell it wherever, whenever and at whatever price you like.

DRM enables rights holders to tie a work to an individual user’s PC, preventing arbitrage within the Single Market. This differential pricing policy, made possible by DRM, has already been exploited by Apple’s iTunes online music store which charges more in the UK than in other countries.

Copyright holders may seek to justify this kind of behaviour by describing the sale of material as sale of a "licence" for use, but this is merely playing with words. The net effect is that the purchaser of the material has not actually got what they would have got had they bought a copy using traditional media, such as paper or vinyl.

[3] The Dangers of Trusted Computing

For a full discussion of this future risk of DRM, see Trusted Computing FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, Professor Ross Anderson, University of Cambridge Computer Lab

[4] DRM and "Bit Rot"

This effect was dramatically illustrated by the BBC’s Domesday project, which used modified BBC Microcomputers to play customised video discs. Some years after these discs were produced and distributed to libraries it was realised that there were no functioning players remaining in circulation. And since video disc technology was in vogue for a very short period there was effectively no way to read the Domesday discs using any commercially available technology. The cost of recovering the data ran into millions – and this was data for which no attempt at copy protection had been made. This problem would be greatly exacerbated if the works were obscured by outdated and unsupported DRM that actively tries to stop attempts at circumvention. (http://www.tasi.ac.uk/advice/delivering/pdf/digpres.pdf, http://www.si.umich.edu/CAMILEON/domesday/domesday.html)

A similar problem was noted by the Cambridge University Library with respect to documents published in proprietory word-processing packages. After a surprisingly short time (less than a decade) these became effectively unreadable by modern versions of the same software, and converting them so they could be read was both painful and unreliable – changes in automatic formatting rendered references to electronically stored books incorrect, since page and paragraph layout changed unpredictably. (http://www.cl.cam.ac.uk/ rnc1/security.pdf)

Libraries therefore often need to transcode works or access them via an emulator in order to preserve the integrity of their collections; DRM seeks to block this.

[5] WIPO Mandatory Copyright Exceptions Proposal

Proposed by Chile - see http://www.eff.org/deeplinks/archives/004200.php and http://www.wipo.int/meetings/en/doc_details.jsp?doc_id=53350

[6] The Sony BMG "Rootkit" Affair

In June 2004, Sony BMG introduced a DRM system called XCP. This system installs software on the consumer’s system that allows Sony to control what content the consumer could access, and how that content could be used. In order to reduce the risk of circumvention, Sony also installed software that "hid" their DRM system from the owner of the computer. This use of this DRM system had at least two unforeseen and harmful consequences.

Firstly, the "hiding" system used was completely general purpose – it could be used to hide anything – and indeed within a short time computer viruses and worms started to appear which exploited this property, making them practically impossible to remove.

Secondly, a knowledgeable user, knowing that this software placed their machine at risk, who attempted to remove the DRM system (certainly they are within their rights to do this, particularly if they stop using the DRM'd content) found that doing so often rendered the system unusable. For more information, see http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html

[7] Comments by Bernt Hugenholtz

See http://www.ivir.nl/publications/hugenholtz/opinion-EIPR.html

Appendix C - Public Comments

From 2 December 2005 to 19 December 2005, the Open Rights Group solicited public comments on the eight questions posited by the APIG Public Inquiry into Digital Rights Management.

  1. Overview http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-overview/
  2. Whether DRM distorts traditional trade-offs in copyright law http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-does-drm-make-copyright-law-unbalanced/
  3. Whether new types of content sharing licence (such as Creative Commons or Copyleft) need legislation changes to be effective http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-should-legislation-be-changed-to-make-creative-commons-effective/
  4. How copyright deposit libraries should deal with DRM issues http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-should-copyright-deposit-libraries-be-treated-specially/
  5. How consumers should be protected when DRM systems are discontinued http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry/
  6. To what extent DRM systems should be forced to make exceptions for the partially sighted and people with other disabilities http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-how-important-is-access/
  7. What legal protections DRM systems should have from those who wish to circumvent them http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-legal-protection-for-drm/
  8. Whether DRM systems can have unintended consequences on computer functionality http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-unintended-consequences/
  9. The role of the UK Parliament in influencing the global agenda for this type of technical issue http://www.openrightsgroup.org/2005/12/02/apig-drm-inquiry-the-role-of-the-uk-parliament/

1. Whether DRM distorts traditional trade-offs in copyright law

1.1 Comment by Simon Gibbs — December 3, 2005 @ 4:51 pm Inherently yes.

Copyright law is a law like any other, and guilt is traditionally decided by human judges and jurors with the aid of opposing lawyers who are also (mostly) human beings.

DRM puts the programmer in the role of police, prosecutor, judge and jury. It is the programmer that decides the scheme by which evidence is gathered and evaluated, and *whether* any evidence is gathered or evaluated. It is the role of the programmer to emulate or replace the mental processes a jury of his peers and the mental processes of well trained and experienced judges. It is the programmer who decides what possible relief can be granted to each of the opposing sides, a role traditionally held by Parliament.

The programmers work for the content owners, not the content users.

DRM is unbalanced because it removes the scales of justice from the picture - no scale, no balance.

See also: http://doi.acm.org/10.1145/641205.641229 http://doi.acm.org/10.1145/641205.641232

1.2 Comment by Martin Coxall — December 3, 2005 @ 11:59 pm “DRM is unbalanced because it removes the scales of justice from the picture - no scale, no balance.”

What does this mean? You mean that because it tips the scales away from thieves, and in favour of legitimate rights holders, DRM is ‘unbalanced’?

1.3 Comment by Simon Gibbs — December 4, 2005 @ 10:56 pm Not thieves, consumers.

And when I say it removes the scales of justice, I mean exactly those scales applied exactly to consumers. You must be referring to some other scale which I suspect is less relevant to the activities of law abiding consumers.

A 100% effective DRM system, or a flawed system backed up by anti-circumvention law, places absolute power with the content owner. They, in effect, decide whether a use is permitted and they do so without discourse to the courts or legislature. The programs are limited in their ability to be fair because they use simple boolean logic and have access to only limited data about the context.

One of the linked papers is by Edward Felten, an excerpt follows:

“Even if full information about the circumstances were available, applying the four factor fair use test would require highly sophisticated AI. [..] For instance [..the test] requires reasoning about the economics of a particular market, a task even well-trained humans find difficult. [..] A DRM system that gets all fair use judgements right would in effect be a “judge on a chip” predicting with high accuracy how a real judge would decide a lawsuit challenging a particular use. Clearly, this is infeasible with today’s technology.”

1.4 Comment by kenkil — December 5, 2005 @ 12:35 pm DRM systems make the content more difficult to use- for legitimate users. Depending on the how the system operates, it is likely to-

  • Limit your choice of player/viewer product
  • Limit your choice of playback device or platform (DVDs on Linux, iTMS music on non-iPods)
  • Make it possible for the content provider to enforce changes to the licensing agreement after the fact (as happened with iTMS)
  • Requires the installation of fiddly, non-standard software

The choice arguments above ultimately stem from the way Copyright awards a monopoly over the content. Historically, this monopoly means that only one company can make CDs with particular music on them. But in the digital realm, with DRM, it seems that the monopoly will extend as far as enforcing the use of particular software- a reduction in consumer choice.

One of the great benefits of digital content is its greater convenience- DRM runs the risk of making it less easy-to-use than traditional formats. This is a real loss of value overall to UK PLC.

1.5 Comment by Theodore Hong — December 5, 2005 @ 1:36 pm This is a good start - what I think we need to do is to come up with specific examples of uses of copyrighted material that are legal but would be potentially blocked by a DRM system. We should also adapt Felten’s argument to cite UK rather than US law.

1.6 Comment by Dominic Jackson — December 5, 2005 @ 11:40 pm Here’s an interesting example. The guy doing this is actually in the US where his actions would undoubtedly be “fair use” but probably not “fair dealing” in the UK.

The BBC DVD box set of the 2005 Doctor Who series recently released has an authoring fault on one disc - you can’t play one episode in its entirety unless you choose play all and skip forward to the correct point. One chap tried to correct this by ripping the DVD (which necessarily entailed decrypting it) and re-authoring to fix the fault. Notice how the thread evolves with others not realising that what the guy has done is illegal and moderators trying to suppress the discussion.

http://www.rtforum.co.uk/read.php?id=133811

[Threads on this board are not permanent and do not get archived anywhere to this link will not work forever]

Is it also worth commenting that the media industry remains in reasonable health despite the wide availability of DRM circumvention software? The EFF recently noted that the US copyright office blindly sticks to the mantra that “DRM is all that stands between the media industry and financial ruin” and I suspect some of our politicians may be inclined to do likewise.

1.7 Comment by J — December 6, 2005 @ 10:26 am “Is it also worth commenting that the media industry remains in reasonable health despite the wide availability of DRM circumvention software?”

I think this is a weak argument, as the industry (in general) makes so little of its revenue from DRM content.

If you are willing to look at specific niches, you can probably argue either way. I know that games companies who publish exclusively for the PC platform have a real financial problem with illegal copying, and I think you can make quite a case for how better (i.e. harder to circumvent) DRM would financially help them.

1.8 Comment by J — December 6, 2005 @ 11:03 am Kenkil (comment 4)

I agree with your points, but don’t see the problem. If some companies want to make their products harder to use, that’s fine by me. I don’t want to see the government try to legislate good product design, or enforce ease of use by law. I’m confident that the market will filter out those companies that make their products undesirable. Certainly way more confident than I am that government legislation will.

The only issue is whether these companies, in seeking to make their products harder to use, infringe on our rights. There are two main ways this might happen:

1. They prevent, practically, various fair uses.

2. They convince the government to prevent, legally, various practical actions (presumably ones to solve the problem created in step 1).

Of these, 2 is more concerning than 1, although both are an issue. Suppose Xerox created un-photocopyable paper. I don’t have a huge problem with that. You could print sensitive documents on the paper, and rest safe in the knowledge that they won’t spread so easily.

Someone wishing to make fair use of the document still can - they can re-type it or copy it out longhand or whatever. Yes, it sucks, but so what, there’s no onus on companies to help us make fair use of their material.

Now suppose Toshiba make a new photocopier, capable of copying Xerox’s new paper. That sounds great to me. Progress and all that. Might piss Xerox off, but that’s no concern of me or the government.

Now IF Xerox then start lobbying the government to criminalise, or somehow restrict Toshiba’s new photocopier, then I have a problem. And yes we are starting to see that happen. But THAT is the fight - not the issue of whether one day all paper will be uncopyable by normal copiers. That issue is something markets can be left to decide.

1.9 Comment by kenkil — December 6, 2005 @ 12:51 pm J - I see what you mean. But the photocopier example is not abstract. There is a system called “Euronics marks”, a yellow pattern of circles which all colour photocopiers and commercial image processing software do not copy. This pattern appears on all European bank notes (on the £20 note it’s disguised as the musical notes). But you can easily reproduce it on your own documents if you don’t want them to be copied- hey! It’s an unintended consequence!

Safest to say that DRM is inconvenient and troublesome for consumers. This is an issue for consumers and publishers to sort out without government intervention - there are non DRM’d products out there and free competition ought to make these more popular than DRM’d products. Provided that the government does nothing to sway the market towards more widespread adoption of DRM. DRM is bad, so don’t make it worse and don’t make it mandatory.

1.10 Comment by kenkil — December 6, 2005 @ 12:52 pm I tell a lie, it’s called the “Eurion Constellation”. See here: wikipedia: EURion constellation

2. Whether new types of content sharing licence (such as Creative Commons or Copyleft) need legislation changes to be effective

2.1 Comment by Khalid Yaqub — December 3, 2005 @ 3:32 am You should probably say “new legislation” rather than just “legislation” and “additional support of the law” instead of just “support of the law”. Many people often forget that “copyleft” is not something which opposes copyright, but actually depends on and works in tandem with copyright. In an environment where many entrenched players feel the need to smear “copyleft” and Creative Commons as some sort of communist/IP-destroying concept, it’s important to drive this point home.

What would be more useful would be to ask if there are cases where copyleft/Creative Commons was insufficient in providing the intended level of protection+openness, and if so, is legislation the right way to fill in such gaps.

2.2 Comment by Suw Charman — December 3, 2005 @ 7:42 am The main points aren’t my points, they are those made by the APIG inquiry, so your comments are a good push back on the language of their questions.

2.3 Comment by Simon Gibbs — December 3, 2005 @ 5:06 pm The law should be written to support copyright owners that wish to licence their content on share-alike terms and on terms requiring attribution.. Whether or not the law is already written this way is a question for lawyers. Perhaps we APIG would like to get some lawyers in to inquiry into this area? Perhaps ORG could arrange something like that?

Share-alike and attribution requirements, when infringed, should not be treated as second-class infringements.

2.4 Comment by Martin Coxall — December 4, 2005 @ 12:02 am Copyright libraries should be forbidden from retaining DRM’d material.

To do otherwise would legitimise DRM, and we all think that’s bad, right?

2.5 Comment by Peter Clay — December 8, 2005 @ 6:44 pm I don’t see why CC should need legal changes to be effective, as it’s purely voluntary and built on existing copyright law.

Astonishingly, I agree with Mr Coxall that copyright libraries shouldn’t retain DRM’d material; doing so is a total waste of time and money in any case as it will die and become inaccessible within a decade or so once the system it was built on becomes obsolete.

3. How copyright deposit libraries should deal with DRM issues

3.1 Comment by Simon Gibbs — December 4, 2005 @ 11:07 pm Martin, in another thread said “Copyright libraries should be forbidden from retaining DRM’d material. To do otherwise would legitimise DRM, and we all think that’s bad, right?”

I agree there should be a ban but not with reasons for a ban. Its about ensuring that the law is followed and that copyright libraries do their job, which is to ensure that the monopoly of reproduction on content does not mean that the content is lost.

If a DRM solution is in place, then there is a risk that the material will not be accessible in future, e.g. if the DRM scheme is “upgraded” or the firm running its tracking servers goes bust.

3.2 Comment by kenkil — December 5, 2005 @ 12:43 pm It seems that DRM is new way of enforcing the terms of Copyright. I’m sure that publishers would rather have a permanent monopoly over their current output, rather than the (theoretically) temporary monopoly they currently have.

Unless someone outside the publisher has a non-DRM’d copy of the content, it is difficult to see how the eventual end of the Copyright term will be enforced. Suppose, when “About A Boy” should enter the public domain, there are no non-DRM’d editions available.

Unless I’ve misunderstood the purpose of Copyright Deposit Libraries (CDL), publishers who want to use DRM should therefore be required to lodge a usable, non-DRM’d version of the content with a CDL. This copy should be suitable for (automatic?) release to the public domain as soon as the Copyright term is ended.

4 How consumers should be protected when DRM systems are discontinued

4.1 Comment by Simon Gibbs — December 3, 2005 @ 6:14 pm Two things seem important here. The first is that DRM doesn’t sit still. You can be forced to suffer through an upgrade that end up degrading your experience.

The second, is that any system of DRM that is enforced by communication with a central server will stop working exactly when the record company says it stops working. This is really important when companies go bust, for example.

Consumers should also be protected by ensuring that circumvention of DRM is not in itself illegal. This is important in the case of bankruptcy where access to a central server is required for the system to work. Rather than appealing to the administrator for a refund I should have the option of getting together with other former consumers and cracking the DRM protection. As long as I don’t then infringe the artists copyright I won’t have done anything wrong.

Its also important that upgrades (i.e. those upgrades that tend to be downgrades) also force a re-evaluation under consumer protection law. Essentially any change should be considered exactly as if it were a new sale. I get to choose, again, whether the change suits me and can return every affected song if I want and can expect a prompt refund.

4.2 Comment by kenkil — December 5, 2005 @ 12:53 pm If a customer has paid for access to content, and that access is mediated via DRM, it seems that if anything happens that withdraws the agreed level of access, then the customer is already protected by existing legislation.

But, what happens if the company goes bust, and the DRM system prevents the customer from accessing something they’ve already paid for? This might not be comparable to existing consumer protection situations. Perhaps it should be illegal to deploy DRM that “locks out” customers in this way, or perhaps it should be legal to crack the DRM system, or demand access to a non-DRM’d version of the content held in escrow at a copyright deposit library?

It seems the easiest, least red-taped, most consumer-friendly way to do this is to not use DRM in the first place.

Future historians will curse us if we allow the deployment of systems that will forever lock them out of records or cultural artefacts. DRM systems risk this.

4.3 Comment by J — December 6, 2005 @ 10:34 am “It seems the easiest, least red-taped, most consumer-friendly way to do this is to not use DRM in the first place.”

Umm, not from the point of view of someone trying to make money, it isn’t. We have a mechanism for encouraging companies to be consumer-friendly - the free market - and I don’t want to replace that with legislation.

If I sell a Betamax video, it’s not my problem if Sony stop selling players, thereby making the purchase valueless. This is a practical issue, it’s got nothing to do with rights. If Joe Bloggs, realising that he can’t now buy a player for his Beta tape of Star Wars, wishes to build his own, that’s fine. He’s within his rights.

The issue is whether it should be illegal for Joe Bloggs to build a Beta player, on the grounds that the player, or some decoding action performed by the player, has special DMCA like legal protection. I think such protection should not exist.

If companies want to make their products harder to use as a trade-off for making them harder to copy, I think that’s fine. What I’m against is then doing this by resorting to legislation that infringes on existing rights. If it were a purely practical or technical issue, I’d have no problem with it.

4.4 Comment by J — December 6, 2005 @ 10:43 am Practically speaking, you could set up compulsory escrow for this kind of thing, so companies are required to submit the relevant keys etc to some body, that then releases them publicly in the event of company failure.

But, companies rarely just die and vanish. Far more likely, another company (Newco) will buy the remains at a bargain price, and so there’d be no reason for the escrowed keys to be released - they are an asset that has been purchased by Newco. There’s not reason Newco should do anything other than sit on the keys, if it doesn’t think it can get a return on the cost of re-creating the DRM enabling environment that the original company had.

Alternatively, you could have the keys escrowed and then released when copyright expires, which seems more reasonable in law to me, but of course is now a very long time away. If the DRM environment involves significant infrastructure / software / hardware as well as the keys, then it would be up to some 3rd party to re-create that infrastructure at their own risk (and be able to charge for use of it etc). With the keys in the public domain, there should be decent competition to re-enable content in strong demand. For content with little demand, there maybe no private investment in re-creating the DRM enabling environment. I don’t think the taxpayer should foot the bill here, so realistically, some content is going to end up inaccessible. But that is something that happens today, too. An old platter of 35mm film is not something that’s easy to view. You need some costly, antique projection hardware, a screen, and so on. So very old, minority interest films, are essentially unviewable due to cost barriers in re-creating the viewing infrastructure. That’s sad, but it’s not a big deal, ultimately.

5. To what extent DRM systems should be forced to make exceptions for the partially sighted and people with other disabilities

5.1 Comment by kenkil — December 5, 2005 @ 9:49 pm http://www.webcredible.co.uk/user-friendly-resources/web-accessibility/uk-website-legal-requirements.shtml says of the Disability Discrimination Act (DDA):

“The DDA makes it unlawful for a service provider to discriminate against a disabled person by refusing to provide any service which it provides to members of the public.

From 1st October 1999 a service provider has to take reasonable steps to change a practice which makes it unreasonably difficult for disabled people to make use of its services.”

These clauses would seem to be enforceable against companies whose DRM limits access for disabled people. No mention is made in the DDA of these rights being limited by the perceived need to prevent unauthorised copying.

I admit to having to first hand of how disabled people access content.

But I’ve read that one programmer was angered by DRM on an ebook, which, as a side-effect of preventing unauthorised copying, prevented his blind mother from using “screen reader” software to read the content aloud. The programmer went on to develop a circumvention technique for the ebook, and was prosecuted for his trouble.

Output technology like screen readers, and Braille screens require access to a “clear” version of the content to present it to disabled people. Input devices like joysticks and pressure switches need to interact with applications via standard routes, which DRM may seek to disable.

5.2 Comment by J — December 6, 2005 @ 10:52 am I think existing legislation is adequate here. I’d like to hear from a DDA aware lawyer on what exactly it means, because from my point of view, the DDA is extremely untested in court, and no-one really has a clue what it means practically. The only people who talk much about it are lobbyists for the disabled, who are obviously partial to one side.

I’m pretty sure it’s legal (if ill advised) for me to decide to make my web home page one giant image so I can get just the font I want, even though this ‘discriminates’ against the disabled using screen readers.

I kind of agree that this is possibly a stick we can beat DRM with, but I don’t really have a problem with DRM from this particular angle.

6. What legal protections DRM systems should have from those who wish to circumvent them

6.1 Comment by John Nilsson — December 5, 2005 @ 4:46 am It should be the other way around. A DRM system is designed to enforce the law. To circumvent it can already be done illegally or legally within the framework of the laws it is designed to enforce.

see: http://www.edri.org/campaigns/copyright

Quote: 18. EDRI therefore proposes a fruit-of-the-poisoned-tree clause. If a rights-management mechanism infringes a consumer’s rights, then its anti-circumvention protection must cease. Furthermore, all copyrights protected by an offending mechanism should become unenforceable for so long as the offence persists. This `abuse-it-and-lose-it’ clause will cause mechanism owners to think hard before letting them be used for unlawful purposes. They will take care to enable consumers and others to exercise their fair-use and fair-dealing rights and privileges under the established laws of the European Union and its Member States.

19. EDRI further advocates that the poisoned-tree principle should extend to cases where rights-management mechanisms are used to contravene or circumvent competition law. Even if the European Parliament is content to delegate to arbitrary software writers its power to regulate copyright, it acts ultra vires if it thereby gives a software writer in Redmond the power to override the Treaty of Rome. Where a rights-management mechanism has the effect of removing a constitutional right, the legal protection that was granted to it by Parliament and the Commission was granted without lawful authority, and is therefore void. For example, we would argue that DVD region coding is clearly abusive, and therefore the DVD CSS mechanisms are not subject to protection by the InfoSoc Directive.

6.2 Comment by kenkil — December 5, 2005 @ 9:17 pm I think there has been a move to legally protect DRM, by making it illegal to circumvent, regardless of whether the restrictions the DRM system enforces are in line with Copyright law or not.

I think the principles above (nos. 18 and 19) are much fairer. At very least DRM ought not to be permitted if it enforces restrictions above those in law. (Unless the customer has given enformed consent to be so restricted).

6.3 Comment by J — December 6, 2005 @ 10:46 am DRM should not have legal protection. The content already has legal protection against misuse. DRM is practical protection. If people want to practically circumvent DRM, and then use the content in legal ways, that should remain legal. For me, this is the heart of the issue, and the most important single point with regard to DRM.

7. Whether DRM systems can have unintended consequences on computer functionality

7.1 John Nilsson — December 5, 2005 @ 4:49 am Personal experience for me is limited to a game i bought that wouldn’t work with cedega (a windows “emulation” layer for games) because the game copy protection couldn’t detect the cd.

7.2 Comment by kenkil — December 5, 2005 @ 9:24 pm I own several DVDs and would prefer to be able to view them on my Linux system. (Well, I can- but I must circumvent their DRM to do so. The players I use do this transparently, but it’s no less a circumvention).

I have downloaded reports in PDF form and been unable to print them, due to DRM in Adobe Acrobat. (It was an OECD Report on telecommunications usage around the world if memory serves).

DRM systems are not yet that widely deployed. As they are developed and become easier to use they will cause more widespread difficulty.

7.3 Comment by Peter Clay — December 8, 2005 @ 6:50 pm The Sony rootkit?

Friend of mine had trouble with a special HD-DVD (”Step into Liquid”) that was in fact a Windows Media file that used DRM to prevent it being played unless you were connected to the internet on an IP address that appeared to be in the US (where it was bought in an airport). Took us absolutely ages to break it simply so it could be played at all.

8. The role of the UK Parliament in influencing the global agenda for this type of technical issue

8.1 Comment by Simon Gibbs — December 3, 2005 @ 6:38 pm The role of the state is the same as usual - to protect our civil liberties and property rights. It should do this with a sense of proportion and without criminalising otherwise law abiding people by making circumvention and the discussion of circumvention illegal.

Parliament should protect the rights of property owners from any DRM measure that removes control of a device from it’s owners hands without informed consent.

Parliament should protect the privacy of content users. Players should not dial home without asking nicely and any watermarking techniques should not end up broadcasting people’s names from loud speakers. Printers shouldn’t embed their serial numbers into documents even if they are printing bank notes.

Parliament should preserve the right to free-speech by preserving the right to excerpt material and produce critical works.

DRM should do DRM and not be used as an excuse for user profiling or anything else for that matter. Consumers must not be lied to about what’s going on inside their devices even when they can still control them.

Code must not become law - the judiciary should be left in charge of determining lawfulness.

8.2 Comment by kenkil — December 5, 2005 @ 1:02 pm The role of Parliament should remain the promotion of the public good. To the extent that the public good is threatened by the “global agenda for DRM issues” ( can we please have a copy of this?) Parliament should resist than agenda.

Parliament should bear in mind that no company has a right to exist, solely because it has been successful in the past. Parliament should avoid passing legislation which imports historical situations (e.g. great technical difficulty in distributing ideas) into the future.

Where international agreements (WIPO, EU) appear to require Parliament to act in a way not conducive to the public good, they should at least ensure that they to not “Gold Plate” the requirements. (Like they usually do with EU directives).

8.3 Comment by Sean Bamforth — December 10, 2005 @ 1:36 am The role of Parliament should be to ensure that copyright is abided to. Woaaah. You say. We’re against DRM. This is the Open Rights Group. Hear me out. Any DRM system which enforces copyright should automatically time out at the same time as the copyright. If companies want the government to enforce the use of DRM, the the use of that DRM should be fair and reflect current intellectual property legislation. Any DRM system protected under law should also protect the laws of users at the end of the copyright term. Therefore, when my copy of iTunes purchased War Of The Worlds is no longer under copyright, I should then be allowed to copy to my hearts content. To this end, I think that parliament should be looking at enforcing and managing a unified DRM system. They look after the licences. They decide when the licences expire, All DRM enabled equipment must use this common system. There are huge advantages to this…

  • Works don’t get lost when the companies providing that work go bust.
  • All DRM enabled devices can play all DRM music.
  • Companies keep intellectual rights for the term of the copyright
  • licence infrastructure provided by the taxpayer
  • Small publishers have the same access to technology as the larger players.
  • No chance of extra-restrictive DRM from conglomerates bent on world domination.
  • The BBC could do this, and it would give it an extra role for the 21st century.
  • In 100 years time, we don’t lose a huge swathe of our culture.

Whaddaya think?

8.4 Comment by David Brake — December 10, 2005 @ 11:08 am It’s a view I share but you may not get much support for it here. There are a lot of anti-DRM absolutists who would rather we campaigned against DRM altogether rather than trying to ensure it is well-regulated. Personally I think the problems that DRM-free formats have made for copyright holders’ legitimate rights mean that they can make persuasive arguments that some form of DRM is necessary. I think our task should be to make sure it is the right form.