Interesting People mailing list archives
IP: Digital rights and wrongs
From: Dave Farber <farber () cis upenn edu>
Date: Tue, 03 Aug 1999 05:40:14 -0400
The message sender can protect email using InvisiMail. Visit http://www.invisimail.com for more details. ______________________________________________________
Date: Tue, 3 Aug 1999 05:34:15 +0200 (CEST) From: Anonymous <nobody () replay com> Subject: Digital rights and wrongs To: cypherpunks () toad com Sender: owner-cypherpunks () toad com [This is from the 07/17/99 issue of The Economist magazine] Digital rights and wrongs Computers were supposed to be threatening copyright. Instead, they may end up making it stronger Digital rights and wrongs INTELLECTUAL-PROPERTY law Òcannot be patched, retrofitted or expanded to contain digitised expression,Ó wrote John Perry Barlow, co-founder of the Electronic Frontier Foundation, an online lobbying group, in an influential essay. ÒDigital technology is detaching information from the physical plane, where property law of all sorts has always found definition...The bottle was protected, not the wine.Ó It now looks as if he was wrong. A lot of people still want to protect their electronic wine. More than a dozen companies are rolling out so-called digital-rights-management systems to do just that. These systems are complicated pieces of software that could, if widely deployed, not only establish property rights in the digital domain, but also strengthen the power of publishers. Some firms focus on only one form of intellectual content. AT&T , Liquid Audio and Microsoft are offering protection for online music; NextPageÕs Folio and XeroxÕs ContentGuard protect electronic documents. But other companies, such as IBM, Intertrust Technologies, SoftLock and Wave Systems, have developed systems designed to protect an even wider range of digital works. As a flavour of what is to come, on July 13th, the Secure Digital Music Initiative ( SDMI ), a global coalition of more than 110 music, consumer-electronics and computer firms, published its standard for future players of online music files. Besides blocking the playing of illegal copies of newly released songs, these devices are supposed to understand predetermined digital-usage rights. The schemeÕs ÒdefaultÓ setting is that people should not be able to own more than four copies of a piece of music for personal use without paying extra. Nor should they be able to distribute them over the Internet. This is only the first step. Some time next year, SDMI hopes to settle on a standard for a comprehensive digital-rights system. This would let music publishers Òslice and diceÓ their copyright. They could decide, for example, how often consumers would be allowed to play a song, how many copies they could make of it and if they should be able to upload it on to an Internet server. It is easy to see why the recording industry, and owners of other types of ÒcontentÓ, are keen on digital-rights-management systems. Besides ensuring these owners were paid for their products, the technology would let them market their digital wares in entirely new ways, such as so-called ÒsuperdistributionÓ. This novel retailing tactic is meant to allow people to distribute copyright material freely to others. But before those others can actually play or view it, it will automatically Òphone homeÓ to a special Internet clearing-house to arrange for the payment of a suitable fee. Mine, all mine Digital-rights-management systems are built around a concept that Mark Stefik, principal scientist at XeroxÕs Palo Alto Research Centre, calls Òtrusted systemsÓ. The term refers to computers that can be relied upon to follow rules set by a publisher. If the copying of a digital work is not allowed, for instance, such a device will refuse to make a duplicate. The best way to do this is to control both the software and the hardware. Machine-readable ÒtagsÓ in the software are then used to represent particular rightsÑsuch as the right to print something, or to transfer it to another deviceÑthat the hardware can interpret. When a piece of content is loaded into a trusted device, it checks the associated digital rules and acts accordingly. One primitive example of such an arrangement is the digital audio tape recorder, which will not make copies from copies. Another is the pay-per-view digital videodisc. Neither of these, however, has been a startling commercial success. That is at least partly because many people do not want to buy specific bits of hardware for particular applications. They would rather rely on a general-purpose and, from a copyright holderÕs point of view, highly untrustworthy device: the personal computer. Protection from PC s is what designers of digital-rights-management systems see as the Òkiller applicationÓ for their technology. All attempts to do it make extensive use of cryptographyÑcreating, to push Mr BarlowÕs analogy a stage further, a virtual bottle for the digital wine. IBM calls this container a Cryptolope (short for Òcryptographic envelopeÓ). Intertrust dubs it a DigiBox. These containers work because, although you can examine their contents if you have the right key, you cannot actually take the contents out to copy them. Instead, you are restricted to whatever operations your key permits. Most systems for PC s require the installation of special software that acts as a sort of electronic notary. It checks a userÕs identity, looks up his rights, contacts a financial clearing-house to arrange payment and, if everything is in order, decrypts the digital work. In some schemes, users also need a special viewer or player program that is deemed to be secureÑmeaning, for example, that the printing function is disabled if a particular userÕs rights do not include printing. There are other differences between the various systems on offer. Some require users to be connected to the Internet while they are viewing a file that they have purchased. Some keep files and rights separate, so that the latter can be updated even after a product has been distributed. But the main difference is the degree of choice that their rights-management offers. The most ambitious scheme so far is IntertrustÕs technology. It allows creators, publishers and distributors to attach not just usage rights to their content, but business rules such as tailored pricing. With a software tool called Commerce Modeler, content creators can, for example, permit users to get discounts for a song if they also buy tickets to a particular concert. All this technology creates plenty of opportunities for new sorts of interactive-service provider. In particular, online clearing-houses will be needed to record data on who is using what, and then to arrange suitable financial transactions. One likely contender in this field is Reciprocal, a firm that already has deals with several big record companies. Another is PublishOne, which provides a similar service for electronic publishers of such things as business reports. Indeed, PublishOneÕs business plan is a good example of how digital-rights-management systems may work in practice. When a publisher uploads its content on to one of the companyÕs computers, it sets the price and defines, for example, whether the product can also be saved or printed by any user who wants to buy the right to look at it. PublishOne then pops it in an appropriate digital container and publishes it on one of its partner websites. Buyers need to register with a financial clearing-house and download the necessary software to open the container and reveal the goodies inside. All of which sounds excellent news for brain-workers who wish to sell the fruits of their labours. Whether it will turn out that way, however, depends on two groups: customers, who may have got used to the current, lax regime, and techno-anarchists, who think all software should be free. Intellectual property is theft If rights-management software can truly be made secure, customers may have no choice but to stump up. The issue will, in any case, be fought out in the marketplace. But that security is by no means guaranteed. Hackers love a challenge, and hacking into such software is just the sort of challenge that many of them like best. And because of their belief in freedom-of-software, their solutions will, no doubt, be made freely available. That, according to Dr Stefik, means that rights-management systems based purely on software are, in the end, unlikely to be sufficient. He thinks extra hardware will be needed, too. This will probably be built into future generations of PC s in the form of a so-called copyright chip (©-chip) such as the one developed by Wave Systems. This is a hard-wired, and therefore tamper-proof, substitute for some of the software in more orthodox systems. But since the ©-chip will not actually be a separate piece of kit, customer resistance should be reduced. That, with luck, will eliminate the freeloaders. Even legitimate users, however, have some concerns. One of the most important is privacy. Digital-rights management, particularly the sort that refers each transaction to a third party, produces enormous amounts of Òinformation exhaustÓ, as Intertrust puts it. The company sees this as a good thing. Its products, it boasts, can track such Òusage data as the time when a customer plays an interactive game, or even invokes specific modules in a game.Ó Many people, however, will not regard that as such a great idea. They would rather keep their games-playing habitsÑand other thingsÑsecret. Civil libertarians will not like the technology either, because it would create new boundaries in cyberspace by restricting the flow of informationÑa feature that many executives and politicians might, on the contrary, rather like. Companies often want only a limited group of employees to have access to informationÑto material that contains trade secrets, for instance. And many countries control which categories of works, or ideas, can be sold. Legal experts are also wary of these systems. They fear that copyright holders will be left with too much powerÑwhereas the rights of such consumers as librarians and scientists to Òdeal fairlyÓ with intellectual property, will, in effect, be abolished. Software code, warns Lawrence Lessig, a law professor at Harvard, could replace legal code. After repeatedly strengthening the rights of copyright holders in the face of new technology, therefore, governments may begin to think about protecting the consumers of intellectual propertyÑperhaps by limiting what digital-rights-management systems can do. Mr Lessig observes that the day may soon dawn when students are taught not of ÒcopyrightÓ but ÒcopydutyÓÑthe legal obligation of copyright holders to provide public access.
Current thread:
- IP: Digital rights and wrongs Dave Farber (Aug 03)