Drm cannot be enforced by technology alone

Why copyright law may have to protect customers’ rights against the technical barriers of digital rights management

Digital rights management (drm) cannot work through technology alone, so it must be backed up by legislation. This combination, critics say, threatens scientific freedom and hollows out copyright law. A symposium at the humboldt university in berlin tried to clarify whether there are alternatives.

Most of the participants agreed: drm cannot be enforced with technology alone. As with any security concept, matthias bauer from the university of erlangen-nurnberg explains, it is important to be clear what kind of attacks the system needs to be secured against in the first place. With drm, the mathematician says, the customer is seen as the aggressor. However, he has both the data to be protected and the device on which the data is stored, namely the pc. This combination makes it extremely difficult to use drm successfully.

The attempt by content providers to use "trusted computing" the content providers’ attempt to gain control over the customer’s pc through trusted computing is not very promising either: large parts of the encoded data still have to be decoded via the main processor, because the tc chip has to remain cheap; it is supposed to cost less than a dollar.

Stefan bechtold, a lawyer at the university of tubingen, shared the view that the technical protection can always be broken through and for this reason a legal protection against circumvention was introduced. In combination with technical protection, this would lead to a paradigm shift in the protection of digital content. Drm systems offered a very high level of protection due to the fact that the different mechanisms interlocked with each other. However, for him the copyright loses its original meaning as a protective right.

A private, absolute right is created, a right of exclusivity, when it comes to the disposal of digital content. Therefore, it cannot be ruled out that copyright will have to be used in the future to limit the protection offered by drm systems. Because the justification of limitation provisions also exists in drm systems, so these systems had to be limited by copyright law.

On the other hand, bechtold refused to regulate all possible effects of drm by law from the outset. The first part of the copyright full, which went into effect in september, attempted to do just that. The result is difficult to understand even for lawyers. Bechtold advocated waiting to see what forms of drm become established in the market and then assessing whether or not society could live with the consequences.

Cooperation between rights holders and customers?

With this view he incurred the wrath of rudiger weis, mathematician at cryptolabs in amsterdam. Weis, who is also a drm expert at the chaos computer club, referred in his talk to the threats to academic freedom posed by drm and "trusted computing" ausgehe. Already, researchers in the u.S. Are unable to analyze the technology of electronic voting machines without running the risk of violating laws passed to protect rights holders. After all, this is the biggest change in computer technology since the introduction of the pc. He could not agree with the opinion that time or the market would heal the problems mentioned.

He sees a good approach to limiting the possibilities of tc in the sense of the users in the proposal of the electronic frontier foundation to introduce a so-called "owner override" . This has enabled users to "remote attestation", thus, if third parties check whether the user’s computer is in a desired state, they will give false information. This system preserved most of the security gains of the tc architecture, but prevented drm features that could be deployed against the will of the users.

Rudiger grimm from the technical university of ilmenau and christian neubauer from the fraunhofer institute for integrated circuits also believe that controlling customers’ computers is not a good idea. Users had an interest in sharing data, and also the power to do so, because they control the computers. Rights holders had an interest in sharing content, but they want money for it. This led to two possible models: the rights holders hinder the users or they and the users cooperate. Cooperation could be that the copyright holders allow the users to copy as much data as they want, as long as they sign it with a personal key "". This way, abuse can be tracked, for example, when music pieces appear in file-sharing networks or are sold without permission. At the same time, users retained all the rights they currently have, for example, to copy a cd for private purposes.

Grimm and neubauer call this system "lightweight drm". Not all the ies involved have been resolved yet, they say. For example, it is not clear how liability can be regulated if someone loses signed content – such as music on an mp3 player – that then appears on file-sharing networks. Matthias bauer also pointed out that it is not always obvious when a private signing key is misused – for example, when a computer is hacked. To the objection that lwdrm also contributes to a system change towards drm systems, grimm answers that this system change will take place anyway, but the danger that there will be a "hard" drm is much greater. "Soft" drm would be a kind of "ofnation clause", that preserves the rights of the users.

Instead of drm a lump sum remuneration

Those who are working on alternative payment models do not want to bother with drm at all. Felix stalder from the zurich school of art and design presented a system that could overcome all the problems associated with drm systems in one fell swoop: a lump-sum refund. Comparable to a broadcasting fee, charges could be levied on each broadband connection in order to distribute them to the rights holders. How much money they received depended on how popular their works were. This could be seen, for example, from how often a piece of music appeared in file-sharing forums or how often it was played on computers.

This information can be gathered either through digital object identifiers or by users providing information about their media usage, similar to television ratings. Calculations from the u.S. Suggest that a fee of about 15 percent would have to be levied on broadband connections to make the system viable. That was just under four euros a month for a t-online dsl connection. To collect and distribute the fees, online collecting societies are conceivable.

The predicament in which the existing collecting societies find themselves when it comes to drm was made clear in the presentation by jurgen becker, general counsel of gema. He knew 65.000 composers and lyricists behind him, becker said, all of whom had a vested interest in digital rights management because it could help them enforce their claims against users. What he didn’t say was that the collecting societies actually depend on drm not working. Because if it enabled rights holders to fully control how their products were used, the collecting societies would have to be abolished. In fact, they only exist because the legislator has acted in accordance with the motto "where we cannot control, we collect" the system of lump-sum payments – for example on storage media or burners – was introduced a long time ago.

The participants in the discussion were most likely also interested in the views of the company, which with palladium. However, as cultural scientist volker grassmuck, organizer of the symposium, reported, microsoft’s press office did not respond to the request whether the company wanted to send a representative to the symposium.

Leave a Reply

Your email address will not be published. Required fields are marked *