03 April 2006

To DRM or Not to DRM - That is the Question

Digital Rights Management - or Digital Restrictions Management as Richard Stallman likes to call it - is a hot topic at the moment. It figured largely in an interview I did with the FSF's Eben Moglen, which appeared in the Guardian last week. Here's the long version of what he had to say on DRM:

In the year 2006, the home is some real estate with appliances in it. In the year 2016, the home is a digital entertainment and data processing network with some real estate wrapped around it.

The basic question then is, who has the keys to your home? You or the people who deliver movies and pizza? The world that they are thinking about is a world in which they have the keys to your home because the computers that constitute the entertainment and data processing network which is your home work for them, rather than for you.

If you go to a commercial MIS director and you say, Mr VP, I want to put some computers inside your walls, inside your VPN, on which you don't have root, and you can't be sure what's running there. But people outside your enterprise can be absolutely certain what software is running on that device, and they can make it do whatever they think necessary. How do you feel about that? He says, No, thank you. And if we say to him, OK, how about then if we do that instead in your children's house? He says, No, thank there either.

That's what this is about for us. User's rights have no more deep meaning than who controls the computer your kid uses at night when he comes home. Who does that computer work for? Who controls what information goes in and out on that machine? Who controls who's allowed to snoop, about what? Who controls who's allowed to keep tabs, about what? Who controls who's allowed to install and change software there? Those are the question which actually determine who controls the home in 2016.

This stuff seems far away now because, unless you manage computer security for a business, you aren't fully aware of what it is to have computers you don't control part of your network. But 10 years from now, everybody will know.

Against this background, discussions about whether Sun's open source DRM solution DReaM - derived from "DRM/everywhere available", apparently - seem utterly moot. Designing open source DRM is a bit like making armaments in an energy-efficient fashion: it rather misses the point.

DRM serves one purpose, and one purpose only: to control users. It is predicated on the assumption that most people - not just a few - are criminals ready to rip off a company's crown jewels - its "IP" - at a moment's notice unless the equivalent of titanium steel bars are soldered all over the place.

I simply do not accept this. I believe that most people are honest, and the dishonest ones will find other ways to get round DRM (like stealing somebody's money to pay for it).

I believe that I am justified in making a copy of a CD, or a DVD, or a book provided it is for my own use: what that use is, is no business of the company that sold it to me. What I cannot do is make a copy that I sell to someone else for their use: clearly that takes away something from the producers. But if I make a backup copy of a DVD, or a second copy of a CD to play in the car, nobody loses anything, so I am morally quite justified in this course of action.

Until the music and film industries address the fundamental moral issues - and realise that the vast majority of their customers are decent, honest human beings, not crypto-criminals - the DRM debate will proceed on a false basis, and inevitably be largely vacuous. DRM is simply the wrong solution to the wrong problem.

No comments: