January 2000. I’m in Silicon Valley with InterTrust Technologies, the leading inventor of DRM technology. I’m preparing to visit Midem to explain Digital Rights Management to the music industry and to the French press.
Problem: how do I translate ‘digital rights management’ into French? ‘Gestion des droits numeriques’ or ‘gestion numerique des droits’ (‘management of digital rights’ or ‘digital management of rights’)? In the end, I dodge the problem and just say ‘DRM’.
Trivial as it seemed at the time, my dilemma is now recognised as central to a proper understanding of the concept of digital rights management.
The term DRM actually covers an enormous range of different technologies with an equally wide range of functions.
The core function of all the technologies is to define and enforce rules for how a piece of content can be used by an authorised user.
After that, it’s probably easier to understand the different technologies by seeing them across a complexity/ security spectrum. At one end are technologies such as the CSS system on DVD discs that stipulate very simple rules for general use: ‘you may watch (but not copy) the content of this DVD disc’. Cheap to apply, easy to crack but fit for purpose. At the other end are very sophisticated technologies like those used by the CIA to protect its internal communications: very explicit and restrictive rules tailored for individual users. Virtually unbreakable security.
A cash machine provides a good analogy for what the tech people call ‘a DRM-enabled’ process. You give instructions to the dispenser that you want to withdraw money from your bank account. The dispenser sends a request to dispense the cash back to your bank and if there’s money in your account or you have a credit line the bank grants permission to the cash dispenser to deliver the cash. Rules (bank authorisation) have been given to the dispenser to release the cash (the content) to you, the authorised user. And of course, security is critical to the entire process.
Since most of us take the cash dispenser for granted why are we having so much difficulty understanding its analogue in the music business?
Well, first because too often we focus on only one implementation of the technology. Whatever you think of the problems Sony-BMG encountered recently with its CD copy protection technology, to condemn DRM as a concept based on that episode is absurd. It’s like condemning word processing because you’re offended by a document it was used to produce.
Secondly, using DRM for music rights administration sets up a complex relationship between the technology and the legal mechanisms traditionally used for defining and managing rights. Engineers and lawyers both use the word ‘rights’ but they mean very different things. Finding a workable correspondence between the process of defining and implementing legal rights and the granting of permissions to facilitate an action by a machine (which is basically what an engineer means by ‘rights’) is one of the key challenges in the development of DRM - and writers and publishers must contribute fully to that process.
Nic Garnett is Head of Research and Development at the MCPS-PRS Alliance. He worked at InterTrust for seven years.
This article originally appeared in M19, published March 2006.