Is DRM Dead or alive?

When asked about the future of digital rights management (DRM) around digital music, a spokesman for the Radio Industry Association of America informed this reporter: "There is virtually no DRM on music anymore, at least on download services."

This is a dream come true for Apple co-founder and CEO Steve Jobs, whose seminal "Thoughts on Music," a blog plea to the recording industry back in Feb. 2007, precipitated the fall of restrictive downloading and copying policies mandated by producers.

But even as DRM begins to peel away from digital music files, "illegal" file-sharing sites, like Pirate Bay, a popular, free media-sharing service based on BitTorrent, are morphing into pay-for services that must involve DRM in order to execute legally. So the question becomes: How will the fall of DRM in music impact DRM in other industries?

DRM to survive
"The music industry's attempt to put DRM around music failed miserably because DRM-protected songs wouldn't work on certain players, consumers couldn't recover lost files, and there were other problems restricting legitimate uses," says Wayne Rosso, a music industry heavyweight hired in July to steer Pirate Bay's transition to fee-based services. "Meanwhile, the movie industry has had much more good fortune with DRM and continues to improve on standards."

Music is listened to over and over again, putting different demands on music openness, so a person who hears music for free may be more likely to purchase additional music from that artist, contends Rosso and others. On the other hand, people usually only watch a movie once. So, in the motion picture industry, most of the income is made during the first three months of a release. Uncrackable copyright protection for at least that length of time is critical.

Movies and TV series are also being transmitted over IP and other means. For example, Los Gatos, Calif.-based Netflix has 12,000 streamable movies and television episodes for the PC and Mac (enabled through Microsoft's SilverLight DRM technology). The company also streams to some brands of TVs with built-in receivers that carry out DRM enforcement functions.

"DRM is strong in Blu-ray disk players, desktop boxes and directly in TVs - including Mitsubishi Viseo, Sony Bravia and others - where the network client software is embedded in these devices," says Steve Swasey, vice president of communications for Netflix. "Every bit of content is protected by license, every title has a contract and association."

Interoperability is still an issue, he says, as each studio/producer has unique copyright requirements, sometimes even individual to the title, making in-house and flexible encoding capability a critical component of its DRM processes.

Because DRM is so well-embedded, interoperability issues likely won't mean the end of DRM in the movie and television industries like it has in the music world, says Paul Kocher, president and co-founder of Cryptography Research. But interoperability could prove problematic for DRM in the publishing industry, notes Mary Madden, senior research specialist at Pew Internet & American Life Project, and author of a June report about the state of online music. E-book copyright protection is growing, she adds, with retailers like Amazon leading the charge with its Kindle reader device, entering what's likely to be a crowded market.

"The persistence of books as physical products that are hard to share widely in the offline world may make it easier to gain consumer acceptance of DRM around e-books," Madden says. DRM could also become overly restrictive by being reliant on specific readers and devices to operate the e-books, she adds, which could create the same interoperability problems that led to user rebellion and outright hacking of DRM in the music realm.

Not to mention, reliance on these readers also means reliance on applications that will need updating either at the firmware, Basic Input/Output System (BIOS) or software level. Without proper support, the readers and devices decrypting digital books and contents could, in themselves, become a liability.

The truth be told, even the best instances of DRM will ultimately be cracked, whether in music, books, movies or games, says Gary McGraw, CTO at Cigital, a software security and consulting firm, and co-author of Exploiting Online Games. Even set-top boxes are crackable, such as in the case of a pair indicted in southern California in July for soliciting code-cracking technologies for a large distribution of digital receiver cracking and interception devices.

Games, too, are using DRM more reasonably than was the case in music, adds McGraw, although some, like Spore, have been too heavy-handed with DRM to the point that there was a huge consumer backfire. Like movies, games make all their money soon after release. That window is around a month, says McGraw. "The game companies understand the balance that they must strike between usability versus buying themselves at least that first month or so where the DRM can't be cracked," he adds.

Striking a balance
So, no matter the industry attempting DRM, the real question to ask is what is good enough protection versus what goes too far and makes legitimate use of that technology inconvenient, say experts. 

"Copyright holders should weigh the pros and cons of adding restrictions to their content," says Ernesto Van Der Sar, founder of TorrentFreak, a blog focused on DRM issues. "If all it does is ruin the content of honest customers, DRM is useless. The ultimate goal, of course, is to compete with piracy and make sure people have no, or less, incentive to download illegally."

One way to compete with piracy might be marketing the security of copyright to protect against download of malicious code hidden in digital content. It's long been known that content over public file shares are easy points of infection. Flexibility of choice is another way to market DRM as an asset to the consumer.

"Consumer choices are actually made possible by DRM," confirms a movie industry executive who didn't want to be identified for this story. "To release a movie in the clear, it would have to be priced above what a consumer could pay. Or you could stream it once on demand for $3 to $5. That's a pretty good deal."

In the music industry, Apple iTunes is betting on the "pay once, use anywhere" model with multiple per-unit price points. Netflix is using a subscription model for unlimited forms of access to its library. And gamers are being offered a variety of forms to choose from -- consoles, devices and interfaces.

"DRM is changing all the time, so it's valuable to get multiple industry perspectives," adds Madden. "You can't say across the board that DRM is dead or it's not dead. But it's inevitable that what's happened in the music industry with loosening of restrictions will spill over into other industries."

Deb Radcliff

Deb Radcliff was the first investigative reporter to make cyber crime a beat starting in 1996 after researching a best-selling book about Kevin Mitnick called the Fugitive Game. Since then, she has written hundreds of articles for business and trade magazines, won two Neal awards for investigative reporting, and was runner up for a third. She stood up an analyst program for SANS Institute and ran it for 15 years before joining the Cyber Risk Alliance as strategic analyst on the business intelligence unit. And she wrote her first book in a cyber thriller series, “Breaking Backbones: Information is Power,” which is selling well on Amazon and other outlets.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.