Sun has made recent announcements about their openDRM project. In my view, they’ve made some commitments that are important for any DRM project. E.g., as I’ve seen it described, it would be implemented to allow individuals to assert “fair use,” and unlock DRM’d content, with a tag to trace misuse. And they’ve described a platform upon which authors keep the freedom to turn the DRM off, and more the content from the secured platform.
These are good things. But some confuse praise for better DRM with praise for DRM. So let me be as clear as possible here (though saying the same thing I’ve always said): We should be building a DRM-free world. We should have laws that encouraged a DRM-free world. We should demonstrate practices that make compelling a DRM-free world. All of that should, I thought, be clear. But just as one can hate the Sonny Bono Act, but think, if there’s a Sonny Bono Act, there should also be a Public Domain Enhancement Act, so too can one hate DRM, but think that if there’s DRM, it should be at least as Sun is saying it should be.
I’m still bewildered by this. Can someone explain to me how “open source DRM” isn’t an oxymoron?
Lawrence Lessig says:
Who will define what “misuse” is? How will this “tag” be related to one’s privacy? It seems as though “fair use” would need to be defined beforehand. But I thought “fair use” was a defence that came up in the face of an accusation. It seems if one was going to allow the “unlocking” to happen yet trace “misuse”, one would need to define both of those notions in advance. Or am I missing something?
A DRM free world?
So we should strive for a world in which none of us ever have any privacy? Perhaps if we were to focus on revoking tyranical censorship that too often distill to thought control laws there would be less need for individuals to employ cryptography…
DRM means rights management. That doesn’t just mean Hollywood’s rights… it can just as well mean my rights (at least as recognized by the UN) and your rights. And I do not want a “DRM” where the power to undermine my rights is considered a “feature” designed into a system of weak protection.
I am concerned that there are still problems with supporting Sun’s efforts.
1. DRM advocates will strip the “better” from Prof. Lessig’s statement and simply claim that the leading free culture public intellectual is in favor of DRM. This is going to be a harmful meme.
2. The technical operation of Sun’s DRM has its own objectionable features. It seems to be some kind of centralised permission system-cum-customer tracker. Adding a “flag to track misuse” could be disastrous for privacy. Unless I can remove it to protect myself, in which case as Poptones points out it’s not really DRM.
3. Public and software industry (and outside the US government) opinion is turning against DRM, and Sun’s “DRM” has been met with indifference by industry and the media. This is not the moment to capitulate.
4. Sun have their own publicists, who are presumably paid well enough. They do not need Creative Commons to help them out any more than the recording industry needed anyone to do their work for them on the Sonny Bono act.
Prof. Lessig,
You made a very bad mistake: you now cannot take back the quote you gave Sun. You basically concede the fight. “In a world where DRM has become ubiquitous”, you begin. You surrender to a DRM world, and now we are just negotiating the terms of surrender. By endorsing Sun’s system, you move the starting point for negotiation. You’ve conceded that there will be a jailer, and now we’re just negotiating (with a weak hand) about the policies of the jailer.
“DRM standards that … don’t block the development of Creative Commons ideals.” Exactly what are those ideas, sir? You’ve put out more than a dozen different “Creative Commons” licenses, each with different terms, some of which don’t even allow noncomercial copying of the unmodified work. The only “ideal” seems to be that the author have absolute control over how his or her work is used, with a nice mix-and-match set of restrictions, a viewpoint that fits in well with DRM but that is opposed by the free software movement as well as by others.
Back in November 2005, I wrote down some problems I see with Sun’s open DRM plans, the most important one being the practical impossibility of a OSS+DRM combo (cfr. Tim’s comment). And to be honest, I still don’t get what Sun is talking about…
@poptones
I think you lost me (and a lot of others) at the point you claimed that DRM was about “rights”. It’s not. “Rights” are something which are defined by legal documents, like laws and legal interpretation on those in relation to the actual case.
Technology cannot and will never be able to make legal judgements about “rights”. It can only follow technical protocols.
… come on, you’re a technical person. You should know this.
yep I am really looking forward to Sun’s open DRM on my Beethoven, Bach, Mozart……. CDs and so glad they will be tracking my use of it if I want to make a copy for my class/office/car/wife/
how nice of them to give me this.
Hmmm.. legal documents? You mean like the UN convention on human rights? The UN charter that points out every individual has the right to their privacy, both in person and in thought? That mandates individuals enjoy protection to profit from their own creative works?
In many nations you can be jailed for possession of information. Cryptography can and does help individuals secure their inalienable rights against the intrusions of overzealous and tyrannical nation states. You can spout all the statist legalese you like, defending tyrants will not lend any strength to your argument.
Back in November 2005, I wrote down some problems I see with Sun’s open DRM plans, the most important one being the practical impossibility of a OSS+DRM combo
My hard drive has an encrypted userland. So you are saying that you could just walk right in because you have the source code? Without knowing the keys to the encryption, that source code does you no good at all.
The world is full or proprietary technologies. Desktop pcs are a fraction of the communications market – cellphones, for example, are part of a closed network where interoperability has physical constraints: you cannot use your PC to access the cellphone entwork in the same way you can use a razr phone, for example. Cellphones and other proprietary devices can be reasonably protected against tampering, thus ensuring the open source encryption and drm technology they contain is “as designed.”
Office networks are another example. If the IT staff has control over the code run on the workstations, it doesn’t practically matter whether the DRM used to manage internal documents is open or not. Of course there can be leaks – there can with anything, and technology alone cannot secure a business against internal subterfuge. But DRM in this context is more often about managing the flow of information, and an open standard for negotiating these flows has value – not just to the businesses that employ them, but to the IT staff who supports them. Open standards help make knowledge and skills portable.
I’ve got to join the chorus. I understand the reasoning, I really do. I just don’t think it was a good idea.
The argument I have against it isn’t blindly ideological. Or maybe I’ve become so burned-out bitterly cynical that I’ve gone so far in that direction that I loop around to meet the knee-jerk dogmatic. But, concretely, I’m always very wary of saying anything that sounds like “In world where we’ll inevitably have X, I suppose Y is the best of the bad lot”. Especially where THERE IS NO ASSURANCE ANY DEAL WILL BE KEPT. That is, once everyone’s signed on to Y as some sort of compromise, what’s to stop the powers that be from changing the deal? Here, taking the “open” standard, making a few tweaks, and closing it?
I wouldn’t be the first time “embrace and extend” was played.
In specific, consider: “In my view, they’ve made some commitments …”
What happens if they don’t keep those commitments?
It’s a simple question, but I don’t think there’s an easy answer.
I really don’t get it (maybe I’m just too stupid) but this is from a man who is on the board of directors at the EFF and also on the board on directors of the Free Software Fondation both of which have made quite clear what they think of this DRM stuff.
@poptones
Your reply doesn’t seem to have any relation to what you reply to. Your remarks about tyrant are purely out of your own imagination.
Poptones says:
This is exactly the propaganda Hollywood would like to spread. This seems to be a weakness of the term “DRM”. Analogous is the term “Intellectual Property” which is meaningful only on a superficial, academic level. I think it is obvious that given the context of Lessig’s post, he is not referring to any sort of encryption/protection measure as a whole. I believe, correct me if I’m wrong, that in this context we are discussing released works under copyright – not private data such as Poptones’ diary or medical records.
One thing that I agree with RMS and disagree with Lessig, Boyle and many others is concerning the use of particular terms. For example, “Intellectual Property” invites abuse. We should not use the term “Intellectual Property” unless we are pointing out its weakness. It makes no sense to speak of “Intellectual Property” unless one is pointing to its weakness or talking about it in a purely philosophical/historical sense. The term should be ignored when discussing seriously the state of copyright, patent, trademark law, etc. Unfortunately, I see time and time again the academics succumbing to their conditioning and not seeing quite simply that such a term is weak and to use it uncritically is to give it energy.
It seems to me the same may now be said of “DRM”. If one is going to conflate the encryption of my private email to Hollywood’s “DRM” goals, then the term loses its meaning – taking on the monstorous role of backing up Hollywood’s promotion of DRM in the context we have been discussing. It’s a clever way to broaden the scope of the term thus painting those who oppose DRM (again, in the context we have been discussing) as paranoid religious zealots. An oversimplification of the term is to Hollywood’s advantage which results in comments such as Poptones’ declaration that he needs “DRM” for his privacy. Privacy protection measures have been around long before the term “DRM” was ever created. But if we accept discussion using this weak, umbrella term, Poptones has an irrefutable point.
I believe, correct me if I’m wrong, that in this context we are discussing released works under copyright – not private data such as Poptones’ diary or medical records.
You’re wrong. Because any technology that can prevent unauthorized hollywood consumers from watching movies they have not paid for can also prevent neighbors and snoops and governments from accessing media which the owner doesn’t want accessed even while allowing others “in the know” to do so.
Is it vulnerable to subterfuge? Of course – but the old fashioned kind, not the new kind. There is always a risk in sharing secrets; DRM cannot change that, but it can make it easier for individuals to do so securely. What they do with those secrets is ultimately, of course, up to those individuals… no technology can ever fix that.
Interestingly enough, there is some turmoil about the French National Assembly voting a law forcing DRM interoperability. I suggest that you read my article French law, Copyright, our digital future and the iPod on this topic. In France, the music industry has been pushing really hard in order to make DRM legally protected against cracking. An amendment has been passed at the last minute allowing DRM interoperability, including with open source software. This bill has yet to pass another round of voting, so it’s not set in stone, but it’s promising anyway: one could ask for DRM blueprint to Apple and Microsoft, and then use this information to write an interoperable program which can be distributed in Open Source format.
Rob and Joe–
I agree. DRM has to be fought at every turn. Even the least of it is as repulsive and intolerable as the worst of it. We should not be willing to knuckle under, and I would hope that Prof. Lessig will retract even praise for better DRM so as to make clear his stated lack of praise for DRM.
poptones–
You’re wrong. Because any technology that can prevent unauthorized hollywood consumers from watching movies they have not paid for can also prevent neighbors and snoops and governments from accessing media which the owner doesn’t want accessed even while allowing others “in the know” to do so.
Except of course, we can try to build a wall between these two uses of DRM. For example, by only promoting forms of DRM that have the most limited footprint (e.g. encrypting files) rather than having it harm everyone (e.g. trusted computing). Also by banning copyright on published, DRMed works. That would likely keep Hollywood from using it, but would not have any impact on people who want to maintain their privacy, etc. I certainly have no problem with people who want to maintain their privacy, but I think that the burden should be entirely upon them, and that privacy is incompatable with publication.
Frankly, I think it’s very obvious that Prof. Lessig’s comment had to do with getting rid of DRM in the world of creative works, rather than necessarily everywhere.
I also think that legal remedies are superior to mere technological ones. Especially since governments will always permit themselves exceptions to the laws that protect DRM (see e.g. 17 USC 1201(e)) and will have the resources to make sure that it doesn’t keep them out anyway. If they won’t be deterred by a lock, the answer is to reform or replace the government so that it will be deterred by the law.
Josh Stratton says:
Yes. This is what I perceive as well. And when DRM is used as an umbrella term to capture and conflate both “incompatable” scenarios, arguments like Poptones’ can be used to muddy the waters. This favors those who seek to dominate individual computer users in the pursuit of profit over people.
And when DRM is used as an umbrella term to capture and conflate both “incompatable” scenarios, arguments like Poptones’ can be used to muddy the waters.
Extremely naive and misinformed. Digital Rights Management is an entirely appropriate name for the technology – where your argument fails is in trying to separate the two. it’s like arguing guns should be allowed, but only for hunting. or that cars should be allowed, but no one should be able to use them to flee a crime. You simply can’t do that. You can pass laws that put penalties on people who use handguns in crimes and flee in cars, but anything you do will be retroactive. Now, you want to make it illegal to encrypt published works? You can stand in line right next to china, and cuba, and iran – pretty much every totalitarian regime the world over. What good company!
Your dogmatic stance on DRM is what causes you this confusion. You may not like using the word, and you’re welcome to invent any other you like – but don’t expect others to even know what the hell you’re talking about, much less follow your point.
poptones–
Now, you want to make it illegal to encrypt published works?
What I advocate, as I’ve said before, is simply not granting copyrights for published, encrypted works. Authors would be just as free to publish them as they are anything else. They just end up having to choose between copyright and DRM. I want them to choose copyright, so I will make it more attractive than the DRM option. I think that most authors would rather have a copyright than DRM, if they had to choose.
Personally, I don’t see Peter proposing anything like what you claim. I suggest that you respond to the arguments that people actually make, rather than making up wild claims as you have been known to do.
or that cars should be allowed, but no one should be able to use them to flee a crime.
Actually, this is what you’re arguing. That I should be able to have a computer, but that it should be rendered incapable of being used in a manner contrary to what an author who uses DRM wants. Personally I find that abhorrent. This is because what he wants, and what is socially acceptable are prone to be in conflict. E.g. if he is against fair use, or first sale, or having his work fall into the public domain in a material way, he can enforce his wishes despite the conflict with the law. Also, it is odious that DRM permits a third party to corrupt a computer against its owner; in this sense, DRM is repulsive for basically the same reason that viruses and other malware are. There are also concerns as to implementation (Sony), anticompetitiveness (Macrovision), that DRM is a huge waste of resources better spent elsewhere since it is really not very strong, etc.
That mandates individuals enjoy protection to profit from their own creative works?
FYI, aside from Art. 27(2) being a big mistake, the Universal Declaration doesn’t actually mandate anything. It’s more like a wish list. I like the vast majority of it, but some bits, like the aforementioned, really have got to go.
So creators of works should NOT have the right to profit from the works they create and DRM is universally bad… wow, how many times have we heard that from you?
Stop accusing me of making things up. I’ve made nothing up, I am stating facts. DRM is already pervasive and in most every case it doesn’t even prevent people from breaking the law – it just makes the penalties greater if they do, and allows publishers (ie me and other creators – I’m leaving you out of it since you obviously don’t care about “us”) an easier time in tracking them down.
You can post all the watermarked pictures you like – guess what? You can still see them, you can still alter them, you can still do whatever the hell you want with them – but if you republish them without permission it is very easy to track you down and prosecute you. This is EXACTLY the “solution” you have been calling for, and it involves the use of DRM that in no way infringes your imaginary “fair uses.”
Chomp on that.
I would like to see that watermark system, which is robust to arbitrary image-manipulation, so you could track image samles used in collages.
Larry, you are very articulate in your expressions. Pray that you retain that quality. My two cents: every century, year, month, week, day, hour has its top commercial hit. How long do the owners/middlemen want to make money off it. Look at any of the time segmented hits, either they are forgotton or not much of value anymore. Not that they do not have value any more but there is a flood of new stuff constantly pouring in. God bless you and your ideas!
“In a world where DRM has become ubiquitous”, you begin. You surrender to a DRM world, and now we are just negotiating the terms of surrender.
Rob and Joe—I agree. DRM has to be fought at every turn. Even the least of it is as repulsive and intolerable as the worst of it. We should not be willing to knuckle under, and I would hope that Prof. Lessig will retract even praise for better DRM so as to make clear his stated lack of praise for DRM.
it is a pity that so many commons-ists are so committed to their political agenda they cannot see the simple truth of what poptones is saying: without the means to enable DRM there is no digital privacy.
opponents of DRM sound like stident anti-abotionists arguing that a woman’s right to privacy can and should be infringed by the state: “privacy has to be fought at every turn. even the least of it is as repulsive and intolerable as the worst of it.”
kudos to professor lessig for understanding this and making a concession to practical reality.
My two cents: every century, year, month, week, day, hour has its top commercial hit. How long do the owners/middlemen want to make money off it. Look at any of the time segmented hits, either they are forgotton or not much of value anymore. Not that they do not have value any more but there is a flood of new stuff constantly pouring in.
and what about solomon linda, who composed the zulu melody mbube in 1939 – which later featured on world music charts as wimoweh and the lion sleeps tonight?
pete seeger and then disney made millions from the song and solomon linda died in poverty. disney made the song a hit more than 60 years after linda wrote it. linda’s descendents lived no better than he did.
until, that is, the same copyright law that enabled the american entertainment industry to make money from linda’s song, enabled the heirs of solomon linda to regain rightful title to the song and the royalties it generates.
now those royalties go into a trust that benefits the linda family. it also benefits those pesky middlemen, but such is the price one pays for overhead administration.
so shiva, getting back to your question, how long should linda’s family – and those middlemen – make money off this song?
copyright encompasses the mundane and the extraordinary shiva. you should be careful not to penalize the extraordinary.
Poptones said:
I didn’t say I don’t believe in open source encryption. If I don’t know the keys, I can’t get access. That’s how GnuPG works. DRM however, is built to deal with a completely different threat model: the recipient (buyer of the DVD) is at the same time the attacker (person who tries to get around the CSS in order to make a copy). DVD player makers thus have to include a descrambler in their devices (because otherwise you, as recipient, cannot view DVDs with it), but at the same time they have to obfuscate how that descrambler works (because otherwise copying would be easy, cfr. CDs). And that’s exactly the problem: if you have to rely on obfuscation or security-through-obscurity (which is the ONLY way a DRM system can work), then how can you open source it? Giving the source code of your DRM system away, is the same as saying that it is cracked.
No, DRM is Digital Rights Management. You are taking one specific example and trying to argue that is the entire scope of the matter. It is not. DRM is watermarking, and DRM is access controls, and DRM is encryption. DRM can be facilitated in a variety of ways and not all of them are even for the purpose of locking data away from the viewer – they’re for locking away the data from non viewers.
You want to see DRM turned on its head? Visit usenet. There are countless “hidden” newsgroups now – places with odd, nonsensical names that contain tens of thousands of encrypted archive posts. As publishers have adopted DRM in the form of watermarking and automated tracking, and as authorities increasingly redefine what is a “legal picture” and what isn’t, the file traders there have gone underground. The crackdowns haven’t really stopped any of that stuff from being traded, the enforcement activities have simply caused the ‘traders” to become better organized.
They still trade in public, but without being a “member” and having access to the keys, all those downloads are just so many bits to you. Now, should you manage to get inside, and get access, no one can prevent you from doing with that stuff whatever the hell you want. You want to embrace your anarchist ideals and repost these “secrets” in public? FINE, go ahead – it will be your head on the block when the authorities come knocking.
DRM is digital rights management. It’s not just css and dvds – if it were that simple it would be moot anyway, since css has been cracked HOW MANY YEARS now?
WASTE is digital rights management. Freenet is digital rights management. Hell, ssh is digital rights management. These technologies are all related and you cannot logically redefine them as “good” or “bad” simply through the uses people make of them.
Poptones, I have no clue what you’re talking about (and I suppose I’m not alone).
poptones–
So creators of works should NOT have the right to profit from the works they create
No, they should not, and do not, have an inherent right. But if it is beneficial for the public to do so, considering the cost to the public to do so, I have no problem at all with granting them a right. I’ve constantly pointed out my support for copyright, so long as it serves the public interest.
and DRM is universally bad
More or less. There may be some tolerable uses vis-a-vis privacy. But even there it seems limited in usefulness; encrypting a message to keep it from eavesdroppers is one thing, but trying to impair the recipient seems a bit much. In the world of published works and copyright, it has no place whatsoever.
Stop accusing me of making things up. I’ve made nothing up
Well, you misrepresent my position, and others, pretty much every time you post. Either you’re trying to make people into straw men because you are unable or unwilling to respond to the arguments people actually make, or you are just hyper-sensitive and overreact to the tiniest little thing.
In this thread alone you’ve accused the good Professor of being anti-privacy and pro-tolitarianism when that is obviously not his stance, especially if you look at his various writings. You’ve accused me of the same thing frequently, and I’ve bluntly stated many times that not only is that not my position, and that you are lying about what I think (in light of how many times I’ve told you). And you’ve said that I’m against copyright when I’ve told you again and again that I am strongly in favor of copyright, so long as it is sensible.
So yes. You make things up. You do this all the time. It would be great if you would have an honest argument for once, without resorting to hyperbole, scurrilous attacks, and outright dishonestly. Everyone else here seems to be able to do this. Why can’t you? And I have to say, it isn’t helping you. If you can’t debate better than you do, your position will tend to be discredited. While this is a little unfair, judging the message by the messenger, it happens. If you really want to make your case, you should do so in a calm and honest fashion. It will help.
DRM is already pervasive
I wouldn’t go that far. I’d say it is common. Far too common for my tastes. Like I said, it’s something we ought to get rid of. Like smallpox.
in most every case it doesn’t even prevent people from breaking the law – it just makes the penalties greater if they do, and allows publishers … an easier time in tracking them down.
If it doesn’t actually work, it seems silly to me. Of course, I am more strongly concerned about when it does work.
Regarding penalties, that is terribly ineligant. If you simply want greater penalties, then they should be built into copyright infringement itself, rather than tacked on separately. Of course, the penalties are already so great that I don’t think there is really any extra deterring effect. A single infringement can easily run up to the $150,000 mark. Circumvention is only $2,500 (or possibly as much as $7,500). If the former wasn’t enough, why would the latter be? Besides which, you’re wrong to an extent. Mere circumvention does not mean that there has been infringement. If someone engages in a legitimate fair use of a DVD that includes decrypting it in some circumventing fashion, that person is not on the hook for infringement but still faces penalties for circumvention. I find this to be particularly odious.
Regarding finding infringers through DRM, I think this would depend heavily on the form of DRM. Movie studios can hardly magically know if someone uses DeCSS on a DVD. Most DRM, AFAIK, if it is circumventable, is circumventable without the rightsholder knowing. Ironically, this is to some extent because of technologies that promote privacy. If I have a firewall controlling outgoing packets, I can keep software from calling home. If it’s malware that has been spying on me, then this helps my privacy. If it’s DRM that has been spying on me, then this helps me to keep it from snitching on me.
As I’ve said before, I really don’t see how DRM is generally an aid to privacy and security. In some narrow instances it might be useful in that regard, but on the whole, I think it tends to harm these things since the DRM users will value their rights over the privacy of their customers and will seek to invade that privacy for their own benefit. It’s worse when they work with governments to conspire against users.
I’m all for privacy, and all against tolitarian governments, etc. but I think your proposals are just completely ass-backwards. Especially given the orthogonality of privacy and copyright.
You can post all the watermarked pictures you like – guess what? You can still see them, you can still alter them, you can still do whatever the hell you want with them – but if you republish them without permission it is very easy to track you down and prosecute you. This is EXACTLY the “solution” you have been calling for, and it involves the use of DRM that in no way infringes your imaginary “fair uses.”
Watermarking seems to be of limited application. I’d like to see how the text of a widely published book can be watermarked effectively. (I am aware of ways to watermark the appearance of a book, e.g. subtly varying letterspacing, but this breaks when it’s converted to ASCII. Ditto for ways to watermark text if few copies exist, e.g. by changing some of the unimportant text in each copy, but this doesn’t work well once you need thousands and thousands of copies.) Also, watermarking isn’t terribly robust if you can compare multiple copies of a work with different marks, or if you have a tool that alerts you to the presence or absence of a mark (which is not uncommon, since watermarks are not just meant for tracking people down, but also often have a notice function).
But I digress. I haven’t called for any solution to DRM other than DRM delenda est. While one could say that watermarking is not as bad as trusted computing — and this is roughly what Prof. Lessig was saying — I don’t. I think it is all of one kind. I also am deeply concerned as to your apparent disdain for fair use. It’s very important.
These technologies are all related and you cannot logically redefine them as “good” or “bad” simply through the uses people make of them.
And this is why I — unlike the pro-DRM camp — am against outlawing technology. But I have no qualms with promoting or discouraging particular uses of technologies. Guns are great when used for hunting, sport, self-defense, etc. Guns are bad when used to murder people. I’d like to encourage the former and discourage the latter.
Likewise, with the sorts of technologies we’re discussing, I’d like to encourage their use for privacy, and to discourage their use for publication. If someone wants to publish with DRM, then I won’t stop them. But I think that we should not encouraging them by granting a copyright, and that we should discourage them by breaking their DRM system and republishing the public domain work it protected. I don’t see any logical disconnect here. I’m against certain uses, and I’m trying to deal with them directly. I want to encourage publication without DRM, and I would do this by granting copyrights to those works, rather than DRMed works. We might argue as to efficacy, or better alternatives to accomplish the same goal, but I see no particular problem with the goal itself.
Mice–
it is a pity that so many commons-ists
FYI I take exception to the ‘commonsist’ label, if you’re associating me with the CC bunch, don’t. I actually don’t care much for CC, since I think that it’s a bad idea to emphasize licensing so much. Licenses have their place certainly, but ordinary people in their ordinary lives shouldn’t have to care about them. I’d rather have them be of more relevance only within the industry of authors, publishers, commercial or organizational licensees, etc.
without the means to enable DRM there is no digital privacy
I disagree. I think that DRM uses many of the same technologies that can be used in a beneficial fashion to enable privacy. This is among the reasons that I have never advocated making the technologies — or DRM, in fact — illegal. C.f. with pro-DRM folks, who do try to make technologies illegal. However, I am stridently against the perversion of these technologies necessary in order to implement DRM.
Like I said, I think that we can draw a line between DRM as used in the copyright realm, and DRM as used for privacy. Part of this has to do with the impact of the DRM; I would not support trusted computing even in the privacy area, since it places a high burden on everyone, and doesn’t actually seem likely to stop a real attacker, while I do support strong encryption, since one person using it hardly imposes on third parties.
While you might think that pro-privacy, anti-DRM people such as myself are trying to have their cake and eat it too, I think that it’s really quite possible.
opponents of DRM sound like stident anti-abotionists arguing that a woman’s right to privacy can and should be infringed by the state: “privacy has to be fought at every turn. even the least of it is as repulsive and intolerable as the worst of it.”
Or abolitionists arguing that slavery can and should cease to exist: “slavery has to be fought at every turn, even the least of it is as repulsive and intolerable as the worst of it.”
While I agree that for most things, shades of grey are likely to lead to the best outcome, there is a valid place for absolutist positions. Surely you can’t deny this.
how long should linda’s family – and those middlemen – make money off this song?
My answer would be, for the shortest time possible which would still have incentivized him to have created and published the song in the first place. Since the purpose of copyright is to maximally benefit the public, and the public benefits not only from the creation and publication of songs, but from having those songs in the public domain, reducing the time in the public domain by any amount of time longer than the minimum required to accomplish the goal of creation and publication would be more harmful to the public than it needs to be.
If we could somehow know what the minimum incentive was for each work, and could make the grant conform to those limits, and the benefit yielded was greater than the cost of the incentive, then that’s what we’d want to do. However, since we haven’t got a Copyright Office staffed with psychics, we end up needing a more en masse approach than the ideal bespoke one. The same general idea applies though.
To the extent that artists might make bad deals, that’s too bad for them. I am against people actually cheating them out of their due, but I won’t stoop to the paternalism of second guessing their agreements, especially with the benefit of hindsight.
copyright encompasses the mundane and the extraordinary shiva. you should be careful not to penalize the extraordinary.
I disagree. I only want it to best serve the public interest. I don’t care if this happens to reduce the economic value of some works, save how that affects the overall public interest, and even then it may well be acceptable.
Or abolitionists arguing that slavery can and should cease to exist: “slavery has to be fought at every turn, even the least of it is as repulsive and intolerable as the worst of it.”
While I agree that for most things, shades of grey are likely to lead to the best outcome, there is a valid place for absolutist positions. Surely you can’t deny this.
Your choice od allegory is doubly unfortunate. You see, slavery is NOT without economic value for both slae owner and the slave. After the civil war a great many slaves stayed right where they were – they had no where else to go, and they had no resentment toward their “masters.” In the wake of slavery we were left with sharecroppers – many members of my own family were of this sort, and I can remember visiting them as a child at the time they still lived in these sharecropper shacks. People tend to think that was a very long time ago – in fact, it wasn’t at all. And a great many farms are today run in essentially the same manner – farmers who could not survive alone in a world of heavily subsidized corporations sold off their farms and now remain on the land only as managers.
In many countries slavery still exists, but in unofficial or social context. People have sold themselves into debt in order to solve immediate (often desperate) needs, and then face a lifetime of financial ruin. The force is not physical but the results are every bit as dire – entire families can have their inheritance wiped out and become homeless. There is “choice” but the choices are often not clear, made in an ignorance fostered by lack of knowledge – an ignorance inflicted through lack of affordable access to knowledge and enforced through lack of opportunity for economic advancement.
Equating DRM with slavery is ridiculous on its face, but when one looks deeper it is again quite easy to see this is not a black and white issue… no matter how many ways you might try to make it appear as such. DRM is giving people – right now – the ability to organize and overcome oppression. DRM is in every way as much a tool to overcome “slavery” as it is a means to inflict it. The difference is this: one slavery is that inflicted upon others through force, and the other is a slavery inflicted upon others through desire and addiction.
One is a slavery of need, the other a slavery of want.
DRM cannot prevent the flow of information. It can be very effective, however, at curbing the unregulated flow of entertainment.
Poptones, I have no clue what you’re talking about (and I suppose I’m not alone).
Well, there’s irony for ya. I just clicked to your blog, and after reading that entire page I still don’t know what the hell you’re about, either.
Josh… pot, kettle, meet mr. black…
Where did I accuse lessig, in this dicussion, of anything at all?
I’ve seen your kind before: one note is all you know and you accuse everyone else of your own rhetorical abuses. That’s why you always have to get in the last word, see.. it’s the only way you can feel you have “won” the argument.
As I’ve said many times: you’ve already lost. It’s pointless to waste more time on you. It’s just sad there are so few posters left here who are actually worthy of rebuttal.
Poptones…
The definitions on which you base your world view is simply so far away from what I (and propably many others) regard a natural.
When I read you insist on DRM being about “rights” and accusing people who don’t like DRM for wanting to ban a whole range of security technology and claiming that “ssh is DRM”, it must simply shake my head and conclude that your are far beyond any meaningful discussion.
DRM is not about rights and SSH is not DRM. Anything else would be based on totally incompatible definitions and make any further discussion totally redundant.
DRM has nothing to do with privacy. Encrypting messages to keep them private is not DRM. Digitally signing works to certify their authenticity is also not DRM.
DRM means that your computer does not work for you; it does the bidding of someone else, and that someone else can change the terms at any time. The term “DRM” means that your device acts as a policeman to restrain your actions.
DRM-like technology might be acceptable when the dictates that are being enforced are being set by the owners of the machines (for example, if it’s a method for controlling computers in a work environment, and it’s set up by the company sysadmins). It’s unacceptable when it is imposed on the general public.
And this has nothing to do with whether artists get paid for their work; we can find other ways to solve that than creating a DRM police state. If Prof. Lessig can’t take an unequivocal stand for this principle, then resignation from the FSF and EFF boards would be the only ethically appropriate decision.
DRM has nothing to do with privacy. Encrypting messages to keep them private is not DRM. Digitally signing works to certify their authenticity is also not DRM.
When I watermark an image and offer it to you, it is still “yours” to use as you see fit. But if you post it that watermark makes it very easy for me to track and, subsequently, enforce my rights against any inappopriate uses you may make of that work. Perhaps this doesn’t fit your definition of DRM, but in fact it meets the standard definition of DRM and this application of said technology is widely used throughout the online world.
DRM has everything to do with privacy. DRM that employs encryption allows individuals to publish their works among selected individuals who possess the key. That is DRM. It doesn’t matter if that “group” is a clan of child pornographers, an alliance of terrorists, a party of political dissidents, or a bunch of napster subscribers… same technology, different uses. DRM is not defined by the application any more than encryption or electricity.
From Wikipoedia:
Digital rights management (DRM) is the umbrella term referring to any of several technologies used to enforce pre-defined policies controlling access to software, music, movies, or other digital data.
This is exactly the definition I have been using – and it is essentially the standard definition used throughout the industry.
The term is often confused with copy protection and technical protection measures (TPM). These two terms refer to technologies that control and/or restrict the use and access of digital media content on electronic devices with such technologies installed.
I suggest it is not I, but you and a few other “activists” in this space who need to reconsider your hyperbolic and… dare I say, technologically ignorant, definition of DRM.
If Prof. Lessig can’t take an unequivocal stand for this principle, then resignation from the FSF and EFF boards would be the only ethically appropriate decision.
So no one is allowed to speak unless they tow the party line? Either drink the kool aid or resign from the regime?
This is ridiculous. Political correctness is the toxic waste of contemporary western society. Lessig is to be applauded for rebuking the statist dogma that makes these organizations otherwise appear to many as an assemblage of luddite kooks.
I cannot accept the Wikipedia “DRM” definition.
It would basicly make ANY technology “DRM” just one person used it with the intent to try to enforce certain policies.
Like the person, who claimed “robots.txt” to be DRM because he thought it prevented Google from indexing his site.
“DRM” is primarily a question of intent. Unfortunately the policies which technology is able to enforce (or in most cases only simulate that it is able to enforce) are almost never consistant with what is actually your “right”. What’s your “right” is defined by law and technology cannot make legal judgements.
I cannot accept the Wikipedia “DRM” definition.
Good for you. Keep firm in that attitude of rebuking any definition which does not dovetail into your theology and you will positively ensure no one who matters will care what you have to say.
Religion is the universal barrier to understanding.
What’s your “right” is defined by law and technology cannot make legal judgements.
So if the law says it is my “right” to kill others for not embracing my religion, and I concoct a machine to enforce this “right,” that is acceptable?
Some rights are inalienable. Locke understood this; Jefferson (in spite of being a slave owner) understood this; Ghandi understood this. The UN, on the whole, understands this. Apparently, however, when delving into the realm of technology such rights are no longer relevant to those with Hollywood’s monkey on their back.
@poptones
… you are unbelievable.
Regarding your issue with me not agreeing you the definition of “DRM” you like: Tell me why I should not turn your insult around and call you religious? I see no reason for your words not being used about you.
You really don’t seem to understand the problem with trying to use tehnolocy to judge in matters of rights. … you even convince yourself that those who do not agree with you must be against the whole concept of rights… that’s scary.
Regarding your issue with me not agreeing you the definition of “DRM” you like…
I “like?” It’s not a matter of “like” at all, it’s what’s become accepted use. It’s no different than how “fundamentalist” was something many religious folks considered an admirable trait in themselves until the mainstream woke up and realized “fundamentalist” can also mean religious creedence to beating women and marrying four year olds. “Pedophile” actually just means someone who is really, really fond o children – like an anglophile is fond of studying british history and an audiophile is fond of home stereo equipment. But we both know that’s NOT what comes to mind when someone is accused today of being a “pedophile.” It has been abused interchangeably with “chil molester” and so now anyone having a strong admiration of any sort for children risks being labeled a child molester.
It’s not about “like.” YOU are the one making that foolhardy attempt. Only in this case it is NOT about science and fact – you are attempting to redefine “DRM” only in a manner that suits your fanatical view. This atempt to redefine DRM is very little different than the way a hype filled press and ignorant public have redefined “pedophile.” With an argument lacking in objective merit, your only recourse is to attempt redefining the “opposition” through rhetorical tricks… sad.
For what it’s worth, I agree with everything Lessig said in this post: we should strive toward a world where DRM is not needed. Unfortunately, such a world seems nigh well impossible – it would mean a world where creative people are able to express themelves free of legislative or governmental persecution; where individuals are fully respected in their rights regarding freedom of thought and association – where individual rights are respected to the point no one need ever become “dissident.” Until we live in such a world, the best compromise is well secured doors and strong fences.
poptones–
Equating DRM with slavery is ridiculous on its face
Then I suppose I’m glad that I didn’t do that. If you’ll recall, Mice said something similar, but I don’t see you complaining about that. It’s because both of us were talking about absolutism. I doubt that he was equating DRM with abortions, and I certainly wasn’t equating it with slavery.
when one looks deeper it is again quite easy to see this is not a black and white issue… no matter how many ways you might try to make it appear as such. DRM is giving people – right now – the ability to organize and overcome oppression.
I disagree. My opposition to DRM is chiefly within the context of copyright. And there, it is a black and white issue, and one which has absolutely nothing to do with oppression.
So please do us all a favor and stop embarassing yourself, and wasting everyone’s time with your blathering about privacy. Everyone here is in favor of privacy and in favor of overcoming oppression. But that is totally irrelevant to the topic of discussion. Everyone here is talking about DRM solely within the copyright context. We are talking about published works, rather than information that one is trying to keep secret from oppressive government. We are talking about people who want the government to give them a benefit in the form of copyright, rather than people who want to get rid of their government. We are talking about people who are engaged in lawful commerce, rather than people who are engaged in revolutionary activities.
So if you want to defend DRM here, I strongly urge you to do so without resorting to your usual irrelevancies. Defend the use of DRM in the copyright context, without even the slightest mention of privacy. Because we’re only interested in getting rid of or at least marginalizing DRM only within the copyright context.
Where did I accuse lessig, in this dicussion, of anything at all?
Prof. Lessig said this: We should be building a DRM-free world. We should have laws that encouraged a DRM-free world. We should demonstrate practices that make compelling a DRM-free world. All of that should, I thought, be clear.
And you said this: A DRM free world? So we should strive for a world in which none of us ever have any privacy?
And that is why I said this: In this thread alone you’ve accused the good Professor of being anti-privacy and pro-tolitarianism when that is obviously not his stance, especially if you look at his various writings.
Clear enough? Like I said, pretty much every time you post, you misrepresent and lie about what other people have said (as well as about what you’ve said yourself, if it becomes inconvenient to you!), you make people into strawmen, you waste everyone’s time, you sully people’s good names. I don’t mind if you support things which I am against, or vice versa. I don’t have a problem with other people merely because we might have a disagreement. But you go beyond this because of the tactics which you employ. Tactics which are apparently pretty wortheless, I might add. Peter Mogensen, Peter Rock, Andreas Bovens, Joe Buck, and I are all pretty much calling you out on it, and that’s in this thread alone. And this is not a high-traffic board!
You are obviously a smart person, and I think that you are capable of arguing better than you do. Right now, you’re not contributing anything positive. If you want to argue a pro-DRM position, then that is fine, and I welcome the challenge. But you need to go about your argument in a proper manner. If you can’t do that, why bother to post at all? You don’t seem to be convincing anyone of anything, or even using criticism in a way that forces us to better our positions. This is entirely due to the tactics you’ve been using, and not the pro-DRM position. You would at least get some traction if you argued in a reasonable, rational fashion and stuck to the topic at hand, rather than racing into irrelevancies as you have been doing so far.
Think about it.
DRM that employs encryption allows individuals to publish their works among selected individuals who possess the key. That is DRM.
Sure. However, I think that copyright should encourage the creation of works and their publication amongst the entire public, rather than a selected few. Thus, my proposal to only grant copyrights for non-DRM’ed works, so that public access to the works is ultimately ensured. Authors could choose to only publish to keyholders, but would have no copyright on the work, and would have to risk attacks on the DRM that, if successful, would result in third party publication of the work to the public at large.
Like I’ve said, authors should be free to do whatever they want. But I’m perfectly happy to bribe them to get them to do what I want them to do, and to not lift a finger to help them when they do something I don’t want them to do.
Some rights are inalienable.
Sure. Copyright isn’t one of them. See e.g. 17 USC 201(d). It’s also not a natural right. And frankly, I can’t imagine why you’d even bother to bring this up. It’s apropos of nothing.
It’s not false, just beside the point.
We know what we want: to protect our private documents without being
restricted in use of published ones. The relevant question is whether
what we want is possible.
The answer is yes. For instance, I use the GNU Privacy Guard (gnupg),
a free software package for public key encryption, to keep certain
files and emails private. The GNU Privacy Guard can be used for
privacy, but it can’t do DRM. That is why it is ok.
Poptones addressed a different question, actually the converse of the
relevant question. Instead of “Can technology protect our privacy
without restricting us?” he asked “Can technology restrict us without
protecting our privacy?” That’s like asking “Can we make pollution
without having an industrial society?” or “Can we threaten individual
freedom without enforcing laws?” The response is, “Ha ha, but now
let’s get back to the point.”
We should refuse to be drawn into stretching the term “DRM” to cover
facilities for privacy. These functionalities are different. CSS
does DRM, and the GNU Privacy Guard provides privacy. They may both
use encryption, but they use it in different ways.
We should also refuse to give even half-praise to any kind of DRM,
even if it is less bad than others. The view stated in Lessig’s
explanation in this page makes logical sense, but when we express it,
we must take care that each individual sentence comes across only as
weaker condemnation, and never say anything that could sound like
praise.
he asked “Can technology restrict us without protecting our privacy?”
I see you came bearing plenty of straw. I said nothing of the sort. In fact, if you will look over the dozens of posts I have made here on the subject you will see I never said anything of the sort. In fact, examples used in this very thread prove the immense pollen count to your charge: the newsgroups are full of posts made my cliques of people posting who knows what in public spaces. They are publishing works that are, most likely, illegal to publish or, at the very least, republish – for if they were not illegal in some manner there would be no reason to encrypt them. These traders have devised mechanisms for “inviting” new members and for distributing encryption keys among those members, and if you break their trust you will be once again cut off from that channel – this meets, in every way, the very definitition of DRM. Not just “my” definition but even yours, as you have so often pointed out DRM could lend Hollywood this exact same control over their own works through their own channels.
This is not a difficult concept: DRM stands for three words, and each of those words have specific meanings. Put them together and they still have that same meaning – digital rights management. You may argue that means “managing” you out of some of your imaginary rights, and that’s fine… but it doesn’t change the definition any more than throwing “static” in front of the word redefines electricity.
@poptones
First, – I’m not trying to redefine “DRM”. I’ve been working with this area both technically an politically in 4 years now and one of the primary conclussions I can draw is that “DRM” HAS NO definition. Everybody is talking about it (mostly rightholders, politicians and CEO og companies selling it), but none of them actually knows what technology they are talking about. Mostly it’s just a big bunch of wishful thinking akin to wanting perpetual motion machines.
Everybodys talking about DRM. Nobody knows what it is…. so primarily DRM is an intent. Not a technology.
Your attitude to DRM is very naive. From reading the above it seems that you think that just because someone has coined the acronym “DRM” to mean “Digital Rights Management”, then it must be about rights. That’s like arguing that since it’s called a “sea lion”, then it must be a kind of Lion.
DRM is antithetical to privacy. (I mean DRM in the common sense of your equpiment acting against your wishes, rather than the attempted redefinition of any technological protection measure). In order for DRM to be effective, it has to be backed up by laws forbidding anyone from breaking it, which requires that we must be prevented from modifying our own property, lest we enable forbidden functionality. Encryption increases privacy and freedom; DRM reduces it by turning my tinkering with my computer in my home into a federal case.
Encryption increases privacy and freedom; DRM reduces it by turning my tinkering with my computer in my home into a federal case.
Uh, no… it only becomes a federal case when the results of your “tinkering” with encrypted content show up on kazaa or usenet.
44 posts in this thread and no one has yet dared address my example of watermakred images. This is a defacto implimentation of DRM, it does not prevent you from viewing content (even illegally shared content) nor does it prevent you from “remixing” the work into other works. It’s even less of an inconvenience than the now antiquated Macrovision protection applied to Hollywood’s VHS publications – its only impediment is in the way it degrades the visual properties of the image, and so in that regard is arguably more of a liability to the publisher (who will lose sales) than to the viewer. This type of DRM can be applied to any audio/visual material, cannot be readily removed even if the (properly designed) algorithm is completely free and open, and is reasonably robust. So how does this undermine anyone’s “rights?”
I would like to add several additional points that require further discussion in the public arena to concerning the adverse implications of DRM/DCMA.
1. Lost Sales: Companies seek to make a profit. Few people mention that the insane quest for a “perfect” DRM technology means lost sales. Why not sell a product based on an open standard so that you can make money now, rather than delay, delay, and delay yet again because the DRM technology is not ready for prime-time. Companies are slitting their own throats trying to implement an unworkable technology.
2. Public Domain: Patents and copyrights expire. Yet I have not seen any reference to how a DRM technology will recognize this expiration and release the content into the public domain.
3. Liability: DRM technologies actually TRANSFER significant liability from the content vendor to the content user. “LIABILITY” in this context means the $$costs and time of the content user in keeping their computer: operational and secure. Computers are complex and when a vendor, such as Sony installs a defective product your ability to fix it is compromised. First, trying to identify the offending vendor can be very complicated. Even if the vendor is identified they will initially say the problem is not theirs, that it must be the fault of another incompatible program. Even if they acknowledge the fault, they may not help you fix your computer.
4. Interoperability: What happens when you have a large number of DRM technologies deployed on your computer based on propriety code and making stealth changes to the computer’s operating system. The outcome is obvious; you will have an unreliable and probably unusable computer.
5. Dirty Tricks: What is to stop a content vendor from using their DRM technology to disable your ability to use a competitor’s content?
poptones–
So how does this undermine anyone’s “rights?”
Well, it’s not much of a solution, since as I’ve pointed out, it cannot be applied to just anything. E.g. plain ASCII text that is widely published. It doesn’t seem to be particularly robust, especially if you can compare a few differently marked works from independent sources. And this is one of the reasons it’s not caught on yet — remember SDMI? More robustness, meanwhile, tends to impair the fidelity of the copy. And there is a danger of falsification, if third parties learn how to add marks (e.g. imagine if all the pirated movies had watermarks that led back to Jack Valenti’s credit card) which could really harm innocent people if too much weight is afforded to the marks. There is a similar danger of false positives; finding watermarks where in fact it doesn’t exist. And it might harm makers of devices and software if the overall mark system puts a computational demand on user’s systems (this will depend a lot on how it is designed). It’s a bit of a privacy concern; if I use copyrighted materials to make a scathing but anonymous parody or criticism, the desire for anonymity should really be respected and not made so vulnerable.
There is also the increased enforcement problem that I’ve discussed earlier. By analogy, speeding laws are generally tolerable to people when they’re enforced on the worst offenders, and where enforcement only occurs sometimes, in some places. This lets most people speed to a degree, without too much risk, and we do want to speed, even though we acknowledge that there are good reasons why it’s illegal. If every deviation above the speed limit was ticketed, no matter how trivial, people would not stand for it, and speed limits might very well be raised or the practice of increased enforcement prohibited. The copyright quid pro quo is in part based on the assumption that enforcement is going to be pretty spotty. As it is enforced more (e.g. against two people sharing files with one another via Napster, where it was not enforce when they shared tapes by hand) a backlash will build up that could severely diminish copyright to make up for the increased enforcement so that the overall level of risk stayed within tolerable levels. I think we’re already seeing this starting. Certainly so many people didn’t care about copyright laws this much in the past; now I see a lot of unhappiness about them. Depending on what our goals are vis-a-vis copyright generally, we might find it desirable to only have limited enforcement potential.
The main problem though, is that it is a camel’s nose. Watermarking is not a very good thing on its own due to all those vulnerabilities. So there is an incredible desire on the part of proponents to make the watermarks artificially solid through legal and technological means. Making it illegal to remove or alter marks would harm users’ rights, particularly given that the marks are so fragile to begin with that this could preclude any number of ordinary uses. And if technology is introduced which is crippled such that it will detect marks and refuse to carry out orders that happen to harm the mark, or which tend to reproduce the mark and thus constantly reduce fidelity, this is really no good either.
Frankly, I don’t see anything good out of the marks, and I see a lot of risk that something worse than the marks alone will happen if we’re lax about this. So I think we should presume against watermarking just to be safe.
Anyway, that’s what I can think of off the top of my head. Given some time to seriously think about watermarking specifically, I imagine I could think of more problems with it. Of course, I’d enjoy seeing what others have thought of.
“Uh, no… it only becomes a federal case when the results of your “tinkering” with encrypted content show up on kazaa or usenet.”
No, that would actually make sense. If I download or write software that lets my DVD player ignore region codes or unskippable ads I’ve committed a federal crime; it makes no difference that I have no intention of distributing copies to others.
No, that would actually make sense. If I download or write software that lets my DVD player ignore region codes or unskippable ads I’ve committed a federal crime; it makes no difference that I have no intention of distributing copies to others.
and how, pray tell, does anyone know that you have done these things unless you share with others either information on how to do them, or the cracked material itself?
A lot of things are illegal but unenforcable within the privacy of the home.
@poptones
I don’t know how they make laws where you live or what your idea of democracy is, but where I come from it is not an argument for a bad law that it probably can’t be enforced. Actually… I find your argument scary.
Anyway… In the example there was no intent of distributing the copyrighted material. However, there was distribution/download of software/information which enabled the private activities… So that’s one way for others to know about it.