DRM Reality

DRM
It's a pretty simple thing to allow Jane to copy "Everything is Everything" only twice. Computers understand "2." What they don't understand is, "I've already copied it to my MP3 player and my laptop, but I got a new desktop computer and I need to transfer it again!"

"Fair use" is not something that's easily digitized. Many companies have taken desperate measures to "plug the hole" of digital content flowing over the Internet, eliminating any right on the part of the consumer to make decisions regarding the content he's purchased. DRM is not a new thing -- many of those old floppy disks were copy-protected. Manufacturers wrote them using special drives that a typical consumer drive couldn't mimic. Some required that a piece of hardware be connected to an I/O port on the computer for the software to run at all. But to many, more recent DRM schemes have crossed the line from copy protection to hog-tying the user.

The limited-use encryption method used in Intuit's Quicken TurboTax 2002 caused a consumer brouhaha. When the user installed the encrypted software, the process installed a key on the user's computer. That's a standard practice. But this particular key would only unencrypt the software once. To use the software more than once, the user had to call Intuit and get the company to supply additional access rights. When users installed the software on a second machine after they'd already used the key, they found that they could prepare a tax return but could neither print the return nor file it electronically with the IRS.

A more common DRM encryption scheme provides a key that works forever. In this case, the key must be tied to the ID number of the user's machine. The key will only decode the file when it's accessed from the computer it was originally installed on. Otherwise, the user could simply forward the key along with the encrypted software to everyone he knows.

Some products, like those protected by Macrovision SafeCast or Microsoft Product Activation, use a Web-based permission scheme to prevent illegal use of the content. When a user installs the software, his computer contacts a license-verification server to get permission (the access key) to install and run a program. If the user's computer is the first to request permission to install this particular piece of software, the server returns the key. If the user gives the software to his friend and the friend tries to install it, the server will deny access. In this type of scheme, a user typically has to contact the content provider to get permission to install the software on another machine.

A less common DRM method is the digital watermark. If you've heard about the FCC's proposed broadcast flag and Philips' corresponding Video Content Protection System (VCPS) encoding, you've been introduced to the digital watermark setup. The FCC is trying to require a "broadcast flag" that lets a digital video recorder know if it's allowed to record a program or not. The flag is a piece of code sent out with a digital video signal. If the broadcast flag says a program is protected, a DVR or DVD recorder won't be able to record it. This DRM proposal is one of more disruptive ones out there, because it requires media and equipment that can read the broadcast flag. This is where Philips' VCPS format comes in. The Video Content Protection System reads the FCC broadcast flag and determines whether or not a device can record a program. With the broadcast flag in effect, only VCPS-capable recorders will record digital TV data, only VCPS-capable DVD-RWs will accept digital TV data and only VCPS-cable players will play VCPS-capable DVDs. The system would render current DVD systems obsolete for any consumer who wants to record DTV. The flag/VCPS setup is on hold since May 2005 when a U.S. court ruled that the FCC doesn't have the right to determine what a consumer device can do with a digital signal once it has reached its destination.

The DRM-provider Macrovision used an interesting approach in one of its recent DVD-protection products. Instead of making a DVD uncopyable, Macrovision RipGuard exploits glitches in DVD ripping software to prevent copying. It's a piece of code in the software on a DVD, and it's purpose is to confuse the DeCSS code that most ripping software is based on. Macrovision programmers studied DeCSS to discover its flaws and then built RipGuard to trigger those flaws and shut down the copying process. DVD consumers have already found ways around RipGuard, though, mostly by using ripping software that doesn't employ DeCSS or by tweaking the code in DeCSS-based rippers. The Digital Millennium Copyright Act of 1998 makes disabling a DRM system illegal in the United States, but tons of people actively seek and publish methods to bypass DRM restrictions.

Recent DRM schemes have set up an adversarial relationship between digital-content providers and digital-content consumers, and it's not only the consumers who are employing sneaky techniques to get the upper hand. The reason most of us are suddenly aware of DRM systems is because Sony-BMG released millions of CDs containing DRM software that crossed the line from managing rights to spying on consumers and harming their equipment.