The fallacy of DRM

January 2003. © 2003 Tim Jackson. This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License. Please credit myself with an attribution as the original author and include a link to this page. This page has been translated into Polish although as a non-Polish speaker, I can’t verify its content. It’s also been used in an article about digital culture and control.

Whether you’re a technical computer user or not, over coming months you are going to hear an increasing amount about Digital “Rights” (a euphemism for ‘Restrictions’) Management, otherwise known as DRM, or sometimes IRM (‘I’ for ‘Information’). Sometimes it will be explicitly mentioned, sometimes it will be implicit in features of software that claim to be able to restrict how someone else uses some data you give them. For example, Microsoft Corporation have recently announced that DRM will be a part of Office 11.

But why should you care? In this document, I’ll try to summarise and briefly explain what DRM is, what some of the key problems with it are, and why you should refuse to accept it.

What is DRM/IRM?

DRM (or ‘IRM’ as Microsoft call it in Office 11 – same thing) is, broadly speaking, a general term for mechanisms that allow someone to place arbitrary restrictions on an item of digital media. This could be anything from a sound/music recording to a wordprocessor document. For example, DRM suppliers claim that using DRM a musician can sell music in an ‘uncopiable’ digital form. Similarly, via DRM, the creator of a document may supposedly be able to place restrictions on it such as “you cannot print this” or “you can only view this document 5 times” before distributing in a digital form.

You may well ask what the problem is. Superficially, some of the purported goals of DRM may seem reasonable, such as preventing the distribution of confidential documents. However, when you really think about the consequences, you’ll find that not only is it fundamentally flawed, but it’s very scary technology which, if accepted and used to an extent that it reaches ‘critical mass’, will profoundly affect societies that rely heavily on digital communication.

  • Imagine a book that automatically became glued shut after you read it once.
  • Imagine documents that self-destructed, Mission Impossible-style, if you tried to walk out of the door.
  • Imagine telephones that only worked if the person you were ringing had the same make and model.

Sound crazy? That’s only scratching the surface of how DRM will potentially affect you.

‘Trusted Computing’?

The ‘hard sell’ on DRM and related technologies to the public at large is largely being done under the banner of and as part of euphemistally-named ‘trusted computing’ intiatives, with the implication that your computer will be more trustworthy and secure with DRM software/hardware. Ironically, the exact opposite is true. DRM takes away your control over your computer and gives it to third parties. In the words of Richard Stallman in his article ‘Can you trust your computer?’: Most people think their computers should obey them, not obey someone else. With a plan they call “trusted computing”, large media corporations (including the movie companies and record companies), together with computer companies such as Microsoft and Intel, are planning to make your computer obey them instead of you..

What ‘trusted computing’ really means is that third parties (like film and music companies) can ‘trust’ your computer not to do things that they don’t want you to do.

The companies developing some types of DRM and DRM-related hardware/software will claim that DRM is, in principle, benign and neutral, and that it’s completely optional. There are indeed some potential benign uses for some aspects of the technology but, pragmatically, DRM is all about surrendering control of your own computer, and if accepted, it will become ‘optional’ in the same way that having a bank account is ‘optional’ – you might not strictly need one, but you won’t be able to do much in a modern society without it.

Interoperability down the drain – incompatibility to rule

Interoperability has always been a problem in the computer world. For decades, people using different types of computer system have had to jump through hoops to exchange documents and other data. This is almost universally entirely unnecessary and merely due to a lack of agreed standards. In recent years, however, with the advent of the Web and Internet, there have been positive steps towards interoperability.

Significantly, the Internet would simply not exist without interoperability, and interoperability is the key to its success. Common standards for communication mean that there is a diverse range of software to connect to and use the Internet, and it all largely talks to each other in a transparent way, which is how it should be. You send an e-mail to someone and they can read it, even if they’re using a completely different computer type, operating system and e-mail program. Likewise, you can read this web page in any one of thousands of different browsers that you may or may not have heard of (Opera, Mozilla, Netscape, Internet Explorer, Konqueror…). You could even write your own browser, if you felt the need. Equally, it doesn’t matter whether you’re using Linux, Windows, MacOS, AmigaOS, Solaris, BeOS or any other operating system, all because there are agreed common standards about how a Web page is stored, transmitted and interpreted. Protocols and standards are the ‘languages’ of computer interoperability. If everyone spoke their own, nobody would be able to talk to each other.

However, DRM is a fatal blow to computer interoperability. Inherently, it relies on secret software, and formats (‘languages’) that can’t be decrypted except by ‘authorised’ software, meaning you must use (and often pay for) the same piece of software that the originator of a document/email/other file is using, even if you don’t want or need it. And you may not even be able to run the necessary software on your computer. Now, you may expect that as a result of this, software will spring up to work around these problems (i.e. break DRM), as has happened in the past with incompatible file formats and so on. This is certainly technically possible, if a waste of resources that could better be put into making computers work better for us all. However, the same cartel that is promoting DRM has also been quietly pushing for legislation which will expand their monopolies even further by preventing people from creating compatible software – the Digital Millennium Copyright Act (DMCA) in America, and European Copyright Directive (EUCD) in Europe. You can read my page about the EUCD for more information but essentially these draconian laws will make it illegal to write software to defeat DRM. In other words, you will be faced with a choice of not accessing DRM-enabled content or documents at all, or being forced into accepting unnecessary and crippled software that supports it – and even that’s assuming you can run the necessary software.

Letting companies make laws

DRM allows companies and other creators to reserve rights for themselves which they do not legally have. For example, under copyright law in most countries, you have the right to use excerpts of copyright material (such as music, books, films etc.) for the purpose of review. However, when those works are protected by DRM, a third party (such as the creator of that material) can prevent you exercising those rights. And, thanks to the laws (EUCD/DMCA, see above) that they have promoted, you will quite possibly be a criminal for even trying to exercise those rights. Therefore, they have succeeded in imposing their own law which supercedes our present laws (which in the case of copyright are already weighted against consumers).

Dangerous consequences

There are an almost infinite number of nasty, unintended consequences of DRM, and no doubt over time many more will come to light – but by that time it will be too late. I can only scratch the surface here.

For example, going deeper into the case mentioned above of document destruction, the consequences for fraud are terrible and in the shadow of Enron and other similar cases, almost unimaginable. Imagine working for a corrupt and fraudulent company – you have the proof that they’re stealing millions of pounds, or perhaps illegally manufacturing weapons. But the only proof you have is an internal document. If that document is DRM-protected against copying, printing or forwarding, what can you do?

How about electronic newspapers, protected by DRM? In a networked world, the true Orwellian vision (as expressed in the book ‘Nineteen Eighty-Four’) of rewriting history could come true. DRM could allow an author to change a document and electronically destroy other copies, wherever in the world they are. Is this just overexcited paranoia? No, this is reality and is possible now – the only thing standing in the way is that DRM is not – yet – universal.

The hardware factor

Realising that at the end of the day, as long as users have control over their computer, it will be possible to ‘hack’ or otherwise defeat DRM restrictions (even in the absence of legal incentives not to do so), DRM proponents, in conjunction with computer component manufacturers such as Intel, hope to combine secret software with special hardware built into computers to produce an “unbreakable” solution that will deny users the right to affect how their computer works, at least if they want to use DRM-enabled software. More information can be found in the TCPA/Palladium FAQ.

The fallacy of DRM: technical solutions to social problems

In summary, DRM attempts to solve a set of purported problems (which, even if they exist, are social problems) through technology. If this weren’t bad enough, it creates the framework for a historically unprecedented surveillance society, where even the fabric of everyday activities is interwoven with electronic restrictions and monitoring.

DRM forces society to make a clear decision. DRM can be circumvented, technically speaking. Therefore to work, it must be legally enforceable, and to hell with the consequences – even if that means innocent people are imprisoned just for writing a program that means they can read a book or listen to a piece of music, and that corporate crime may go unpunished, since evidence can be instantly destroyed or prevented from leaving a certain environment. We have a clear decision, and you have a clear decision about whether you will support DRM. Is this price worth paying?

What can be done?

DRM, unfortunately, is already here. There’s a good chance that you already have DRM-enabled applications on your computer (although you may not realise it). However, you can still stop the worst of its threat by making a conscious decision on a personal and business level not to accept it. Here are some things you can do:

  • Don’t buy or install DRM-enabled software.
  • Don’t buy works (such as music, films, e-books etc.) protected by DRM. You don’t want a crippled product, so don’t accept it. Insist that you are supplied in an open format that gives you the freedom to use it in a way that suits you, rather than the seller.
  • When someone first sends (or offers to sell) you a document, e-mail or other file which you can only open in DRM-enabled software, refuse to accept it. Politely explain the situation and that if the sender doesn’t trust you enough to send you the document in an unrestricted format, they should not send you it at all.
  • Above all, don’t accept being blackmailed into accepting DRM.