legal inforcements of DRM - digitalimagetracking.com

Digital Rights Management holds an uncertain legal status in most countries, as the rights of users and producers regarding content are rarely defined clearly enough currently for the legal situation to be widely agreed upon. In most countries, particularly those without a fair use doctrine, users' ability to use copyrighted material is ill-defined and so difficult to enforce.

The 2001 European directive on copyright forces member states of the European Union to implement legal protections for DRM. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States.

DIVX: Proposed as a rental-only system, DIVX required a phone line, and thus inhibited the use of media offline. To relocate a work for which unlimited plays had been purchased (called DIVX Silver), it was necessary to carry the DVD player that first played the disk with it, or manually request that another player be authorized to play that disc. Consumers were denied certain fair use rights in countries with such a doctrine, such as the ability to create compilations of purchased material and to re-sell their copy. DIVX should not be confused with DivX.

CSS: Restricts owners' use of purchased content, such as the creation of compilations or full quality reproductions, where such actions would ordinarily be permissible in certain countries as fair use. The system also prevents the user from playing encrypted DVDs on any computer platform, although this restriction can be easily circumvented at the risk of prosecution under laws such as the DMCA. CSS is an example of certificate-based encryption.

Product activation: Restricts a product's functionality until it is registered with a publisher by means of a special identification code, often recording information about the specific computer the software it is installed on to prevent its use across multiple machines. Activation schemes may place some users at risk by incorrectly identifying their purchased software as unauthorized. An example of this vulnerability occurred in 2003, when Intuit's use of a flawed product activation scheme angered thousands of customers who were denied legitimate use of the product, resulting in a formal apology by Intuit and their cancellation of the system.

Digital watermarking: Allows hidden data, such as a unique disc ID, to be placed on the media. The system allows such information as the name and address of the purchaser to be taken at the point of sale, and entered into a database along with the unique disc ID. This system does not prevent copying, but ensures that any copies made of the media will be traceable to a particular copy and perhaps to a particular user. However, the scheme relies largely on authenticating the purchaser's identity at the point of sale, and can be easily circumvented by a customer who provides false information.

Digital Millennium Copyright Act

The Digital Millennium Copyright Act (DMCA) is a United States copyright law passed unanimously on May 14, 1998, that criminalizes the production and dissemination of technology that allows users to circumvent copyright protection methods, rendering all forms of DRM-stripping and circumvention software illegal. On 22 May 2001, the European Union passed the EU Copyright Directive, an implementation of the 1996 WIPO Copyright Treaty that addressed many of the same issues as the DMCA.

The DMCA was largely ineffective in enforcing DRM systems, as software allowing users to circumvent copyright restrictions remains readily available over the Internet. However, the Act has been used to restrict the spread of such software by limiting its distribution and development, as in the case of DeCSS.

The arrest of Russian programmer Dmitry Sklyarov in 2001, for alleged infringement of the DMCA, was a highly publicized example of the law's use in preventing the further development of anti-DRM measures. While working for Elcomsoft, he developed The Advanced eBook Processor, an application that allowed authorized users to strip usage restriction information from protected e-books. Sklyarov was arrested in the United States after presenting a speech at DEF CON, and subsequently spent several months in jail. The DMCA has also been cited as detrimental to legitimate users, such as students of cryptanalysis, and security professionals such as Niels Ferguson, who declined to publish information about vulnerbilities he discovered in an Intel secured computing scheme because of his concern about being arrested under the DMCA when he travels to the US.

While DRM systems are ostensibly designed to protect an owner's right to control copying, after a statutorily-defined period of time any copyrighted work becomes part of the public domain for anyone to use freely. DRM systems currently employed are not time limited in this way, and although it would be possible to create such a system (under compulsory escrow agreements, for example), there is currently no mechanism to remove the copy control systems embedded into works once the copyright term expires and they enter the public domain.

Furthermore, copyright law does not restrict the resale of copyrighted works (provided those copies were made by or with the permission of the copyright holder), so it is perfectly legal to resell a copyrighted work provided a copy is not retained by the seller—a doctrine known as the first-sale doctrine in the US, which applies equally in most other countries under various names. Similarly, some forms of copying are permitted under copyright law, under the doctrine of fair use (US) or fair dealing (many other countries). DRM technology restricts or prevents the purchaser of copyrighted material from exercising their legal rights in these respects.

Moreover, the scope of legal rights cannot, in principle, be fully encoded in technical access/copying restrictions. For example, a photograph generally falls under the copyright of its photographer, and may not be reproduced in an unlimited way by other persons. A photographer wishing to enforce her copyright might attach some DRM codes to a digital version of her photograph that indicate "may not be copied." However, the photographer might subsequently sign an agreement with another party authorizing such duplication (the reason for doing so is irrelevant). Under law, the moment such an agreement is signed, copying (under the new terms) becomes legal; but the DRM software will not (has not so far, in any case) be adjustable to reflect the new legal reality established by those whose choice it is.

An oft-cited example of DRM overreach is Adobe Systems' release in 2000 of a public domain work, Lewis Carroll's Alice in Wonderland, with DRM controls asserting that "this book cannot be read aloud" and so disabling use of the text-to-speech feature normally available in Adobe's eBook Reader.

DRM has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to substantial numbers of rare (and in many cases unique) documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library's document centre at Boston Spa in England. This is an interesting case, one in which DRM has actually increased public access to restricted material rather than diminished it.

An early example of a DRM scheme is one that is currently being used on textbooks required in some American Dental Schools including New York University College of Dentistry. The textbooks are available only on DVD and students are forced to purchase the DVD. The DVDs are readable only on an authorized computer and only for a limited time, after which the DVD "expires" and the information in the "DVD book" becomes unavailable. Some of these books are not available on paper at all.

Digital Millennium Copyright Act