Regarding: http://www.cdt.org/copyright/20060907drm.pdf September 9, 2006 Dear David and Alissa, I've just had a look at your DRMÊ paper and wanted to provide some feedback about three major omissions in your analysis: 1. Renewability: It's well and good to talk about transparency and disclosure and consent, but a major problem with DRMs has been their "renewability" or "revocability." That is the ability of DRMs to change the deal after you buy your media. For example, iTunes 4.0 let you stream your music from home to your work PC. iTunes 4.0.1 took that away. TiVos recently had aÊnon-discretionary update applied to them that added Macrovision restrictions, so that they were transformed from Betamax-ruling-compliant devices that could record any show aired to more constrained devices that could only record shows that weren't flagged as "NO-RECORD." (Note that the MPAA proposed this as an alternative to the Betamax ruling in the 80s, and were rejected by courts and Congress -- what they could not accomplish through legislation, they've achieved by sneakily crippling devices that are already in the field.). All new DRMs are being designed to be "renewable." The Sony PSP was repeatedly patched to force users toÊ stop running their own software on their devices. BluRay and HD-DVD are both built around a "renewability" system that can shut down devices. The Broadcast Flag ruling provided for renewability toÊdisable consumers' property on the grounds that if someone, somewhere figured out how to use a DVD burner to circumvent the flag, all innocent users of that burner should be punished to get at the guilty. This week, Microsoft issued its fastest-ever OS patch to remove a DRM crack that users applied in order to make lawful uses of the content they owned. What kind of disclosure is sufficient here? What constitutes transparency? "This device will do the following five things and restrict you from the following eight things. However, at any time in the future, without your consent, a secret commercial body with closed membership and meetings may shut down any of this device's features, with no appeal." If CDT wants to help lawmakers understand the danger of DRM and the ways in which consumers need to be protected from it, then this is critical. 2. Open Source: DRM and open source are fundamentally irreconcilable. Open source is about letting users understand, improve, and republish their tools. DRM is about preventing a device's owner from understanding or modifying its workings. If iTunes says "play on 5 CPUs only," it won't do to have someone change that to "play on 5,000,000,000 CPUs only" and recompile the code. Thus any user of DRM -- and any ecosystem built on DRM -- is deprived of the benefits of open source: innovation, competition, and the human right to use your tools in the way that suits your needs. Note that Sun and a few others have floated the canard of "open source DRM" -- by which they mean a DRM that is used in conjunction with trusted computing. In these systems, an open source DRM is one that cannot be modified or redistributed -- in other words, the only thing "open" about it is that the source code is available for inspection. This has some insignificant security benefits, but it eliminates all the other benefits of open source -- the low barriers to entry that encourage innovation and competition.Ê After all, if all it takes to declare something "open" isÊ that you're allowed to modify it if you can get aÊ license to do so, then Microsoft Windows is "open" too -- anyone who can get a license from Microsoft can modify Windows and republish it. Providing you can get the license. 3. Creative Commons: Since the CC licenses launched in 2003, over 160,000,000 works have been released on CC terms. CC prohibits the use of DRM in conjunction with its works, and iCommons, the international CC organization, recently adopted a position against DRM. That means that the use of DRM precludes the use of these works, which are licensed on generous terms that allow users to make lots of further uses.Ê DRM vendors, such as Apple, value their products as a tool to lock in consumers. Apple refuses to switch off iTunes DRM even when selling CC-licensed works whose creators wish to have them redistributed. That's because Apple wishes to ensure that every iTune you buy adds $0.99 to the cost of switching from an iPod to a competing device. Therefore, Apple forces creators who sell through the iTMS to re-license their works to Apple on terms that permit DRM. -- I hope you'll take these three points into consideration as you draft the next version of this paper. Any attempt to uphold consumer interests in DRM must take account of these, or it will always fall short of its mark. -- Cory Doctorow Canada-US Fulbright Chair USC Center on Public Diplomacy USC Annenberg School 3502 Watt Way Los Angeles, CA 90089-0281 USA +1 415 726 5209 latest novel: craphound.com/someone blog: boingboing.net vanity: craphound.com podcast:Êfeeds.feedburner.com/doctorow_podcast new novel: craphound.com/est collection: craphound.com/place novel: craphound.com/down Join my mailing list and find out about upcoming books, stories, articles and appearances: http://www.ctyme.com/mailman/listinfo/doctorow