Slashdot Mirror
UCB Researchers Critique DRM, Compulsory Licensing
An anonymous reader writes "
In this
paper, Berkeley researchers critique a host of cockamamie DRM schemes, and
they also question the compulsory
licensing approach recently being promoted by the EFF. They get into some
of the practical details about compulsory licensing that no one else seems to
be talking about like technical feasibility, incentives to cheat, monitoring for compliance, efficiency of collection and distribution of funds,
privacy, fair use, feasibility of legal enforcement... Anyway, it's worth
a read and is a useful contribution to the debate, whatever side you're on.
"
...worked well for 30+ years.
UNIX File Permissions.
Dude, this thing is like 5 and a half pages before the bibliography, and all of that is actually well-considered and thought out, which means it takes a long time to read. As an average slashdotter, being asked to read the article before trying to express my ill-thought-out-opinions seems unreasonable. That involves actual thinking and effort. Couldn't you give us, like, a sound bite in the story blurb next time that we could misinterpret and fight about? Has Microsoft said anything stupid on this subject lately?
This pdf was apparently generated by pdftex,
which is GPL'd.
So you probably won't go to GNU/Hell for reading it, in your friendly local xpdf or konqueror or whatnot.
As someone who hates that disgusting Adobe PDF format (why people can't publish in HTML after all this is the web right ?) here is the text of the pdf..
A Framework for Evaluating Digital Rights Management Proposals
Rachna Dhamija
UC Berkeley, SIMS
rachna@ sims. berkeley. edu
Fredrik Wallenberg
UC Berkeley, SIMS
fredrik@ sims. berkeley. edu
Abstract
In this paper, we analyze the strengths and weaknesses
of the various solutions to compensate intellectual property
rights holders. Specifically we look at digital rights manage-ment
(DRM) based systems, extensions to DRM to support
fair uses, monitor-and-charge schemes, compulsory licens-ing
schemes and alternative business models.
Our main contribution is to provide a framework from
which current and future proposals may be evaluated. In
order to realistically evaluate any compensation scheme, we
suggest that the following questions are important to ask:
Is the proposal technically feasible? What are the incentives to circumvent legal and techni-cal protections for all parties in the transaction?
What is the burden of monitoring for compliance in the system, and on which parties does this burden fall?
What is the efficiency of the collection and distribution of funds from consumers to rights holders?
What are the impacts on user privacy and fair use? What is the feasibility of legal enforcement, both do-mestically and internationally?
1. Introduction
Over the last few years the debate over protection, or lack
thereof, of copyrighted works has flourished. Proposals on
how to reimburse the creators of these works range from
strict proprietary encryption locks to new business mod-els
that rely on revenue streams from ancillary products.
Each new proposal points out the shortcomings of previ-ous
schemes and highlights the benefits of its own solution.
However, no consistent framework exists for analyzing the
different solutions.
In this paper, we analyze the strengths and weaknesses of
the various solutions. Specifically, we look at DRM based
systems, extensions to DRM to support fair uses, monitor-and-
charge schemes, compulsory licensing schemes and al-ternative
business models. From this comparison, we extract
important dimensions such as technical feasibility, incen-tives
to cheat, burden of monitoring, privacy, and the feasi-
bility of legal enforcement. Our main contribution is to pro-vide
a framework from which current and future proposal
may be evaluated.
Digital Information as a "Public Good" Economists
sometimes refer to certain goods as public. This does not
imply that they are in the public domain as defined by intel-lectual
property law. Rather, a public good is a product or
service that has two properties. First, it is non-rival, which
simply means that consumption by one person doesn't limit
consumption of the next. Second, it is non-excludable, im-plying
that once the product exists, the benefit cannot be
limited to those that have paid for it.
Ideas and information captured in physical media tradi-tionally
fall into some middle ground. While the informa-tion
itself certainly has the characteristics of a public good,
the physical media that it is tied to is rival and exclud-able.
This gives rise to business models involving the sale
of physical artifacts whose only value is the embedded in-formation
such as books, CDs and DVDs. These business
models have taken a serious blow with the introduction of
information in digital form combined with communications
media such as the Internet. The question at hand is whether
or not it is possible to devise a scheme under which money
can be transferred from those consuming information goods
to the providers of the same.
We use the characteristics of a public good to distinguish
between the following classes of proposals to compensate
intellectual property rights holders:
The bathwater should be carefully checked to make sure no baby is contained therein before throwing it out. DRM often being overly restrictive, easily bypassed, or otherwise inneficient does not mean that there should not be some _Rasonable_ system in place that prevents misuse, and only mis-use. In the slashdot crowd-- and I find myself, as part of it, falling victim to this at times-- DRM is often spoken of in a context of its being inherently bad and undesireable. Truthfully, and effective and fair DRM system just might be what is truly needed.
Interesting comments wanted; trolls need not reply
More importantly, it just doesn't work. My favorite part of the paper:
No proposed technical protection measures are strong enough to sustain a determined attack. Only in combination with models where the incentives to circumvent are limited, can technical solutions succeed.
So, I read that to say that if you don't allow for reasonable legal alternatives (like, say, charging less than $20 for one decent song amidst some filler and/or providing some handy online distribution system), nothing you can do technically to prevent copying will work in the long run. Of course, that leaves legal recourse (as we've seen from the RIAA lately), but the fine article also addresses the (in)feasibility of that option.
Of course, I'm guessing the *AA will read it more along the lines of: we've gotta use the opposite approach by providing an incentive to NOT circumvent: (1) try to convince everyone that file sharing is the moral equivalent of eating the baby you just molested, (2) utilize ridiculous and broken copy protection schemes that hassle the honest-end users, thereby creating a peer-pressure factor, and (3) emit a constant barrage of shotgun-style lawsuits to maintain a nice atmosphere of fear.
I dunno why these nice smart folks bothered to make this fine paper. For some of us they are preaching to the choir, for others their words fall on deaf ears.
everything in moderation
You don't recall that because you weren't a radio station in the 70's and 80's being sued by the RIAA for playing whole sides of LPs instead of talking over single tracks. You weren't Philips, trying to grow your new compact cassette format while the RIAA tried to get it banned in the US market.
The reason it's different now is purely because of the technology. Unlike those other battles - over physical technologies like the LP, the compact cassette, the reel to reel, DAT, Elcassette and so forth - or with established businesses that could be held economically accountable for breach of contract - this time the RIAA is forced to deal with a technology that is available to everyone and travels at the speed of light. This battle is purely a game of whack-a-mole, which the old order can never hope to win.
Compulsory licensing is a copout. It's also inevitable. My guess is the EFF is just hoping this "olive branch" will help them to build a dialougue with the industry. That could help build credibility for the EFF in established circles, but I suspect it still may be too early to play this card without alienating the hard liners (like myself). The music industry may be on the ropes, but it has a very long way to fall and I don't want to see anyone catch them before they hit the mat.
(BTW I was going to link you to a story about the RIAA and the LP, but trying to connect to RIAA.ORG returns me http://"""....""""" - it would appear they are, yet again, succumbing to a DNS attack...)
First of all, let us observe that it is very rare that hitting your customers with a massive hammer (filing lawsuits against them and treating them as criminals) ends up helping your business. And it's quite uncommon if you make someone's life a living hell (with Microsoft style Palladium DRM) that they are going to buy more product from you, much less have any positive opinion of you.
Secondly, let us look at what is really going on with music today, not what the music industry likes to say is going on.
1. Most people like music.
2. Most people buy music.
3. There is an amazing amout of music available on many labels from many geographic regions.
4. There is no easy way to a consumer to listen via radio to all the music that is available.
5. Outside of radio, the ability to listen to music before purchase in a commercial environment is even more limited. Some few music stores offer listening stations, but many times the equipment is broken or dirty.
6. In reality, most people listen to much of the music they end up purchasing via their friends. In fact, many friendships are made because people have common tastes in music.
7. The music industry's method of retailing is incredibly anti-customer and does not respect local laws and customs (try before buy, returns).
8. The music industry has made very little effort to revamp their sales system.
9. The existing online music stores all require that you register to
Intellectual property is fascism.
Now, I'm sure we both realize that the previous statement was roughly meaningless and designed only to incite emotion. The point is that yours is the same. Copyright is a legal construct in the first place. It does not exist independent of the government's creating it.
But moreover, I don't see how it is socialism in any case. Socialism implies that the means of production are owned by the government. Umm, in this case I guess that would mean that the content producers were owned by the government? Or their equipment, perhaps? Nope, none of this is making any sense.
Well, you've made it quite clear what your opinion is, but you haven't really given any reason for anyone else to accept it. My point of view is that compulsory licensing has at least this benefit: it stops the "arms race" between file sharers / traders / copyright infringers (however you want to look at it) and the RIAA / MPAA. While I think the technological aspect of this "arms race" may actually produce technologies which are interesting and useful in their own respects, the legal "arms race" is much more troubling, as very questionable law is being enacted at the request of the side that evidently donates more money to political campaigns.
Compulsory licensing does mean that you can't "write a song and sell it at a price of [your] choosing", but the way I look at it, you didn't have a right to do that anyway. You currently have the ability, yes, but that ability is only justified (in the USA, by the Constitution) to be granted to you to "promote the progress of science and useful arts".
And yes, I realize you were probably just trying to get a rise out of me and the many Slashdotters who think as I do, but the point is that there are real, legitimate issues here. Most people accept copyright law because it's what they're used to, but the fact is that when you look carefully, the foundations for it--especially in its present form--are pretty shaky.
One interesting point raised by the linked-to article, which you did not address, is that in a compulsory-licensing system, the producers have an incentive to try to fake the system. That honestly hadn't occurred to me. I think this can be solved, say by having rankings signed with a public-key system, and I think the solution would be simpler and less Draconian in implementation than trying to get DRM on everything, but it is worth thinking about.
I metamoderate all Redundant and Offtopic moderations as Unfair.
It really comes down to how much it will cost to do DRM and the cost of getting around it. The costs are not just monetary - but may include a complex tradeoff of penalties and benefits in many areas - including culture, the legal system, personal privacy, fundamental human rights and so on.
Since corporations and hence their hired thugs in government don't much care about things like human rights, personal privacy or culture (realisticly, things are not set up to encourage them to do so, so why would we expect it), they will always make their decisions on the basis of corporate self interest - which is usually short term profit these days.
There is almost certainly a place for DRM on some level - it encourages and rewards creative artists of all sorts (though the best artists seem to do their thing anyway). The problem is that as soon as we allow any serious IP protections (as DRM or whatever), there's no control on what the people who want to make profits can do with it.
I worked for a company whose game plan was to sell a product for less than $100 - the product was in large part IP of one sort or another. Once the marketers got hold of it, the price was inflated to the $1500 range. Not because it was worth that - but they thought they could charge that much and get away with it. I had figured out how to do a cheap DRM scheme that would be just hard enough to break to make it cheaper to just buy the product (at the $100 mark). Shortly thereafter I left the company - with the DRM scheme still unimplemented.
That kind of thinking "We can get away with charging that much" is pervasive. But its also problematic - just by charging that kind of inflated price, the marketers are providing higher motivation for people to find ways around paying the prices. Monopolistic practices (even in the small - one company holds the contract for the current top musical sensation) tend to exacerbate the problem. Now they want to impose DRM - worse yet they want to do it with the government's legal system - which means that they get the benefits (ability to raise prices, impose conditions...) but everyone else gets to pay the price.
If there were no serious DRM, but downloading a permanent copy of a song cost (say) a dime, there'd be no incentive to break DRM - and most people (I suspect) would go along with it and its not hard to believe that the music industry would be the better and with smaller distribution costs, the artists would probably be better off. But when we allow and legally support DRM it is both an incentive to the industry to charge as much as it can, and an incentive to consumers to find ways to break it.
Worse yet, we now have corporations that seem to have determined that they are owed a certain amount of money every year - and who are willing to pass laws to ensure that they get it. Essentially they want to tax us to ensure that their incomes stay where they'd like them to be.
Given all this, I see no reasonable alternative but to ban DRM completely - but I suspect the corporations will have their own way and we'll end up spending $10 to listen to a single song three or four times. The interesting thing is going to be the underground that springs up to counter them - who knows what that will result in? I do quite love the law of unintended consequences.
Bullshit. Perhaps you mean to say DRM is unbeneficial in its current form to consumers? Even then bullshit.
DRM has benefits right now, ask Apple, they seem to be making a few million dollar benefits out of a system which includes a form of DRM.
Want to stop users running as root or deleting your files on a shared system? That's a form of DRM, which has benefits?
Want to stop recruitment agencies chopping your CV into pieces, editing it around and submitting it for jobs for which you are unsuited and wasting your time? Produce your CV as a PDF which stops that. There's a benefit for you.
Want to produce a game for the PS/2, the XBox or any other console? Want to make sure that people buy it and you actually make some money from your effort? DRM again, woah, profit as a benefit? How unlike slashdot.
Just because something annoys you does not make it unbenefical to everyone, nor does making blanket statements of your political beliefs as fact provide any benefit to an arguement.
Make the [MP|RI]AA sell non-discriminatory licenses for content that's already out there, rather than allowing them to throttle the channels of distribution. That's in the spirit of copyright law, because the intent of copyright law is to put content into the public domain... pause, think... and the mechanism for doing it is to reward rights owners. So by having Joe Public distribute the content, then reward the rights owner, everybody wins, right?
Well, sure, but there's a tiny problem. It's that nobody remembers that. The publishers have a vested interest in not remembering it. In fact, they've paid huge sums of money to Congress to forget it. The DMCA, and DMCA case law explicitely refutes it. The "exclusive rights" have become paramount, trumping the intent to make the content available.
So, you make the [MP|RI]AA license content. Fine. Does that mean they have to make it available without DRM? Nope. Does it mean that you get the right to break the DRM to use it? Well, technically, if you can do it yourself without obtaining or making available a tool to do it, so, de facto, no. DMCA case law has already made this clear. Congress said that it's not legal to obtain tools even for use on content that you licensed, and the courts have (astonishingly) upheld that.
So what good does licensing do, when you can only get crippleware content, and devices that will play crippleware content, and when you can't legally obtain tools that let you uncripple it?
I applaud the EFF's intent, but defeating rampant DRM is a pre-requisite to any shake up in licensing, not an afterthought.
If you were blocking sigs, you wouldn't have to read this.
I dunno why I'm posting this seeing as I've missed the "prime time" for this story as it were, but arguing that DRM is inherently evil is a bit like arguing that DSL inherently sucks because your IP is dynamic and you pay by the megabyte (ok I have an enlightened provider where neither is true but then I'm a Brit) -- just because the current implementation is greedy doesn't mean the idea itself is useless.
I see a future that works along these sorts of lines: Firstly, record companies will be a lot smaller and less wealthy. This is of course the real reason why they oppose internet distribution but I think we all realise that however hard they fight this will eventually be the case. Secondly, I see them providing a two-level service from their website. A modest, flat subscription fee lets you download your favourite music from their own well connected server network, in whatever format (OGG, FLAC, MP3, AAC...) you want, capped at, say, 1GB of downloads per month. I've got a dedicated server where I get 200GB for $100/mo, so a $10/mo subscription fee would cut them a handsome profit of about $9.50, by that pricing scale. These files would be encrypted.
The second layer service is free to all comers; no email address required, no ad profiling information, just a username and password registration. This level doesn't supply any music, just keys for each song. You go on Kazaa or whatever, download whatever form is available (keys are issued on a per-song basis, not per-encoding), then decrypt it with a key that your player acquires by means of a web service API.
This depends on copyright law being made more sane; specifically, that it is illegal to redistribute copyrighted content FOR PROFIT. Also, the other big problem is that most of the record companies' revenue comes from teenagers, and you have to be over 18 to have a credit card and hence participate in transactions over the internet (I'm not quite 18 yet and I can attest that running said dedicated server is a real pain in the ass at present). Though if it's a subscription service I suppose they could get their parents to pay for it, the important thing is this has to be straightforward and easy to pay for above all else.
Given this scenario though, I think that artists and labels could continue to turn quite a handsome profit. People resent being bullied and ripped off, so music companies probably are losing out on a lot of revenue to the filesharing networks at the moment. However, stack these two options against each other. What would you rather have; an unreliable, hard to use filesharing network with its associated boat load of scumware? Or a clean ad-free page where you can download an entire album in just the format you like it at the click of a button and at maximum speed? Heck I'd pay more than $10/mo for that. I still buy CDs because I like stuff in 64kbit OGG (I'm not an audiophile and I can cram an immense amount of stuff onto my 128MB P800 mobile phone at that bitrate)
Or, if you do want to download something off Kazaa, then the act of getting a song key tells the record company that someone is listening to this song, and that will help them reimburse the artists accordingly. Yes of course this DRM can be broken, and yes some people will break it by stream hijacking or whatever but then _there is no point in doing so anymore_. The downloader contacts a record company server to get the key and by doing so they establish that this is the correct file, that it is of good quality and that the artist benefits from their download, and the recording company can build a good profile of just who's popular at the moment, and maybe the media player can discreetly ask where you got the file from so they can see which distribution channels work best. Go up to a friend of yours, tell them about this great new band you just heard and give them a crypted disk of some of their best tracks. Legal and beneficial to all, same spirit as the open source systems everyone's so enamoured of over here.
And, if you acknowledge that pe