Digital rights management

Technical enablers to control the Internet. Part VI: End of the Internet?

Digital Rights Management (DRM) is the current buzzword for the technical implementation of the "intellectual property rights" (i.e. intellectual property rights) in digital media. DRM will implement several categories of exploitation rights, some of which have no direct analogy to the traditional publishing processes.

Microsoft also warned today that the era of "open computing," the free exchange of digital information that has defined the personal computer industry, is ending.

Microsoft Tries to Explain What Its .Net Plans Are About by John Markoff, The New York Times, July 24, 2002

Pay per Copy (payment per copy)

This is the traditional model we know from books, music, videos and software "wrapped" software. You pay a fee for a copy and usually agree to a license that prohibits copying and resale. However, there are no technical measures to prevent people from following this ban. In some cases, the purchase even allows the original to be lent to others without paying additional fees to the ier.

Pay Per Instance

I created this term to describe the following concept:

A document is sold to an individual and is not transferable. Or it is transferable, but cannot be copied.

Whoever would give a document on the basis of the "Pay per Instance" purchases a document that is chained, so to speak, to the personal certificate of the computer on which it is expected to be viewed. If you copy the downloaded document (aming the Trusted Computing Platform allows this) to someone else’s system, they can’t read it because they don’t have the certificate. Giving your certificate to someone else is like giving them copies of your credit cards and personal identification documents… is therefore unlikely.

If the document is still linked to a specific computer system, it can be read on that system, but in order to transfer it to another system (for example, from a desktop computer to a PDA to take it on vacation), a transfer must be made that allows the document to be read on the PDA. However, the document will no longer be readable on the desktop computer, but it will be possible to transfer it again when you return from vacation.

Pay per instance also allows a transfer that can be compared to lending a book to a friend (publisher permitting). Let’s say someone has downloaded a book to his computer and wants to send it to his daughter in college (after reading it himself). No problem – just decrypt the book with the personal certificate and send it to the daughter by email. Of course, after that you are no longer able to read the book itself. Maybe this transfer will involve a small fee, but, hey, micropayment simplifies this and you will probably have to pay a lot more to send a printed book to your daughter. A publisher could also sell book editions (perhaps at a premium), so that a document, just like a "real book", can be transferred several times. As long as a borrowed copy is not returned, no other copy will be lent then.

Own the data on your hard disk?

Many computer users were surprised to learn that the answer to these questions is largely the same "no" must be. A standard computer is typically equipped with approx. 1 gigabyte of pre-installed software covered by the handler’s copyright. The user must agree to an End User License Agreement (EULA) before using the software, then he will receive the appropriate license. such consent may be explicit or implied. While the user of the computer would technically be able to copy this software and data, the legal permission is (or is not) contained in the license agreement and the corresponding copyright law.

Many files downloaded from the Internet are subject to copyright, even if the user does not have to explicitly agree to a license. Documents of any kind are inherently copyrighted and may be used only as permitted by law, unless there is evidence that the copyright has expired or the publisher has explicitly waived the copyright.

The only files that a user automatically owns are those whose contents were exclusively created by the user himself or are subject to the public domain. In the case of these files, the user has the right to freely copy, modify and redistribute them as they see fit.

Digital Rights Management does not change the laws of copyright, it simply embeds the enforcement of already emerging rights into the user’s hardware and software.

Pay Per Installation

"Pay Per Installation" is "Pay per Instance" similar, but here the purchased content is bound to the certificate of the computer on which it was installed, not to the personal certificate of an individual person. Anyone using this computer is authorized to retrieve content bound to this computer certificate. It is not possible to use the content on another computer.

This type of DRM will primarily apply to commercial software that is/was installed on a computer. Pre-installed software will naturally be bound to the computer’s certificate ied by the company from the outset. Whoever buys software, whether in a store or via download from the Internet, will bind it to the certificate of the machine on which the software is installed. The purchase of a copy of the software will usually only allow the customer to activate it once; additional licenses for other computers can, of course, be purchased as needed.

Just like "Pay per Instance" the person offering the product paid for in this way can also grant permission to transfer the product to another computer. For example, if you replace your old box with the new TurboWhiz40GHz box, you can install the programs you have already purchased on the new computer by going through an activation process, so that the programs on the old computer can no longer be used. This option may or may not be available, depending on the terms of the license.

Pay Per View (payment per view)

This model was applied to movies in my childhood. If you wanted to see a movie, you ran to the theater, threw down your 50 cents (my childhood was a long time ago) and got a ticket, so you got to see the movie once (including newsreels, cartoons, etc).). When the movie was over, the lights were turned back on and everyone was chased out. Who wanted to see the movie again… another 50 cents please. Thank you. This is the golden age that media giants dream about when they sleep while their bodies are processing the various toxins they ingested at the last Hollywood sybaritic parties.

As with "pay per instance" the content you download is bound either to your personal certificate or to that of your computer. But in addition to that, it is prescribed how many times you can watch the content, for example, only once. Instead of going to a music exchange site and fighting until you find the title you are looking for – and under constant attack from the music moguls – you visit your favorite online music store, find the title you have been thinking about for days, download it for a small fee and listen to it … once. If you want to listen to the title again and again or burn it on a CD, then you simply pay a little more and buy a CD "Pay per Instance"-License.

You don’t have to buy an album anymore to get one or two hit singles – but of course the singles cost more than that "Fullmaterial". And: No, you can’t copy a self-burned CD for friends, because its content is bound to your own certificate or to the certificate of your computer. You can of course copy from the CD with the "Killer titles" make a copy to give to friends or to sell on the net, but the person who gets this copy must pay a license fee for each track, otherwise it is impossible for him to play it.

Attention: "Pay per view" Has applications beyond traditional entertainment media. Software, which a user can start and test only x times (this is defined in the license), is an example for that. After these licensed test runs, the user must either purchase a license for unlimited use or for further test runs. Software handlers that use such "Discontinued copies" are on the safe side, since they store which certificate is linked to which copy and will refuse to sell more than one copy to a user. This application of the "Pay per view"-Modells closes the gaps that made the shareware model a difficult business model to operate in.

Protection against circumvention of DRM techniques

Previous attempts to protect intellectual property in the digital age have only led to a game of hare and hounds between creators and those who want free, uncopyrighted works. There are reasons to believe that digital rights management based on a trusted computing platform is a tough nut to crack. This will ultimately result in "effectively complete" security (which is how I define the point at which the losses incurred by copyright are insignificant compared to those incurred by further reducing the costs), as was the case with digital satellite television.

In the United States, the Digital Millennium Copyright Act (DMCA), enacted in 1998, criminalizes the "Reverse Engineering" and circumvention of copy protection mechanisms. The interpretation of the DMCA led to the fact that even information about the type, design and implementation of copy protection technology was already considered criminal by the corresponding paragraph. Considering the political consensus behind the DMCA, what is at stake for the media industry, and the investment currently being put into DRM techniques (by hardware and software handlers), there is no question that we should expect to soon see a highly secure system that incorporates all of the aforementioned user rights possibilities and will not be grossly circumvented.

Trusted Internet Traffic

Once trusted computing platforms that protect intellectual property rights are established, this security can be extended to the Internet itself. ARPANET, the forerunner of the Internet, was developed to provide highly fault-tolerant networks for military communications. In such networks, all communication links could be secured and the identity of all computers on the network would be known. In today’s global Internet, which anyone can join, none of these conditions apply anymore. Many of the current problems on the Internet are the direct consequence.

Tomorrow’s secure Internet will be implemented in trusted computing platforms in conjunction with ISPs and backbone carriers. Today, any computer on the Internet can contact another and send any packet defined by Internet protocols. This also means that any computer on the net, once declared vulnerable to attack, can be targeted by millions and millions of computers around the world and, once compromised, can be used to attack other computers.

The secure Internet will change all this. Secure Internet clients will reject all connections from computers whose certificates are unknown (this will be done automatically by the ISP; a user can of course choose to receive mail from people whose certificates are unknown, but choosing not to will prevent all SPAM – so it’s up to the user). On the secure network, each request is marked with the user’s certificates and the requestor’s computer certificate, and these markings are then made available to the recipient.

Login and password no longer need to be verified, as the secure network will have already verified the identity and, if necessary, debited the micropayment account with the access fees and online purchases. ISPs will keep access logs, which in the event of a "Cybercrime" be made available to law enforcement if there is a court order to do so.

In addition, the secure network will protect the intellectual property of all those who participate in it. As a customer, I am then able to download all the documents – the conditions for this are determined by the one who publishes them, supported by the DRM. Publishers etc. can offer documents that contain a signature in addition to the certificates (verifying the publisher and the terms of use). It ensures that the document has not been corrupted after publication.

Leave a Reply

Your email address will not be published.