DRM, or digital rights management, is a digital lock placed on media content and devices. Supporters say DRM protects businesses and artists from piracy and theft. Sounds good, right? Opponents say it kills innovation, doesn't stop piracy, and helps malware distributors. This month, a group led by the Electronic Frontier Foundation has assembled to come up with ways to fight DRM.
The World Wide Web Consortium, which just admitted the MPAA, has been pushing for every internet browser with HTML5 to ship with DRM since 2013. With Google, Netflix, and Microsoft on their side, it looks like DRM could very well become a requirement for browsers. But the opposition is about to take a stand. The Apollo 1201 project, led by the EFF with special consultant Cory Doctorow, is working with researchers and academics to try to repeal laws supporting DRM, including section 1201 of the Digital Millennium Copyright Act.
Why DRM Sucks: Part One
When you buy an e-book, Keurig coffee-making machine, iTunes media, or any wide host of gadgets and files, their sellers add DRM technology to control the ways you can use what you bought. So if you buy a Keurig, for example, the DRM prevents you from using non-Keurig coffee pods. If you buy a movie from iTunes, that means you can't put it on a DVD. These controls let companies put limits on the products they sell, and means people who buy them are circumscribed with what they can do with what they have purchased. It's like buying a tub of ice cream with a special lid that locks if you try to share with a friend or blend it into a milkshake.
And while it ostensibly protects creators, it also puts them at the whims of companies like Amazon and Apple. "Every time you buy a DRMed Kindle book, you can't move it to a Nook or Kobo or any device that comes in the future. So that means that if I don't like the way I'm getting treated by Amazon and want to sell my books elsewhere, I have to cross my fingers and hope you're willing to buy all my books again to read them on the new platform, or be willing to maintain two separate ecosystems to continue to access my stuff," Doctorow told me via email.
Why DRM Sucks: Part 2 (Horrorshow Edition)
So that's all shitty, but Doctorow believes there's another valid argument against DRM that everybody should be able to get behind. Far from safeguarding people, these controls could be the impetus for some serious security problems. "The real horrorshow is that DRM requires that your computer be designed to hide its operations from you, and the DMCA makes it a felony to tell you about vulnerabilities in the DRM that can be exploited by creeps and thugs and crooks and spies," Doctorow said. This means that it'd be illegal, for instance, to report a discovery of spyware ingrained in a program, whether it's put there by the NSA or some Russian malware ring.
"I think that most people miss that DRM can't be sustained without laws mandating silence about DRM's flaws," he said. These laws make it illegal to point out security problems, so white-hat hackers who violate DRM to discover vulnerabilities could go to jail for reporting serious issues. "No one really thinks about this- that they're filling their lives with voice- and gesture-controlled devices (implying that they're never out of range of a mic and a camera), and the government is willing to imprison people who point out potentially lethal flaws in them."
Doctorow hates DRM for basically all the reasons anyone could hate it, but he's adamant that it could end up dicking everyone over by hugely de-incentivizing people to report security flaws or malware. That's a compelling reason for anyone to support reform, if not an outright repeal of laws that push DRM.
This push against DRM is happening at a pivotal time, since the push for the technology has already developed momentum. In 2014, Mozilla was coerced into putting DRM in its browser, because Netflix and other video providers are preparing to implement a system where their content would require DRM. It was either keep fighting or lose the ability to show people Netflix, which would have tanked Firefox.
It's a long-shot that Apollo 1201 will succeed. But DRM is a threat to online security (not to mention creativity) that is worth fighting against despite the odds.