iTunes supposedly DRM-free music not so DRM-free?

iTunes supposedly DRM-free music not so DRM-free?

Summary: If you follow the digital music business at all, then you know by now that earlier this year, Apple CEO Steve Jobs issued a clarion call (ok, an open letter) to the entertainment confab to free digital content of any digital rights management (DRM) technology: the technology that, in the course of trying to prevent piracy of content, also prevents honest people like you and me from moving iTunes-bought music from an Apple iPod to a non-Apple MP3 player (that's just one example).

SHARE:
TOPICS: Apple
120

If you follow the digital music business at all, then you know by now that earlier this year, Apple CEO Steve Jobs issued a clarion call (ok, an open letter) to the entertainment confab to free digital content of any digital rights management (DRM) technology: the technology that, in the course of trying to prevent piracy of content, also prevents honest people like you and me from moving iTunes-bought music from an Apple iPod to a non-Apple MP3 player (that's just one example). EMI, a record label, took that clarion call to heart and has since carved out deals with Apple and Amazon to sell DRM-free music. But is the music really DRM free?

According to Erica Sadun, author at the The Unofficial Apple Weblog (tuaw.com), iTunes-bought MP3s still have the iTunes account owners' names embedded in them. Sadun has a screen shot showing what happens when she runs the "grep" command against a song she downloaded from the iTunes Music Store. It shows her first and last name. As such, she has appropriately titled her entry: "TAUW Tip: Don't Torrent that Song." In other words, if you share a DRM-free copy of some song you purchased on iTunes, you'll be sharing your identity at the same time -- a piece of information that could easily find its way back to lawyers and authorities.

So is it DRM? Well, DRM systems can't really function without binding playback devices (eg: iPods) and software (iTunes) to content without having some piece of information that's unique, but common to both: a digital version of your identity. So, to the extent that iTunes is still binding your identity to the supposedly DRM-free music, the technology still enables the entertainment confab (along with Apple) to engage in rights management. If for example, someone makes their iTunes-purchased DRM-free music available through BitTorrent and the rightsholders discover the identity of that person (easily done), chances are they will use whatever legal means they have at their disposal to enforce their rights to that music. That, if you ask me, is still a means of managing their rights, digitally so. Is that not a form of digital rights management? You tell me. But what really gets under my skin about this has to do with the answers I got during my podcast interview with executives from Amazon and EMI about Amazon's Apple-like deal with EMI (where Amazon will opening a DRM-free music store featuring EMI's recording artists as well). I asked EMI's Barney Wragg point blank if, by allowing customers to buy DRM free music, his company was going to be depending on the honor system to survive and, in essentially saying "yes," the idea that the music we buy would still somehow be bound to our identity never came up. In fairness, maybe that won't be the case with EMI-purchased music on Amazon (although I never asked for specifics regarding Apple's deal with EMI, Wragg did liken the two). But if it turns out to be the case, then the answers provided by Wragg will have turned out to be slightly disingenuous. Time will tell.

Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

120 comments
Log in or register to join the discussion
  • EMI is the only company experimenting.

    And was financially weak when making the agreement.

    How will the success of the experiment be measured?
    An increase in sales online and offline? A reduction in filing sharing, including songs from iTunes with the identifying information stripped out?
    (As we know, file-sharing increases CD sales, so an online increase can imply an offline increase.)

    Both of those, which appear to be the most likely measures of success, are affected by other factors, such as the lack of new music popular with the public. So the results are likely to tell EMI whatever EMI wants to hear, ambiguously.

    EMI could put DRM back and say: See?!

    I think that's likely. If enforcing DRM helps the RIAA companies gain a sympathetic response in Congress, it's doing one of its main jobs.
    Anton Philidor
  • Misleading Article

    The topic and article are both misleading. Big deal if it puts your user name and purchase date in the song. Are you also angry that your car has a license plate on it? If you keep your music to yourself as you should, than it wont ever be an issue. Just like if you don't commit a crime in your car, you don't have to worry about being tracked down via the license plate.

    For those that do put up their while library to be downloaded, than they deserve to have their account suspended and/or charges presses. DRM free music doesn't mean you can just give it away freely. It means you can play it on what ever device you have.
    Stuka
    • agree 100%

      :)
      Been_Done_Before
      • I agree for the most part...

        Except the problem I had with the Michigan State Police,
        I got a parking ticket for parking my Red Ford truck in a no parking area in Lansing.

        Well I had never been to Lansing and the License plate # which was mine was for my Silver Jeep. So if someone does not record the info correct when they are looking for violators you might get a surprise one day!!!
        mrlinux
        • mrlinux has a point...

          The first thought that crosses my mind is this: What if someone surreptitiously copies one of Apple's non-DRM MP3s from my computer, then posts it on his computer for public downloading?

          Eventually, someone of authority will likely find it, and come knocking on my door.

          I'm reasonably assured (it's impossible to cover everything) that my computers are locked down well enough that this likely won't happen, but how many people do you know who do nothing whatsoever for security on their home computers - connecting to the web sans firewalls, antivirus, etc? I know of many, and they could be targets of such activities.
          Zeppo9191
          • Good point

            It is possible for these things to happen. Hopefully if they do, a bit of research will show the person was not directly responsible for it.

            I bet it wont take long for somebody to make a tool that strips your user info out of the song though.
            Stuka
          • Spoofing defense

            Expect scripts to come out very soon that either erase these tags or change them to something like "Steve Jobs". So this means that this evidence will not hold up in court. Of course, the RIAA will still make threats and try to get you to settle, but as usual, if you refuse to settle and take the case to court, they'll drop it.
            tic swayback
          • Another point

            My guess - as long as we're doing hypotheticals here - is that if someone has
            surreptitiously copied files from your computer, having some music files (and they're
            AACs BTW, not MP3s) show up for public downloading is going to be the least of your
            worries.
            dolph0291
          • They don't even have to copy it from your computer...

            [b]The first thought that crosses my mind is this: What if someone surreptitiously copies one of Apple's non-DRM MP3s from my computer, then posts it on his computer for public downloading?[/b]

            How's this for an ugly scenario? Through whatever means, you're a victim of identity theft. Your wallet gets stolen, your credit card gets cloned at a restaurant, your computer's infected with a keystroke logger - whatever. So the schmuck sells your credit card number to some pimple faced punk who promptly logs onto ITMS and starts downloading stuff from there. You don't notice anything odd - why, you and your spouse and kids have ipods, you and the family buy stuff from there on occasion.

            Then the RIAA stormtroopers come knocking at your door - for sharing files online... Good luck proving you're not guilty...
            Wolfie2K3
    • Agreed (NT)

      .
      none none
    • Wait a minute...

      I'm not necessarily in disagreement with the attachment of identity information to music. It's more about disclosure. If Apple, EMI, or any other party is doing that, then it should be disclosed up front. And the purpose of the method should be explained. Information regarding the usage of our identities shouldn't come from someone that's hacking the music files.

      This is (1) a disclosure issue and (2) a question as to whether the music is truly DRM free, or not.

      db
      dberlind
      • Your article isn't clear enough

        I think you were going for sensationalism with your article and it backfired on you.

        You talk about DRM. Embedding the users name is more of a "watermark".

        [i]"If Apple, EMI, or any other party is doing that, then it should be disclosed up front. And the purpose of the method should be explained. Information regarding the usage of our identities shouldn't come from someone that's hacking the music files."[/i]

        I wish you had put those sentences in your article. Because that is the real beef. [b]Proper Responsible Disclosure[/b]
        dragosani
      • Hacking?

        <i>information regarding the usage of our identities shouldn't come from someone
        that's hacking the music files.</i><br><br>Hacking music files? Just go into iTunes
        and check the info-panel of any song you've bought at the iTMS (plus or non-plus).
        It's right in front of you: your name and your e-mail adress. This is nothing new.
        Jens T.
      • The reason why they didn't disclose is simple.

        So Apple adds your details to a file that you bought. I honestly cannot see the problem in that.

        There are worse invasions of privacy than your name and contact details on your Mp3's. For example all the times you are captured on CCTV - without disclosure. At least with the Mp3's I have control over them. Who knows what happens to all that CCTV footage.

        Anyway, I think I know why they didn't do a full disclosure, don't you. They were testing the market to see how many people uploaded their DRM free Mp3s on the torrent sites and if the ratio was too high then they would have scrapped the whole deal.

        Yes they should have told you that they were adding your details, but it is hardly the crime of the century by not telling you. I think there is a lot of noise about this because I imagine there are few people getting a little nervous about now. I wonder if that includes you db by any chance??
        Bozzer
      • get real

        Disclosure issue? Maybe. But then your printer is uniquely identifiable as well, so this is hardly new.

        DRM issue? Try again. There is no restriction (remember Digital Restriction Management?) is tagging your files. You can do whatever you want with them, including post to a torrent if you so desire. That you could be identified for doing so is not DRM. Please drop the sensationalism and present your real complaint in an intelligent fashion so you don't get lumped in with all the "music just wants to be free" losers.

        I am against DRM. This does not qualify.
        shraven
      • I don't think this satisfies the requirement for DRM.

        I would not define this as DRM. In all uses of the term which I am familiar DRM
        implies active enforcement via software of how a product is used. The identity stamp
        is simply an extra piece of data appended to the file; because there is no active
        component inherent in either the file or the player, this is not DRM.

        In that personal information is being recorded in these files, this should have been
        disclosed, but not because it is DRM.
        jerel.krueger@...
    • What if...

      What if/when your machine gets hacked and then your music gets uploaded as a torrent? What are you going to do then?
      dlauer@...
  • I have my VERY OWN, SELF-DESIGNED DRM-DEFEATING DEVICE...

    ....I've taken my old straw cowboy/prospecting hat, and covered it liberally, with an entire roll of TINFOIL. And you can't simply just use the cheap, thin, no-name variety, either. You have to use the GOOD STUFF, THE REYNOLDS BBQ HEAVY-WEIGHT aluminum foil....
    Feldwebel Wolfenstool
  • What's to stop people

    from converting the ACC to MP3, destroying the identifying data in the process? I'm not saying I condone that practice if you are doing it simply for the sake of piracy, but you obviously have the digital rights to convert the file to whatever format you like, and that's the most important feature that this DRM-free music is giving you.
    Michael Kelly
    • Same thing that stopped them before

      Lost quality. You could burn to CD and rip to MP3 with 99 cent songs too.
      voska