Free Software Foundation: DRM fundamentally incompatible with FSF princples

Free Software Foundation: DRM fundamentally incompatible with FSF princples

Summary:'s Martin Lamonica reports: [Free Software Foundation general counsel Eben] Moglen said that DRM technology, which places limits on how users can play movies, music or other digital content, is "fundamentally incompatible" with the principles of the Free Software Foundation.

TOPICS: Open Source
22's Martin Lamonica reports:

[Free Software Foundation general counsel Eben] Moglen said that DRM technology, which places limits on how users can play movies, music or other digital content, is "fundamentally incompatible" with the principles of the Free Software Foundation. Moglen and Free Software Foundation founder Richard Stallman are co-authors of the GPL version 3.

Unfortunately, this is actually only half the rotten truth.  As the Electronic Frontier Foundation's Brad Templeton taught me, DRM (digital restrictions management) is also technically incompatible with open source software (the likes of which the Free Software Foundation espouses).   The problem has to do with how DRM works.  Some where in the source code behind DRM-laden software like iTunes or Windows Media Player is an if-then-else statement that is an expression of the rules that the content cartel can live with.  It goes something like this:

If [the end user passes the DRM shakedown], then

   playback the content


   deny access to the content

End If

The problem is that the content cartel must trust the DRM technology providers to check with them first before changing the rules and altering the source code to the point that users might be allowed to do something else once the "If" condition is satisfied.  For this reason, there can never be an "open" DRM standard that's available to open source developers.   That's because we all know (even the open source developers know) that open source developers will change the rules without checking with anybody.  For example, the source code behind an open source media client might say the following:

If [the end user passes the DRM shakedown], then

   Strip the content of its DRM and republish all of it
   on BitTorrent


   Strip the content of its DRM and republish all of
   it on BitTorrent

End If

Lamonica's report also said:

On Monday, the Free Software Foundation published a draft of the GPL version 3, which is expected to be completed in about a year. The draft states that GPL software cannot use "digital restrictions" on copyrighted material unless users can control them.

It later mentions TiVo, which runs on embedded Linux and includes DRM technology.  So, to paint the complete picture, you have TiVo which is a company that's relying on a combination of open source software and proprietary DRM software to build a solution that allows the content cartel to sleep at night.  Under the new GPL, it appears as though TiVo -- as long as it wants to continue embedding Linux in its devices -- would be prevented from including DRM technology as well. 

What is meant by the exception clause "unless users can control them" (them = digital restrictions), I don't know (feel free to chime in if you do).  I like the fact that the FSF is using the words "digital" and "restriction" for the "D" and the "R" in "DRM" (as I do here in this blog).  But, at a base level, giving users control of the digital restrictions basically defeats the idea of having them in the first place.  Unless there's a more subjective explanation that spells out what exactly is meant by "user control of digital restrictions."  Anybody?

Now, what to do if you're TiVo or some other company that's been marrying open source to DRM (in proprietary fashion)? Simple.  Go to Microsoft for its DRM since Apple is stingy when it comes to licensing FairPlay.  Actually, if TiVo knocked on Apple's door, IApple might pay attention.  After all, a TiVo-iPod love connection would be like a dream come true for TiVo and, theoretically, Apple should love the idea of getting into everyone's settop boxes (TiVo has already been down this path with Microsoft for TiVo-to-Go).  But, then again, maybe not since Apple wants its own gear to be the settop box.  OK, better idea.  Apple should go out and acquire TiVo.  Or maybe Microsoft should do it first.   You get the picture.  If Linux gets nosed out of all those digital video recorders (DVRs), the balance of power in the DRM ecosystem could end up swinging dramatically in some direction.  Which? I have no idea.

Topic: Open Source

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It Doesn't Help

    That one of the first casualties of DRM was the ability to legaly play DVD movies on Linux.
    Edward Meyers
  • DRM, From Restriction to Exception Management: the Emergence of a Gray Zone

    It is rather striking to see that basically over the last decade the whole DRM debate has and still is only about full protection (i.e. restriction) versus full freedom with respect to digital content and intangible assets.

    By ignoring the ?User?, especially in the entertainment industry, DRM has legitimately sparked vigorous reactions, potentially turning DRM into ?evil? technology. I would argue that there is a third way going beyond the ?either / or? debate which is by far too limitative and cruelly lacking imagination.

    Basically it?s not really about how to ?prevent? rather than how to ?accommodate? legitimate use of governed electronic content. This represents a shift towards what could emerge as a ?Gray Zone? where statistically most users are not criminals ?a priori?.

    A good example of this is probably the Apple FairPlay copy protection which is known to be rather easily removable. However, most users will comply smoothly and enjoy the ?experience? in a commercially acceptable and viable model.

    There are many common everyday examples where users would and should legitimately be entitled to some form of freedom already enjoyed in the tangible world (e.g. space shifting, fair use, etc.) without being considered criminals.

    This critical issue can be further stressed by the ?Copyright Balance principles? that should underline public policy regarding DRM as recently outlined by E. Felten in a column of CACM of July 2005: ?Since lawful use, including fair use, of copyrighted works is in the public interest, a user wishing to make lawful use of copyrighted material should not be prevented from doing so by any DRM system.? This sound principle should be at the forefront of rethinking the future of DRM systems and make the case for such ?Exception Provisioning and Management? in DRM enabled systems.

    Obviously, DRM systems in their current form are not good at managing exceptions as it is often considered to defeat the purpose and still remains a hard problem. At first sight, it could appear as mixing water with fire. However taking a step back, considering how DRM enabled systems might manage so called exceptions (e.g. using a credential based approach as proposed by Morin and Pawlak in: ) could lead to some new interesting approaches offering both the content industry and the consumers a commercially viable user friendly solution while still maintaining a given level of persistent protection, governed usage and control.

    As a result, I would only argue that DRM could be fundamentally compatible with legitimate user oriented principles if only the content industry and the technology providers would prove to be slightly more creative and realistic on the fact that we aren?t addressing military grade security requirements.
    • If only...

      the issue was simply security. The real goal underlying DRM technology is the entertainment industry's desire to fundamentally transform its revenue model from an unlimited use license for purchased content, to a system of graduated access where you pay for each degree of freedom that you can exercise with your purchase. For example, if you want to be able to play your music on your computer, but not burn it to CD, then you pay one price. If you want to be able to burn it and transfer it to portable devices, you pay another price. There are already numerous examples of these kinds of schemes, and the industry has no intention of abandoning them. It's a bean counter's wet dream, and a consumer's worst nightmare.
      • Well, it's a matter of how you can see things...

        Okay, granted, I agree with you that most of the entertainment industry doesn't have a clue to the underlying business model they would be able to deploy, and they have only tried to mimic or worse, lock down the traditional business models without the slightest sense of imagination, driven by fear.

        However, there are two issues to keep in mind: first that the entertainment industry DRM market is by far minute compared to the Enterprise DRM market now poised to unprecedented growth. Think about it for a second; imagine all the business processes, workflows, ERPs, DWH, line of business applications, emails, documents, etc. and other application portals... This is BIG (!) and don't even think of arguing about it, this is corporate data, IP... Corporate information has become a strategic asset requiring it to be managed.

        Second, the thing the entertainment industry still hasn't understood, is that given the global availability of bandwidth, peer-to-peer protocols for massively decentralized resource management and broadband connections, we now have entered in to an era where entertainment content should be considered a Commodity, like water or electricity. As a result, the ?more accurate? business model would be to approach this market with similar business models. Whereby users wouldn't even bother looking at the metering of fractions of a cent for accessing this content from anywhere at anytime.

        Simply putting it, DRM technology is here to stay, the issue now is to figure out how. And placing the User back into the center of the puzzle is the critical issue. It is for this reason that users shouldn?t be considered criminals when they basically ask for at least a similar form of freedom and experience they enjoyed for decades now. It is in this context that so called Exception Management approaches in some form of ?gray zone?, which is not this either/or situation can be particularly useful. Most users aren?t criminals and most file-sharers end up buying a copy of what they downloaded mostly for emotional reasons of holding a genuine copy (collectors, etc.)
        • Seems beautifully reasoned, but...

          I've found your responses intelligent and thought provoking. Thank you.

          But...The phrasing and thinking behind " here to stay" is not such a clear glide-in for me.

          Yes, the technology is here, but the concept of licensing instead of "buying" is rather young. It is only here to stay if we let it.

          I do think it could indeed be an "evil" path. :) Paying for enjoying creativity is one thing. That to me is actually a beautiful thing, to give back to those who bring you pleasure. But to spend excess money on the middle-men, not just money---but gobs and gobs of money...And in perpetuity licensing for Mickey Mouse? Love Uncle Walt dearly, but will I want my great grand children to be paying his great great great great grandchildren?

          Starts to smack of greed, doesn't it? So what solution do we have? As Nancy Reagan would have phrased it: "Just say no to DRM".
  • Re. "User-controlled digital restrictions"

    Perhaps they're referring to the kinds of restrictions that a parent or employer would put in place? Blocking certain web sites or channels is certainly a restriction, but many people do find it a necessary or desirable feature, and it's under the control of the user. Even something like a pop-up blocker or spam filter might conceivably qualify.
  • DAVID, DRM is NOT jsut about enterainment

    When will you get off your high horse and understand that simple concept. *I* and millions of users WANT to be able to control our code, content, data and who may access it.
    • And?

      Being that they are the FSF - they don't want you to do that, either.
    • And

      That is why I don't want to spend my good money to purchase something that I don't own or control. Which is why I NEVER purchase proprietory software.
      tracy anne
      • Let me lend you a clue...

        Lets talk about all the stolen data that has been in the news. If that data had been covered by DRM it wouldn't have mattered one iota.

        Now, would you care to post your SS number for us?
        • It could also have simply been encrypted. !!! (NT)

          Update victim
    • Heard about fair use?

      The Govt created it, what it says is that once you've been paid the customer has a right to make backups. This license crap is never gonna stand up, and it looks like it won't be long now. I guess the last administration didn't give a damm about people's rights. Since he signed the Millenium Copyright Act.

    • Dear Ax

      Keeping total control of your property is very easy. All you hae to do is keep it private and don't put it where anyone else can see it.

      If you must publish then just do it correctly.
      Use copyright as intended and when you have had a financial loss because of copyright infringement then file suit to recover your losses.

      It's not really that difficult.
      Update victim
  • This might be a moot debate

    The latest ATI video cards support the keeping of content encrypted the whole time. The plan has been to make it so that everything is handled by hardware - the data is read encrypted off the disc and stays encrypted all the way to monitor and is not decoded by that actual Operating System software or higher levels. It would have to be possible to still decrypt the data if you had a drive that would let you at the raw data (which blue-ray and HDDVD drives probably won't when it's "protexted content"), but the good side is that it no longer requires any DRM decision or decryption logic to be present in the OS or higher, meaning GPL 3 will be compatible with the "Trusted (hardware) Framework" Microsoft is developing. The code would just be something like "tell the video card to begin accepting a DRM stream from the disc drive and frame it at x,y..."

    Of course that means Fair Use goes out the window, which really makes me mad since optical discs scratch so easily... it's rediculous.
    • Then don't buy them...

      "which really makes me mad since optical discs scratch so easily... it's rediculous."

      Then don't buy them, gee, that was hard...
      • Yeah, like

        We all did with DIVX. Remember that? I guess it will take enough people to get pissed off.

    • You are missing two issues

      Firstly, storing the video in encrypted form on a harddrive and sending it to the video card in encrypted form would serve no benefit. The encrypted data could still be copied freely, and sent to the video card freely. Even if the date/time stamp were used as part of the key, it would take about 1-3 lines of code to 'accidentally' circumvent it (the file was stored at time X, so save date, set date to X, play, restore date).

      Secondly, GPL3 is not compatible with "Trusted Computing" aka "Trecherous Computing". Even though the DRM is hardware based, it still directly affects the software, as the software must direct the hardware. True, it would possibly run, but the OS would only be a guest program pretending to be an OS, not a true Operating System. It would be like Firefox running on XP. Licensing would not forbid it, but it would mean Linux wouldn't be able to do it's designated tasks.

      You are correct about Fair Use, however. Funny how big business doesn't care about consumer's fair use rights when they see profit in denying it.
  • The glib answer...

    Would be that users already control DRM by their purchasing choices. Buy an iPod and you choose to use Apple's DRM, etc., etc.

    By the way, I always thought the R in DRM stood for rights, I really like the you've reframed it by making it Digital Restrictions Management. Still technically accurate, arguably even more accurate than rights management, and I think it gives a much more appropriate flavor to DRM.
  • Not so fast

    Firstly, this is all based on the presupposition that Linux will be covered under the GPL3 when it comes out. According to ZDnet today, Torvalds isn't counting on it. Regardless, even if Linux were to switch to GPL3, existing Linux versions would still be covered under GPL2, and therefore the GPL3 does not apply. TiVo could still use GPL2 code just as is has. Furthermore, TiVo has been reported to be considering dumping DRM for watermarks, and while many question their probability of success, it would mean whether Linux is under GPL2 or GPL3 would have no impact on this issue.
  • You are all missing the future

    The Download Paradigm will be replaced by the Streaming Paradigm. By encrypting the stream, and having proprietary media players - there will be no need for DRM. It works like this - log on to a media portal (creating a SSH "tunnel"), and use the proprietary media player to connect to streaming content. SIMPLE! In the past, slow internet connections have made this option unattractive, but with breakthroughs in speed (and the comming WiMAX Steamroller) it is only a matter of time (couple years) before the Streaming Paradigm replaces the Download Paradigm.
    Roger Ramjet