The Agony of Digital Rights Management

The semiconductor industry likes to think it doesn't have to worry about software or Digital Rights Management (DRM). I'm often told “those things will work themselves out on their own.”

But the truth is, DRM defines how a user will interact with technology. And it defines how different devices are able to communicate. Can you play that movie you downloaded on your tablet, smartphone, or TV? That's DRM, and it's also the digital ecosystem from a consumer's point of view.

One of the themes from this year's Consumer Electronics Show (CES) was that we've moved beyond devices. Moore's Law has ensured that we've reached an age where one notebook or another is pretty much the same. So the struggle for the hearts of consumers is now about convincing them which ecosystem, or user interface, is the best for them. That will decide what phone they buy, which TV, which tablet, etc. And all of this is built upon DRM.

So what did CES tell us about DRM? That it's going to be a long, hard battle for our rights as consumers during the next five years. I say this, not because anyone at CES told me, but because of how the security sessions went. Led by a Department of Homeland Security moderator, the mobile security panel showed that they're afraid of technology, and that their solution to all the security problems out there is to tether us more firmly to the grid. Every step you take will require authentication.

But security is gained by being as far off the grid as possible, not by being tethered to it. All in all, the worst idea I heard at CES, for our “safety,” was the idea of tethering our debit cards to our smartphones so that you can only use your debit card if your smartphone is right there with you. For your safety. Or extreme annoyance.

Yet, did anyone on the panel discuss Sony's loss of its PS3 customers' personal data? Personal data that it stores for its customers' “security”? No. As consumers, our biggest security vulnerability comes from the corporations. The lists of passwords and usernames we're forced to create, along with the PINs and security questions — those are all security leaks waiting to happen. If I lose my computer, my data is lost and my identity may be compromised. If Sony loses its computer, millions of people's data is lost.

So why is the security discussion focused on me and my computer instead of where the real problem is?

19 comments on “The Agony of Digital Rights Management

  1. Barbara Jorgensen
    January 20, 2012

    Michell, this blog is thought provoking on so many levels. The fact that DRM directly affects hardware sales cannot be overemphasized in my opinion. I also never considered that security (in the minds of some pundits)  means being tightly tethered to grid. I have no fewer than a half dozen passwords to access my company's sites alone. Now throw in social networking, online payments, online purchases, random registration for the occasionally-used site and a number of things I haven't thought of and the password list becomes impossible. I usually click the “remember me” box just so I don't have to remember another password. You are absolutely correct that the security solution is being moved farther and farther away from the source of the problem.

  2. Taimoor Zubar
    January 20, 2012

    I agree. Security needs to be targetted on the enterprise side where there are more regulations for the organizations to protect sensitive data. Yet, I feel, there are certain provisions that also need to be made on the part of consumers to ensure they remain protected.

  3. Nemos
    January 21, 2012

    Sorry for that, but I didn't get it how it is connected : the DRM with the security ?

  4. _hm
    January 21, 2012

    Is HDCP considered part of DRM.

  5. Houngbo_Hospice
    January 22, 2012

    “So the struggle for the hearts of consumers is now about convincing them which ecosystem, or user interface, is the best for them.”

    Do the best “ecosystem and interface” mean the ones that provide optimal security and privacy to customers? If so how does this relate to Digital Rights Management?

  6. Houngbo_Hospice
    January 22, 2012


    Sorry for that, but I didn't get it how it is connected : the DRM with the security ?

    I agree with you, it is difficult to understand the connection between the two from what is said in the blog. I think further elaboration would help

  7. Daniel
    January 23, 2012

    I think she meant in a different way, the way of DRM interpretation with the technology may ends up in decides which products we have to purchase. While manufacturing the product the manufacturer has to incorporator the DRM for their product and products from those manufactures that are adhere to this technology has to buy.

  8. Michell Prunty
    January 23, 2012

    Hi all,

    I apologize for not making the relationship clear – see, DRM is the right to access your content as well as your hardware.  The end game is “big brother”, or big corporation for that matter, wants to constantly have you logged in to their server to verify who you are, where you are, and what you're doing.

    This is considered DRM as well as security.  If you can't use your credit card because your smart phone isn't next to it, thats DRM – and if they implement a “3 strikes you're out” and shut down your debit card, well, thats security. 

    It used to be DRM was just the code on a DVD to stop you from copying it to your computer – but that has changed in recent years.  Now Motorola can brick your phone if you tamper with the hardware.  Thats security and DRM. This has changed because companies are moving away from DRM protection in the form of requiring special hardware/software to to a more service orientated protection that requires logins. 

    I am mostly speaking from a consumer's point of view here, and from that point of view, DRM is security. 

    Wikipedia has a decent write up on DRM for those unfamiliar with the terminology –

    Yes – HDCP is a type of DRM

  9. Houngbo_Hospice
    January 23, 2012

    @Michell Prunty 

    Thank you for the clarification. 

    “The end game is “big brother”, or big corporation for that matter, wants to constantly have you logged in to their server to verify who you are, where you are, and what you're doing.”

    The question is: Can  end-user / customer prevent corporations to behave like that if they told you they are doing that for security reason?

  10. Ariella
    January 23, 2012

    Oh, yes, they do know where you are. For example, Google Flu Trends gathers information about search on terms related to flu or flu-like symtoms. It then comes up with a geographic distribution.  It gets the location from users' IP addresses. Google assures the public that “personal search data remains safe and private;” however, it does have that information in its data banks.

  11. Daniel
    January 23, 2012

    Michell, you meant if you have the out purchase right also, somebody has to authorize to use it. That’s not right. Once if the product/contents belong to me I have the right to use it without any further permission or approval. If the DRM is like that, then why should we go for an outright purchase, it’s better to go for a rented service?

  12. Daniel
    January 23, 2012

    Ariella, almost all search engines, location based services and online medias are working in a similar mode. They used to collect customers personal taste, aptitude and information and finally selling to third part for related services.  In such cases,  how we can believe that our personal preferences are safe with such companies.

  13. Ariella
    January 24, 2012

    @Jacob, yes. I don't think they'd give the information away, but they may be tempted to sell it in some form.

  14. Taimoor Zubar
    January 29, 2012

    @Ariella: They may not sell it because that may be illegal. However, they may throw out targetted advertisements at you using your tastes and preferences. That's how they make money out of the data they collect.

  15. Ashu001
    January 29, 2012


    That's the price you pay for using their so-called Free products.

    Don't like it?

    Don't use their products.

    As simple as that.

    Or maybe they can come up with a paid version(no sign yet…)



  16. Ariella
    February 1, 2012

    Google just posted a blog about  its new privacy policy yesterday:

    Among the points is this: “We're still offering  data liberation if you'd prefer to close your Google Account and take your data elsewhere.”

  17. Ashu001
    February 2, 2012


    What did I tell you???

    Its the Take it or leave it approach.

    Google has become way too powerful today,almost like a Law unto themselves.

    But its us consumers who are primarily to blame-You can always shift to alternative services(just trying tell that to most people & they wil shrug and say -Privacy who cares about online privacy??? Even if it is sold to the highest bidder by Google in the future….)



  18. Ariella
    February 2, 2012

    @Ashish the law of Google: resistance is futile; you will be assimilated into the borg.

  19. Ashu001
    February 2, 2012

    Nice one Ariella!!!

    Assimilated into the Borg…

    Can use that in some sort of a catch-phrase..


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.