Three Arguments for the Elimination of DRM
In the recent years, Internet-based data transfer has become increasingly easier, and online distributions of digital media and content have become more accessible than ever. Despite that, the media industries have opted for implementations that seriously limit the use of digitally distributed content, instead of making the most of what the newly emerged technologies can offer.
What Is DRM?
Well-known companies like Google, Amazon, Apple, Netflix, Spotify, Steam and Kobo all make use of DRM software to protect most or all of the copyrighted content on their platforms. Yet, not many users are aware of the existence of DRM. DRM prevents users from making copies of digital files, transferring them to different personal devices, or accessing them using different devices or applications that would have been able to open them if it was not for DRM. Therefore, typically, content that is "purchased" - more precisely, made accessible through authentication to a certain user for an undefined amount of time - on one platform can only be accessed through the services provided or supported by that platform. Many objections have been raised to the widespread use of DRM systems. This article focuses on three main points.
DRM Puts the User's Privacy and Security at Risk
Digital security is already a difficult problem to solve. Frequently, new vulnerabilities and serious security holes are discovered in all kinds of software that many people use on a daily basis. DRM software often introduces new security risks, potentially leaving the user's device vulnerable to attacks. This is particularly worrisome, since DRM software often has direct access to highly sensitive data, such as credentials, purchase details, and many kinds of personal information. While the potentiality of unintentional vulnerabilities in DRM software is problematic, what is more alarming is that DRM software can contain intentional security holes, as was the case in the Sony rootkit scandal. Since these kinds of implementations are closed-source, and the disassembly of proprietary binaries may be obstructed in many ways, there is no good way of making sure that DRM systems are unmalicious and/or secure.
Even if it were possible to ensure code security, DRM software could still be fundamentally problematic in terms of privacy, because of how it operates. DRM systems do not specifically block illegal or unauthorized access; this approach is not feasible. Instead, they block all access to a DRM protected file by default, and then they allow access to certain users on a platform, if and when they are able to authenticate, and prove that they have paid for access. This means that the software has to have at least some information about the user, and/or access to locations in the file system where it can store and retrieve cryptographic keys, and perhaps credentials. This also means that private consumption is not really private if the material in question is protected by DRM. Moreover, in many cases, the information that is collected is much more than the minimum amount that is necessary.
Interoperability and DRM Do Not Go Together
Image: Maxim Hopman
Nowadays, discussions on interoperability seem to have come to a halt. Numerous implementations of DRM systems exist, and ventures for an open standard have largely been abandoned. Meanwhile, the lack of interoperability only hurts the consumers who are willing to pay for digital media and to make online "purchases" through legal means. The situation also introduces the risk of losing access to acquired digital material in case the user wishes to leave the platform or service from which he/she has "purchased" digital content, or the service decides to disallow access to some or all of its users, citing various reasons. As a result of this, some companies enjoy a huge amount of control over the distribution of digital media, as well as intellectual content, ideas and criticisms. Content that is only available on a single platform can effectively be banned, and "purchased" material can be rendered inaccessible through software updates. This is rarely the case with hardcover books or DVDs.
DRM Does Not Prevent/Reduce the Illegal Use of Copyrighted Works
Finally, there is no good reason to believe that DRM protection reduces the illegal distribution and use of digital media content. DRM systems have been in prevalent use globally for at least 15 years. Yet, digital piracy has not died. While subscription based services that also employ DRM protections - like Netflix, Spotify, and their competitors - have significantly decreased the demand for pirated content in their respective industries for a certain amount of time, this effect was caused by the entirety of the new user experience that they offered on their platforms.
In fact, the implementation of DRM itself more than likely increases the motivation for piracy, and decreases the amount of legal purchases. This is because DRM discourages the legitimate buyer, but does nothing significant to stop illegal copying and distribution. Many works that are distributed online bundled with DRM software can easily be purchased in other digital or non-digital formats that do not have DRM, and can easily be copied. Moreover, there are many ways to decrypt DRM protected files, or to "extract" the protected content through methods like stream-ripping. In addition, there exists a fair amount of empirical evidence, which shows that many users are more likely to purchase digital media content when it is DRM-free.
Implementations of DRM are commonly used by the companies providing digital media content on the Internet. They have many drawbacks that concern the user, and provide no apparent benefit to the parties combatting unauthorized copying and distribution. Therefore, DRM systems should be abandoned in favor of the distribution of regular digital files through cross-platform, privacy-respecting and secure means.