Terrible, Horrible, No Good, Very Bad DRM

Today is the annual #DayAgainstDRM, a global campaign to raise awareness about the harms of digital rights management (DRM). DRM consists of access control technologies or restrictive licensing agreements that attempt to restrict the use, modification, and distribution of legally-acquired works.

There are serious problems with attaching DRM to creative works: not only does it frustrate legitimate users in enjoying the content they’ve paid for in the ways they wish, it also limits access and interaction with these works for educational and socially beneficial purposes. For example, DRM applied to a software program would likely prevent researchers from conducting an independent security audit on it. Alongside the DRM applied to products and services in the private sector, laws have been adopted around the world that criminalize most workarounds. These regulations are quite broad, and usually prohibit the act of breaking the DRM, telling others how to circumvent, or creating and sharing technical tools that assist in the workarounds. These restriction apply even if a user has lawful access to a work.

A major negative feature of digital rights management is that the technology is agnostic as to the purpose a user would want to circumvent the restriction technology. These technologies are flying blind, and aren’t responsive to a particular user who would want to get around copy protection in order to exercise their fair use rights in the underlying content. Aside from a few enumerated exemptions published by the U.S. Copyright Office every three years, DRM continues to trump user rights, and in the process can limit educational activities, freedom of expression, and innovation.  

DRM has also been discussed in the context of the copyright reform in Europe. Some of the new provisions having to do with limitations to copyright tabled by the Parliament contain clauses that would forbid not only contractual restrictions, but also technological protection measures (another phrase for DRM) from overriding the exercise of the users’ rights. So, for example, this would mean that a researcher could freely conduct text and data mining on a collection of scholarly works to which she already has legal access, and the journal publisher or other rightsholder would be forbidden from enacting contractual barriers or DRM that would thwart the researcher’s work. These additional user protections are important to include so that the rightsholders cannot simply sidestep the law through the application of private contracts or technological restrictions.

CC has always attempted to minimize the negative effects of DRM. All the Creative Commons licenses forbid users of CC-licensed works from adding any DRM or other technological measures that would restrict others from using the work in the same way.

Last year we wrote about the troubling (and increasingly common) trend of including DRM provisions within international trade agreements. Negotiators of the Trans-Pacific Partnership (TPP) pushed for anti-circumvention rules that would sit parallel to to the effective enforcement of copyright laws. That would mean that rightsholders could pursue criminal penalties against a user who attempts to circumvent DRM even when the purpose of the circumvention has nothing to do with copyright infringement. We can only assume that negotiators for NAFTA will be pressured by the entertainment and publishing industries to include a similar provision as a part of the “modernization” of the agreement.

DRM is an ongoing threat to users’ abilities to use and manipulate the technologies and products they legally own. We need to end DRM. Digital freedom depends on the right to tinker, the right to access information and knowledge, and the right to re-use our shared cultural commons.