Resolving Digital Rights Management: Usage Drives Protection

Article excerpt

There's a decided lack of either concern or enthusiasm over digital rights management (DRM) these days. Perhaps its initial presentation as a form of control over users provoked resentment. Or perhaps the lack of agreement over basic system requirements and standards quieted the buzz about DRM, outside of large consumer or mass-market circles. Yet the concerns that gave rise to digital rights management have not gone away. Gaps still exist. No fail-safe mechanism or technology has emerged. Yet, even with potential problems under close examination and various groups of stakeholders still monitoring user behavior in digital environments, no one seems to be panicking.

Digital rights management (DRM) centers around three core considerations:

* authorized access of a user to digital content

* mutual agreement by rightsholder and user on the parameters for interacting with that content

* the environmental context of the user that determines the type of use needed

Far from wanting to impose barriers to productivity, the emphasis in current discussions of digital rights management among content providers, organizations, and system vendors focuses on how rapidly systems can facilitate use of content for users.

Different subsets of users employ content differently. Digital rights management must make clear what constitutes appropriate use within a specific setting, whether corporate, academic, or personal. It can never be a one-size-fits-all technology or practice. In each decision to implement or not implement DRM, the entities involved must examine and assess the practical aspects of use, the individual roles or tasks within a specific environment, and attendant risks.

Recent Shifts

Four years ago, most discussions of digital rights management focused on the publishing community's need for a sense of security in permitting dissemination of intellectual property in an electronic environment (1). As publishers saw the ease with which content could be perfectly copied and rapidly transferred, particularly within a Web environment, they focused more on the potential risks inherent to this fluid form than on how to help users work and interact with information. Now. however, corporations (rather than traditional publishers) tend to be the target of DRM system vendors. As corporations increasingly depend on electronic processes for most daily workflow and documentation of that workflow, there is an interest in ensuring protection of corporate materials from inadvertent loss or unwarranted intrusions.

Although concerns have not entirely dissipated for certain classes of digital content (for example, the digital entertainment content still perceived as high risk by some providers), many organizations, particularly those involved with text-based content, have adopted business practices that outline appropriate usage via contractual language rather than technological means. Businesses or other enterprise organizations use relatively simple DRM mechanisms to protect individual documents for purposes of security or confidentiality. And those organizations, such as Japanese electronics manufacturer Sony, that formerly tried to tightly control the access and use of digital content, now acknowledge that the better strategy might have been to step back and promote use rather than tighten proprietary guards (2).

Only in very specific instances in which either the workflow process of the client or the environmental context of the user demands a particular and customized implementation of DRM do content holders consider complex technological systems these days. Instead, current DRM discussions emphasize the elimination of barriers to immediate access and flexible use of content.

What Is Meant By "Digital Rights Management"?

Ideally, DRM delineate the set of permitted uses, the constraints on use, the conditions under which certain entitlements of use may be exercised, and the secure presentation of the content as authorized by the rightsholder. …