DRM: Not Secure!

Since the last time we talked I’ve been doing a lot of thinking about DRM.

If I look at it from a rights-based perspective, I feel like DRM is just fine. Same thing from a voluntary contract perspective–it seems OK.

Then again, when you think about it as a practical business model, it seems ludicrous given the historical record. We give people media that they can sit with in their home forever, unchecked, and we expect that media not to be messed with.

Whether it’s right or moral or a contractual breach to actually mess with the DRM is another point entirely, the question really is should a business expect this to happen. By all accounts, yes.

So, should DRM be allowed?

Yes.

Should companies pursue DRM as a business model?

No.

Should the government work to stop the undermining of DRM?

I’m not sure. It seems like the answer should be yes, because one of the basic functions of government is to enforce contracts.

However, not all contracts are legally binding. What traditional contract nullifiers might exist in DRM schemes?

Also, the government shouldn’t turn simple contract violations into criminal offenses. Breach of contract in other ares of life rarely results in prison sentences. Sure, there are financial penalties, but that’s a whole different ball game.

Placing unrealistic and hard to enforce caveats on contracts is a bad business practice, but I’m fine with companies doing stupid things. Companies are often dumb, but the market is smart. However, when these bad models are propped up by things like the DMCA, libertarians should raise an eyebrow.

Ultimately, the DMCA is a form of handout to companies that refuse to face the reality about the nature of their product. Contracts are well and good, but untenable contracts should be abandoned, not supported by government.

Cord: Well said! The analogy I like to use is to anti-scalping laws. Many tickets have a no-resale clause, but that doesn’t mean the state should spend scarce police time stopping people trying to sell tickets. The costs of enforcing that contractual term should fall on the company that issued the ticket, not the taxpayer.

By the same token, companies are, and should be, free to implement any sort of anti-copying technology they want. But if people break the technology (and an associated EULA), that’s a contract dispute between the DRM vendor and the customer. It’s not appropriate for the state to pass special laws giving DRM vendors remedies not available to them under ordinary contract law.

Cord: You wrote: “If I look at it from a rights-based perspective, I feel like DRM is just fine. Same thing from a voluntary contract perspective–it seems OK.”

I can agree with you to a point. From the rights based perspective, the problem that I have is that 1) the content producers in many cases do not acknowledge that the consumer possess any rights, 2) the content producers believe that they have an entitlement to trespass onto the consumers property to “protect” their so-called rights, and 3) the so-called contracts are really not voluntary agreements.

Sure the consumer could make a statement by avoiding purchasing DRM encumbered products. Additionally, if the market where truly free, companies in their quest to attract customers would eliminate components, such as DRM, that do not add value to the consumer. Unfortunately, we are not there yet.

Since the last time we talked I’ve been doing a lot of thinking about DRM.

If I look at it from a rights-based perspective, I feel like DRM is just fine. Same thing from a voluntary contract perspective–it seems OK.

Then again, when you think about it as a practical business model, it seems ludicrous given the historical record. We give people media that they can sit with in their home forever, unchecked, and we expect that media not to be messed with.

Whether it’s right or moral or a contractual breach to actually mess with the DRM is another point entirely, the question really is should a business expect this to happen. By all accounts, yes.

So, should DRM be allowed?

Yes.

Should companies pursue DRM as a business model?

No.

Should the government work to stop the undermining of DRM?

I’m not sure. It seems like the answer should be yes, because one of the basic functions of government is to enforce contracts.

However, not all contracts are legally binding. What traditional contract nullifiers might exist in DRM schemes?

Also, the government shouldn’t turn simple contract violations into criminal offenses. Breach of contract in other ares of life rarely results in prison sentences. Sure, there are financial penalties, but that’s a whole different ball game.

Placing unrealistic and hard to enforce caveats on contracts is a bad business practice, but I’m fine with companies doing stupid things. Companies are often dumb, but the market is smart. However, when these bad models are propped up by things like the DMCA, libertarians should raise an eyebrow.

Ultimately, the DMCA is a form of handout to companies that refuse to face the reality about the nature of their product. Contracts are well and good, but untenable contracts should be abandoned, not supported by government.

Cord: Well said! The analogy I like to use is to anti-scalping laws. Many tickets have a no-resale clause, but that doesn’t mean the state should spend scarce police time stopping people trying to sell tickets. The costs of enforcing that contractual term should fall on the company that issued the ticket, not the taxpayer.

By the same token, companies are, and should be, free to implement any sort of anti-copying technology they want. But if people break the technology (and an associated EULA), that’s a contract dispute between the DRM vendor and the customer. It’s not appropriate for the state to pass special laws giving DRM vendors remedies not available to them under ordinary contract law.

Cord: You wrote: “If I look at it from a rights-based perspective, I feel like DRM is just fine. Same thing from a voluntary contract perspective–it seems OK.”

I can agree with you to a point. From the rights based perspective, the problem that I have is that 1) the content producers in many cases do not acknowledge that the consumer possess any rights, 2) the content producers believe that they have an entitlement to trespass onto the consumers property to “protect” their so-called rights, and 3) the so-called contracts are really not voluntary agreements.

Sure the consumer could make a statement by avoiding purchasing DRM encumbered products. Additionally, if the market where truly free, companies in their quest to attract customers would eliminate components, such as DRM, that do not add value to the consumer. Unfortunately, we are not there yet.

Why should contracts be involved in a straightforwrad sale ?

I buy a DVD (in Europe). I buy a DVD player )in North America). I want to play my DVD on my DVD player, which means that I have to break their market-manipulating DRM. Where’s the contract ?

Where’s anything other than a restriction of my rights to my tangible property ?

Most DRM systems are “tied selling”, which is illegal.

Chris, I agree with you with respect to DVDs. There’s nothing resembling a contract involved there. On the other hand, most music DRM schemes do come with an associated EULA.

Increasingly I am becoming skeptical of the entire idea of implicit contracts as well. The idea that tearing open shrink wrap is the same as signing a contract is really an attack on the legitimacy of contracts altogether. But perhaps this gets to the heart of the matter–many government enforcement schemes are simply worse than private contracts. If DVDs weren’t protected by shrink-wrap law, then contracts would come into play. That would prove to be untenable, as no one would want to sign a contract to rent or purchase a DVD, so contracts wouldn’t be used.

I am coming around on this issue it seems, but I need to think through it so that I make sure I’m not becoming some sort of media socialist.

Why should contracts be involved in a straightforwrad sale ?

I buy a DVD (in Europe). I buy a DVD player )in North America). I want to play my DVD on my DVD player, which means that I have to break their market-manipulating DRM. Where’s the contract ?

Where’s anything other than a restriction of my rights to my tangible property ?

Most DRM systems are “tied selling”, which is illegal.

Chris, I agree with you with respect to DVDs. There’s nothing resembling a contract involved there. On the other hand, most music DRM schemes do come with an associated EULA.

Increasingly I am becoming skeptical of the entire idea of implicit contracts as well. The idea that tearing open shrink wrap is the same as signing a contract is really an attack on the legitimacy of contracts altogether. But perhaps this gets to the heart of the matter–many government enforcement schemes are simply worse than private contracts. If DVDs weren’t protected by shrink-wrap law, then contracts would come into play. That would prove to be untenable, as no one would want to sign a contract to rent or purchase a DVD, so contracts wouldn’t be used.

I am coming around on this issue it seems, but I need to think through it so that I make sure I’m not becoming some sort of media socialist.

Tim, don’t those online music purchases also come with a great deal of debate about whether they are sales or licenses ? (ISTR that the record companies get to pay the musicians less if they’re one rather than the other).

If they’re sales (and they certainly look like sales to me – no ongoing relationship, etc, etc), the same logic applies.

Well, in the case of iTunes, for example, the EULA you’re violating is the EULA on iTunes, which is an ongoing relationship (you get free software updates from Apple). But since Apple obviously isn’t going to sue its own customers, I don’t think it matters that much. The important point is that you shouldn’t have special criminal laws to “help” enforce particular contract terms.

Tim, don’t those online music purchases also come with a great deal of debate about whether they are sales or licenses ? (ISTR that the record companies get to pay the musicians less if they’re one rather than the other).

If they’re sales (and they certainly look like sales to me – no ongoing relationship, etc, etc), the same logic applies.

Well, in the case of iTunes, for example, the EULA you’re violating is the EULA on iTunes, which is an ongoing relationship (you get free software updates from Apple). But since Apple obviously isn’t going to sue its own customers, I don’t think it matters that much. The important point is that you shouldn’t have special criminal laws to “help” enforce particular contract terms.