Mistrust-based DRM

by on February 22, 2006 · 2 comments

Last week, Randy Picker wrote about an idea for “mistrust based” digital rights management technology:

Watermarks are a form of identity-based DRM. The embedded watermark would allow a content owner to scan p2p networks in search of available content. Having found the content and the associated identity, the content owner would be able to respond to the illegal distribution. But respond how and won’t the anti-DRM software just strip the watermark anyhow? This is where mistrust comes in. In embedding identity into content, we may also need to embed access to something valuable, a hostage or mini-bond as it were. Consider a couple of versions of this. If access to content brought with it full-access to a customer’s account, customers would be quite careful about sharing access to the content.

Today, Ed Felten reacts to the proposal:

In the more traditional system, the watermark is secret–it can be read only by the copyright owner or its agents–and users fear being sued for infringement if their files end up on P2P. In Randy’s system, the watermark is public–anybody can read it–and users fear being victimized by fraud if their files end up on P2P. I’ll call these two alternatives “secret-watermark” and “public-watermark”.

How do they compare? For starters, a secret watermark is much harder for an adversary to find and remove. If a watermark is public, everybody knows exactly where in the music it is stored. Common sense, and experience too, says that if you know where in a file information is stored, you can modify that part of the file and obliterate the information. But if the watermark is secret, then an adversary isn’t told where to look for it or how to change the file to remove it. Robustness of the watermark is an important issue that has been the downfall of past watermark systems.

A bigger problem with the public-watermark design, I think, are the forces unleashed when your design principle is to enable fraud. For example, the system will lose its force if unrelated anti-fraud measures become more effective, or if the financial system acts to protect users from fraud. Today, a consumer’s liability for fraudulent credit card transactions is capped at $50, and credit card companies often forgive even that $50. (You could use some other account information instead of the credit card number, but similar issues would still apply.) Copyright owners would be the only online merchants who wanted a higher level of fraud on the Net.

I think Felten has the better argument here. Like most DRM proposals, Picker’s idea is great in theory but is likely to fall short when it comes to implementation. It’s much easier to imagine a watermark scheme with the characteristics Picker describes than to build one. Both Picker’s and Felten’s posts are worth reading in full.

SHARE: 2 comments

Tim Lee / Timothy B. Lee (Contributor, 2004-2009) is an adjunct scholar at the Cato Institute. He is currently a PhD student and a member of the Center for Information Technology Policy at Princeton University. He contributes regularly to a variety of online publications, including Ars Technica, Techdirt, Cato @ Liberty, and The Angry Blog. He has been a Mac bigot since 1984, a Unix, vi, and Perl bigot since 1998, and a sworn enemy of HTML-formatted email for as long as certain companies have thought that was a good idea. You can reach him by email at leex1008@umn.edu.

Comments on this entry are closed.

Previous post:

Next post: