The IEEE Standards Association has approved the formation of a new working group, P1817, the Standard for Consumer-Ownable Digital Personal Property. Chairing the working group is Paul Sweazey, an engineer who has been working on this idea for some time. A draft spec of P1817 is available, and the first working group meeting of the initiative will be in Silicon Valley on July 14.
The basic idea of P1817 is as old as the first generation of DRM implementations: to approximate important characteristics of physical media products in the digital world, so that physical-world business models can migrate online. But P1817 follows a different approach to this goal than DRM systems have done so far. Briefly, it binds a “playkey” tightly to an encrypted content file, so that you have to possess the playkey in order to play the content (or more accurately, to decrypt a content key which unlocks the content). So far, so typical; but here’s the difference: a key identification and management scheme sits in the background and ensures that only one user can possess a given playkey at a time.
Contrast this with DRM schemes that incorporate licenses that are bound to devices, such as those used for mobile handsets, like OMA DRM v.1. In this type of scheme, it’s not normally possible for a user to pass the content and the license to another user. In other schemes, licenses cover a set number of devices, such as Apple FairPlay’s limit on the number of PCs, Macs, or iPods that can play an encypted iTunes file.
With P1817, it is supposed to be easy for users to pass playkeys to others. Owners of content (e.g., those who purchase it online) also get a second playkey, which sits in what amounts to an online rights locker and allows the user to access the content over the Internet from any connected device.
The purpose of this standard is to make it so that purchasers of digital products get rights that are more similar to those embodied in physical products than has been the case with previous DRMs. You can play the content (on a player that supports this scheme) without connecting to a server for license issuance or authentication. You can give your key out to others whom you trust to give it back to you, just as if you would lend or rent out content; the key is tied to the user’s identity so that rights resembling First Sale in copyright law (a/k/a Exhaustion in most countries outside the US) are ensured.
Sweazey positions P1817 as being different from DRM. He says that DRM is good for models like streaming and subscriptions, which preclude consumer ownership of content, while P1817 is explicitly about ownership.
But let’s face it: P1817 is a form of DRM. In effect, it’s a further extension of a theme pioneered around 2001-2 by Microsoft for its e-book DRM (Digital Asset Server): a publisher could select a level of protection whereby the e-book’s cover page contained some valuable personal information, such as the credit card number used to buy the e-book. The idea was that the user would only feel comfortable giving a copy of the e-book to someone whom she trusted with her credit card number. Later schemes, like Light Weight DRM (2003) and Bitmunk (2004), took this a step further by embedding watermarks into the content with personal information.
Yet in none of those cases was the content encrypted, meaning that users could still make copies and give them to people they trust. Paul Sweazy’s scheme encrypts content and thus does not allow this. His idea is to create an environment where content is protected from rampant unauthorized copying and yet consumers feel that they have bought something that they actually own, and are not “licensing” or “renting” or subjecting themselves to periodic “phone-homes” or license checks or renewals.
Nate Anderson of Ars Technica has raised thoughtful objections to the P1817 scheme. One of them was that because it seeks to emulate the physical world, it’s retrograde. But let’s remember that Apple succeeded with the iTunes Music Stores by emulating the “retrograde” model of a record store online. People understand record stores; they didn’t understand the other online music models of that era (around 2003), which were as confusing and opaque as early cell-phone usage plans. If “retrograde” means that consumers are more likely to accept it, then it may be a good thing.
Anderson also objected to P1817 because it’s a content encryption system and thus is inevitably going to be hacked — and then what happens? My view is that this isn’t all that important. Just as DRMs can be hacked, so can analog products be copied… potentially with some time, trouble, and cost on both sides. I have never agreed with the copyleft truism that DRMs become worthless (from a security standpoint) if they are hacked.
To me, there are more fundamental questions about this scheme that must be addressed. If you’ve followed my writings closely for a while, you can probably guess the first question I’d ask: who would pay for this? I.e., what type of entity would be motivated to pay for the technology necessary to implement P1817 – which relies on hardware and software in consumer devices as well as servers and authentication infrastructure?
Consumer device and software vendors might be interested in adopting such technology if they are confident that media companies will issue their most important content under this scheme. So let’s start answering the question by looking at different media markets.
The music industry? No. They’ve abandoned DRM for permanent Internet downloads and are distributing individual tracks in unprotected MP3 format; and there’s a trend toward file-sharing rules in music services that still use DRM which are already more liberal than those implied in P1817. Music companies would not see a need for this scheme.
Not Hollywood, either: many movie studios are eager not to enable First Sale (Section 109 of the US copyright law) for digital downloads because they believe it means lost revenue from potential incremental purchases. Fox, for example, is even careful to avoid using the otherwise common term “electronic sell through” (EST) to describe schemes like iTunes movie sales; instead they prefer the term “electronic license,” because it implies that the transfer of content to the user is not a sale of a copyrighted work — a question that is unsettled under current law.
If there is a market for P1817, it has got to be book publishing. With a few minor exceptions, book publishers have only implemented digital business models that emulate physical books. There are no analogs to “streaming” in book publishing, unless you count browser-based platforms such as Google Editions or Amazon Pages (which display page images in web browsers). There are only a couple of subscription e-book services in niche markets: only Safari Books Online (O’Reilly and Pearson) for IT professionals and Disney Digital Books for children come to mind.
A DRM system for e-books that emulates First Sale might actually satisfy publishers. After all, book publishers have lived with First Sale — i.e., with public libraries and used bookstores — for decades or centuries longer than record labels or film studios. They don’t like First Sale in certain market segments, such as textbooks, but otherwise most publishers understand that support of First Sale is key to consumer acceptance of e-books.
The objections people raise to e-book DRM generally fall into two categories: you can’t share e-books, and you can only read them on certain devices. P1817, if done right, solves the first of these problems. But it only solves the second if every device implements it. That isn’t going to happen without economic incentive, i.e., subsidy. And even then it’s a challenge.
Open standards in DRM only stand a chance of success if they have financial backing. The only truly successful open DRM standard is OMA DRM v1, which probably has an installed base of a billion units worldwide by now and has been backed by major handset makers. No DRM has ever been financially supported by content owners.
So, there’s the answer to the fundamental question that should determine the success of Consumer-Ownable Digital Personal Property. To grow and succeed, the e-book market has to navigate between the Scylla of platform monopoly (e.g., by Amazon or Apple) and the Charybdis of platform fragmentation (leading to lack of consumer interest). If book publishers are concerned enough about this — as they should be — then they might just be motivated to find a way of subsidizing implementations of P1817 that doesn’t run afoul of antitrust law.
If Paul Sweazey and his IEEE P1817 compatriots believe this line of reasoning, then their market development task is well-defined — albeit difficult to pull off. As with other standards initiatives, P1817TM’s success depends crucially on the types of companies that participate. (Hello, Adobe? Overdrive? Random House? And dare we say it: Amazon? Apple?) We’ll get a clue to this after the July 14 working group meeting. If they do succeed, it would truly be a meaningful new development in DRM technology.
Copyright and Technology 
OMA DRM Secure Content Exchange (SCE) already supports a user giving (e.g. moving) or lending his/her content to another user without contacting a central server. Mr. Sweazy should take a look at the SCE specifications at .
This seems interesting although I would suggest if they want to get this in front of the right people they move this meeting to Los Angeles where the stakeholders are. One of the major mistakes of efforts like this in the past has been that those working to form these groups forget who’s driving this industry. Content owners, the studios and networks are really where you should focus. Making this another “Hi Tech” play won’t work.
I also suggest a name change to the title of the standard. Nobody “owns” a piece of content they purchase per se. They are taking a license to use the contents of the content and that license enables a copy of the content to be delivered in digital form. You cannot own something that’s already owned is my point. For the digital world, this is a very important distinction.
Regards,
Christopher
Regarding whether P1817 is a DRM, we are free to extend or constrain our definitions as we wish, but the Working Group is unlikely to use that acronym. P1817 is as much a DRM as the security systems that let you deposit and withdraw money in your online bank account while blocking your attempt to set your balance by other means, and refusing to make any assumptions about the fairness or legality of the flow of funds in and out. Similar to personal online banking, the technology of P1817 applies just one constraint to product items – they remain singular entities. The rest of P1817’s magic is its refusal to apply a constraint – to be tethered to anyone, supplier or consumer. P1817 declines to try to codify or defend the ownership rights of anyone. (You own an online account and a device vault, but playkeys just flow in and out – the system doesn’t judge who owns them.) That leaves consumers with those old-fashioned social tools of ownership that we learned from the time that we were toddlers, screaming “Mine” while our parents patiently convinced us that sharing was a good, kind, and trusting act.
The most important reason to distinguish P1817 from DRM as a class is to emphasize its value in validating DRM in the eyes of consumers. Whenever a product is also offered in its most valuable, versatile, and perpetually-ownable form, then any rental, subscription, or long-term delivery service protected by DRM becomes a money-saving and more convenient choice – like renting that U-Haul instead of having to buy it.
P1817 is intended to validate DRMs, not to replace any of them. That’s a good reason why we should all want to give P1817 a different label.
To Christopher: (1) Agreed, we should hold SoCal meetings. (2) P1817 conforms to consumer notions of the meaning of consumer’s ownership and the creator’s copyright. Notions are not law, but they are important to successful business. Under current law, there must still be end-user license agreements.
Bill,
I appreciate what you are proposing here. Fundamentally though I refute the notion that consumers don’t accept DRM. One need look no further than the iPod, iPhone and iPad. Every day millions and millions and millions of consumers validate DRM.
The only time DRM has been questioned is _outside_ that iThing ecosystem and then DRM suffers the most brutal allegations and abuse. The truth is that consumers, in most cases with PlayReady or FairPlay or FlashAccess, hardly know or care they are consuming encrypted media.
Whether it be with NetFlix on the iPad using PlayReady or iTunes on the iPod using FairPlay or _insert_content_offering_here on _insert_ecosystem_here using _insert_DRM_schema_here. They all operate the same and really the consumer issue is why doesn’t Apple license FairPlay and moreover how soon will it take device OEMs to license PlayReady or FairPlay?
Furthermore, I also like notions like yourself however they don’t stand up in court. If you “buy” a piece of content online you are merely taking posession of the digital expression of the copyright holder’s rights inside a blob of zeros and ones. It’s not atomic and it’s not something you “own” per se. And no I don’t like that either but that is exactly what a lawyer will tell you the courts have ruled.
I do think it’s novel that yet another DRM schema has arisen and I also echo the comments above in that this concept is already in OMA and frankly I think it’s unnecessary as every piece of content users are getting these days is delivered via IP transit including NetFlix, XBox, iTunes, etc and so on.
Thank you for continuing to keep us all abreast of the ever changing DRM landscape. You do a great job.
Be sure and book some meetings in LA, Culver City, Studio City and Burbank. Heck you might as well go down to San Diego too. 🙂
Regards,
Christopher
Christopher,
I appreciate your comments, but I feel I ought to set you (and possibly others) straight on one point: the question of whether a downloaded licensed file is a transfer of a copyrighted work or just a license of it is absolutely not settled law. Trust me on this one. I’m involved as an expert witness in a lawsuit where this is an issue, and I’ve discussed this with copyright experts from across the spectrum.
No court has ruled one way or another on this point. I’m guessing that an organization like the EFF would like to see a judge write what some of us call the “quacks like a duck, waddles like a duck, paddles like a duck” decision, in which permanent digital downloads should be considered as copyrighted works rather than licensed files. Most of Hollywood likely wants the opposite result, as I explained w/r/t Fox in my OP.
I have found that the devil is (as usual) in the details here. The more I think about things like Digital First Sale, the more my head explodes.
BTW, what’s in San Diego that’s worth visiting, besides Verance, Verimatrix, constant 75 degree weather, and excellent Mexican food 🙂 ?
Bill,
Might you be able to provide some relevant case law here? The feedback we have seen from various legal resources and discussions seems it indicate otherwise. I would definitely like to update our knowledge base here.
Paul I apologize for directing my last response to bill. When I viewed this thread on my WinMo phone for some reason I didn’t see your name on the post. Nonetheless I commend you Sir for your efforts here and will definitely check out the spec.
Regards,
Christopher
Legal references to the “quacks like a duck” theory are thin on the ground – precisely because the media industry most likely wants to keep this question out of the courts in order to maintain the status quo.
There have been a couple of tests of the narrower idea of Digital First Sale, i.e. applying section 109 of the Copyright Act to digital downloads. Here is what I have:
http://www.drmwatch.com/legal/article.php/3095241 shows that Fred von Lohmann, the EFF’s copyright guru, believes that digital First Sale is a legal gray area, at least in the context of someone putting an iTunes music track up for sale on eBay.
The most relevant recent case, which is currently before the ninth circuit appeals court, is Vernor v. Autodesk, involving resale (also on eBay) of AutoCAD, a computer-aided design package that sells for thousands of dollars. See https://copyrightandtechnology.com/2010/02/16/digital-first-sale-at-issue-in-vernor-v-autodesk-appeal/.
There is at least one other case that involves the broader issue of whether a digital content download should be treated as a copyright transfer, but unfortunately I can’t dig it up. Maybe one of the copyright geeks who read this blog could provide this?
Bill,
Thanks for the links and info. I think that in the absence of firm case law as you pointed out, consumers are left with the terms of the license they bought and executed. In every case I have seen, these licensed rights are presented very clearly. Here’s Apple’s TOS section on IP:
“14. Intellectual Property.
a. Acknowledgement of Ownership. You agree that the Service, including but not limited to Products, graphics, user interface, audio clips, video clips, editorial content, and the scripts and software used to implement the Service, contains proprietary information and material that is owned by Apple and/or its licensors, and is protected by applicable intellectual property and other laws, including but not limited to copyright, and that you will not use such proprietary information or materials in any way whatsoever except for use of the Service in compliance with the terms of this Agreement. No portion of the Service may be reproduced in any form or by any means, except as expressly permitted hereunder. You agree not to modify, rent, lease, loan, sell, distribute, or create derivative works based on the Service, in any manner, and you shall not exploit the Service in any unauthorized way whatsoever, including but not limited to, by trespass or burdening network capacity.”