The IEEE Standards Association has approved the formation of a new working group, P1817, the Standard for Consumer-Ownable Digital Personal Property. Chairing the working group is Paul Sweazey, an engineer who has been working on this idea for some time. A draft spec of P1817 is available, and the first working group meeting of the initiative will be in Silicon Valley on July 14.
The basic idea of P1817 is as old as the first generation of DRM implementations: to approximate important characteristics of physical media products in the digital world, so that physical-world business models can migrate online. But P1817 follows a different approach to this goal than DRM systems have done so far. Briefly, it binds a “playkey” tightly to an encrypted content file, so that you have to possess the playkey in order to play the content (or more accurately, to decrypt a content key which unlocks the content). So far, so typical; but here’s the difference: a key identification and management scheme sits in the background and ensures that only one user can possess a given playkey at a time.
Contrast this with DRM schemes that incorporate licenses that are bound to devices, such as those used for mobile handsets, like OMA DRM v.1. In this type of scheme, it’s not normally possible for a user to pass the content and the license to another user. In other schemes, licenses cover a set number of devices, such as Apple FairPlay’s limit on the number of PCs, Macs, or iPods that can play an encypted iTunes file.
With P1817, it is supposed to be easy for users to pass playkeys to others. Owners of content (e.g., those who purchase it online) also get a second playkey, which sits in what amounts to an online rights locker and allows the user to access the content over the Internet from any connected device.
The purpose of this standard is to make it so that purchasers of digital products get rights that are more similar to those embodied in physical products than has been the case with previous DRMs. You can play the content (on a player that supports this scheme) without connecting to a server for license issuance or authentication. You can give your key out to others whom you trust to give it back to you, just as if you would lend or rent out content; the key is tied to the user’s identity so that rights resembling First Sale in copyright law (a/k/a Exhaustion in most countries outside the US) are ensured.
Sweazey positions P1817 as being different from DRM. He says that DRM is good for models like streaming and subscriptions, which preclude consumer ownership of content, while P1817 is explicitly about ownership.
But let’s face it: P1817 is a form of DRM. In effect, it’s a further extension of a theme pioneered around 2001-2 by Microsoft for its e-book DRM (Digital Asset Server): a publisher could select a level of protection whereby the e-book’s cover page contained some valuable personal information, such as the credit card number used to buy the e-book. The idea was that the user would only feel comfortable giving a copy of the e-book to someone whom she trusted with her credit card number. Later schemes, like Light Weight DRM (2003) and Bitmunk (2004), took this a step further by embedding watermarks into the content with personal information.
Yet in none of those cases was the content encrypted, meaning that users could still make copies and give them to people they trust. Paul Sweazy’s scheme encrypts content and thus does not allow this. His idea is to create an environment where content is protected from rampant unauthorized copying and yet consumers feel that they have bought something that they actually own, and are not “licensing” or “renting” or subjecting themselves to periodic “phone-homes” or license checks or renewals.
Nate Anderson of Ars Technica has raised thoughtful objections to the P1817 scheme. One of them was that because it seeks to emulate the physical world, it’s retrograde. But let’s remember that Apple succeeded with the iTunes Music Stores by emulating the “retrograde” model of a record store online. People understand record stores; they didn’t understand the other online music models of that era (around 2003), which were as confusing and opaque as early cell-phone usage plans. If “retrograde” means that consumers are more likely to accept it, then it may be a good thing.
Anderson also objected to P1817 because it’s a content encryption system and thus is inevitably going to be hacked — and then what happens? My view is that this isn’t all that important. Just as DRMs can be hacked, so can analog products be copied… potentially with some time, trouble, and cost on both sides. I have never agreed with the copyleft truism that DRMs become worthless (from a security standpoint) if they are hacked.
To me, there are more fundamental questions about this scheme that must be addressed. If you’ve followed my writings closely for a while, you can probably guess the first question I’d ask: who would pay for this? I.e., what type of entity would be motivated to pay for the technology necessary to implement P1817 – which relies on hardware and software in consumer devices as well as servers and authentication infrastructure?
Consumer device and software vendors might be interested in adopting such technology if they are confident that media companies will issue their most important content under this scheme. So let’s start answering the question by looking at different media markets.
The music industry? No. They’ve abandoned DRM for permanent Internet downloads and are distributing individual tracks in unprotected MP3 format; and there’s a trend toward file-sharing rules in music services that still use DRM which are already more liberal than those implied in P1817. Music companies would not see a need for this scheme.
Not Hollywood, either: many movie studios are eager not to enable First Sale (Section 109 of the US copyright law) for digital downloads because they believe it means lost revenue from potential incremental purchases. Fox, for example, is even careful to avoid using the otherwise common term “electronic sell through” (EST) to describe schemes like iTunes movie sales; instead they prefer the term “electronic license,” because it implies that the transfer of content to the user is not a sale of a copyrighted work — a question that is unsettled under current law.
If there is a market for P1817, it has got to be book publishing. With a few minor exceptions, book publishers have only implemented digital business models that emulate physical books. There are no analogs to “streaming” in book publishing, unless you count browser-based platforms such as Google Editions or Amazon Pages (which display page images in web browsers). There are only a couple of subscription e-book services in niche markets: only Safari Books Online (O’Reilly and Pearson) for IT professionals and Disney Digital Books for children come to mind.
A DRM system for e-books that emulates First Sale might actually satisfy publishers. After all, book publishers have lived with First Sale — i.e., with public libraries and used bookstores — for decades or centuries longer than record labels or film studios. They don’t like First Sale in certain market segments, such as textbooks, but otherwise most publishers understand that support of First Sale is key to consumer acceptance of e-books.
The objections people raise to e-book DRM generally fall into two categories: you can’t share e-books, and you can only read them on certain devices. P1817, if done right, solves the first of these problems. But it only solves the second if every device implements it. That isn’t going to happen without economic incentive, i.e., subsidy. And even then it’s a challenge.
Open standards in DRM only stand a chance of success if they have financial backing. The only truly successful open DRM standard is OMA DRM v1, which probably has an installed base of a billion units worldwide by now and has been backed by major handset makers. No DRM has ever been financially supported by content owners.
So, there’s the answer to the fundamental question that should determine the success of Consumer-Ownable Digital Personal Property. To grow and succeed, the e-book market has to navigate between the Scylla of platform monopoly (e.g., by Amazon or Apple) and the Charybdis of platform fragmentation (leading to lack of consumer interest). If book publishers are concerned enough about this — as they should be — then they might just be motivated to find a way of subsidizing implementations of P1817 that doesn’t run afoul of antitrust law.
If Paul Sweazey and his IEEE P1817 compatriots believe this line of reasoning, then their market development task is well-defined — albeit difficult to pull off. As with other standards initiatives, P1817TM’s success depends crucially on the types of companies that participate. (Hello, Adobe? Overdrive? Random House? And dare we say it: Amazon? Apple?) We’ll get a clue to this after the July 14 working group meeting. If they do succeed, it would truly be a meaningful new development in DRM technology.