This week at Book Expo America in New York, the Book Industry Study Group (BISG) and the International Digital Publishing forum (IDPF) held an open meeting to discuss what the two industry bodies should do about DRM standardization.

Although this meeting wasn’t all that well attended — it was hampered by a hard-to-find location in the remote reaches of the cavernous Javits Center — it did provide good insight into book publishers’ attitudes about DRM, now that e-books have a much bigger impact on the industry than they did a few years ago.

Angela Bole of BISG kicked off the meeting by explaining the research and standards body’s role in the process.  She emphasized that the reason for BISG’s interest in DRM standardization was to “take friction out of the supply chain” for publishers, retailers, and users.  BISG has been successful in promoting other supply-chain-oriented initiatives, such as the ONIX standard for book product metadata.

Then Bill McCoy, Executive Director of the IDPF (and former e-publishing executive at Adobe), laid out a few possible choices for direction that the IDPF could help facilitate, and discussed their pros and cons (mostly the latter):

1. Rely on e-books migrating to browser-based delivery on connected devices, meaning that users will no longer need to download e-books, making file-based DRM unnecessary (instead relying on what I call “screenshot DRM,” as currently practiced by Google Editions and Amazon’s “Look Inside” feature).  This option isn’t practical because the technology won’t be in place for years, and people still want to own their e-books permanently.
2. Go DRM-free. One of the advocates of this approach, Andrew Savikas from O’Reilly & Associates, argued for DRM-free and cited his company’s research to prove that “piracy helps sales” [see note below].  But few major publishers are interested in giving up DRM at this time.
3. Gravitate towards a single-vendor solution, as the music industry effectively did with Apple and iTunes.  This would improve the user experience, but it would result in a single entity with a stranglehold on supply chain economics; publishers would lose.
4. Advance an interoperable DRM standard.  By process of elimination, McCoy expressed interest in pushing this model.

The IDPF, and its predecessor organization the Open e-Book Forum (OeBF), have muffed the DRM issue twice already over the past decade.  When it developed the highly successful EPUB format, IDPF opted not to include DRM in the specification.  This happened primarily because the technology vendors that hold sway at the IDPF did not want a DRM standard: they either wanted to do without DRM entirely or to stick with their proprietary DRM; adopting a standard DRM would be an expense and hassle they would rather do without.

Before that, around 2003, the OeBF tried to define a standard rights expression language (REL) that publishers and retailers could use to express rights that they wanted to grant to consumers as part of a DRM system.  The MPEG standards body adopted an REL standard (MPEG-REL) as part of its MPEG-21 suite of standards for digital multimedia.  The OeBF decided to create an e-book-specific version of MPEG-REL.  (I participated in this effort on behalf of the Association of American Publishers.)  MPEG-REL has had negligible impact on the market, and the OeBF’s e-book REL effort went nowhere.

The current state of the e-book market makes any DRM standardization strategy challenging.  There are now three dominant platform vendors, each with their own DRM: Amazon, Apple, and Adobe (used in virtually all other e-readers, including the Barnes & Noble Nooks and Sony and Kobo Readers).  Any DRM standard would have to either promote interoperability among these or replace them.  But the major players are already well established and therefore have little incentive to cooperate.  Contrast this with Hollywood, where the market for digital video downloads is arguably less mature.

With that in mind, McCoy posited three possible approaches to interoperable DRM:

1. Standardize on a single DRM, the way Hollywood did with AACS for Blu-ray (and HD-DVD).
2. Instead of using file encryption, use a type of technique that McCoy has dubbed “Social DRM”: insert watermarks into e-books that contain personal information related to the user, such as a credit card number.
3. Adopt a rights locker approach similar to that of Hollywood’s DECE (a/k/a UltraViolet), in which users pay for the right to download a title to one or more e-reading devices of their choice, as long as each device supports one of the approved DRMs.

The first of these options is a virtual impossibility with three platform vendors already established in the market.  The “social DRM” technique has been tried in both e-books (by Microsoft in the previous decade) and music, with little success. Furthermore, it’s unclear how such a system would work with the EPUB text-markup format: for one thing, I don’t see how to avoid simple tools for stripping the watermark data from EPUB files without reverting to “regular” DRM.

That leaves the third option, which was the subject of some discussion at the meeting at BEA.  The advantage of a DECE-type model for e-books is that it makes it unlikely that any of the platform vendors would need to scrap and replace their existing DRMs.  DECE-approved DRMs must merely share certain basic technical characteristics, such as using the same crypto algorithm, so that the central rights locker can store encryption keys that work with all compliant DRMs.

But I don’t see how adopting DECE would be particularly helpful in reducing the number of e-book platforms or promoting interoperability.  Of the three major platform providers, at least two (Apple and Amazon) have no history of cooperating with others.  The latest market share statistics for e-book retailers, from Goldman Sachs in February, gives Amazon 58% of the market, Barnes & Noble 27%, and Apple’s iBooks 9%.  If we assume that the remaining 6% consists of other retailers that use the Adobe platform (such as Sony), then we have Amazon and Adobe fighting it out at a reasonably competitive 58% vs. 33%.

Market forces alone may well reduce the number of dominant platforms to two, by marginalizing Apple as a DRM platform provider for e-books.  Both Amazon and B&N have apps that run on popular mobile devices.  So one way to achieve “interoperability” is simply to use an iPad, iPhone, Android, or BlackBerry (not to mention Windows or Mac) with both Kindle and Nook apps, and live with two e-bookstores.  Apple’s iBooks, which only runs on Apple iOS devices, will isolate itself into irrelevance.  And its dependence on the iTunes retail infrastructure hampers Apple from doing the previously unthinkable and switching iBooks to Adobe’s DRM (thereby joining B&N and others to weaken Amazon).

If the book industry really wants to achieve e-book interoperability among dedicated e-readers, then a fourth alternative, beyond those that Bill McCoy suggested, may be worth investigating: Coral.  Coral was a consortium led by Intertrust that had developed a framework for actual interoperation among DRMs through trusted intermediary services.  This approach makes it possible for a user to call a service to “translate” content from one DRM to another while maintaining security.

Coral still technically exists but has been quiescent over the last several years as Hollywood rejected it in favor of the DECE multi-DRM approach.  DECE depends on online retailers building infrastructure to support all compliant DRMs — currently five of them — and agreeing to let users migrate from one retailer to another like GSM mobile subscribers do with their SIM cards.  This is unlikely to fly with Amazon or Barnes & Noble.

Instead, Coral would enable users to use their e-books on other devices while letting retailers retain control of their users’ purchase information.  This alternative seems more palatable to e-book retailers than the DECE approach, and it would help users.

Technical and licensing issues must be investigated in order to determine whether Coral might be suitable for current e-book platforms.  As various participants stated at the BEA meeting, book publishers are far more likely to be successful in pushing for DRM interoperability through industry-wide vehicles than one publisher at a time.  The major e-book retailers need incentives to adopt interoperability that will enhance the user experience and help the market grow faster.  Publishers can push for such incentives in licensing deals.  As long as their actions fall on the correct side of antitrust law, the IDPF has a way forward.

^*O’Reilly commissioned my colleague Brian O’Leary to do a study on piracy’s effect on sales in 2008.  O’Leary’s findings encouraged O’Reilly to stay away from DRM.  When I asked Savikas what the study measured, he stressed that it was a limited study that was only relevant to the way O’Reilly sells and markets its content.

As the author of books published by O’Reilly myself, I would like to assert that O’Reilly is an outlier, and the research results should not be taken as representative of the book industry as a whole.  I maintain that both piracy’s effect on sales and DRM’s effect on piracy (or sales) have yet to be measured with any degree of confidence for book publishing (or any other media industry segment) — and perhaps never will.

Here’s why O’Reilly is atypical: first, it is much more active and sophisticated than other book publishers at using online techniques to market and distribute content, thereby making it easier for O’Reilly to monetize content online. Second, this redounds doubly to O’Reilly’s benefit because of the tech-savvy of O’Reilly’s core audience of IT professionals.  Finally, O’Reilly’s content attracts an open-source-oriented crowd that has a particular antipathy towards DRM, making a backlash more likely than for other publishers if O’Reilly were to implement it.  O’Reilly & Associates is a superb publisher, but its study on piracy and DRM has limited meaning for the industry at large.