Chapter 2: DRM and the Law

DRM Is Not Copyright

DRM is many things, but it is not copyright. Many still confuse the two. It isn’t uncommon to hear people ask—and this was especially the case in the early days of e-books and online piracy—why DRM is needed if we have copyright laws protecting the rights of authors and publishers. Don’t copyright laws prevent users from making unlawful copies? The simple answer is no, they don’t. If people want to make unlawful copies in digital environments and participate in spreading piracy online, they can. Technologies available to them make it easy to do. DRM is there to ensure that they can’t, even if they want to.

Although DRM is often discussed in the context of technology, to be fully understood, DRM must be looked at from a multidisciplinary perspective, including not just business implications and the publishers’ bottom line, but also legal implications. The fact is, DRM systems pose all kinds of complex legal problems, and the law, in many ways, has had to catch up with technology all over the world. This is owing largely to the fact that the internet has challenged the notion of rights in various fields—including literary, artistic, and scientific—from the start, and it has greatly influenced the management of intellectual property rights. It is also necessary to remember here that e-books do not recreate the printed book in digital format; they remove three key rights granted to owners of purchased print books by law: first sale, personal archival storage, and annotation rights.1

Although it is often confused with copyright, DRM itself is not about protecting rights of content owners. Instead, it is a vehicle by which those rights can be protected online. Copyright, on the other hand, is a form of an intellectual property right. (Intellectual property rights also include trademarks, patents, and industrial designs.) Copyright protection usually lasts for a number of years, depending on the country. In the United States and the European Union, for example, copyright protection usually lasts until seventy years after the author’s death, after which their work goes into the public domain and anyone can do what they want with it, with hardly any restrictions, including the selling, reselling, and even modifying.

So, while DRM is not copyright, DRM systems are modeled on copyright. Like DRM, copyright has always served several roles: to protect the author’s reputation (by not allowing anyone else to claim another person’s work); to preserve the document’s integrity (by ensuring the document isn’t altered or changed); and to properly preserve and archive documents and books for use by future generations.

DRM is therefore not an implementation of copyright laws, but a system for the protection of digital works, which explains why creators of DRM systems usually avoid references to copyright law in their products. A way to distinguish copyright law from DRM may be as follows: “Where copyright law is an expression of ‘everything that is not forbidden is permitted,’ DRM takes the approach of ‘everything that is not permitted is forbidden.’ ”2 It is also unwise and inaccurate to think of DRM as a digital expression of copyright law. Instead, DRM is a digital expression of a license and thus “a specific agreement between named parties for particular, identified resources.”3 Another way to understand this is “DRM is the ‘digital management of rights’ and not the ‘management of digital rights.’”4

As we delve deeper into the matter of DRM and how it intersects with the law and government regulation, we uncover a contradiction in the very notion of rights of users, which has contributed to creating more frustration and tension in various DRM-related controversies and led many to object to DRM-related laws worldwide. As Camp explained, “Ownership of the fruit of intellectual labor is now widely regarded as a human or cultural right. Freedom to access information and privacy rights are also human rights.”5 And as Zittrain pointed out in 2003, “We live today under two copyright regimes: the law on the one hand and the reality as experienced by the public on the other.”6 Various laws have been passed to protect the rights of content owners in digital spaces. Some have succeeded and some have failed in their efforts to help remedy the situation and the ongoing tension between what content owners want and what the public wants.

Key Legislation

As Bechtold observed, “[T]here is a danger of over-protection: questions of fair use and other limitations to traditional copyright law have to be addressed. If competition is not able to solve this tension between the interests of content providers and the interests of users or the society at large . . . it is the law that has to provide a solution.”7 And these solutions must be new, as protection by traditional copyright law plays only a minor role as a safety net in the world of digital content.8 Indeed, copyright laws have always been enforced to address the concerns of publishers and authors. Copyright law, specifically, gives the creator the exclusive right to publish a work, reproduce it, and approve derivative works (e.g., movies, translations, etc.). These rights are given to the author, not to the printer or seller. These rights always have a finite term. And violations of copyright law are treated as civil, not criminal, violations.9

To address the changing climate in digital environments and after a great deal of lobbying by rights holders in the music, software, and entertainment industries—who have had significant influence in encouraging more restrictive legislation—various countries around the world have passed legislation in favor of copyright holders, reaffirming their full rights to their intellectual property. In 1998, the US Congress passed the Digital Millennium Copyright Act (DMCA), which makes circumvention of measures like DRM a civil offense, but when the circumvention is done for commercial purposes, it is a federal crime. This means that any copyright holder can sue anyone who violates DMCA. If, for example, an author or publisher comes across an illegal copy of their work, they may submit a DMCA takedown notice (often with help from a skilled lawyer).

Publishers have generally perceived DMCA as a major moral victory and a necessary step toward ensuring that users would think twice before engaging in illegal downloading activities. Others have warned, however, that “one effect of the DMCA has been to narrow fair use rights further than the provisions made in law by copyright holders.”10

One of the problems with DMCA has been that those who support it have failed to see that old rules applied to printed works would not work in the new age of digital sharing and access to information. This fact explains why DMCA has gone through some modifications since it passed. In November 2006, for example, it was revised to “exempt education, outmoded technology, and literary works distributed in e-books when all existing e-book editions of the work contain access controls that prevent the enabling either of the book’s read-aloud function or of screen readers that render the text into a specialized format.”11 Copyright lawyers have also expressed frustration with the difficult tasks of having to deal with parties in different jurisdictions when working on DMCA takedown notices, since the sites they are trying to shut down pop up under different names, with new providers, in different geographic locations, producing a whack-a-mole effect.

“The current legal environment in the United States is perceived by many to be skewed unfairly in favor of copyright holders. In addition to code-based restrictions imposed on users by DRM technology, further rights can be taken away through licenses and contracts, such as End User License Agreements (EULAs).”12 The European Union has made more progress than the United States in this regard, establishing some fundamental consumer rights and acting “against companies that require EULAs with ‘unconscionable’ terms.”13

In 2001, the European Union Copyright Directive required member states to enact provisions preventing the circumvention of technical protection measures. In 2009, some countries (led by France and the United Kingdom) passed the so-called “three-strikes anti-piracy” law (known as HADOPI), which authorized suspending the internet access of pirates who ignored two warnings to quit.14 Several studies that examined the effects of the HADOPI law found conflicting results. One study found that the law caused a 22 to 25 percent increase in music sales in France,15 but the study by Arnold and colleagues from the same year found that the law was ineffective both in preventing digital piracy and in reducing the interest of users to practice piracy.16 The HADOPI law was revoked in 2013 when France’s Constitutional Council declared access to the internet a basic human right.17

In addition to copyright, Europeans also have something referred to as “moral rights.” Unlike copyright, which can be transferred from a person to a person, moral rights cannot. They always belong to the original creator and are divided into three groups: “(1) the right of attribution (the right to be recognized as the work’s creator); (2) the right of disclosure (the right to decide when and how a work is released); and (3) the right of integrity (the right to prevent a work from being changed without the creator’s approval).”18

The EU’s Copyright Directive (also known as Information Society Directive) came into force to ensure “a well-functioning marketplace for the exploitation of works and other subject-matters, taking into account in particular digital and cross-border uses of protected content.”19 Its purpose is to extend existing European Union copyright law and is a component of the EU’s Digital Single Market project. According to a Wikipedia article, “the European Council (EC) describes their key goals with the Directive as protecting press publications; reducing the ‘value gap’ between the profits made by Internet platforms and by content creators; encouraging collaboration between these two groups, and creating copyright exceptions for text- and data- mining.”20 The directive has been supported by publishers and media groups, but, as expected, it was fiercely opposed by major tech companies, internet users, and human rights advocates.

As the current legal landscape shows, legislative efforts have not been able to strike an acceptable-for-all balance between protecting the rights of copyright holders and the rights of internet users. Tensions continue to exist between those who want strict regulation protecting copyright holders and those who insist that such legislation, in both the United States and Europe, serves to protect the interests of the few and continues to infringe human rights, which have clearly evolved in the era of digital information. Further, such legislation sometimes goes against technological advances and stifles progress of the companies that have introduced major innovations in a range of industries across the globe, helping them grow their businesses in ways they could not have imagined two decades ago.

It helps to remember here that content providers can protect themselves by the means of implementing DRM, but the protection of consumers and society at large still depends on the law. Therefore, copyright law may need to be transformed from legislation that protects creators to a consumer-protection statute. As Lawrence Lessig put it: “The problem will center not on copy-right but on copy-duty—the duty of owners of protected property to make that property accessible.”21 This, of course, raises questions: Has intellectual property, such as books and other “containers” holding human knowledge, been accessible to users online in adequate measure and in line with the demands of the society we live in? Have users been given a fair number of options and choices? What should their rights—legal and moral—be moving forward? Just how much information should be given to them with no restriction? These and similar questions lead to no easy answers, certainly not in ways that please every side of the DRM and digital piracy debate.

Notes

1. L. Jean Camp, “DRM: Doesn’t Really Mean Digital Copyright Management,” KSG Working Paper Series RWP02-034, August 2002, https://doi.org/10.2139/ssrn.348941.
2. Karen Coyle, “The Technology or Rights: Digital Rights Management,” Part 4, under “DRM and the Law” (based on a talk originally given at the Library of Congress, November 19, 2003), https://www.kcoyle.net/drm_basics4.html.
3. Karen Coyle, “Rights Management and Digital Library Requirements,” Ariadne, no. 40 (July 30, 2004), www.ariadne.ac.uk/issue40/coyle.
4. Renato Iannella, “Digital Rights Management (DRM) Architectures,” D-Lib Magazine 7, no. 6 (June 2001), http://dlib.org/dlib/june01/iannella/06iannella.html.
5. Camp, “DRM,” 83.
6. Jonathan Zittrain, “The Copyright Cage,” Legal Affairs, July/August 2003, http://www.legalaffairs.org/issues/July-August-2003/feature_zittrain_julaug03.msp.
7. Stefan Bechtold, “From Copyright to Information Law: Implications of Digital Rights Management,” in Security and Privacy in Digital Rights Management, Lecture Notes in Computer Science, vol. 2320, ed. Tomas Sander (Berlin, Heidelberg: Springer, 2002), 213.
8. Bechtold, “From Copyright to Information Law.”
9. Camp, “DRM.”
10. Amber Sami Kubesch and Stephen Wicker, “Digital Rights Management: The Cost to Consumers,” Proceedings of the IEEE 103, no. 5 (May 2015): 729, https://doi.org/10.1109/JPROC.2015.2418457.
11. Priti Trivedi, “Writing the Wrong: What the E-book Industry Can Learn from Digital Music’s Mistakes with DRM,” Journal of Law and Policy 18, no. 2 (2010), article 10, p. 935, https://brooklynworks.brooklaw.edu/jlp/vol18/iss2/10.
12. Kubesch and Wicker, “Digital Rights Management,” 730.
13. Kubesch and Wicker, “Digital Rights Management,” 730.
14. Paul Belleflamme and Martin Peitz, “Digital Piracy: An Update,” in Encyclopedia of Law and Economics, ed. Jürgen Georg Backhaus (New York: Springer, 2014), 7.
15. Brett Danaher, Michael D. Smith, Rahul Telang, and Siwen Chen, “The Effect of Graduated Response Anti-piracy Laws on Music Sales: Evidence from an Event Study in France,” Journal of Industrial Economics 62, no. 3 (2014): 541–53.
16. Michael Arnold, Eric Darmon, Sylvain Dejean, and Thierry Penard, “Graduated Response Policy and the Behavior of Digital Pirates: Evidence from the French Three-Strike (Hadopi) Law,” unpublished paper, May 28, 2014, https://pdfs.semanticscholar.org/2450/d913ae4ec30ec46cf0bc7dce8f33daebdb94.pdf.
17. Belleflamme and Peitz, “Digital Piracy.”
18. Frederick W. Dingledy and Alex Berrio Matamoros, “What Is Digital Rights Management?” in Digital Rights Management: The Librarian’s Guide, ed. Catherine A. Lemmer and Carla P. Wale (Lanham, MD: Rowman & Littlefield, 2016), 3.
19. “Proposal for a Directive of the European Parliament and of the Council on Copyright in the Digital Single Market,” document 52016PC0593, European Commission, September 14, 2016, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52016PC0593.
20. “Directive on Copyright in the Digital Single Market,” Wikipedia, accessed October 28, 2019, https://en.wikipedia.org/wiki/Directive_on_Copyright_in_the_Digital_Single_Market.
21. Lawrence Lessig, quoted in Bechtold, “From Copyright to Information Law,” 225.