Digital rights on the Web

Guarding your digital rights on the Web is becoming a major issue. The music industry has been trying a range of strategies with...

Guarding your digital rights on the Web is becoming a major issue. The music industry has been trying a range of strategies with little success The music industry's fight to keep piracy at bay shows how difficult it is to reach consensus, writes Danny Bradbury.

At the time of writing, Napster and the Recording Industry Association of America [RIAA] are still duking it out in the courts. Napster is appealing to keep its peer-to-peer music downloading service online after the RIAA won an injunction to shut it down in July.

This raises the issue of digital rights management (DRM), which is becoming increasingly important for those companies hoping to make money out of downloading and selling their content online - and those companies that simply want to prevent their content being made available online.

The problem with DRM is that many of the solutions are proprietary. Even those companies that claim to be producing standards are doing little else than trying to make their own technologies de facto in the industry. Consequently, this market is displaying the same characteristics as most other immature markets, in that it is fragmented with multiple rivals tied together in a haphazard, three-legged race toward market acceptance.

Many of these companies expect end-users to download large plug-ins or adapted versions of popular media players such as Real Networks' Realplayer, enabling them to view material that has been intended to support their DRM technologies. But, until they get enough support from content providers, end-users will not be willing to download or install the proprietary players. And until their players and plug-ins are universally accepted, content providers will be largely unwilling to work with them.

Peter Beverley, vice-president at DRM firm Magex, speaking about the adapted media players used to view files encrypted by his own product, said, "We have some deals in the pipeline with getting it pre-burned onto CDs." But this doesn't sound like a plan that will result in widespread end-user acceptance of the technology. The revenue growth curve for such companies will therefore be shallow, if indeed there is one at all.

Unfortunately for the small operators, Microsoft, traditionally a lone runner, has been sprinting towards the finishing line. The firm has uncharacteristically adhered to an industry standard in its attempt to capture a large share of the DRM market. Its Media Rights Manager includes support for the burgeoning Secure Digital Music Initiative (SDMI) standard, an encryption mechanism that was defined by some of the larger record companies.

The SDMI Consortium, which originally started working on the technology at the start of 1999, has been slow off the starting blocks and is faced with the problem of getting unwilling consumers and indifferent player manufacturers to accept it.

If enough content providers output their content with SDMI encoding, which stops it being copied, then consumers may have little choice but to use media that contains the protection technology. Microsoft has already built support for SDMI into its latest MediaPlayer, version 7. With back-to-back SDMI support in both its player and its DRM product, it can offer content providers a large audience of consumers which will already be restricted to using protected material.

Beverley said, "The underlying rights management includes collecting and managing data, and it is clear that the businesses are sensitive about Microsoft being the clearing house of information because of its strong position in the market."

Last week, SDMI was reportedly cracked, underlining the basic problem that DRM must face: how to devise a system that is persistently secure. The music industry has tried for years to devise anti-piracy strategies but with no real success. With no secure DRM products in sight, the best advice is to keep copyrighted material off the Web or be willing to accept the consequences.

Read more on IT risk management