The European Commission is sponsoring development of a comprehensive Digital Rights Management (DRM) solution to support authoring, licensing, and use of digitized content. The project is called TIRAMISU, which stands for "The Innovative Rights and Access Management Inter-platform Solution."
A readable and reasonable jargon-free overview is presented on the INDICARE web site by TIRAMISU participants in an illustrated article. The title is TIRAMISU: That's Unobtrusive DRM in the Home Domain.
A couple of things popped out as I read the INDICARE article:
- Home Domains
- Smart cards
The idea behind "superdistribution" in TIRAMISU is that DRM controlled items, initially distributed in encrypted form, can be copied and redistributed by consumers as long as the original licensing scheme is protected and as long as the license keys are used (and potentially paid for) as required. The consumer, basically, becomes part of the distribution chain. Copying and redistribution are not discouraged as long as the integrity of the item is respected. (See Bob Weber's article for an overview of Superdistribution.)
Superdistribution is explicitly differentiated by the TIRAMISU authors from other forms of distribution and control:
Such philosophy is based on the conviction that doing so within the context of inter operable DRM systems, content will reach a larger number of potential customers to the benefit of providers and consumers. In this respect the TIRAMISU approach clearly contrasts the philosophy of established content protection policies that rely on copy-protection and forward-lock mechanisms to prevent C2C distribution.
In other words, the consumer is not prevented from copying as long as a license is available. Presumably, also, each successive use is potentially a revenue generator for the original owner or distributor, irrespective of the source of the copy. (I say "potentially" since it is not always clear that successive uses by consumers of all works covered by the TIRAMISU system would require payment. I am referring, for example, to works that might be intended for noncommercial use or works where only certain classes of users are charged.)
One idea that comes to my mind when thinking about Superdistribution is that of a toll or a tax I must pay in certain circumstances, i.e., in those circumstances where the content owner or distributor has determined that a payment (or at least a measurement of a licensed use) must be made.
Another important concept for TIRAMISU is "Home Domains:"
Conceptually the set of devices belonging to a user or a group, for example a family, forms a personal space where content may circulate. This concept implies that content rights purchased for a piece of content are persistent over all devices of the home domain. Eventually, from the content consumption perspective there is no difference whether the user owns one or several devices.
I think of a "home domain" as a "household" that contains a variety of different devices which can share digitally compatible units of protected content. Once a product is licensed for use within a particular home domain it can be shared among the compatible units.
Obviously technical compatibility issues will need to be solved. For media files TiRAMISU relies on the MPEG-21 standard that incorporates a rights expression language. Still, as I look around my home I see both networked and non-networked devices that currently prevent the sharing of files, even were the file formats to be compatible. And, the songs, albums, and soundtracks I have "purchased" through iTunes that are currently stored on my Windows laptop can only be "burned" a limited number of times, which presumable the concept of Superdistribution would supercede.
Also, the idea that a copy protected Sony BMG CD could not be transferred to an iPod due to incompatibility of DRM schemes would also be overcome by the Tiramitsu scheme. (And I haven't even considered to what Comcast might think about another layer pf protection intermingled with its own restrictions over PVR recording of certain "on-demand" titles.)
Another interesting impact of a standard approach to licensing and permissions such as envisioned by TIRAMISU would be that radio stations or cable-based streaming audio services might onc again be free to advertise in advance what songs they intend to play.
To use the content licensed to a home domain, a valid "smartcard" is required; this contains the key that allows the decryption and unscrambing of the licensed content. Here is a description:
Smartcards in home domains provide a secure repository for home domain secrets and are the elements that enforce the domain license by validating it before providing the content descrambling key to the rendering device. Compared to software-based solutions, the smartcard being a hardware device is more difficult to compromise and it thus offers an increased level of security.
I'm not sure about whether I agree with that last sentence but the idea is fairly simple: you need to purchase/license/rent a smartcard in connection with your "home domain" in order to access the content which you may have obtained from a content distributor or from another content consumer. A society familiar with phone cards, credit cards, and ATM cards should not have difficulty adjusting to the concept, I'd think. I would hope, though, that I would not have to swipe my smartcard whenever I tried to listen to my copy, say, of Elvis Presley - Unreleased Stereo Masters From The `50s.
The TIRAMISU authors provide a good list of issues that need to be addressed in order for such a scheme to succeed:
- Acceptance by content providers.
- Acceptance by consumers.
- Acceptance by media distribution industry.
- Emergence of a single standard.
- Worldwide embrace of smartcard technology.
- Tamperproof technology.
These are not insignificant issues. For example, why would Apple want to do something that might conceivably loosen the ties between its iTunes service and its iPod sales? Why would brick-and-mortar retailers want to support something that would further encroach upon their sales of media products that are physically incompatible across devices? Why would consumers want to adopt an approach that appears to make it possible to measure/count/detect whenever a media product is transferred from one device to another or one home domain to another? And, how would "fair use" issues be addressed?
Nevertheless, I am impressed with a group that thinks big and proposes a sweeping change to solve whet looks to me to be an increasingly onerous situation: marketplace and consumer confusion caused by multiple and incompatible solutions to Digital Rights Management.
Implementation of technology compatibility, data interchange standards, and relatively unobtrusive monitoring/licensing schemes does seem to be a good way to proceed.
And I am intrigued by the incorporation of the concept of "home domains" which, if I have interpreted the concept correctly, potentially addresses both economic and privacy concerns.
A followup to the above commentary is located here.