Digital Copyright Canada

On Tuesday, Steve Jobs sent out an open letter titled "Thoughts on Music". This letter includes a more honest description of how a "DRM" system works than you normally see from DRM vendors. At the same time it paints Apple as having no choice in the matter and passes the buck to major labels and studios, just as Microsoft has claimed with it's Vista DRM, something which I consider to be less than honest.

Steve Jobs
February 6, 2007

With the stunning global success of Apple’s iPod music player and iTunes online music store, some have called for Apple to “open” the digital rights management (DRM) system that Apple uses to protect its music against theft, so that music purchased from iTunes can be played on digital devices purchased from other companies, and protected music purchased from other online music stores can play on iPods. Let’s examine the current situation and how we got here, then look at three possible alternatives for the future.

This call has come from many users of the technology, including from Hilary (Hillarious) Rosen, past Chairman and CEO of the Recording Indsutry Assciation of America (RIAA). It has come from governments, including France which tried to mandate some sort of interoperable DRM, and a warning from Norway's consumer ombudsman that FairPlay may violate competition law. It has also come from competing DRM vendors, such as Sun, which has proposed Project DReaM.

As you read further you will realize that each of these proposals have been based on a fundamental misunderstanding of how DRM works, and how DRM can work. It is critically important that we move from "science fiction" to actual "science".

As a recap from previous articles, I define DRM as the combination of two components.

• technologies used to limit the interoperability of content to "authorized" access devices
  
• technologies used to lock down devices to protect against the owner and/or operator of the device, and instead obey the instructions of the device manufacturer and/or software author.
  

Mr. Jobs is using essentially the same definition, although he would not use the same wording given the second component doesn't put the device manufacturer or software authors (IE: Apple) in a positive light.

To begin, it is useful to remember that all iPods play music that is free of any DRM and encoded in “open” licensable formats such as MP3 and AAC. iPod users can and do acquire their music from many sources, including CDs they own. Music on CDs can be easily imported into the freely-downloadable iTunes jukebox software which runs on both Macs and Windows PCs, and is automatically encoded into the open AAC or MP3 formats without any DRM. This music can be played on iPods or any other music players that play these open formats.

This is true of every player on the market I am aware of. I own a SanDisk player which plays standard MP3 files, but unfortunately not AAC. Both of these formats are audio standards documented by the Motion Picture Expert Groups (MPEG). As well as these publicly documented formats, the SanDisk also offers Microsoft Media files, a "feature" I have never used.

The Microsoft Zune has its own proprietary Zune DRM on Windows Media files, but also plays the standard MPEG audio formats.

Whether or not these players play any specific file format, whether "open" or proprietary, is a matter of what software is installed. While it is possible for the vendor to use software that does not play "open" content, the current market would not support such a move. I mention this because it is important for people to be aware that it is current market conditions, and not some feature that is inherent to the technology, that is enabling "open" content to be accessed.

The rub comes from the music Apple sells on its online iTunes Store. Since Apple does not own or control any music itself, it must license the rights to distribute music from others, primarily the “big four” music companies: Universal, Sony BMG, Warner and EMI. These four companies control the distribution of over 70% of the world’s music. When Apple approached these companies to license their music to distribute legally over the Internet, they were extremely cautious and required Apple to protect their music from being illegally copied. The solution was to create a DRM system, which envelopes each song purchased from the iTunes store in special and secret software so that it cannot be played on unauthorized devices.

This is written for a general audience, and only talks about "secret software". While most people do not understand the details of cryptography, I believe they can compare them to locks and keys that are implemented in mathematics rather than being physical. The "secret" that Mr. Jobs is talking about is a digital key.

When content is encrypted it is scrambled in such a way that the content is unintelligible unless you have the right key. It doesn't matter whether the underlying file format or audio CODECs are well documented open formats (such as MP3, AAC or FLAC), the content is only accessible if you have the right key.

It is important to realize that cryptography does not stop anyone from recording or copying the content. What it does is attempt to make the copy useless unless you have the right secret key. There is no "real world" (IE: not science fiction) way to make bits of information not be copyable, and bits are getting cheaper and cheaper to copy every day. None of these technologies are legitimately called "copy control" as they are incapable of controlling copies being made. They are more accurately called "access controls", which seek to limit the conversion of copies to an intelligible form.

Apple was able to negotiate landmark usage rights at the time, which include allowing users to play their DRM protected music on up to 5 computers and on an unlimited number of iPods. Obtaining such rights from the music companies was unprecedented at the time, and even today is unmatched by most other digital music services. However, a key provision of our agreements with the music companies is that if our DRM system is compromised and their music becomes playable on unauthorized devices, we have only a small number of weeks to fix the problem or they can withdraw their entire music catalog from our iTunes store.

This is a negotiation between big players stating that Apple will "tow the party line" in exchange for being "allowed" to market and redistribute this content. It is known to all the technical people that every DRM system will always fail, and that content will leak. The "secret" discussed above is necessarily available to every tool that is able to access the content, and thus is available in the private home of those people who this cryptography treats as the threat.

It should be obvious that it is not possible to place a safe in the home of a safecracker where they have unlimited access to the safe, and yet the safe won't be cracked. In this case they don't even have to crack the safe -- they just need to extract and use the key which has also been provided to them.

When discussing the current implementation of FairPlay, Apple fans often like to remind people that you can also burn the music onto a CD. Given even the least technically sophisticated user knows how to RIP a CD into a DRM-free file, it should be clear that the current implementation FairPlay doesn't stop anyone from infringing copyright if they wanted to. If the major labels ever noticed this feature that is obvious to Apple customers, I suspect the major labels would demand that Apple remove the feature. Like any other of the "upgrades" that Apple has rolled out that changed the way their DRM system worked, what people currently do with FairPlay content can (and does) change over time.

Discussions about the Advanced Access Content System (AACS) that is at the core of the Micorosft Vista DRM system (as well as Blue Ray and HD-DVD media players) have a similar tone. The system is designed with the assumption that secret keys will be leaked to the public, and new content will be able to be released that no longer makes use of the older keys which have been compromised. There are many keys involved, such that the compromise of one key doesn't impact every piece of content and every device the way it would for older DRM systems such as the DVD CSS used for older DVDs.

The DVD CSS system was rendered harmless very soon after DVDs were deployed. I often watch DVDs on my home computer using only Free Software, something which the DVD CSS system was created to prevent me from doing. I fully documented doing this as part of a submission to the Canadian copyright consultation in 2001.

To prevent illegal copies, DRM systems must allow only authorized devices to play the protected music. If a copy of a DRM protected song is posted on the Internet, it should not be able to play on a downloader’s computer or portable music device. To achieve this, a DRM system employs secrets. There is no theory of protecting content other than keeping secrets. In other words, even if one uses the most sophisticated cryptographic locks to protect the actual music, one must still “hide” the keys which unlock the music on the user’s computer or portable music player. No one has ever implemented a DRM system that does not depend on such secrets for its operation.

Note: No DRM system can prevent illegal copies, but we'll have to set this myth aside in order to get through this type of document.

What Jobs says about the need for secrets is important. Not only has no one ever implemented a DRM system that does not depend on secrets (keys), no such system can possibly ever exist. While cryptographic systems are always improving, they are improving to make it harder and harder to possibly ever decode the message without the key. There is a whole area of study called cryptanalysis which aims to try to find flaws in the mathematics which would allow decryption without the key.

Presuming we had a perfect form of cryptography, the message is then as secure as the key. In the case of DRM this key is embedded within the hardware and software that is capable of accessing the content, and is then made publicly available for sale into peoples homes. Since the keys are distributed to those who the system is alleged to protect against, it should be obvious that such a system will be easily compromised.

It is important to contrast this with secure communication with your bank, or other legitimate uses of cryptography. In this case you have a key where you are "locking" your message, and the bank has a key that can "unlock" the message. The threat that this technology is protecting against is no you or your bank, but some third party. This third party has absolutely no reason to ever have the key, and thus it is possible to secure communications by ensuring that the keys that you and your bank are using are never shared with anyone else.

Cryptography used by the banking industry is very powerful, and people should feel secure as far as the technology is concerned. If there are security breaches with a bank it is far more likely to be human error than technical failures. In the case of DRM the very attempt to use this technology in this way is critically flawed, and no matter how powerful the cryptography is this usage will always be able to be fairly easily compromised..

The problem, of course, is that there are many smart people in the world, some with a lot of time on their hands, who love to discover such secrets and publish a way for everyone to get free (and stolen) music. They are often successful in doing just that, so any company trying to protect content using a DRM must frequently update it with new and harder to discover secrets. It is a cat-and-mouse game. Apple’s DRM system is called FairPlay. While we have had a few breaches in FairPlay, we have been able to successfully repair them through updating the iTunes store software, the iTunes jukebox software and software in the iPods themselves. So far we have met our commitments to the music companies to protect their music, and we have given users the most liberal usage rights available in the industry for legally downloaded music.

This is largely communication to the content industry monopolists who make up the RIAA, MPAA and similar industry groups. Apple needs to continue to he seen to be speaking the party line as part of their deals with the industry. They need to claim that their DRM is an effective DRM, even if every technical person on the planet realizes that no DRM can possibly ever be effective.

Unfortunately this paragraph started with a myth that is very harmful when read by policy makers.

The number of people who will circumvent a DRM system in order to infringe copyright is, in my mind, limited more by the number of people interested in infringing copyright than by their technical ability. I know a very large number of people with the technical expertise required to circumvent any DRM system, but these people don't have an interest in infringing copyright. They may, however, be interested in authoring tools which allow them to do things which are perfectly legal with digital content that they have legally acquired, something which DRM systems often get in the way of.

The suggestion that the only reason why someone would want to circumvent a DRM system is to infringe copyright is entirely false. If you look at the majority of reports about tools created, they were created to enable people to do things which are perfectly legal under copyright law but which the DRM system was encumbering. I circumvent the DVD CSS system every time I watch a CSS encoded DVD, and it has never been for the purpose of infringing copyright. I have only ever circumvented a DRM in order to do things which, while Canada does not have anti-circumvention laws, are perfectly legal under Canadian law (IE: are not copyright or other rights infringements). These are activities which the government should be legally protecting, not prohibiting.

With this background, let’s now explore three different alternatives for the future.

The first alternative is to continue on the current course, with each manufacturer competing freely with their own “top to bottom” proprietary systems for selling, playing and protecting music. It is a very competitive market, with major global companies making large investments to develop new music players and online music stores. Apple, Microsoft and Sony all compete with proprietary systems. Music purchased from Microsoft’s Zune store will only play on Zune players; music purchased from Sony’s Connect store will only play on Sony’s players; and music purchased from Apple’s iTunes store will only play on iPods. This is the current state of affairs in the industry, and customers are being well served with a continuing stream of innovative products and a wide variety of choices.

I believe it is false to claim that customers are being well served. I am only one potential customer of multimedia content, but many people I know are not willing to purchase DRM encumbered media. It doesn't matter to me which brand is being used (and thus who is managing the 'secret keys'), I am not interested in any DRM encumbered media.

I believe this has greatly limited the market for music and other media purchases that would otherwise happen. When we add this market failure to the fact that DRM is incapable of stopping copyright infringement, we recognize what is clear to me which is that DRM has only reduced potential sales.

Some have argued that once a consumer purchases a body of music from one of the proprietary music stores, they are forever locked into only using music players from that one company. Or, if they buy a specific player, they are locked into buying music only from that company’s music store. Is this true? Let’s look at the data for iPods and the iTunes store – they are the industry’s most popular products and we have accurate data for them. Through the end of 2006, customers purchased a total of 90 million iPods and 2 billion songs from the iTunes store. On average, that’s 22 songs purchased from the iTunes store for each iPod ever sold.

Today’s most popular iPod holds 1000 songs, and research tells us that the average iPod is nearly full. This means that only 22 out of 1000 songs, or under 3% of the music on the average iPod, is purchased from the iTunes store and protected with a DRM. The remaining 97% of the music is unprotected and playable on any player that can play the open formats. Its hard to believe that just 3% of the music on the average iPod is enough to lock users into buying only iPods in the future. And since 97% of the music on the average iPod was not purchased from the iTunes store, iPod users are clearly not locked into the iTunes store to acquire their music.

This is part of where I believe Jobs is being dishonest. One of the inevitable "side effects" of DRM is that it creates platform monopolies. The more content that is encoded (through secrets) to only be interoperable with a specific brand, the more people are pushed towards buying that brand.

As I have argued in the past, a strong platform monopoly can easily replace the historical roll that businesses like record labels or studios filled. While current consumer technology allows people to access unencrypted content, this is a business decision made by the hardware manufacturers and software authors. If they obtained a strong enough platform monopoly, they could easily switch off the ability to play unencrypted content. When this happens copyright holders would have no choice but to accept whatever terms the platform monopoly offers to the copyright holders in order to reach audiences.

I agree that Apple doesn't have this market power yet in the music marketplace, and Microsoft doesn't yet have this power with their new Microsoft Vista platform. The lack of current success of these vendors in creating too powerful a platform monopoly should not distract us (as citizens, policy makers or creators) from the threat.

It is clear to me that this "side effect" was never explained to copyright holders when they went to technology companies asking for solutions to their copyright infringement worries. If this had been explained they might have realized that this "side effect" is far more risky for copyright holders than copyright infringement. While copyright holders always have the ability to investigate and sue copyright infringers, the legal tools to fight against platform monopolies are often revoked by the very laws they have asked for: namely, "legal protection for technical protection measures", better known as legal protection for DRM.

I have a hard time believing that the content industry came up with the concept of DRM on their own. It has been clear to me discussing the issues with industry representatives (from book authors to recording industry executives, from creators to lawyers and lobbiests) that they were never explained how the underlying technologies they have been advocating actually work. Much of what they believe about how it works is based on science fiction, and not science.

It appears to me most likely that copyright holders went to a technology vendor asking for a solution, and the vendor (falsely) claimed they could offer them a viable solution. This to me places all the blame for the harmful unintended consequences of this "solution" on the technology vendors, not the largely technologically illiterate customers in the content industries.

I don't know for certain whether Apple or Microsoft were vendors that helped create the myth of the value to copyright holders of DRM systems. It might have been companies like Macrovision who make their money off of licensing so-called "copy control" technologies, including in the analog world of VCR's. These technologies are as easy to circumvent as their digital counterparts, with the Macrovision on a VHS tape able to be removed by using a device called a Time Base Corrector which is available at many electronics stores.

I do know that Apple as a technology vendor is fairly well trusted in the artistic community, even if Microsoft is not. Many artists are major Apple fans, in the same way that many in the business community are extreme Microsoft fans. If Apple had decided to document the harm from DRM when this bad idea was first being thought of in the early 1990's, I have a hard time believing that DRM would exist the way it does today.

I can only believe it was because Apple wanted to receive the benefits of a platform monopoly that they essentially lied to or misguided their customers. It is only now with the public outcry about the lack of interoperability, including from some governments, is Apple coming clean on some of these issues.

The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores. On the surface, this seems like a good idea since it might offer customers increased choice now and in the future. And Apple might benefit by charging a small licensing fee for its FairPlay DRM. However, when we look a bit deeper, problems begin to emerge. The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak. The Internet has made such leaks far more damaging, since a single leak can be spread worldwide in less than a minute. Such leaks can rapidly result in software programs available as free downloads on the Internet which will disable the DRM protection so that formerly protected songs can be played on unauthorized players.

This is partly true, and partly false. The only secrets that are relevant are the digital keys, with all other technologies not being relevant to the discussion. It is true that a DRM system is only as strong as the keys are kept secret, but that does not mean that a better DRM system than FairPlay could be used that would allow for more keys to be involved such that a leak of some of these keys would not impact everyone.

Apple could easily adopt a more "open" (using this term loosely) DRM system such as AACS which allows for multiple types of keys managed by multiple vendors to be involved. This would still allow Apple to negotiate the same side-deals with copyright holders to encourage them to encode their content in Apple managed keys.

An equally serious problem is how to quickly repair the damage caused by such a leak. A successful repair will likely involve enhancing the music store software, the music jukebox software, and the software in the players with new secrets, then transferring this updated software into the tens (or hundreds) of millions of Macs, Windows PCs and players already in use. This must all be done quickly and in a very coordinated way. Such an undertaking is very difficult when just one company controls all of the pieces. It is near impossible if multiple companies control separate pieces of the puzzle, and all of them must quickly act in concert to repair the damage from a leak.

Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies. Perhaps this same conclusion contributed to Microsoft’s recent decision to switch their emphasis from an “open” model of licensing their DRM to others to a “closed” model of offering a proprietary music store, proprietary jukebox software and proprietary players.

Apple is correct in saying that if it licenses FairPlay to others, that this DRM system will become useless.

I find it interesting that Mr. Jobs did not offer an additional option in this letter which is to adopt a system like AACS that deals with some of the design flaws in FairPlay that make it inappropriate to license to any other vendors. He could have taken this opportunity to explain how any so-called "open" DRM system has the same flaw of disallowing content from being interoperable with all devices.

AACS is a system that allows many companies to be using the same underlying file formats, with the private keys being used to (in the fiction of effective DRM) protect the business deals made between content companies and the hardware manufacturers.

DRM-infected content is always only interoperable with a small subset of devices. All AACS does is transfer all the blame for intolerability problem to the copyright holders who are then the ones who are then able to pick-and-choose which devices the encoded content is interoperable with. There is no such thing as a DRM that is interoperable with all devices as DRM functions by making content only interoperable with those devices where there are "deals" made (and the devices are locked down to treat their owners as a threat). DRM is still a failure, and the "deals" being made between copyright holders and devices manufacturers are still often of questionable legality.

As to what Microsoft did with Zune, I believe this is an attempt to directly compete with Apple's iTunes/iPod platform monopoly. I don't think this has anything to do with the effectiveness of the DRM, but the attractiveness of a vertically integrated business model where Microsoft (like Apple) is better able to get a larger share of the digital distribution marketplace. Microsoft moving into markets to directly compete against their own customers is not a new thing for Microsoft.

The third alternative is to abolish DRMs entirely. Imagine a world where every online store sells DRM-free music encoded in open licensable formats. In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat. If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store. Every iPod ever made will play this DRM-free music.

Given how easy it is to circumvent a DRM system, this is largely what we have today for many music fans. While there are many (most, by number of artists) works that are DRM-free, this current system is a problem for the major labels in a simple way: they are largely locked out of this marketplace. People are either going to legal competitors (I am a subscriber of DRM-free eMusic, which doesn't include major label music), or they are going to illegal competitors (Once accessing a major label title DRM-free is illegal, people might as well infringe copyright). This is money that the major labels are effectively throwing away.

The problem I have with this description of the third option is that I keep hearing from musicians that Apple is adding DRM to their music even though they don't want this to happen. If Apple was only ever adding FairPlay to those titles where it is demanded by the copyright holder, then what Jobs is saying would have some credibility.

Why would the big four music companies agree to let Apple and others distribute their music without using DRM systems to protect it? The simplest answer is because DRMs haven’t worked, and may never work, to halt music piracy. Though the big four music companies require that all their music sold online be protected with DRMs, these same music companies continue to sell billions of CDs a year which contain completely unprotected music. That’s right! No DRM system was ever developed for the CD, so all the music distributed on CDs can be easily uploaded to the Internet, then (illegally) downloaded and played on any computer or player.

This is true. DRM isn't working, and in terms of protecting copyright and the revenues to copyright holders, I see no possible way DRM can ever be beneficial to copyright holders or audiences.

In 2006, under 2 billion DRM-protected songs were sold worldwide by online stores, while over 20 billion songs were sold completely DRM-free and unprotected on CDs by the music companies themselves. The music companies sell the vast majority of their music DRM-free, and show no signs of changing this behavior, since the overwhelming majority of their revenues depend on selling CDs which must play in CD players that support no DRM system.

So if the music companies are selling over 90 percent of their music DRM-free, what benefits do they get from selling the remaining small percentage of their music encumbered with a DRM system? There appear to be none. If anything, the technical expertise and overhead required to create, operate and update a DRM system has limited the number of participants selling DRM protected music. If such requirements were removed, the music industry might experience an influx of new companies willing to invest in innovative new stores and players. This can only be seen as a positive by the music companies.

Much of the concern over DRM systems has arisen in European countries. Perhaps those unhappy with the current situation should redirect their energies towards persuading the music companies to sell their music DRM-free. For Europeans, two and a half of the big four music companies are located right in their backyard. The largest, Universal, is 100% owned by Vivendi, a French company. EMI is a British company, and Sony BMG is 50% owned by Bertelsmann, a German company. Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.

There are signs that even without this suggested help, major labels are moving away from their temporary support for DRM (New York Times: Record Labels Contemplate Unrestricted Digital Music).

The problem is that even if specific copyright holders do not use DRM, if our devices are infected with software which treats the owners as a threat (the second half of DRM), there will be harmful consequences. What is protecting this second half is anti-circumvention laws, which are interpreted to disallow owners from removing DRM from their own hardware and making their own software choices even if they are not accessing any encrypted content.

I believe it is more important for people to convince their governments to remove anti-circumvention legislation, or in countries like Canada to never enact any. We need to do this both in our own country, but also at WIPO so the harm of legal protection for DRM is not exported to other countries. DRM can still exist if copyright holders don't clue in to the harm it causes their own businesses, but most of the harmful consequences would be removed if anti-circumvention laws were not in play. Whether Apple or Microsoft "opened" their DRM or not, it is quite easy for software authors to circumvent the DRM to provide interoperable software.

There is no legitimacy to the suggestion that allowing interoperability, including with Free/Libre and Open Source Software (FLOSS), would harm the interests of copyright holders. As a simple example, the PDF file format allows for encryption and has permission settings which can be used by people generating PDF files. As an example it is possible to indicate that cutting-and-pasting not be allowed.

One of the most popular FLOSS PDF viewers is XPDF. The author explains why the permission settings of the creator of the file are honoured, which required that additional software be written to honour these requests. While it is true that anyone could modify the source code to this program to turn off this feature (and ignore these permission settings), very few people do this. Those people who do this could have ignored these settings regardless of what technical measures were there to limit this.

Allowing Open Source implementations of any permission system does not in any way diminish the legitimate interests of copyright holders, but it does better protect the rights of software authors as well as copyright holders who won't ever have their interest overruled by a platform monopoly.