Monday, July 28, 2003

DRM Goes Ever So Handy

Forward Lock

Combined Delivery

Separate Delivery

Note these terms. These terms are the new world of Digital Rights Management [DRM] in the mobile phone world. And remember, as much as people bellyache about Palladium and computers locking your data in, there are more mobile phones in use than actual PCs.

These three terms, specified by OMA, govern what you can do with stuff you get on your mobile phone. Right now phones can get ringtones, screensavers, text messages -- and it is a huge industry. The money spent by consumers to download Robbie William's latest hit as a ringtone is very significant compared to what consumers spent on buying his latest single, if my sources are to be believed. Very significant.

But if you download it to the phone, you can get it off, exchange it, send it forward, and content owners hate that. So there mobile phone makers specified a new datatype, the DRM datatype, which is basically about taking content -- a JAVA midlet, an image, a ringtone -- and encrypting it, wrapping it up. And you can only decrypt it if you have the rights to go with it, which contains the key to decrypt the content.

In the case of Forward Lock the little envelope around the content doesn't contain a key. Fortunately, the content is also, in this special case, not encrypted. However, your phone sees the little envelope and says 'aha, this content is forward locked', and then your phone will not let you forward your image or ringtone to anyone or anything. You can install it, use it, play it, delete it -- but it don't go off the phone to another CPU, nuh-uh, never.

In Combined Delivery, the little envelope around your content will actually encrypt your content, but also ship with the key right in the envelope. But this key is a special key, it can contain all kinds of directives to the phone like 'hey phone, only play this twice' or 'hey phone, only let the user see this image for a year' or 'hey phone, let the user forward this only to two other people, and the people forwarded to can't forward it at all'.

The most sophisticated one is Separate Delivery. It is like Combined Delivery, but the key can be shipped separately. So say you get your video, your MP3, your program, you download it from somewhere on to your phone, or it is pushed -- and you won't be able to do anything with it. It'll be encrypted. All it will say is 'Purchase Rights Now?' with some icons and info of what it is, and if you say yes, it'll take you to a WAP website where you can enter your credit card. And then the owner of the content can send you a key, and that key can have the same restrictions like in Combined Delivery. So you can all share and download the same cool content, but each phone will have to purchase its own key and rights.

So notice who is enforcing this? Yup, the phones. The phones have to be good boys and girls and not let the nasty user do nasty things with the content like save it to a computer, forward it to a friend, watch or listen to it more often than the content owner says you have paid for.

Remind you of anything? Region-coded DVDs. DVD players are supposed to have a region code, Region 1 is the US, region 2 is for EU, etc, etc, and a region 2 DVD is not supposed to play on a region 1 player, and such. Well, why do I have a South-Korean -- or is Sampo Chinese? -- DVD player that plays every region? Because someone decided consumers would pay more not to deal with silly restrictions. In fact, I heard that in the EU, region coded DVD players are on their way out since it may legally not be enforceable from a consumer-rights POV.

How long before one rogue Chinese manufacturer makes a DRM-capable phone that is not compliant? It will download the little envelopes just fine, and decrypt the content just fine, but it won't be all mean and not allow you to forward. Or maybe it will ignore the key directives and let you play as often and as long as you want, and beam the content to all your friends. It will happen.

Or maybe it will happen by accident. These DRM OMA specs are convoluted and difficult to implement. A mistake may creep in, and suddenly Nokia or Sony-Ericsson will release a model that don't play content cop right, if you press the right keys and look at it sideways just so. The model will be recalled, fixed, amended the moment this becomes known, but baby, will it sell on eBay.

So one of the guys on High School bought the superbad Chinese DRM-capable-but-DRM-less phone. Or that 'buggy' Motorola. Guess what: he's now the most popular kid in school, who will take the pooled cash and buy the MP3s and videos legally -- and then beam them to everyone who payed the pool.

I swear, this whole mobile/handy DRM thing can't last. There are just too many phone-makers, and not all of them play nice. China is big on making its own phones, being independent. They'd love to stick it to those overbearing big mobile companies trying to invade their turf -- and free content will be the ticket.

[Cloned from my Slashdot blog]