University of St Augustine for Health Sciences University of St Augustine for Health Sciences
`
`
`SOAR @ USA SOAR @ USA
`
`Faculty and Staff Research
`
`Other Topics
`
`12-2009
`
`Digital Rights Management, Fair Use, and Privacy: Problems for Digital Rights Management, Fair Use, and Privacy: Problems for
`
`
`Copyright Enforcement through Technology Copyright Enforcement through Technology
`
`Eric A. Robinson
`University of St. Augustine for Health Sciences, erobinson@usa.edu
`
`Author(s) ORCID Identifier:
`https://orcid.org/0000-0001-9554-8754
`
`Follow this and additional works at: https://soar.usa.edu/other
`
` Part of the Collection Development and Management Commons, and the Intellectual Property Law
`Commons
`
`Recommended Citation Recommended Citation
`
`Robinson, Eric A., "Digital Rights Management, Fair Use, and Privacy: Problems for Copyright Enforcement
`through Technology" (2009). Other Topics. 12.
`https://soar.usa.edu/other/12
`
`This Article is brought to you for free and open access by the Faculty and Staff Research at SOAR @ USA. It has
`been accepted for inclusion in Other Topics by an authorized administrator of SOAR @ USA. For more information,
`please contact soar@usa.edu, erobinson@usa.edu.
`
`EX1060
`Roku V. Media Chain U.S.
`Patent No. 10,489,560
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`1
`
`Digital Rights Management, Fair Use, and Privacy:
`Problems for Copyright Enforcement through Technology
`
`Eric A. Robinson
`San Jose State University
` https://orcid.org/0000-0001-9554-8754
`
`Abstract
`This article discusses the nature of Digital Rights Management (DRM) systems with regard to the
`problems they pose to traditional exceptions to copyright restrictions. Problems of fair use and
`the copying of material for preservation are examined in the context of the architecture of digital
`rights management systems, and the limitations of current DRM systems in accommodating these
`policies are examined. The monitoring of usage by the licensing modules of these systems is also
`criticized for its lack of protection of user privacy and the potential chilling of intellectual
`freedom. Various potential solutions to these are briefly surveyed with a view of improving DRM
`and preserving traditional library values.
`
`Introduction
`
`The advent of the Internet has enabled the sharing
`of information on a level unprecedented in human
`history. Simple and speedy transferral of digital
`content has created widely available educational
`opportunities and
`the possibility for broader
`dissemination of vast libraries of cultural content
`like music, art, and film in electronic forms. This
`incredible ease of dissemination has enabled file
`sharing and use on vast scales that have strained
`traditional interpretations of copyright law and
`spurred larger media firms to invest in digital
`technologies for controlling use of electronic files.
`These technologies, referred to as Digital Rights
`Management (DRM) systems rely upon computer
`systems to impose restrictions on the use of digital
`content that adhere to the wishes of the copyright
`holders, even in situations where individuals have
`paid for and own the content in question.
`
`Prior to the Internet era, ownership of content
`
`artifacts like books or CDs allowed the user the
`opportunity for relatively free use of the content.
`Although copyright law would ostensibly restrict
`unlawful use of material, in reality, economic
`factors worked more strongly to inhibit copying
`and distribution of protected content. It was simply
`time-consuming to photocopy an entire work, only
`to be left with a copy of vastly inferior quality,
`e.g., an unbound ream of loose-leaf pages of poor
`readability (Coyle, 2004a)⁠. The time required for
`duplication and the unsatisfactory product, thus,
`previously made duplication less desirable than the
`digital environment does today. Digital content has
`drastically changed
`this precarious economic
`balance, enabling instantaneous duplication and
`broad dissemination with no loss of quality. Such
`capability creates incredible potential to adversely
`affect the marketability and profit-value of created
`works.
`
`DRM systems were created in an effort to
`justifiably to constrain illegitimate duplication and
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`2
`
`uses that would violate the legal protections
`granted to copyright holders, giving the publishers
`greater control over the use and distribution of
`their work (Stefik, 1997; Stefik & Silverman,
`1997)⁠. The nature of these systems (as they
`currently stand) remains problematic, however, as
`they are unable to accommodate the subtleties of
`copyright law. DRM has regularly been criticized
`for overreaching
`the bounds of copyright
`legislation, enforcing a degree of control in excess
`of the protections granted under copyright law and
`hindering the exercise of user rights as granted
`under the law (Mulligan, 2003; Samuelson, 2003)⁠⁠.
`Logical implementation of the rights of use in
`DRM software typically falls far short of the
`subtle consideration needed to evaluate legitimate
`reproduction or dissemination which traditionally
`would fall under the exceptions to copyright law
`known as fair use. Further, many of the schemas
`implemented by DRM controls rely upon user
`tracking and retention of information regarding
`content use that could easily be viewed as
`violation of the privacy of content users.
`
`This paper will examine briefly the nature of
`Digital Rights Management Systems (DRMS) and
`the problems they pose to the conventional
`exceptions to copyright law. It is argued that the
`current state of DRMS do not make allowance for
`the exceptional uses guaranteed under copyright
`law, and that DRMS need to be further developed
`to allow
`for anonymous
`tracking of user
`information to ensure intellectual freedom.
`
`DRM Architecture
`
`
`
`DRM systems are intended to control and restrict
`illegitimate uses of digital media. In defining and
`controlling access, the DRMS must coordinate a
`multiplicity of terms and access rights. These
`access rights may vary with the class of user or the
`conditions of use. Typically such conditions will
`be tied to a financial transaction, such as a
`
`purchase, a subscription, or some other licensing
`agreement. All of these parameters must be
`coordinated to determine the level of access
`authorization.
`If access
`is granted,
`limited
`allowances may be made by the system for
`utilization of the file.
`
`A variety of types of access rights exist which
`determine how digital content may be used. The
`most often encountered rights needed in a digital
`library setting are rendering rights. Rendering
`refers here to the production of accessible content
`from an encrypted or controlled file. Rendering
`can include playback of music, viewing of a video
`file, and printing or screen-viewing of a text or
`image file. However, other rights exist that allow
`transfer of ownership, distribution, or excerption
`for critical or parodic uses. Each of
`these
`possibilities must be explicitly defined and
`implemented in the DRM.
`
`Erickson (2003)⁠ defines a taxonomy of at least
`four functions which must be served in DRM
`rendering rights. First and foremost, user actions
`must be tied to policy-level terms, and any
`external rendering application must be forced to
`receive authorization from an evaluation system
`before allowing content to be rendered. Second,
`policies must be evaluated by an intermediary
`system that examines requests and evaluates
`applicable rules in order to make an authorization
`determination. Third, governing policies must be
`in place, defining the rights and conditions of use.
`Finally these policies must be built into the system
`and either embedded or linked to the content
`resource in a machine-readable language. Such
`systems have been termed “trusted systems” since
`publishers can assign rights and access conditions
`and then rely upon the system to enforce those
`terms (Stefik & Silverman, 1997)⁠.
`
`While a wide range of schemata can be utilized to
`implement DRM, most are composed of variations
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`3
`
`the following generic components which
`on
`implement the taxonomy described by Erickson
`(2003)⁠: a content server with some sort of DRM
`metadata packaging; a
`license server which
`utilizes rights description metadata to to generate
`access licenses; and a client server with a DRM
`controller used to determine access from the
`license and decrypt content for use in various
`rendering applications as expressed in the rights
`agreement. The
`relationship between
`these
`elements and their components, as discussed
`below, is outlined in Figure 1 (Rosenblatt, Trippe,
`& Mooney, 2001)⁠.
`
`The content server typically houses both the
`information content repository, containing the
`actual content files, such as music .mp3 files or
`text .pdf files, and the DRM packager. The DRM
`packager relies upon a database of product content
`metadata
`to prepare
`information
`for digital
`distribution
`(Rosenblatt et al., 2001)⁠. This
`component
`associates metadata
`for
`the
`
`item, as well
`identification of a content
`information for its discovery, but will also contain
`a complex description of the rights associated with
`the item. Depending on the level of sophistication
`of the system, it may also include statistical
`tracking
`for
`usage monitoring. Metadata
`preparation may be performed in advance and
`stored with the content or generated as material is
`downloaded. These
`rights descriptions are
`accessed by other components of the DRMS to
`evaluate users' rendering rights for viewing,
`printing, transferring or copying content to the
`conditions of the agreement, and may even restrict
`the full digital transferral of the data files, instead
`requiring the user to view the content in an online
`or streaming format (Rosenblatt et al., 2001)⁠.
`
`The license server utilizes the above-mentioned
`rights descriptions to generate encryption codes or
`controlled-use licenses for transmission to the
`client with
`the content. The DRM
`license
`generator houses rights information and the codes
`
`
`Figure 1: Generic DRM architecture. Source: Rosenblatt et al., 2002.
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`4
`
`for the generation of encryption keys used by the
`DRM to restrict access beyond the legitimate user.
`In order to ensure that usage is restricted to
`licensed limitations, DRMs also require an identity
`store, which houses information on individual use,
`e.g. the number of pages of an e-book printed by a
`user, or the time frame allowed for viewing a
`document.
`
`The rights defined in these two systems are
`typically expressed in the form of a Rights
`Expression Language (REL). RELs provide a
`machine-readable vocabulary for expressing the
`relationships among data elements and the policy
`provisions outlining the conditions of use (D.
`Mulligan & A. Burstein, 2002). These are intended
`to meet three broad goals: the statement of legal
`copyright, the expression of contractual language
`in
`computer-interpretable
`form,
`and
`the
`implementation of usage controls (Coyle, 2004b)⁠.
`They thus express licensing controls as a digital
`formatting of permissions. Outlined in the REL
`will be the parties of a license or contract,
`statements of classes of access and usage, and
`necessary
`financial
`transaction
`information
`(Coyle, 2004b)⁠. These basic relationships are
`outlined in Figure 2.
`
`These relationships attempt to capture the unique
`conditions for each potential usage permission that
`might be encountered. They use explicit
`conditional statements combined with the rights
`metadata in the content package to comprise
`directions for action on digital content packages
`(Erickson, 2003)⁠. Thus, as an example, the DRM
`system might use an REL to express that user A
`has paid a $10.00 fee to access an audio edition of
`Moby Dick, the rights to which are held by
`Penguin Press. They will also capture time frame
`or subscription information expressing that for
`example, the above user will be able to listen to
`the audio book as many times as he likes within a
`three-week period. These systems require very
`precise
`language
`to specify
`the rights and
`conditions that is completely unambiguous in order
`to be expressed in programming code. As we will
`see in the discussion of copyright exceptions
`below,
`this unambiguous expression creates
`problems for vaguer notions, such as fair use,
`which are difficult to model in precise language.
`
`The last element of the DRM architecture, the
`client, is the system employed on the user- side to
`render the content. It includes several components
`for controlling access and decrypting content for
`
`Figure 2: Rights relations in RELs. Source: Coyle (2004b)
`
`
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`5
`
`rendering. The main functional component on the
`client side is the DRM controller. The controller is
`
`the central element of the entire DRM architecture
`and handles all content authorization requests.
`This is usually described as a 'virtual machine', a
`piece of software
`that runs on
`top of
`the
`computing environment, controlling access to
`digital content (Arnab & Hutchison, 2004)⁠. It is
`responsible for accessing content, gathering user
`identity information, obtaining the license from
`the
`license
`server, authenticating
`rendering
`requests, and retrieving decryption keys from the
`license server. These keys are then used by the
`client system to decode the file for viewing,
`printing, listening, etc. Thus, it implements the
`trusted system function described by Stefik
`(1997), processing user authorization as defined
`by the content publisher.
`
`Copyright Law
`
`In order to understand the significant problems
`posed DRM,
`it necessary
`to consider
`the
`motivations of copyright law in Anglo-American
`history. The legislation has traditionally been
`focused upon the need to to create an environment
`that fosters intellectual and cultural advancement.
`The control of information by DRM, it is often
`argued, extends far beyond the intentions of
`copyright law, and works against the principles of
`societal advancement embodied in the legislation
`(Lessig, 2004)⁠.
`
`The origins of copyright law in the Anglo-
`American tradition extends to 1709 and the Queen
`Anne statute. This statute granted monopoly rights
`to printers and booksellers, but limited these rights
`to 28 years, thus assuring economic returns for the
`creators of intellectual works (Urs, 2004)⁠ while
`still eventually allowing public access to published
`works. However, the law was also intended by the
`House of Lords to foster competition among
`
`thus curb
`the period and
`publishers of
`centralization of control of information in the
`hands of a few publishers (Lessig, 2004)⁠.
`
`That public progress and societal benefit are at the
`root of copyright legislation in the US is clearly
`stated in Article I of the US Constitution in what
`has come to be known as the Progress Clause:
`“Congress has the power to promote the progress
`of science and the useful arts, by securing for
`limited
`times
`to authors and
`inventors
`the
`exclusive right to their respective writings and
`discoveries” (Bailey, 2006)⁠⁠. Lessig (2004) argues
`that this statement of the power of Congress is
`granted in order to promote progress and that the
`primary motivation of copyright is not one of
`creator reward, but rather the Progress Clause
`encapsulates the need to stimulate the creation of
`intellectual works. While
`the extent of
`the
`forefathers' interest in author compensation can be
`debated, copyright law is, at a minimum, viewed
`by legal scholars as facilitating a balance—rights
`of compensation for the authors for their creation
`balanced with the rights of the public to utilize that
`information freely (Ferullo, 2004)⁠.
`
`Actual legislation of rights to copy works came
`with the US Copyright Act of 1790, which granted
`creators
`limited
`protections
`to
`control
`reproduction, distribution, and performance of
`their works, again with a limit of extension
`totaling 28 years. Such limitations set upon
`copyright registration showed that the authors of
`this legislation viewed eventual entry into the
`public domain as an important process for social
`progress. However, the laws have been amended
`several times, creating a rather complex system of
`determining whether a work is in the public
`domain. The length of protection of works has
`been extended eleven times in the last forty years,
`and the average term has tripled to 95 years
`(Lessig, 2004)⁠.
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`6
`
`These laws, as formulated over centuries, grant to
`the copyright holder several very specific, but
`limited rights to control the use of created content.
`These include, most importantly the rights of
`reproduction, modification, and distribution.
`Holder rights also include the rights for public
`performance and public display. These rights also
`allow the holder to transfer rights the above-
`mentioned rights to a third party, such a publisher,
`in order to disseminate the work (Urs, 2004)⁠. With
`regard to DRM, reproduction and distribution
`rights are those which are most critical as will be
`seen below.
`
`Exceptional Uses and DRM
`
`As has been mentioned, the rights of the creator
`are not all-encompassing. There are express
`exceptions to these constraints that have been
`deemed necessary for the good and advancement
`of society (Cohen, 2003a; Lessig, 2004, Bailey,
`2006)⁠. These reflect some of the vital ways in
`which information is used, and these protections
`have served to maintain intellectual progress
`without undue hindrance by
`the commercial
`interest of copyright holders. These exceptions
`include rights to sell or transfer ownership, rights
`to duplicate protected content under certain
`conditions, the right to duplicate material for
`preservation purposes, and the right to reproduce
`content under the doctrine known as 'fair use'.
`
`First sale doctrine refers to the disposition of
`ownership that typically accompanies the purchase
`or a work. This doctrine grants users the right
`dispose of their legally obtained copy of a work as
`they wish, for example, by selling or transferring
`ownership. This is one of the founding legal
`principles of lending libraries, in that they are
`given legal allowance to loan books to their users
`without being seen as
`infringing upon
`the
`distribution monopoly granted by copyright, since
`the are not duplicating, but only temporarily
`
`transferring possession of the protected content
`(Anderson, 2002)⁠.
`
`Under DRM, express permissions outlining
`acceptable transferal of possession or ownership
`are necessary for lending of digital content. Under
`traditional copyright law, such transferal is not
`subject
`to control. Thus, any
`technological
`hindrance or limitation on transfer or lending
`presses traditional interpretations of copyright law
`into new
`territory. Under digital
`licensing
`agreements, libraries may be forced to agree to
`limitations on transferal of content far beyond
`what those of traditional physical media to the
`extent
`that
`their ability
`to
`lend works
`is
`compromised.
`
`Further, the nature of digital transfer raises a new
`issue in the nature of 'lending' of digital material.
`In the digital age, every transferal of content over
`the Internet, even transferal for temporary use,
`creates a copy which is transmitted. That is, the
`digital transfer, as a copy, potentially places each
`legitimate use under the control of the copyright
`holder. (Lessig, 2004)⁠ This forces the traditional
`exceptions to copyright law to bear a burden not
`previously encountered in lending prior to the
`digital era.
`
`Another exception granted for archiving purposes
`protects the act of preservation by allowing the
`production of copies of published or unpublished
`works for preservation or to replace legitimately
`acquired works if they are damaged or lost. Under
`DRM, digital content is very restricted in the ways
`that it can be copied, frustrating the attempts of
`libraries to preserve content that they legally own
`or or to backup digital content in the way that a
`traditional work might be copied for the purposes
`of preservation. Without recognition within the
`REL
`for archiving and preservation needs,
`legitimate duplication is simply not permitted.
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`7
`
`the
`the most controversial of
`is
`Fair use
`exceptions made to copyright restrictions, but also
`one of the most important for education and
`libraries. Under the interpretation of fair use, users
`can make single copies for personal or educational
`use of limited portions of a copyrighted work. The
`concept of fair use is enshrined in section 107 of
`the Copyright Act of 1976 and reflects many years
`of court decisions recognizing the legitimacy of
`these exceptions (American Library Association,
`2009)⁠. Fair use is the most contentious of the
`exceptions since it is, by intention, so vaguely
`defined in the Copyright Act. Schulman writes that
`“differentiating between fair and unlawful use is
`often one of the most difficult problems in the law
`of copyright” (1967, p. 832)⁠, noting that the facts
`must be weighed on a case by case basis.
`
`Indeed no simple a priori test for fair use has been
`established; rather several factors are often relied
`upon and weighed in the judicial balance to
`determine if a use should be deemed legitimate
`(Coyle, 2004a)⁠. These include: the nature or
`purpose of the use; the nature of the original work;
`the portion of the protected work used; and the
`impact of the use upon the market (Felten, 2003,
`Crews 2006).
`
`Each of these exceptions creates a problem that
`ought to be accommodated by any DRM system.
`However, the imprecise definitions of these uses
`are difficult if not impossible to implement. Fair
`use is viewed as one of the most critical problems
`for the architecture of DRM systems, since it must
`be typically judged on a case by case basis and
`cannot be subjected the strict rule-based logic of
`computer software. Since it is so vaguely defined,
`it is nearly impossible to implement representation
`of all possible expressions of fair use within the
`REL in advance (Tyrvainen, 2005)⁠. As Edward
`Felten has expressed, “an approach that makes
`errors in only one direction simply makes too
`many errors, so we must accept that any practical
`
`system is both too permissive and too restrictive”
`(2003, p. 58)⁠. That is, given the need to express
`these restrictions in machine-interpretable ways,
`any system that could restrict all uses unacceptable
`to the copyright holder will necessarily inhibit
`uses deemed legitimate by fair use principles. As
`we will see, however, there may be hope for the
`creation of rights descriptions which might
`incorporate fair use and other elements in the
`coding of Rights Expression Languages.
`
`Over the last several years, international treaties
`sponsored by the World Intellectual Property
`Association have promoted
`treaties requiring
`national
`legislation
`for
`greater
`copyright
`protection
`of works
`in
`digital
`format
`(Szcezepanksa , 2004)⁠. These have led to very
`controversial provisions which can be seen as
`paradoxical when viewed in light of the exceptions
`to copyright discussed above. The Digital
`Millennium Copyright Act of 1998, an amendment
`to Title 17 of the United States Code, certainly
`created paradoxical provisions. The so-called anti-
`circumvention provision of the DMCA prohibited
`the circumvention or promotion of technologies
`for
`the circumvention of DRM protections
`(Lipton, 2005)⁠.
`
`This becomes seriously problematic when the
`DRM measures assert control beyond
`the
`protections of copyright
`law. Under
`these
`conditions
`the
`law
`forbids
`someone
`from
`decrypting or tampering with anti-viewing or anti-
`copying measures, even if those measures prevent
`the user from engaging in legitimate uses as
`defined by the Copyright Act. That is, by engaging
`in acts that allow them to exercise
`legally
`protected rights disallowed by a DRM system,
`users would be committing a crime (Bailey, 2006)⁠.
`This makes it extremely difficult for users to
`engage in fair use of a vast amount of protected
`content.
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`8
`
`Privacy
`
`The implementation of digital control on the use of
`content also has significant implications for user
`privacy. Stakeholders have increasingly begun to
`turn
`to
`surveillance
`to enforce copyright
`protections in real-time. At a minimum, DRM
`technologies place limitations on what individuals
`can do in the privacy of their own homes and
`regularly go further, monitoring the actions of
`users in a variety of contexts. Culturally, there
`have been expectations of limits on the contraint
`of behavior in this way. Legally, privacy has been
`defined in terms of other mechanisms such as tort
`laws regarding defamation or breach of confidence
`(Ganley, 2002)⁠. It is questionable whether any
`circumstance should allow external elements to
`determine acceptable private behavior with regard
`to information use (Cohen, 2003b)⁠. However,
`courts have not yet considered whether privacy
`protections under tort law extend to the monitoring
`conditions of DRM systems.
`
`More worrisome is the possibility of DRM
`technology reporting back to the provider on user
`activities. Such monitoring is commonplace in
`online shopping to collect data on user preferences
`for
`targeted marketing purposes. This data
`collection can also be employed in an information
`environment and used to discover user preferences
`for digital content. In most DRM situations
`however, monitoring is of content usage. That is,
`an identity store on the licensing server might
`record information on the number of viewings a
`particular item has been given, or the number of
`pages printed, or to whom a particular copy is
`registered.
`
`Although this monitoring is automated, this does
`not obviate the problem, for anytime that such
`information
`is collected
`it
`is
`subject
`to
`unauthorized disclosure. Even if data is recorded
`only to be associated with the user in ambiguous
`
`ways, it is deemed by experts still to be linkable to
`the individual with little effort (Korba & Kenny,
`2003)⁠. The possibility of such disclosures have a
`strong potential
`to chill
`information seeking
`behavior. That is, when individuals expect their
`behavior to be subject to observation, they will
`behave differently, especially regarding more
`controversial subjects. Such a chilling of behavior
`is not conducive to democratic principles and
`efforts
`to
`ensure privacy of
`information
`consumption has come
`to rank among
`the
`principles of librarianship and the promotion of a
`well-informed democratic populace (Office for
`Intellectual Freedom, 2009).
`
`Solutions
`
`
`
`The problems of legitimate use and user privacy
`have
`long been debated
`in
`the
`literature,
`particularly since the enactment of DMCA in
`1998, and a number of solutions have been
`proposed and developed. These range from the
`creation of an administration agency to examine
`claims of fair use access (Lipton, 2005)⁠, to
`developments and advancements in the coding
`process which are able to more accurately capture
`the subtleties of fair use in the DRM environment
`(Arnab & Hutchison, 2005; Ganley, 2002; Korba
`& Kenny, 2003)⁠.
`
`One possibility for adjusting the range of control
`involves user definition or user involvement in the
`definition of rights descriptions. One of the major
`criticisms of DRM is that users do not have an
`opportunity to negotiate the terms of the license.
`These licenses are either 'click-through' licenses to
`be read and agreed to, or 'shrink-wrap' licenses,
`which are a non-negotiable elements of a
`packaged software products. In neither case is the
`user able to redefine or mediate the terms of the
`agreement in any way.
`
`Ganley
`
`(2002)⁠ and Mulligan & Burstein
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`9
`
`(2002)⁠make a case for the use of XML to expand
`on rights expression
`languages such as
`the
`Extensible Rights Markup language (XrML) to
`allow user participation in defining rights. Since
`XML allows the customized definition of tags for
`describing the nature of an information element,
`Ganley argues that users could be allowed to
`define tags which capture agreements to which
`they are willing to submit. Users could thus be
`involved in defining the data of the REL, rather
`than being subject to the imposition of a single
`licensing framework. This would allow the user
`greater
`control
`in defining
`the
`licensing
`agreement.
`
`Arnab and Hutchinson (2005)⁠ propose a similar
`mechanism in the form of a 'bi-directional REL',
`that allows users to express their needs. Bi-
`directional languages would allow the users to
`better communicate their content requests and
`their intent of use in machine-evaluable terms. The
`DRMS could then examine the user request in the
`form of a REL, and either approve their license
`request or provide them with similar options. This
`type of REL has been implemented in the Open
`Digital Rights Language (ODRL), and models of
`negotiable
`rights
`languages continue
`to be
`developed upon.
`
`Tyravainen (2005)⁠ offers yet another variation on
`this in the form of a license template, which the
`user employs to create a license request to which
`the system responds with a digital license. He
`proposes a list of potential licenses and associated
`template requests. These would essentially allow
`users to apply for exceptional uses, such the
`provision of a personal backup copy.
`
`Another solution to the fair use problems that has
`been proposed involves the assignment of role-
`based credentials (Arnab & Hutchison, 2005)⁠.
`Under
`this model users would be granted
`exceptional licenses according to the credentials
`
`associated with their account. For example, a
`journalist might be given greater leeway for
`excerption for citation, given his professional
`credentials. By writing a new rule-based condition
`into the REL, the DRM could allow certain rights
`given the presence of the credential. Of course,
`this would require the maintenance of additional
`information in some sort of identity store, working
`counter to the need for privacy arrangements.
`
`
`The primary solution to the question of privacy of
`content access concerns the degree of information
`tracking by the licensing module. Such tracking is
`deemed as necessary to commercial viability and
`the public seems to endorse an element of such
`data
`tracking
`in
`the
`form of product
`recommendations
`(Ganley, 2002). Given
`the
`apparent demand
`for usage monitoring, a
`minimum provision for privacy would necessitate
`the separation of user identifying information from
`any product tracking information. Such separation
`is indeed part of Tyrvainen's (2005) proposal, but
`more is needed to help ensure that ambiguous data
`cannot be assembled for individual identification.
`
`
`
`
`legal
`for greater
`argues
`(2003b)
`Cohen
`this process,
`calling on
`involvement
`in
`representatives to create specific legislation which
`addresses these needs. Specification of a privacy
`'bill of rights' for users of information products
`would force DRM developments
`that better
`respect information privacy.
`
`Conclusion
`
`Given the tighter controls being placed on digital
`content and the broadening protections of the
`rights of copyright holders,
`it
`is becoming
`increasingly difficult to access a broader range of
`content for personal uses that have traditionally
`stood outside the protection of copyright law. The
`rapid increase in size of electronic collections
`
`December 2009
`
`

`

`Working Paper: Digital Rights Management, Fair Use, and Privacy
`
`10
`
`makes it more likely that the majority of library
`content will become subject to DRM enforcement.
`
`The traditions of copyright law have been to
`recognize that there is value in public access to
`information, and that some uses of information are
`exceptional and ought not be subject to the usual
`restrictions on copyrighted material. Long held
`values of